Share via


IPersistedDataProtector.DangerousUnprotect Method

Definition

Cryptographically unprotects a piece of data, optionally ignoring failures due to revocation of the cryptographic keys used to protect the payload.

public:
 cli::array <System::Byte> ^ DangerousUnprotect(cli::array <System::Byte> ^ protectedData, bool ignoreRevocationErrors, [Runtime::InteropServices::Out] bool % requiresMigration, [Runtime::InteropServices::Out] bool % wasRevoked);
public byte[] DangerousUnprotect (byte[] protectedData, bool ignoreRevocationErrors, out bool requiresMigration, out bool wasRevoked);
abstract member DangerousUnprotect : byte[] * bool * bool * bool -> byte[]
Public Function DangerousUnprotect (protectedData As Byte(), ignoreRevocationErrors As Boolean, ByRef requiresMigration As Boolean, ByRef wasRevoked As Boolean) As Byte()

Parameters

protectedData
Byte[]

The protected data to unprotect.

ignoreRevocationErrors
Boolean

'true' if the payload should be unprotected even if the cryptographic key used to protect it has been revoked (due to potential compromise), 'false' if revocation should fail the unprotect operation.

requiresMigration
Boolean

'true' if the data should be reprotected before being persisted back to long-term storage, 'false' otherwise. Migration might be requested when the default protection key has changed, for instance.

wasRevoked
Boolean

'true' if the cryptographic key used to protect this payload has been revoked, 'false' otherwise. Payloads whose keys have been revoked should be treated as suspect unless the application has separate assurance that the payload has not been tampered with.

Returns

Byte[]

The plaintext form of the protected data.

Remarks

Implementations should throw CryptographicException if the protected data is invalid or malformed.

Applies to