Do I need to store key for CryptUnprotectData and CryptProtectData?

梦想与她 提交于 2019-12-13 02:10:01

问题


DPAPI has 2 functions: CryptUnprotectDataand CryptProtectData.
I read They do the encryption or decryption by using a session key that the function creates by using the user's logon credentials. Does that mean that I do not need store this key anywhere and they will created when I want encrypt or decrypt data?
Also I found An important point to remember is that DPAPI merely applies cryptographic protection to the data. It does not store any of the protected data; therefore applications calling DPAPI must implement their own storage of the protected data. Is this about the key or a file what was encrypted?


回答1:


The mentioned functions use the key specific to the logged in user. Thus you don't need to store the key. However, these functions are merely for data transformation and not for data storage. This means that it's your job to store encrypted data chunk wherever you want - the CryptProtectData won't do this for you.



来源:https://stackoverflow.com/questions/24386336/do-i-need-to-store-key-for-cryptunprotectdata-and-cryptprotectdata

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!