I am trying to encrypt and decrypt some text file data using the .NET ProtectedData.Protect method. I would like to be able to encrypt text (and save it to a file) on one computer and decrypt text on another machine. The machines are in the same domain and work under the same service under the same username, so I thought that using DataProtectionScope.CurrentUser would allow any service to encrypt and decrypt the file.
When the service number two tries to decrypt the file, it returns a "key invalid for use in the specified state." Other sites suggest that this problem occurs when the impersonation is not performed correctly, but there is no impersonation. Both services run under the same AD account. It seems to me that the services use different keys to encrypt data, but I do not know why this will happen, since they work under the same account.
Has anyone else encountered such a problem?
The code I use for encryption and decryption is basically:
byte[] bytes = Encoding.Unicode.GetBytes(password); byte[] protectedPassword = ProtectedData.Protect(bytes, null, DataProtectionScope.CurrentUser); return Convert.ToBase64String(protectedPassword);
Thanks!
Carolyn
source share