[英]DataProtectionScope when using ProtectedData.Protect
For encryption/decryption of data which is written in txt files I try to use System.Security.Cryptography.ProtectedData.Protect
and Unprotect
methods.对于写入 txt 文件的数据的加密/解密,我尝试使用
System.Security.Cryptography.ProtectedData.Protect
和Unprotect
方法。 One of the parameters of these methods is DataProtectionScope
.这些方法的参数之一是
DataProtectionScope
。 For example:例如:
byte[] encryptedData = ProtectedData.Protect(data, addEntropy, DataProtectionScope.CurrentUser);
...
byte[] decryptedData = ProtectedData.Unprotect(data, addEntropy, DataProtectionScope.CurrentUser);
or或者
byte[] encryptedData = ProtectedData.Protect(data, addEntropy, DataProtectionScope.LocalMachine);
...
byte[] decryptedData = ProtectedData.Unprotect(data, addEntropy, DataProtectionScope.LocalMachine);
My question is about differences between CurrentUser
and LocalMachine
DataProtectionScopes.我的问题是关于
CurrentUser
和LocalMachine
DataProtectionScopes 之间的差异。 Is LocalMachine
DataProtectionScope just less restrictive than CurrentUser
one, and difference is, that data, encrypted by any user, can be decrypted by any other user working at the same computer? LocalMachine
DataProtectionScope 是否比CurrentUser
的限制更少,不同之处在于,由任何用户加密的数据可以由在同一台计算机上工作的任何其他用户解密? Or maybe there are some additional specifics?或者也许还有一些额外的细节?
CurrentUser scope stores the encryption keys that only the currently logged user will be able to retrieve the data. CurrentUser scope 存储只有当前登录的用户才能检索数据的加密密钥。 On the other hand, LocalMachine scope allows any account on the same computer to access the files but denies remote access.
另一方面,LocalMachine scope 允许同一台计算机上的任何帐户访问文件,但拒绝远程访问。 Which one to use depends on your needs.
使用哪一种取决于您的需求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.