module DPAPI

Minimal wrapper around Microsoft's DPAPI

struct & function definitions cribbed from… msdn.microsoft.com/en-us/library/ms995355.aspx

Constants

AUDIT
CRED_SYNC
LOCAL_MACHINE
NO_RECOVERY
UI_FORBIDDEN

www.pinvoke.net/default.aspx/Enums/CryptProtectFlags.html dwFlags is a bitvector with the following values…

VERIFY_PROTECTION

Public Instance Methods

decrypt(ciphertext, entropy=nil, flags=[]) click to toggle source
# File lib/kitchen/driver/dbapi.rb, line 96
def decrypt ciphertext, entropy=nil, flags=[]
  plaintext_blob  = DataBlob.new
  desc = FFI::MemoryPointer.new(:pointer, 256)

  CryptUnprotectData(DataBlob.new(ciphertext),
                     desc,
                     DataBlob.new(entropy),
                     nil,
                     nil,
                     flags.reduce(0, :|),
                     plaintext_blob) or
    raise DecryptError
  
  [plaintext_blob.data,
   desc.read_pointer.nil? ? nil : desc.read_pointer.read_string
  ]
end
encrypt(plaintext, entropy=nil, flags = [], desc=nil) click to toggle source
# File lib/kitchen/driver/dbapi.rb, line 66
def encrypt plaintext, entropy=nil, flags = [], desc=nil
  ciphertext_blob = DataBlob.new

  CryptProtectData(DataBlob.new(plaintext),
                   desc,
                   entropy.nil? ? nil : DataBlob.new(entropy),
                   nil,
                   nil,
                   flags.reduce(0, :|),
                   ciphertext_blob) or
    raise EncryptErorr
  
  ciphertext_blob.data
end