none
Does DataProtectionScope have any effect in ProtectedData.Unprotect? RRS feed

  • Question

  • In ProtectedData.Unprotect(Byte[], Byte[], DataProtectionScope) Method, does the DataProtectionScope argument have any actual effect? When I tried it, it was able to unprotect the data even if the DataProtectionScope did not match what I had given to ProtectedData.Protect. Both calls were in the same process and there was no impersonation involved.

    According to Reference Source, ProtectedData.Unprotect translates DataProtectionScope.LocalMachine to CRYPTPROTECT_LOCAL_MACHINE and passes that to CryptUnprotectData. However, the CRYPTPROTECT_LOCAL_MACHINE flag is documented only for CryptProtectData and not for CryptUnprotectData, so I think CryptUnprotectData just ignores it.

    I'm working on a program that should read a protected password from a file and then unprotect and use it. I need to design the file format for this. If the DataProtectionScope argument indeed has no effect, then the file format need not include the DataProtectionScope. (I also considered encrypting the whole file using EFS but that does not match my requirements.)

    Tuesday, October 23, 2018 4:15 PM

Answers

  • The DataProtectionScope parameter seems to have an effect in the Mono/Xamarin implementation of ProtectedData.Unprotect: ProtectedData.cs, ManagedProtection.cs. It looks like this implementation chooses the decryption RSA key solely based on the DataProtectionScope.

    • Marked as answer by ranta Wednesday, October 24, 2018 10:27 AM
    Wednesday, October 24, 2018 10:27 AM

All replies

  • The DataProtectionScope parameter seems to have an effect in the Mono/Xamarin implementation of ProtectedData.Unprotect: ProtectedData.cs, ManagedProtection.cs. It looks like this implementation chooses the decryption RSA key solely based on the DataProtectionScope.

    • Marked as answer by ranta Wednesday, October 24, 2018 10:27 AM
    Wednesday, October 24, 2018 10:27 AM
  • OH, you replied much earlier than I expected. I thought you're MSDN subscriber and waiting the question be escalated to Microsoft Engineers(The 2 days without reply thing).

    Btw, I'll add my answer to the Windows part. When you encrypt with CRYPTPROTECT_LOCAL_MACHINE, the private key corresponding to the sessionkey is stored in "Machine" store instead of "Current user" store. My guess is the CryptUnprotectData() API will seach both location for keys so you need not specify where the key is stored.Of course this is a guess and have to be verified by someone who have access to the code.That's why I prefer to not answer it yesterday.


    Thursday, October 25, 2018 1:40 AM
    Answerer