//http://www.obviex.com/samples/dpapi.aspx
//http://msdn.microsoft.com/security/securecode/dotnet/default.aspx?pull=/library/en-us/dnnetsec/html/SecNetHT07.asp
public static byte [] UnprotectData(byte [] cipherIn, ProtectParam flags, out string desc)
{
desc = null;
StringBuilder sb = new StringBuilder(); //TODO not returning properly
CRYPTOAPI_BLOB blobIn = new CRYPTOAPI_BLOB();
byte [] plainOut;
try
{
blobIn.cbData = cipherIn.Length;
//blobIn.pbData = cipherIn; //byte[]
//blobIn.pbData = Mem.AllocHGlobal(blobIn.cbData);
blobIn.pbData = Mem.CryptMemAlloc(blobIn.cbData);
Marshal.Copy(cipherIn, 0, blobIn.pbData, blobIn.cbData);
IntPtr optEntropy = IntPtr.Zero; //CRYPTOAPI_BLOB*
IntPtr reserved = IntPtr.Zero; //PVOID
IntPtr prompt = IntPtr.Zero; //CRYPTPROTECT_PROMPTSTRUCT*
CRYPTOAPI_BLOB dataOut = new CRYPTOAPI_BLOB();
//BUG
//bool retVal = Crypto.CryptUnprotectData(ref blobIn, sb, optEntropy, reserved, prompt, (uint) flags, ref dataOut);
//desc = sb.ToString();
//Assuming a max size of 99 characters in the description null terminating character
IntPtr ppszDescription = Mem.CryptMemAlloc(100);
bool retVal = Crypto.CryptUnprotectData(ref blobIn, ref ppszDescription, optEntropy, reserved, prompt, (uint)flags, ref dataOut);
desc = Marshal.PtrToStringUni(ppszDescription);
Mem.CryptMemFree(ppszDescription);
ErrCode ec = Error.HandleRetVal(retVal);
plainOut = new byte[dataOut.cbData];
Marshal.Copy(dataOut.pbData, plainOut, 0, dataOut.cbData);
//Mem.FreeHGlobal(dataOut.pbData);
Mem.CryptMemFree(dataOut.pbData);
}
catch (Exception ex)
{
throw ex;
}
finally
{
if (blobIn.pbData != IntPtr.Zero)
{
//Mem.FreeHGlobal(blobIn.pbData);
Mem.CryptMemFree(blobIn.pbData);
}
}
return(plainOut);
}
//http://www.obviex.com/samples/dpapi.aspx
//http://msdn.microsoft.com/security/securecode/dotnet/default.aspx?pull=/library/en-us/dnnetsec/html/SecNetHT07.asp
public static byte [] ProtectData(byte [] plainIn, ProtectParam flags, string desc)
{
StringBuilder sb = new StringBuilder(desc);
CRYPTOAPI_BLOB blobIn = new CRYPTOAPI_BLOB();
byte [] cipherOut;
try
{
blobIn.cbData = plainIn.Length;
//blobIn.pbData = plainIn; //byte[]
//blobIn.pbData = Mem.AllocHGlobal(blobIn.cbData);
blobIn.pbData = Mem.CryptMemAlloc(blobIn.cbData);
Marshal.Copy(plainIn, 0, blobIn.pbData, blobIn.cbData);
IntPtr optEntropy = IntPtr.Zero; //CRYPTOAPI_BLOB*
IntPtr reserved = IntPtr.Zero; //PVOID
IntPtr prompt = IntPtr.Zero; //CRYPTPROTECT_PROMPTSTRUCT*
CRYPTOAPI_BLOB dataOut = new CRYPTOAPI_BLOB();
bool retVal = Crypto.CryptProtectData(ref blobIn, sb, optEntropy, reserved, prompt, (uint)flags, ref dataOut);
ErrCode ec = Error.HandleRetVal(retVal);
cipherOut = new byte[dataOut.cbData];
Marshal.Copy(dataOut.pbData, cipherOut, 0, dataOut.cbData);
//Mem.FreeHGlobal(dataOut.pbData);
Mem.CryptMemFree(dataOut.pbData);
}
catch (Exception ex)
{
throw ex;
}
finally
{
if (blobIn.pbData != IntPtr.Zero)
{
//Mem.FreeHGlobal(blobIn.pbData);
Mem.CryptMemFree(blobIn.pbData);
}
}
return(cipherOut);
}
private static extern bool CryptUnprotectDataXp(ref CRYPTOAPI_BLOB pDataIn, ref IntPtr ppszDataDescr, IntPtr pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, uint dwFlags, ref CRYPTOAPI_BLOB pDataOut);
///<summary>
///This function decrypts and checks the integrity of the data in a DATA_BLOB
///structure. Usually, only a user with the same logon credentials as the encrypter
///can decrypt the data. In addition, the encryption and decryption must be done on
///the same computer.
///Note An untrusted application can call the CryptUnprotectData function. The call
///will fail only if CRYPTPROTECT_SYSTEM is specified for the dwFlags parameter.
