Fixing MSDN's bad DPAPI examples (And what's DPAPI anyway?)
DPAPI (Data Protection API) is something that most developers
still don't know enough about. The good news is that working with it is much easier with .NET 2.0 and VS 2005, but in the meantime, if you want to work with secure data (encrypted), using DPAPI is not the easiest thing in the word. It's mostly unmanaged APIs, and you'd have to create a wrapper class (or set of classes) to work with it.
Fortunately for us developers, Microsoft has an MSDN article on the subject. The only problem is that it's code samples (which many people use to start of their own class wrappers) are of very bad quality and even contains some serious bugs, So feel free to
read the MSDN article, but
don't use the code samples from it. Instead, use the code samples from
this article which goes through the painful process of detailing all the
bad things in the code sample in the first article including a bad memory leak bug.
And if anyone at MS is reading this that can help fix those code samples - that'd be great!
(found via
this blog
, located in the newly formed
DeveAuthority blogsphere
)
Update: Joe writes in the comments:
Even better than the corrected sample: use NCrypto (
http://ncrypto.sourceforge.net/default.htm
).
The API is very similar to what's coming in .NET 2.0.
Thanks Joe!