Skip to content

vincepare/DPAPIbridge

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

DPAPIbridge

DPAPIBridge is a command line tool designed to encrypt and decrypt data using Windows Data Protection API (DPAPI).

DPAPI is a windows built-in feature providing a ciphering service tied to the user windows account. DPAPI is only available through CryptProtectData and CryptUnpotectData functions, contained in Crypt32.dll, but there is no end user interface to it. This is what DPAPIbridge is for.

As a command line tool, DPAPIbridge is helpful to use DPAPI in a programming language that can't handle it natively (such as PHP). A typical use would be to store sensitive data (such as credentials) that you need at runtime from a scheduled task and you don't want to store those clear. Such sensitive data would be stored encrypted in a file, and then decrypted at runtime.

Download

Download dpapibridge.exe

Requirements

.NET Framework 2.0 or higher

Works on Windows XP, Windows Vista, Windows 7 & Windows 8.1.

Examples

Encrypt raw :

dpapibridge --encrypt --input "foo bar" > encrypted.dat
echo foo bar | dpapibridge --encrypt > encrypted.dat

Encrypt using base64 encoding :

dpapibridge --encrypt --base64 --input Zm9vIGJhcg== > encrypted.dat
echo Zm9vIGJhcg== | dpapibridge --encrypt --base64 > encrypted.dat

Decrypt raw :

dpapibridge --decrypt < encrypted.dat
dpapibridge --decrypt --input "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAGMyvbyF [...]"

Decrypt using base64 encoding :

dpapibridge --decrypt --base64 < encrypted.dat
dpapibridge --decrypt --base64 --input "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAGMyvbyF [...]"

Usage

Usage: dpapibridge (--encrypt|--decrypt) [--base64] [--input=]
Options:
  -e, --encrypt              Encrypt input data
  -d, --decrypt              Decrypt input data
  -i, --input=VALUE          Get input data from this argument (rather than
                               stdin)
  -b, --base64               Encrypt mode : handle input as base64 encoded
                               data. Decrypt mode : output base64-encoded
                               result. Use it to avoid troubles when clear data
                               contains non ASCII bytes, like binary data.
  -o, --output=VALUE         Send output to file (instead of stdout)
  -?, -h, --help             Show this message and exit

Powered by DPAPI class from obviex.com to wrap Crypt32.dll and Mono Options (formerly known as NDesk Options) for command line parsing.

About

Windows Data Protection API (DPAPI) command line tool

Resources

Readme

License

Apache-2.0 license
Activity

Stars

21 stars

Watchers

3 watching

Forks

7 forks
Report repository

Releases 1

1.0.0 Latest
May 31, 2015

Packages

No packages published

Languages