我想在我的UWP应用中保护用户的API公共密钥和秘密密钥 [英] I want to protect the users' API public and secret keys in my UWP app
问题描述
我正在开发一个UWP应用,该应用将要求用户提供其应用可访问的服务的API公共/秘密密钥。通常,我会将首选项存储在 ApplicationData.Current.RoamingSettings 中,但是使用API密钥,我想先对其进行加密。
I'm working on a UWP app where users will be asked for their API public/secret keys for a service the app will access. Normally, I'd store preferences in ApplicationData.Current.RoamingSettings, but with the API keys, I would like to encrypt them first.
如果您看到以下内容,我不确定如何继续序列化IBuffer对象,因为我被打中了不支持此类型的数据 ,当我测试如何存储它时。
If you see below, I am not sure how to proceed with serializing an IBuffer object as I am hit with "Data of this type is not supported" when I test how to store it.
我也欢迎采用其他方法来做到这一点。
I am open to other ways to do this too. Thanks!
public class StaticDataProtection
{
private ApplicationDataContainer _roamingSettings = ApplicationData.Current.RoamingSettings;
public async void SampleProtect()
{
// Initialize function arguments.
String strMsg = "Some API key to be protected.";
String strDescriptor = "LOCAL=user";
BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
// Protect a message to the local user.
IBuffer buffProtected = await this.ProtectAsync(
strMsg,
strDescriptor,
encoding);
// FAILS
// System.Exception: 'Data of this type is not supported.
// Error trying to serialize the value to be written to the application data store
_roamingSettings.Values["apiPublic"] = buffProtected;
// How to retrieve later?
IBuffer testRetrievedData = (IBuffer) _roamingSettings.Values["apiPublic"];
// Decrypt the previously protected message.
String strDecrypted = await this.UnprotectData(
testRetrievedData, //originally buffProtected,
encoding);
}
public async Task<IBuffer> ProtectAsync(
String strMsg,
String strDescriptor,
BinaryStringEncoding encoding)
{
// Create a DataProtectionProvider object for the specified descriptor.
DataProtectionProvider Provider = new DataProtectionProvider(strDescriptor);
// Encode the plaintext input message to a buffer.
encoding = BinaryStringEncoding.Utf8;
IBuffer buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);
// Encrypt the message.
IBuffer buffProtected = await Provider.ProtectAsync(buffMsg);
// Execution of the SampleProtectAsync function resumes here
// after the awaited task (Provider.ProtectAsync) completes.
return buffProtected;
}
public async Task<String> UnprotectData(
IBuffer buffProtected,
BinaryStringEncoding encoding)
{
// Create a DataProtectionProvider object.
DataProtectionProvider Provider = new DataProtectionProvider();
// Decrypt the protected message specified on input.
IBuffer buffUnprotected = await Provider.UnprotectAsync(buffProtected);
// Execution of the SampleUnprotectData method resumes here
// after the awaited task (Provider.UnprotectAsync) completes
// Convert the unprotected message from an IBuffer object to a string.
String strClearText = CryptographicBuffer.ConvertBinaryToString(encoding, buffUnprotected);
// Return the plaintext string.
return strClearText;
}
}
推荐答案
所以我要做的实际上是将IBuffer对象转换为字节数组,然后可以将其序列化并存储到ApplicationData中。
So what I had to do is actually convert the IBuffer object into a byte array, and then it can be serialized and stored into ApplicationData.
// take in the IBuffer object
DataReader reader = DataReader.FromBuffer(buffProtected);
// make sure to use UnconsumedBufferLength to create the byte array instance
byte[] array = new byte[reader.UnconsumedBufferLength];
// read from IBuffer object into the byte array (referenced from the parameter itself)
reader.ReadBytes(array);
// finally store into the app
_roamingSettings.Values["apiPublic"] = array;
To retrieve the data later:
// cast to deserialize
byte[] deserializedArray = (byte[]) _roamingSettings.Values["apiPublic"];
// convert back into an IBuffer object
IBuffer toDecrypt = CryptographicBuffer.CreateFromByteArray(deserializedArray);
// proceed to decrypt.
这篇关于我想在我的UWP应用中保护用户的API公共密钥和秘密密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
