How to decrypt Windows Store DPAPI protected data from desktop app
Question
We are writing a tool to migrate data from a Windows Store application to a Windows Desktop one. The store app protects some data using DPAPI which we need to be able to decrypt from the desktop application.
When calling ProtectedData.Unprotect method we are getting a CryptographicException stating "the parameter is invalid". Looking at the store application code I can see that the DPAPI API is different from the desktop .NET framework. The store app API is used as follows:
provider = new DataProtectionProvider("LOCAL=user");
...
IBuffer origBuffer = await this.provider.UnprotectAsync(encryptedBuffer);
The desktop API looks like the following
byte[] ProtectedData.Unprotect(byte[] encryptedBytes,
byte[] entropy,
DataProtectionScope scope);
We have tried to use DataProtectionScope.CurrentUser and entropy null but this results in the above CryptographicException. At a guess, internally, the store API uses a specific entropy without which we cannot decrypt the data.
Does anyone know what the store DPAPI API is doing behind the scenes that would allow us to decrypt the store data?
1 answers
solution1
1 ACCPTED 2015-12-10 14:54:50
Sorry to not have a direct answer but can't you reference the WinRT API from your desktop application in order to decrypt this secured bytes ?
Here is a guide to reference the WinRT API in a WPF application : http://www.hanselman.com/blog/HowToCallWinRTAPIsInWindows8FromCDesktopApplicationsWinRTDiagram.aspx
Regards
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.