Stack Overflow
Stack Overflow

Questions tagged [dpapi]

DPAPI is the API in Windows that allows a program to store "secrets", like passwords. It is used by Microsoft in IE and storing WiFi passwords and private keys for EFS, and also by Chrome for Windows and Safari for Windows, to store website credentials.

150 questions
1
vote
1 answer

.NET wrapper for DPAPI-NG and user group access configuration

I have a number of workstations which are part of my domain, each running some .NET application. One central server stores secrets which I would like to be encrypted by a key which is accessible to all users of the system which have the appropriate…
NLuburić
  • 912
  • 1
  • 10
  • 28
1
vote
2 answers

ProtectedData.Unprotect after User changes password

I have a C# application that stores password information in a database using ProtectedData class. I use a scope of local machine and as I understand It DPAPI will use master key to encrypt it and it won't be changed unless I uninstall OS. Let's say…
user1480742
  • 145
  • 12
1
vote
1 answer

Share DPAPI keys between servers?

I have a ASP.NET WebForms application running on .NET 4.5.1 and have been using cookie based authentication with the FormsAuthentication API (not using the Identity API, however; instead I manage users and session "manually"). This application runs…
David Nordvall
  • 12,404
  • 6
  • 32
  • 52
1
vote
2 answers

DPAPI ProtectData from different users

I'm using DPAPI ProtectData as follow: var temp = new byte[32] { 1,1,1,1,1,1,1,1, 2,2,2,2,2,2,2,3, 3,3,3,3,3,3,3,3, 4,4,4,4,4,4,4,4 }; ProtectedData.Protect(temp, null, DataProtectionScope.CurrentUser); string userName =…
Evyatar
  • 1,107
  • 2
  • 13
  • 36
1
vote
1 answer

X509Certificate constructor takes >6 seconds to execute for a particular user

I've developed a C#, .NET4.5.2 client/server system which uses TLS/SSL to communicate. The certificates are loaded from a file. I created the certificate files using 'MakeCert' utitilty to create a .pvk and .cer file then I combined them into a…
Matt Perry
  • 21
  • 4
1
vote
0 answers

Service Logins - How to store credentials

In a legacy system (written in C# running on Windows) services need to use other services. One service is responsible to act upon visitors coming or leaving. The services have to authenticate themselves through a REST API with a user and a password…
tobre
  • 1,347
  • 3
  • 21
  • 53
1
vote
1 answer

Creating User Dynamically And Using DPAPI

For some project I need to: Dynamically create local user account (for this I'm using UserPrincipal class from .NET framework) Impersonate to that user (I wrote some classes that calls native LogonUser (advapi32.dll) Use DPAPI to encrypt some user…
Novak
  • 115
  • 1
  • 8
1
vote
1 answer

How to decrypt Windows Store DPAPI protected data from desktop app

We are writing a tool to migrate data from a Windows Store application to a Windows Desktop one. The store app protects some data using DPAPI which we need to be able to decrypt from the desktop application. When calling ProtectedData.Unprotect…
Richard Blewett
  • 6,089
  • 1
  • 18
  • 23
1
vote
2 answers

Decouple self-host OWIN authorization server

I have a self-hosted OWIN application configured as an authorization server and a signalr resource server. My clients are successfully obtaining the bearer token and presenting it for authorization in subsequent calls to the signalR hub. My next…
grinder22
  • 551
  • 4
  • 17
1
vote
1 answer

Encrypt the configuration group System.ServiceModel in App.config

We are deploying a client app and need to encrypt the system.serviceModel configuration group. I have been searching on StackOverflow for the better part of the day for the best way to do this and most responses have either been "rename app.config…
Nate Noonen
  • 1,371
  • 9
  • 19
1
vote
1 answer

ProtectedData Security- Accessing Encrypted Data on a Different Machine

I'm using the Local Machine Scope to protect software specific data. ProtectData.Protect(Byte[], Byte[], DataProtectionScope.LocalMachine) If someone copies the ProtectedData to another system it wont work right? Is it because of the password is…
techno
  • 6,100
  • 16
  • 86
  • 192
1
vote
0 answers

DPAPI fails to decrypt after restart of IIS

I use the .NET data protection API (DPAPI) to encrypt strings which I save in CRM 2013. The System.Security.Cryptography.DataProtectionScope is set to LocalMachine. Everything works fine as long as I don't restart IIS. Afterwards it is not possible…
Peter
  • 369
  • 2
  • 5
  • 18
1
vote
1 answer

When requesting a certificate, how do I get a pfx blob?

The following code is used to request a certificate from an ADCS instance. How do I extract the request, and the finalized pfx blob (and password protect it) for external storage? using System; using System.Collections.Generic; using…
makerofthings7
  • 60,103
  • 53
  • 215
  • 448
1
vote
1 answer

Do I need to store key for CryptUnprotectData and CryptProtectData?

DPAPI has 2 functions: CryptUnprotectDataand CryptProtectData. I read They do the encryption or decryption by using a session key that the function creates by using the user's logon credentials. Does that mean that I do not need store this key…
RuF
  • 548
  • 1
  • 11
  • 31
1
vote
2 answers

Can I derive the key used in DPAPI encryption when I know the plain text and the encrypted text?

So I have a text encrypted with DPAPI and an unknown key, and I have the plaintext that the encrypted text represents. Can I derive the key used from this, and how?
Hackworth
  • 1,069
  • 2
  • 9
  • 23
1 2 3
9 10