none
How to use DataProtectionProvider using password/key?

    Question

  • Hi, I am using DataProtectionProvider, Provider.ProtectAsync()/UnprotectAsync() to encrypt/decrypt files in uwp, without any issue. Now I want to do the same process using a password or key using either that cryptographic provider or some other one, But I am unable to find documentation or code sample in msdn on this. Any guidance greatly appreciated!
    Thursday, March 14, 2019 2:49 PM

Answers

  • Hi,

    If you want to use SymmetricKeyAlgorithmProvider to encrypt and decrypt files, OpenAlgorithm is not the key. This is only used to specify an algorithm. Please refer to this.

    https://docs.microsoft.com/en-us/uwp/api/windows.security.cryptography.core.symmetrickeyalgorithmprovider.openalgorithm#Windows_Security_Cryptography_Core_SymmetricKeyAlgorithmProvider_OpenAlgorithm_System_String_

    CryptographicEngine.Encrypt needs to afferent the data type of Ibuffer, not string. So to encrypt and decrypt files, you just need to convert StorageFile into Ibuffer.

    The code is as follows:

    // Generate key
              SymmetricKeyAlgorithmProvider syprd = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.DesCbcPkcs7);
              IBuffer keybuffer = keyBtArray.AsBuffer();
              myKey = syprd.CreateSymmetricKey(keybuffer);
    #region
            // A byte array representing Key
            byte[] keyBtArray = { 1, 2, 3, 4, 5, 6, 7, 8 };
            // An array of bytes representing the initial vector (iv)
            byte[] ivBtArray = { 1, 2, 3, 4, 5, 6, 7, 8 };
            // Object representing the encryption/decryption key
            CryptographicKey myKey = null;
            // Represents an encrypted buffer object
            IBuffer cryptBuffer = null;
            #endregion
    private async void OnEncryptClick(object sender, RoutedEventArgs e)
            {
                FileOpenPicker opPicker = new FileOpenPicker();
                opPicker.SuggestedStartLocation = PickerLocationId.Desktop;
                opPicker.FileTypeFilter.Add(".txt");
                opPicker.FileTypeFilter.Add(".data");
                this.inputFile = await opPicker.PickSingleFileAsync();
                IBuffer buffer = await FileIO.ReadBufferAsync(inputFile);
                Button b = sender as Button;
                b.IsEnabled = false;
                this.cryptBuffer = CryptographicEngine.Encrypt(myKey, buffer, ivBtArray.AsBuffer());
                Windows.UI.Popups.MessageDialog msgdlg = new Windows.UI.Popups.MessageDialog("Encrypt");
                await msgdlg.ShowAsync();
                b.IsEnabled = true;
            }
            private async void OnDecryptoClick(object sender, RoutedEventArgs e)
            {
                Button b = sender as Button;
                b.IsEnabled = false;
                IBuffer decryptBuffer = CryptographicEngine.Decrypt(myKey, this.cryptBuffer, ivBtArray.AsBuffer());
                tbDecrypto.Text = CryptographicBuffer.ConvertBinaryToString(BinaryStringEncoding.Utf8, decryptBuffer);
                Windows.UI.Popups.MessageDialog msgbox = new Windows.UI.Popups.MessageDialog("Decrypt");
                await msgbox.ShowAsync();
                b.IsEnabled = true;
            }

    Also refer to this link, I think you can better understand it:https://docs.microsoft.com/en-us/uwp/api/Windows.Security.Cryptography.Core.SymmetricKeyAlgorithmProvider

    Best regards,

    Barry


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Bhadurudeen Tuesday, March 19, 2019 3:27 PM
    Monday, March 18, 2019 12:34 PM
    Moderator

All replies

  • Hi Bhadurudeen,

    >> Now I want to do the same process using a password or key using either that cryptographic provider or some other one,

    What do you actually want to do here? Encrypt or decrypt a file with a popup window to request for password? Or encrypt the password? Or encrypt by using a password from your app?

    If you want a popup window. In my point of view, it is a system level function which is not supported in UWP platform.

    If you need to use key or password to Encrypt or decrypt a file. Can you be specific about the Algorithm you want first? 

    Take the SymmetricKeyAlgorithmProvider class as an example, you can create a SymmetricKeyAlgorithmProvider object by calling the static OpenAlgorithm method and specifying algorithm which can generate key and vector.
    For details please check CryptographicKey Class

    If this is what you need, you can see this code sample which is used to generate a keypair. 

