Encrypt/Decrypt using DataProtection.DataProtector c#

StackOverflow https://stackoverflow.com/questions/11021797

  •  14-06-2021
  •  | 
  •  

Pergunta

I need to decrypt a conection that was created initially under an account that is no longer available.

In order to do that I made a simple app:

private void btnEncrypt_Click(object sender, EventArgs e)
    {            
        DataProtection.DataProtector dp = new DataProtection.DataProtector(DataProtection.DataProtector.Store.USE_MACHINE_STORE);
        try
        {
            byte[] dbToEncrypt = Encoding.ASCII.GetBytes(txtText.Text);
            string resultEncrypted = Convert.ToBase64String(dp.Encrypt(dbToEncrypt, null));
            txtEncrypt.Text = resultEncrypted;                
        }
        catch (Exception ex)
        {
            MessageBox.Show("Error: " + ex.Message);
        }
    }
private void btnDecrypt_Click(object sender, EventArgs e)
    {            
        DataProtection.DataProtector dp = new DataProtection.DataProtector(DataProtection.DataProtector.Store.USE_MACHINE_STORE);
        try
        {
            byte[] dbToDecrypt = Convert.FromBase64String(txtEncrypt.Text);
            string resultDecrypted = Encoding.ASCII.GetString(dp.Decrypt(dbToDecrypt, null));
            txtDecrypt.Text = resultDecrypted;
        }
        catch (Exception ex)
        {
            MessageBox.Show("Error: " + ex.Message);
        }
    }

Now, I have noticed that when I do a test in my computer, and try to decrypt the encrypted result in a different computer I get:

Exception decrypting. Decryption failed. Key not valid for use in specific state.

Then, I did some research and found out this:

Did you export the key from one server to the other so they are both set up the same? If not, you are using mismatched keys, which will cause an encryption/decryption error.

and I can find the keys here:

How to get the validationkey value and decryptionkey value?

decryption key can be found at "D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys"

so my question is: If I export the keys in that location from my computer the the one I want to decrypt the data will that work? and by export mean just copy the key files or do another operation?

Foi útil?

Solução

AFAIK this is not possible - and in any case is not desirable. DPAPI regularly creates new keys, so even if you could copy the keys between machines, they would become obsolete after a period of time.

If you want to decrypt data on more than one computer, use a different method, e.g. RSA.

Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow
scroll top