Stack Overflow
Stack Overflow

Questions tagged [dpapi]

DPAPI is the API in Windows that allows a program to store "secrets", like passwords. It is used by Microsoft in IE and storing WiFi passwords and private keys for EFS, and also by Chrome for Windows and Safari for Windows, to store website credentials.

150 questions
0
votes
0 answers

Can use the Windows Data Protection API as SYSTEM?

I need to encrypt some values in a configuration file for a .NET Framework Windows Service that runs as SYSTEM and was wondering if I can use the DPAPI for that. Is the SYSTEM authority able to have "user" private key or does it have to use the…
bananabr
  • 147
  • 11
0
votes
0 answers

Clarity on the method to secure "remember my password" feature of our desktop application, similar to the feature in SQL Server credentials

We would like to implement the feature of remembering user's passwords in our application similar to how Microsoft SQL Server login credentials are stored. (nothing to do with SQL server connection) We researched and found some information on…
IT researcher
  • 3,274
  • 17
  • 79
  • 143
0
votes
0 answers

How to strengthen DPAPI encryption and password security?

We are using DPAPI method to protect password for our application using the below code. We checked and found that other users were able to decrypt the password if elevated privileges were gained. Imports System.Text Imports…
IT researcher
  • 3,274
  • 17
  • 79
  • 143
0
votes
1 answer

"WindowsCryptographicException: The system cannot find the path specified" when trying to use DPAPI from LocalSystem account

I use DPAPI with DataProtectionScope.LocalMachine in a Windows Service. I tested my service by running it directly on my user account. It works. Also works when run as administrator. Then I install it as a Windows Service on LocalSystem…
Harry
  • 4,524
  • 4
  • 42
  • 81
0
votes
1 answer

MS Data Protection API for Query String Protection force same ciphertext for given plaintext

I'm using the Data Protection API to protect my MVC .NET Core 2.2 Web Application against IDOR (Insecure Direct Object Reference) bugs by encrypting the value in the query string. I have the below code based on the Microsoft Documentation here that…
Twe2
  • 3
  • 1
0
votes
1 answer

Encode blob in chrome cookies

I want to insert cookies to chrome (C:\Users\AppData\Local\Google\Chrome\User Data\Default\Cookies), via a python script and sqlite. The actual cookie values is stored in the column "encrypted_value" and it is a blob. How do I encrypt my plain…
Jonaswinz
  • 342
  • 4
  • 15
0
votes
1 answer

Intermittent "Key not valid for use in specified state" exceptions using DPAPI with IIS and ASP.NET MVC using CurrentUser

We have two servers running the same ASP.NET MVC application under IIS. Server A is running IIS 7.5 on Windows Server 2008 R2 Standard v 6.1 build 7601 SP1. Server B is running IIS 8.5 on Windows Server 2012 R2 v 6.3 build 9600. The app pools run…
SJC
  • 652
  • 6
  • 14
0
votes
1 answer

Using IdentityServer4 with DataProtection API for token signing

I have an authentication/authorization server based on IS4 + Net Core 3.1. Since this Identity Service interacts with some new as well as some quite legacy applications, it also creates 2 different authentication cookies plus tokens. We are are…
Facundo La Rocca
  • 3,786
  • 2
  • 25
  • 47
0
votes
1 answer

updating XDocument with DPAPI not working?

I am new to C# and cryptography but I want to secure some data like an account with DPAPI in a C# project. I tryed some ways to do it but the data passed is XDocument and have to stay as it. I tryed to pass a string and modify it with no problem but…
Emmanuel Michaud
  • 13
  • 4
0
votes
1 answer

Windows DPAPI in AWS AMI fails with Access is denied

We are using an AWS EC2 Windows AMI to do our builds from a Jenkins job. Our libraries use the Windows Cryptography API: Next Generation (NG) (DPAPI) to protect sensitive data from C# and C++ components. Our builds succeed without any issue, but…
CJCombrink
  • 3,738
  • 1
  • 22
  • 38
0
votes
1 answer

I am trying to base64 decode a string with openssl but the string returned isnt valid

This is the code that i am using and the string i am trying to base64 decode is below which is a from the chrome localstate file,DPAPI…
yeah_well
  • 130
  • 1
  • 6
0
votes
2 answers

Does `Microsoft.AspNetCore.Identity.PasswordHasher` use ASP.NET Core Data Protection under the covers?

Background: I have a ASP.NET Core 3.1 application that is running in an AWS FARGATE container (on Linux). What I need to do: I need to hash passwords using a built-in .NET Core solution. I'd prefer to use a solution where I don't have to manage…
Dave Black
  • 7,305
  • 2
  • 52
  • 41
0
votes
0 answers

Unable to find an entry point named 'CryptProtectMemory' in DLL 'crypt32.dll' using donet core DPAPI

I'm coding a little helper utility for encrypting and decrypting strings using the dotnet core windows data protection api (dpapi). Here is the full Program.cs (both nuget packages are version 3.1.3): using System; using System.Linq; using…
baouss
  • 1,312
  • 1
  • 22
  • 52
0
votes
0 answers

LocalFree breaks DPAPI encrypt/decrypt

I'm writing a small console program to test out DPAPI based on the constraints I have to work with for a project (all wstring, need to output encrypted data in base64) and ran into an issue where if I call LocalFree on the pbData of the…
DennisKRQ
  • 175
  • 1
  • 6
0
votes
1 answer

How do OSes store keys for encrypted data

I wonder how do OSes store the keys used to encrypt things like website passwords. After searching online I found only two answers but they only refer to how service providers should store passwords (they should store a hash and a salt), or how apps…
lsauceda
  • 315
  • 3
  • 12
1 2 3
9 10