///</summary>
/// <remarks>
/// works on smartPhone
/// </remarks>
public static bool CryptUnprotectData(ref CRYPTOAPI_BLOB pDataIn, ref IntPtr ppszDataDescr, IntPtr pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, uint dwFlags, ref CRYPTOAPI_BLOB pDataOut)
{
if(System.Environment.OSVersion.Platform == PlatformID.WinCE)
return CryptUnprotectDataCe(ref pDataIn, ref ppszDataDescr, pOptionalEntropy, pvReserved, pPromptStruct, dwFlags, ref pDataOut);
else
return CryptUnprotectDataXp(ref pDataIn, ref ppszDataDescr, pOptionalEntropy, pvReserved, pPromptStruct, dwFlags, ref pDataOut);
}
private static extern bool CryptProtectDataCe(ref CRYPTOAPI_BLOB pDataIn, StringBuilder szDataDescr, IntPtr pOptionalEntropy, IntPtr pvReserved, IntPtr pPromptStruct, uint dwFlags, ref CRYPTOAPI_BLOB pDataOut);
//http://www.obviex.com/samples/dpapi.aspx
//http://msdn.microsoft.com/security/securecode/dotnet/default.aspx?pull=/library/en-us/dnnetsec/html/SecNetHT07.asp
public static byte [] UnprotectData(byte [] cipherIn, ProtectParam flags, out string desc)
{
desc =null;
StringBuilder sb = new StringBuilder(); //TODO not returning properly
CRYPTOAPI_BLOB blobIn = new CRYPTOAPI_BLOB();
byte [] plainOut;
try
{
blobIn.cbData = cipherIn.Length;
//blobIn.pbData = cipherIn; //byte[]
//blobIn.pbData = Mem.AllocHGlobal(blobIn.cbData);
blobIn.pbData = Mem.CryptMemAlloc(blobIn.cbData);
Marshal.Copy(cipherIn, 0, blobIn.pbData, blobIn.cbData);
IntPtr optEntropy = IntPtr.Zero; //CRYPTOAPI_BLOB*
IntPtr reserved = IntPtr.Zero; //PVOID
IntPtr prompt = IntPtr.Zero; //CRYPTPROTECT_PROMPTSTRUCT*
CRYPTOAPI_BLOB dataOut = new CRYPTOAPI_BLOB();
//BUG
//bool retVal = Crypto.CryptUnprotectData(ref blobIn, sb, optEntropy, reserved, prompt, (uint) flags, ref dataOut);
//desc = sb.ToString();
//Assuming a max size of 99 characters in the description null terminating character
IntPtr ppszDescription = Mem.CryptMemAlloc(100);
bool retVal = Crypto.CryptUnprotectData(ref blobIn, ref ppszDescription, optEntropy, reserved, prompt, (uint) flags, ref dataOut);
desc = Marshal.PtrToStringUni(ppszDescription);
Mem.CryptMemFree(ppszDescription);
ErrCode ec = Error.HandleRetVal(retVal);
plainOut = new byte[dataOut.cbData];
Marshal.Copy(dataOut.pbData, plainOut, 0, dataOut.cbData);
//Mem.FreeHGlobal(dataOut.pbData);
Mem.CryptMemFree(dataOut.pbData);
}
catch(Exception ex)
{
throw ex;
}
finally
{
if (blobIn.pbData != IntPtr.Zero)
{
//Mem.FreeHGlobal(blobIn.pbData);
Mem.CryptMemFree(blobIn.pbData);
}
}
return plainOut;
}
//http://www.obviex.com/samples/dpapi.aspx
//http://msdn.microsoft.com/security/securecode/dotnet/default.aspx?pull=/library/en-us/dnnetsec/html/SecNetHT07.asp
public static byte [] ProtectData(byte [] plainIn, ProtectParam flags, string desc)
{
StringBuilder sb = new StringBuilder(desc);
CRYPTOAPI_BLOB blobIn = new CRYPTOAPI_BLOB();
byte [] cipherOut;
try
{
blobIn.cbData = plainIn.Length;
//blobIn.pbData = plainIn; //byte[]
//blobIn.pbData = Mem.AllocHGlobal(blobIn.cbData);
blobIn.pbData = Mem.CryptMemAlloc(blobIn.cbData);
Marshal.Copy(plainIn, 0, blobIn.pbData, blobIn.cbData);
IntPtr optEntropy = IntPtr.Zero; //CRYPTOAPI_BLOB*
IntPtr reserved = IntPtr.Zero; //PVOID
IntPtr prompt = IntPtr.Zero; //CRYPTPROTECT_PROMPTSTRUCT*
CRYPTOAPI_BLOB dataOut = new CRYPTOAPI_BLOB();
bool retVal = Crypto.CryptProtectData(ref blobIn, sb, optEntropy, reserved, prompt, (uint) flags, ref dataOut);
ErrCode ec = Error.HandleRetVal(retVal);
cipherOut = new byte[dataOut.cbData];
Marshal.Copy(dataOut.pbData, cipherOut, 0, dataOut.cbData);
//Mem.FreeHGlobal(dataOut.pbData);
Mem.CryptMemFree(dataOut.pbData);
}
catch(Exception ex)
{
throw ex;
}
finally
{
if (blobIn.pbData != IntPtr.Zero)
{
//Mem.FreeHGlobal(blobIn.pbData);
Mem.CryptMemFree(blobIn.pbData);
}
}
return cipherOut;
}
