IPWorks Encrypt 2020 Node.js Edition

Questions / Feedback?

DPAPI Class

Properties   Methods   Events   Configuration Settings   Errors  

The DPAPI class allows you to protect and unprotect data.

Syntax

ipworksencrypt.dpapi()

Remarks

The class supports the classic Microsoft Windows Data Protection API (DPAPI) or CNG DPAPI implementation. The use of UseCNG determines which implementation is used.

The classic DPAPI functionality protects data on a single system. The CNG DPAPI is designed with modern use cases involved. In many cases, especially with cloud computing, protection and unprotection may be done on different systems. With this in mind the Microsoft CNG DPAPI allows encrypting to a set of principals that can be used to unprotect the data on other systems after authenticating.

Protecting Data

Protect protects the specified data.

The class supports protecting data using either the classic DPAPI or CNG DPAPI implementation. The use of UseCNG determines which implementation is used. The list of applicable properties differs depending on whether CNG DPAPI is being used.

When using classic DPAPI (UseCNG is False), the following optional properties are applicable:

When using CNG DPAPI (UseCNG is True), the following properties are applicable:

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

Code Example (Classic DPAPI - UseCNG is False)


//Protect
Dpapi dpapi = new Dpapi();
dpapi.InputMessage = "test";
dpapi.Protect();
byte[] protectedData = dpapi.OutputMessageB;

//Unprotect
dpapi = new Dpapi();
dpapi.InputMessageB = protectedData;
dpapi.Unprotect();
Console.WriteLine(dpapi.OutputMessage); //outputs "test"

Code Example (CNG DPAPI - UseCNG is True)


//Protect
Dpapi dpapi = new Dpapi();
dpapi.UseCNG = true;
dpapi.ProtectionDescriptor = "LOCAL=user";
dpapi.InputMessage = "test";
dpapi.Protect();
byte[] protectedData = dpapi.OutputMessageB;

//Unprotect
dpapi = new Dpapi();
dpapi.UseCNG = true;
dpapi.InputMessageB = protectedData;
dpapi.Unprotect();
Console.WriteLine(dpapi.OutputMessage); //outputs "test"

Unprotecting Data

Unprotect unprotects the specified data.

The class supports unprotecting data using either the classic DPAPI or CNG DPAPI implementation. The use of UseCNG determines which implementation is used. The list of applicable properties differs depending on whether CNG DPAPI is being used.

When using classic DPAPI (UseCNG is False), the following optional properties are applicable:

When using CNG DPAPI (UseCNG is True), the following properties are applicable:

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

Code Example (Classic DPAPI - UseCNG is False)


//Protect
Dpapi dpapi = new Dpapi();
dpapi.InputMessage = "test";
dpapi.Protect();
byte[] protectedData = dpapi.OutputMessageB;

//Unprotect
dpapi = new Dpapi();
dpapi.InputMessageB = protectedData;
dpapi.Unprotect();
Console.WriteLine(dpapi.OutputMessage); //outputs "test"

Code Example (CNG DPAPI - UseCNG is True)


//Protect
Dpapi dpapi = new Dpapi();
dpapi.UseCNG = true;
dpapi.ProtectionDescriptor = "LOCAL=user";
dpapi.InputMessage = "test";
dpapi.Protect();
byte[] protectedData = dpapi.OutputMessageB;

//Unprotect
dpapi = new Dpapi();
dpapi.UseCNG = true;
dpapi.InputMessageB = protectedData;
dpapi.Unprotect();
Console.WriteLine(dpapi.OutputMessage); //outputs "test"

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

DataDescriptionThe description of data.
InputFileThe file to process.
InputMessageThe message to process.
OutputFileThe output file when encrypting or decrypting.
OutputMessageThe output message after processing.
OverwriteIndicates whether or not the class should overwrite files.
PasswordAn optional password to further protect data.
PromptTitleThe title of the prompt window.
PromptUserWhether to display a prompt.
ProtectionDescriptorThe CNG protection descriptor.
UseCNGWhether to use CNG DPAPI.
UseHexWhether input or output is hex encoded.

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

ConfigSets or retrieves a configuration setting.
ProtectProtects the data.
ResetResets the class.
UnprotectUnprotects the data.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

ErrorInformation about errors during data delivery.
ProgressFired as progress is made.

Configuration Settings


The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.

EscapeDescriptorWhether to escape the protection descriptor.
ProtectionFlagsUsed to specify additional options.
UseStreamModeWhether to use the CNG streaming operations.
BuildInfoInformation about the product's build.
CodePageThe system code page used for Unicode to Multibyte translations.
LicenseInfoInformation about the current license.
ProcessIdleEventsWhether the class uses its internal event loop to process events when the main thread is idle.
SelectWaitMillisThe length of time in milliseconds the class will wait when DoEvents is called if there are no events to process.
UseInternalSecurityAPITells the class whether or not to use the system security libraries or an internal implementation.

Copyright (c) 2022 /n software inc. - All rights reserved.
IPWorks Encrypt 2020 Node.js Edition - Version 20.0 [Build 8155]