    Best regards,

    Barry


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Friday, March 15, 2019 8:53 AM
    Moderator
  • Hi, the OpenAlgorithm(String algorithm) of SymmetricKeyAlgorithmProvider accepts only string as parameter, But I want to encrypt/decrypt any file. how can I pass buffer/stream as input? I am not specific about any particular Algorithm, I need your suggestion on this.

    (Currently I am using this method to encrypt/decrpt files sending files parameter as buffer, where I don't have option to use any key)

    Best regards,



    Friday, March 15, 2019 4:16 PM
  • Hi,

    If you want to use SymmetricKeyAlgorithmProvider to encrypt and decrypt files, OpenAlgorithm is not the key. This is only used to specify an algorithm. Please refer to this.

    https://docs.microsoft.com/en-us/uwp/api/windows.security.cryptography.core.symmetrickeyalgorithmprovider.openalgorithm#Windows_Security_Cryptography_Core_SymmetricKeyAlgorithmProvider_OpenAlgorithm_System_String_

    CryptographicEngine.Encrypt needs to afferent the data type of Ibuffer, not string. So to encrypt and decrypt files, you just need to convert StorageFile into Ibuffer.

    The code is as follows:

    // Generate key
              SymmetricKeyAlgorithmProvider syprd = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.DesCbcPkcs7);
              IBuffer keybuffer = keyBtArray.AsBuffer();
              myKey = syprd.CreateSymmetricKey(keybuffer);
    #region
            // A byte array representing Key
            byte[] keyBtArray = { 1, 2, 3, 4, 5, 6, 7, 8 };
            // An array of bytes representing the initial vector (iv)
            byte[] ivBtArray = { 1, 2, 3, 4, 5, 6, 7, 8 };
            // Object representing the encryption/decryption key
            CryptographicKey myKey = null;
            // Represents an encrypted buffer object
            IBuffer cryptBuffer = null;
            #endregion
    private async void OnEncryptClick(object sender, RoutedEventArgs e)
            {
                FileOpenPicker opPicker = new FileOpenPicker();
                opPicker.SuggestedStartLocation = PickerLocationId.Desktop;
                opPicker.FileTypeFilter.Add(".txt");
                opPicker.FileTypeFilter.Add(".data");
                this.inputFile = await opPicker.PickSingleFileAsync();
                IBuffer buffer = await FileIO.ReadBufferAsync(inputFile);
                Button b = sender as Button;
                b.IsEnabled = false;
                this.cryptBuffer = CryptographicEngine.Encrypt(myKey, buffer, ivBtArray.AsBuffer());
                Windows.UI.Popups.MessageDialog msgdlg = new Windows.UI.Popups.MessageDialog("Encrypt");
                await msgdlg.ShowAsync();
                b.IsEnabled = true;
            }
            private async void OnDecryptoClick(object sender, RoutedEventArgs e)
            {
                Button b = sender as Button;
                b.IsEnabled = false;
                IBuffer decryptBuffer = CryptographicEngine.Decrypt(myKey, this.cryptBuffer, ivBtArray.AsBuffer());
                tbDecrypto.Text = CryptographicBuffer.ConvertBinaryToString(BinaryStringEncoding.Utf8, decryptBuffer);
                Windows.UI.Popups.MessageDialog msgbox = new Windows.UI.Popups.MessageDialog("Decrypt");
                await msgbox.ShowAsync();
                b.IsEnabled = true;
            }

    Also refer to this link, I think you can better understand it:https://docs.microsoft.com/en-us/uwp/api/Windows.Security.Cryptography.Core.SymmetricKeyAlgorithmProvider

    Best regards,

    Barry


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Bhadurudeen Tuesday, March 19, 2019 3:27 PM
    Monday, March 18, 2019 12:34 PM
    Moderator
  • Hi Barry Wang,

        // A byte array representing Key
        byte[] keyBtArray = { 1, 2, 3, 4, 5, 6, 7, 8 };

    I encrypt a file with key byte[] keyBtArray = { 1, 2, 3, 4, 5, 6, 7, 8 };

    As a strange, I am able to decrypt the encrypted file with different array key,
    for example this: byte[] keyBtArray = { 1, 2, 3, 4, 4, 6, 7, 8 };

    (In the same way, I am able to decrypt using {1,2,2,4,5,6,7,8}, which was encrypted with key {1,2,3,4,5,6,7,8})

    Is it a bug? or anything else I should consider more? 






    • Edited by Bhadurudeen Saturday, April 27, 2019 5:56 AM
    Saturday, April 27, 2019 5:50 AM