使用 ProtectedData.Protect 时的 DataProtectionScope
[英]DataProtectionScope when using ProtectedData.Protect
问题描述
For encryption/decryption of data which is written in txt files I try to use System.Security.Cryptography.ProtectedData.Protect and Unprotect methods.
对于写入 txt 文件的数据的加密/解密,我尝试使用System.Security.Cryptography.ProtectedData.Protect和Unprotect方法。 One of the parameters of these methods is DataProtectionScope .这些方法的参数之一是DataProtectionScope 。 For example:例如:
byte[] encryptedData = ProtectedData.Protect(data, addEntropy, DataProtectionScope.CurrentUser);
...
byte[] decryptedData = ProtectedData.Unprotect(data, addEntropy, DataProtectionScope.CurrentUser);
or或者
byte[] encryptedData = ProtectedData.Protect(data, addEntropy, DataProtectionScope.LocalMachine);
...
byte[] decryptedData = ProtectedData.Unprotect(data, addEntropy, DataProtectionScope.LocalMachine);
My question is about differences between CurrentUser and LocalMachine DataProtectionScopes.我的问题是关于CurrentUser和LocalMachine DataProtectionScopes 之间的差异。 Is LocalMachine DataProtectionScope just less restrictive than CurrentUser one, and difference is, that data, encrypted by any user, can be decrypted by any other user working at the same computer? LocalMachine DataProtectionScope 是否比CurrentUser的限制更少,不同之处在于,由任何用户加密的数据可以由在同一台计算机上工作的任何其他用户解密? Or maybe there are some additional specifics?或者也许还有一些额外的细节?
1 个解决方案
解决方案1
2 已采纳 2011-07-16 18:30:24
CurrentUser scope stores the encryption keys that only the currently logged user will be able to retrieve the data. CurrentUser scope 存储只有当前登录的用户才能检索数据的加密密钥。 On the other hand, LocalMachine scope allows any account on the same computer to access the files but denies remote access.另一方面,LocalMachine scope 允许同一台计算机上的任何帐户访问文件,但拒绝远程访问。 Which one to use depends on your needs.使用哪一种取决于您的需求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.