Added support for protected data style DPAPI
- This won't work across core clr and desktop and mono but that's ok for the moment because it unblocks things
This commit is contained in:
David Fowler
parent
6bc6da1c7d
commit
83663f789b
|
|
@ -1,5 +1,8 @@
|
|||
using System;
|
||||
using System.Globalization;
|
||||
#if NET45
|
||||
using System.Security.Cryptography;
|
||||
#endif
|
||||
using System.Text;
|
||||
using Microsoft.AspNet.Security.DataProtection;
|
||||
using Microsoft.AspNet.Security.DataProtection.Util;
|
||||
|
|
@ -24,6 +27,19 @@ namespace Microsoft.AspNet.Security.DataProtection
|
|||
return CreateFromDpapi(protectToLocalMachine: false);
|
||||
}
|
||||
|
||||
#if NET45
|
||||
// These are for mono
|
||||
public static IDataProtectionProvider CreateFromLegacyDpapi()
|
||||
{
|
||||
return CreateFromLegacyDpapi(DataProtectionScope.CurrentUser);
|
||||
}
|
||||
|
||||
public static IDataProtectionProvider CreateFromLegacyDpapi(DataProtectionScope scope)
|
||||
{
|
||||
return new ProtectedDataProtectionProvider(scope);
|
||||
}
|
||||
#endif
|
||||
|
||||
/// <summary>
|
||||
/// Creates a new IDataProtectionProvider backed by DPAPI.
|
||||
/// </summary>
|
||||
|
|
|
|||
|
|
@ -23,6 +23,8 @@
|
|||
<ItemGroup>
|
||||
<Compile Include="Algorithms.cs" />
|
||||
<Compile Include="BCryptAlgorithmFlags.cs" />
|
||||
<Compile Include="ProtectedDataProtectionProvider.cs" />
|
||||
<Compile Include="PBKDF2.cs" />
|
||||
<Compile Include="SuppressUnmanagedCodeSecurityAttribute - Copy.cs" />
|
||||
<Compile Include="SafeLibraryHandle.cs" />
|
||||
<Compile Include="BCryptAlgorithmHandle.cs" />
|
||||
|
|
|
|||
|
|
@ -0,0 +1,72 @@
|
|||
#if NET45
|
||||
using System;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
|
||||
namespace Microsoft.AspNet.Security.DataProtection
|
||||
{
|
||||
internal class ProtectedDataProtectionProvider : IDataProtectionProvider
|
||||
{
|
||||
private readonly DataProtectionScope _scope;
|
||||
|
||||
public ProtectedDataProtectionProvider(DataProtectionScope scope)
|
||||
{
|
||||
_scope = scope;
|
||||
}
|
||||
|
||||
public IDataProtector CreateProtector(string purpose)
|
||||
{
|
||||
return new ProtectedDataProtector(_scope, purpose);
|
||||
}
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
private class ProtectedDataProtector : IDataProtector
|
||||
{
|
||||
private readonly DataProtectionScope _scope;
|
||||
private readonly byte[] _entropy;
|
||||
|
||||
public ProtectedDataProtector(DataProtectionScope scope, string purpose)
|
||||
{
|
||||
_scope = scope;
|
||||
_entropy = Encoding.UTF8.GetBytes(purpose);
|
||||
}
|
||||
|
||||
private ProtectedDataProtector(DataProtectionScope scope, byte[] entropy)
|
||||
{
|
||||
_scope = scope;
|
||||
_entropy = entropy;
|
||||
}
|
||||
|
||||
public IDataProtector CreateSubProtector(string purpose)
|
||||
{
|
||||
var purposeBytes = Encoding.UTF8.GetBytes(purpose);
|
||||
var subProtectorEntropy = new byte[_entropy.Length + purposeBytes.Length];
|
||||
|
||||
Buffer.BlockCopy(_entropy, 0, subProtectorEntropy, 0, _entropy.Length);
|
||||
Buffer.BlockCopy(purposeBytes, 0, subProtectorEntropy, _entropy.Length, purposeBytes.Length);
|
||||
|
||||
return new ProtectedDataProtector(_scope, subProtectorEntropy);
|
||||
}
|
||||
|
||||
public byte[] Protect(byte[] unprotectedData)
|
||||
{
|
||||
return ProtectedData.Protect(unprotectedData, _entropy, _scope);
|
||||
}
|
||||
|
||||
public byte[] Unprotect(byte[] protectedData)
|
||||
{
|
||||
return ProtectedData.Unprotect(protectedData, _entropy, _scope);
|
||||
}
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
|
@ -1,7 +1,11 @@
|
|||
{
|
||||
"version": "0.1-alpha-*",
|
||||
"configurations": {
|
||||
"net45": {},
|
||||
"net45": {
|
||||
"dependencies": {
|
||||
"System.Security": ""
|
||||
}
|
||||
},
|
||||
"k10": {
|
||||
"dependencies": {
|
||||
"System.Diagnostics.Debug": "4.0.10.0",
|
||||
|
|
|
|||
Loading…
Reference in New Issue