I have developed a main application to control lights . Now I want to deploy this application in client site. I’ll be sending a file containing an encrypted file(key) and username(which is defadmin always) to the client to login into the application for the first time. Created a standalone application that generates an encrypted keyfile using DPAPI with current user scope. Now, I want to implement the decryption code using DPAPI in my main application to validate client to get access to the application. The problem I am facing is the encrypted key file created by me (current user) won’t be decrypted by client (who is defadmin).I found a fix using roaming user profile and isolation storage which I wasn’t quite sure how to implement even after reading MSDN articles. Also, I read using isolation by user and assembly is allowed on intranets but not on the internet. Does this mean to store roaming user profile somewhere in network and allow client to access? Please provide help to resolve this issue and would be grateful, if you could provide some example code snippet.
Asked
Active
Viewed 506 times
0
-
Forgot to mention. I've developed my application in c#. – user7274707 May 18 '17 at 11:01
1 Answers
0
DPAPI is a Windows (user or machine level) based encryption and decryption provider to securely store sensitive information within that domain. It's domain is "local", bound to a single user profile (or machine instance) and meant to share it's data.
If you want to securely share data between different users, machines you probably want to have a look at asymmetric cryptography concept (public key cryptography) like it's being used by SSH, OpenPGP, S/MIME.
kdaveid
- 2,391
- 2
- 10
- 14