none
ProtectedData.Protect/Unprotect behaves weirdly RRS feed

  • Question

  • I have a very simple code that never caused me any trouble for many years:

    // Encode:

                        Convert.ToBase64String(
                            ProtectedData.Protect(
                                Encoding.UTF8.GetBytes(data),
                                null,
                                DataProtectionScope.LocalMachine
                            )
                        );

    // Decode:

    Encoding.UTF8.GetString( ProtectedData.Unprotect( Convert.FromBase64String(data), null, DataProtectionScope.LocalMachine ) );


    It is used to store passwords in configuration files. I also have a backup/restore application that takes said config files on one machine, decrypts passwords, then encrypts them on another machine. Very simple, always worked.

    Now I decided to move to a new machine, a freshly installed Windows Pro 10 in VMWare Fusion and I met this unexpected problem. The above functions can encrypt/decrypt the data in the backup application, but when I try to use it in another application, decryption fails with "Key not valid for use in specified state." exception. This is very weird because when I encrypt passwords in my application, it can decrypt them correctly.

    It looks like for some reasons on that specific machine, it started using certificates per application. Why would this happen? How can I fix this? I am not sure if this is a problem with Fusion or some other issue?

    Sunday, February 9, 2020 3:08 AM

All replies