1

我需要解密最初在不再可用的帐户下创建的连接。

为此,我制作了一个简单的应用程序:

private void btnEncrypt_Click(object sender, EventArgs e)
    {            
        DataProtection.DataProtector dp = new DataProtection.DataProtector(DataProtection.DataProtector.Store.USE_MACHINE_STORE);
        try
        {
            byte[] dbToEncrypt = Encoding.ASCII.GetBytes(txtText.Text);
            string resultEncrypted = Convert.ToBase64String(dp.Encrypt(dbToEncrypt, null));
            txtEncrypt.Text = resultEncrypted;                
        }
        catch (Exception ex)
        {
            MessageBox.Show("Error: " + ex.Message);
        }
    }
private void btnDecrypt_Click(object sender, EventArgs e)
    {            
        DataProtection.DataProtector dp = new DataProtection.DataProtector(DataProtection.DataProtector.Store.USE_MACHINE_STORE);
        try
        {
            byte[] dbToDecrypt = Convert.FromBase64String(txtEncrypt.Text);
            string resultDecrypted = Encoding.ASCII.GetString(dp.Decrypt(dbToDecrypt, null));
            txtDecrypt.Text = resultDecrypted;
        }
        catch (Exception ex)
        {
            MessageBox.Show("Error: " + ex.Message);
        }
    }

现在,我注意到当我在我的计算机上进行测试并尝试在另一台计算机上解密加密结果时,我得到:

异常解密。解密失败。密钥在特定状态下无效。

然后,我做了一些研究,发现了这一点:

您是否将密钥从一台服务器导出到另一台服务器,因此它们的设置相同?如果不是,您使用的密钥不匹配,这将导致加密/解密错误。

我可以在这里找到钥匙:

如何获取validationkey值和decryptionkey值?

decryption key can be found at "D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys"

so my question is: If I export the keys in that location from my computer the the one I want to decrypt the data will that work? and by export mean just copy the key files or do another operation?

4

1 回答 1

1

AFAIK this is not possible - and in any case is not desirable. DPAPI regularly creates new keys, so even if you could copy the keys between machines, they would become obsolete after a period of time.

If you want to decrypt data on more than one computer, use a different method, e.g. RSA.

于 2012-06-13T19:24:48.100 回答