DataProtectionProvider.UnprotectStreamAsync | unprotectStreamAsync method

Applies to Windows and Windows Phone

Asynchronously decrypts a data stream.

Syntax


dataProtectionProvider.unprotectStreamAsync(src, dest).done( /* Your success and error handlers */ );

Parameters

src

Type: IInputStream

Stream to decrypt.

dest

Type: IOutputStream

Decrypted stream.

Return value

Type: IAsyncAction

Represents an asynchronous action.

Remarks

You must call the DataProtectionProvider() constructor before calling this method.

For security descriptors and SDDL strings, you must set the enterprise authentication capability in the manifest. The enterprise authentication capability is restricted to Windows Store apps built with company accounts, and is subject to additional onboarding validation. You should avoid the enterprise authentication capability unless it is absolutely necessary. For more information, see Registering for a Windows Store developer account.

For example, the following SID and SDDL providers require the enterprise authentication capability:

  • "SID=S-1-5-21-4392301 AND SID=S-1-5-21-3101812"
  • "SDDL=O:S-1-5-5-0-290724G:SYD:(A;;CCDC;;;S-1-5-5-0-290724)(A;;DC;;;WD)"

These providers do not require the enterprise authentication capability:

  • "LOCAL=user"
  • "LOCAL=machine"
  • "WEBCREDENTIALS=MyPasswordName"
  • "WEBCREDENTIALS=MyPasswordName,myweb.com"

Examples

The following example shows how to decrypt static data that was previously protected by using the ProtectStreamAsync function.


public async Task<String> SampleDataUnprotectStream(
    IBuffer buffProtected,
    BinaryStringEncoding encoding)
{
    // Create a DataProtectionProvider object.
    DataProtectionProvider Provider = new DataProtectionProvider();

    // Create a random access stream to contain the encrypted message.
    InMemoryRandomAccessStream inputData = new InMemoryRandomAccessStream();

    // Create a random access stream to contain the decrypted data.
    InMemoryRandomAccessStream unprotectedData = new InMemoryRandomAccessStream();

    // Retrieve an IOutputStream object and fill it with the input (encrypted) data.
    IOutputStream outputStream = inputData.GetOutputStreamAt(0);
    DataWriter writer = new DataWriter(outputStream);
    writer.WriteBuffer(buffProtected);
    await writer.StoreAsync();
    await outputStream.FlushAsync();

    // Retrieve an IInputStream object from which you can read the input (encrypted) data.
    IInputStream source = inputData.GetInputStreamAt(0);

    // Retrieve an IOutputStream object and fill it with decrypted data.
    IOutputStream dest = unprotectedData.GetOutputStreamAt(0);
    await Provider.UnprotectStreamAsync(source, dest);
    await dest.FlushAsync();

    // Write the decrypted data to an IBuffer object.
    DataReader reader2 = new DataReader(unprotectedData.GetInputStreamAt(0));
    await reader2.LoadAsync((uint)unprotectedData.Size);
    IBuffer buffUnprotectedData = reader2.ReadBuffer((uint)unprotectedData.Size);

    // Convert the IBuffer object to a string using the same encoding that was
    // used previously to conver the plaintext string (before encryption) to an
    // IBuffer object.
    String strUnprotected = CryptographicBuffer.ConvertBinaryToString(encoding, buffUnprotectedData);

    // Return the decrypted data.
    return strUnprotected;
}


Requirements

Minimum supported client

Windows 8

Minimum supported server

Windows Server 2012

Minimum supported phone

Windows Phone 8.1 [Windows Runtime apps only]

Namespace

Windows.Security.Cryptography.DataProtection
Windows::Security::Cryptography::DataProtection [C++]

Metadata

Windows.winmd

See also

DataProtectionProvider

 

 

Show:
© 2014 Microsoft