I was reading this: https://docs.microsoft.com/en-us/windows/win32/seccrypto/example-c-program-using-cryptprotectdata
I was wondering about this method. Does this only store it in the process memory while the process is running? If so, is there a persistent data storage that the win32 api provides that’s secure and does not create any files on the filesystem? Some sort of keychain/keyvalue store that’s secure?
My intention here is to secure a secure login token that can be used for two weeks by a program I am writing for the user to login. I don’t think this data should be stored in a file that is accessible by anyone. If someone were to find out about the file, they could steal the file and login with someone else’s account as long as the token is valid. Environment variables and the windows registry are also not acceptable solutions. This needs to be inaccessible by the user.
>Solution :
There’s nothing wrong with storing your login token in a file (or in the registry, which I personally would prefer) provided that you encrypt it properly. The documentation for CryptProtectData has this to say:
Typically, only a user with the same logon credential as the user who encrypted the data can decrypt the data. In addition, the encryption and decryption usually must be done on the same computer.
So you’re already halfway there. Only the user (and machine) that ‘own’ the token can decrypt it.
In addition to that, there is this parameter:
[in, optional] pOptionalEntropy
A pointer to a DATA_BLOB structure that contains a password or other additional entropy used to encrypt the data. The [same] DATA_BLOB structure used in the encryption phase must also be used in the decryption phase
So this should be something known only to your program (a GUID would be the obvious choice). Then, only that program can decrypt – and hence use – the token.
You might take some steps in your code to obfuscate this, such as storing it in some mangled form and only demangling it just before you use it. Then call SecureZeroMemory when you’re done with it to make life harder for potential snoopers.