From 83663f789bbb6501e5aa4b6acb6bf8ed7b694be9 Mon Sep 17 00:00:00 2001
From: David Fowler <davidfowl@gmail.com>
Date: Tue, 29 Apr 2014 23:07:29 -0700
Subject: [PATCH] Added support for protected data style DPAPI - This won't
 work across core clr and desktop and mono but  that's ok for the moment
 because it unblocks things

---
 .../DataProtectionProvider.cs                 | 16 +++++
 ...osoft.AspNet.Security.DataProtection.kproj |  2 +
 .../ProtectedDataProtectionProvider.cs        | 72 +++++++++++++++++++
 .../project.json                              |  6 +-
 4 files changed, 95 insertions(+), 1 deletion(-)
 create mode 100644 src/Microsoft.AspNet.Security.DataProtection/ProtectedDataProtectionProvider.cs

diff --git a/src/Microsoft.AspNet.Security.DataProtection/DataProtectionProvider.cs b/src/Microsoft.AspNet.Security.DataProtection/DataProtectionProvider.cs
index 2babfa5008..b9a015c819 100644
--- a/src/Microsoft.AspNet.Security.DataProtection/DataProtectionProvider.cs
+++ b/src/Microsoft.AspNet.Security.DataProtection/DataProtectionProvider.cs
@@ -1,5 +1,8 @@
 using System;
 using System.Globalization;
+#if NET45
+using System.Security.Cryptography;
+#endif
 using System.Text;
 using Microsoft.AspNet.Security.DataProtection;
 using Microsoft.AspNet.Security.DataProtection.Util;
@@ -24,6 +27,19 @@ namespace Microsoft.AspNet.Security.DataProtection
             return CreateFromDpapi(protectToLocalMachine: false);
         }
 
+#if NET45
+        // These are for mono
+        public static IDataProtectionProvider CreateFromLegacyDpapi()
+        {
+            return CreateFromLegacyDpapi(DataProtectionScope.CurrentUser);
+        }
+
+        public static IDataProtectionProvider CreateFromLegacyDpapi(DataProtectionScope scope)
+        {
+            return new ProtectedDataProtectionProvider(scope);
+        }
+#endif
+
         /// <summary>
         /// Creates a new IDataProtectionProvider backed by DPAPI.
         /// </summary>
diff --git a/src/Microsoft.AspNet.Security.DataProtection/Microsoft.AspNet.Security.DataProtection.kproj b/src/Microsoft.AspNet.Security.DataProtection/Microsoft.AspNet.Security.DataProtection.kproj
index 9b57d1f1b4..3e3e702521 100644
--- a/src/Microsoft.AspNet.Security.DataProtection/Microsoft.AspNet.Security.DataProtection.kproj
+++ b/src/Microsoft.AspNet.Security.DataProtection/Microsoft.AspNet.Security.DataProtection.kproj
@@ -23,6 +23,8 @@
   <ItemGroup>
     <Compile Include="Algorithms.cs" />
     <Compile Include="BCryptAlgorithmFlags.cs" />
+    <Compile Include="ProtectedDataProtectionProvider.cs" />
+    <Compile Include="PBKDF2.cs" />
     <Compile Include="SuppressUnmanagedCodeSecurityAttribute - Copy.cs" />
     <Compile Include="SafeLibraryHandle.cs" />
     <Compile Include="BCryptAlgorithmHandle.cs" />
diff --git a/src/Microsoft.AspNet.Security.DataProtection/ProtectedDataProtectionProvider.cs b/src/Microsoft.AspNet.Security.DataProtection/ProtectedDataProtectionProvider.cs
new file mode 100644
index 0000000000..d9444402f7
--- /dev/null
+++ b/src/Microsoft.AspNet.Security.DataProtection/ProtectedDataProtectionProvider.cs
@@ -0,0 +1,72 @@
+#if NET45
+using System;
+using System.Security.Cryptography;
+using System.Text;
+
+namespace Microsoft.AspNet.Security.DataProtection
+{
+    internal class ProtectedDataProtectionProvider : IDataProtectionProvider
+    {
+        private readonly DataProtectionScope _scope;
+
+        public ProtectedDataProtectionProvider(DataProtectionScope scope)
+        {
+            _scope = scope;
+        }
+
+        public IDataProtector CreateProtector(string purpose)
+        {
+            return new ProtectedDataProtector(_scope, purpose);
+        }
+
+        public void Dispose()
+        {
+
+        }
+
+        private class ProtectedDataProtector : IDataProtector
+        {
+            private readonly DataProtectionScope _scope;
+            private readonly byte[] _entropy;
+
+            public ProtectedDataProtector(DataProtectionScope scope, string purpose)
+            {
+                _scope = scope;
+                _entropy = Encoding.UTF8.GetBytes(purpose);
+            }
+
+            private ProtectedDataProtector(DataProtectionScope scope, byte[] entropy)
+            {
+                _scope = scope;
+                _entropy = entropy;
+            }
+
+            public IDataProtector CreateSubProtector(string purpose)
+            {
+                var purposeBytes = Encoding.UTF8.GetBytes(purpose);
+                var subProtectorEntropy = new byte[_entropy.Length + purposeBytes.Length];
+
+                Buffer.BlockCopy(_entropy, 0, subProtectorEntropy, 0, _entropy.Length);
+                Buffer.BlockCopy(purposeBytes, 0, subProtectorEntropy, _entropy.Length, purposeBytes.Length);
+
+                return new ProtectedDataProtector(_scope, subProtectorEntropy);
+            }
+
+            public byte[] Protect(byte[] unprotectedData)
+            {
+                return ProtectedData.Protect(unprotectedData, _entropy, _scope);
+            }
+
+            public byte[] Unprotect(byte[] protectedData)
+            {
+                return ProtectedData.Unprotect(protectedData, _entropy, _scope);
+            }
+
+            public void Dispose()
+            {
+
+            }
+        }
+    }
+}
+#endif
diff --git a/src/Microsoft.AspNet.Security.DataProtection/project.json b/src/Microsoft.AspNet.Security.DataProtection/project.json
index ef495793cb..e290f191b6 100644
--- a/src/Microsoft.AspNet.Security.DataProtection/project.json
+++ b/src/Microsoft.AspNet.Security.DataProtection/project.json
@@ -1,7 +1,11 @@
 {
   "version": "0.1-alpha-*",
   "configurations": {
-    "net45": {},
+    "net45": {
+        "dependencies": {
+            "System.Security": ""
+        }
+    },
     "k10": {
       "dependencies": {
         "System.Diagnostics.Debug": "4.0.10.0",