Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

ProtectedData.Unprotect Method (Byte[], Byte[], DataProtectionScope)

Decrypts the data in a specified byte array and returns a byte array that contains the decrypted data.

Namespace:  System.Security.Cryptography
Assembly:  System.Security (in System.Security.dll)

public static byte[] Unprotect(
	byte[] encryptedData,
	byte[] optionalEntropy,
	DataProtectionScope scope
)

Parameters

encryptedData
Type: System.Byte[]

A byte array containing data encrypted using the Protect method.

optionalEntropy
Type: System.Byte[]

An optional additional byte array that was used to encrypt the data, or null if the additional byte array was not used.

scope
Type: System.Security.Cryptography.DataProtectionScope

One of the enumeration values that specifies the scope of data protection that was used to encrypt the data.

Return Value

Type: System.Byte[]
A byte array representing the decrypted data.

ExceptionCondition
ArgumentNullException

The encryptedData parameter is null.

CryptographicException

The decryption failed.

NotSupportedException

The operating system does not support this method.

OutOfMemoryException

Out of memory.

This method can be used to unprotect data that was encrypted using the Protect method. If the optionalEntropy parameter was used during encryption, it must be supplied to unencrypt the data.

NoteNote

If you use this method during impersonation, you may receive the following error: "Key not valid for use in specified state." To prevent this error, load the profile of the user you want to impersonate before calling the method.

The following code example shows how to use data protection.

using System;
using System.Security.Cryptography;

public class DataProtectionSample
{
// Create byte array for additional entropy when using Protect method. 
	static byte [] s_aditionalEntropy = { 9, 8, 7, 6, 5 };

	public static void Main()
	{
// Create a simple byte array containing data to be encrypted. 
		
byte [] secret = { 0, 1, 2, 3, 4, 1, 2, 3, 4 };

//Encrypt the data. 
		byte [] encryptedSecret = Protect( secret );
		Console.WriteLine("The encrypted byte array is:");
		PrintValues(encryptedSecret);
		
// Decrypt the data and store in a byte array. 
		byte [] originalData = Unprotect( encryptedSecret );
		Console.WriteLine("{0}The original data is:", Environment.NewLine);
		PrintValues(originalData);

	}

	public static byte [] Protect( byte [] data )
	{
		try
		{
			// Encrypt the data using DataProtectionScope.CurrentUser. The result can be decrypted 
			//  only by the same current user. 
			return ProtectedData.Protect( data, s_aditionalEntropy, DataProtectionScope.CurrentUser );
		} 
		catch (CryptographicException e)
		{
			Console.WriteLine("Data was not encrypted. An error occurred.");
			Console.WriteLine(e.ToString());
			return null;
		}
	}

	public static byte [] Unprotect( byte [] data )
	{
		try
		{
			//Decrypt the data using DataProtectionScope.CurrentUser. 
			return ProtectedData.Unprotect( data, s_aditionalEntropy, DataProtectionScope.CurrentUser );
		} 
		catch (CryptographicException e)
		{
			Console.WriteLine("Data was not decrypted. An error occurred.");
			Console.WriteLine(e.ToString());
			return null;
		}
	}

	public static void PrintValues( Byte[] myArr )  
	{
	      foreach ( Byte i in myArr )  
		  	{
		         Console.Write( "\t{0}", i );
			 }
      Console.WriteLine();
	 }

}

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Show:
© 2015 Microsoft