public string Protect(string data) { if (string.IsNullOrEmpty(data)) { return(string.Empty); } ProtectorAlgorithmHelper.GetAlgorithms( _defaultAlgorithm, out var encryptingAlgorithm, out var signingAlgorithm, out var keyDerivationIterationCount); var blob = new CryptoBlob { KeyId = _keyRing.CurrentKeyId, SymmetricAlgorithmId = (int)_defaultAlgorithm, InitializationVector = encryptingAlgorithm.IV }; var masterKey = GetKey(blob.KeyId); var encryptionKey = GenerateEncryptionKey(masterKey, encryptingAlgorithm.KeySize, keyDerivationIterationCount); encryptingAlgorithm.Key = encryptionKey; var encryptedPayload = EncryptData(data, encryptingAlgorithm); blob.Payload = encryptedPayload; blob.Signature = GetPayloadSignature( encryptedPayload: encryptedPayload, iv: encryptingAlgorithm.IV, masterKey: masterKey, symmetricAlgorithmKeySize: encryptingAlgorithm.KeySize, hashAlgorithm: signingAlgorithm, keyDerivationIterationCount: keyDerivationIterationCount); encryptingAlgorithm.Clear(); signingAlgorithm.Clear(); encryptingAlgorithm.Dispose(); signingAlgorithm.Dispose(); return(blob.ToBase64()); }