/// <overloads>
/// Writes an encrypted key to an output stream. This method is not intended to allow the keys to be
/// moved from machine to machine.
/// </overloads>
/// <summary>
/// Writes an encrypted key to an output stream. This method is not intended to allow the keys to be
/// moved from machine to machine.
/// </summary>
/// <param name="outputStream"><see cref="T:System.IO.Stream" /> to which DPAPI-protected key is to be written.</param>
/// <param name="encryptedKey">Encrypted key to be written to stream.</param>
/// <param name="dpapiProtectionScope"><see cref="T:System.Security.Cryptography.DataProtectionScope" /> used to protect the key on disk. </param>
public static void Write(Stream outputStream, byte[] encryptedKey, DataProtectionScope dpapiProtectionScope)
{
ProtectedKey key = ProtectedKey.CreateFromEncryptedKey(encryptedKey, dpapiProtectionScope);
KeyManager.Write(outputStream, key);
}
/// <summary>
/// Reads a DPAPI-protected key from the given <see cref="T:System.IO.Stream" />.
/// </summary>
/// <param name="protectedKeyStream"><see cref="T:System.IO.Stream" /> containing the DPAPI-protected key.</param>
/// <param name="protectionScope"><see cref="T:System.Security.Cryptography.DataProtectionScope"></see> used to decrypt the key read from the stream.</param>
/// <returns>Key read from stream, encapsulated in a <see cref="T:Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ProtectedKey"></see>.</returns>
public ProtectedKey Read(Stream protectedKeyStream, DataProtectionScope protectionScope)
{
this.ValidateKeyVersion(protectedKeyStream);
return(ProtectedKey.CreateFromEncryptedKey(this.ReadEncryptedKey(protectedKeyStream), protectionScope));
}