source: branches/HeuristicLab.Hive.Azure/HeuristicLab.Clients.Hive.CloudManager/3.3/CryptoService.cs @ 11143

using System;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Cryptography;
using System.Text;
namespace HeuristicLab.Clients.Hive.CloudManager {
  // see: http://weblogs.asp.net/jgalloway/archive/2008/04/13/encrypting-passwords-in-a-net-app-config-file.aspx
  public static class CryptoService {
    private static byte[] entropy = System.Text.Encoding.Unicode.GetBytes("Salt Is Not A Password");

    public static string EncryptString(SecureString input) {
      byte[] encryptedData = ProtectedData.Protect(
        Encoding.Unicode.GetBytes(ToInsecureString(input)),
        entropy,
        DataProtectionScope.CurrentUser);
      return Convert.ToBase64String(encryptedData);
    }

    public static SecureString DecryptString(string encryptedData) {
      try {
        byte[] decryptedData = System.Security.Cryptography.ProtectedData.Unprotect(
          Convert.FromBase64String(encryptedData),
          entropy,
          System.Security.Cryptography.DataProtectionScope.CurrentUser);
        return ToSecureString(System.Text.Encoding.Unicode.GetString(decryptedData));
      }
      catch {
        return new SecureString();
      }
    }

    public static SecureString ToSecureString(string input) {
      SecureString secure = new SecureString();
      foreach (char c in input) {
        secure.AppendChar(c);
      }
      secure.MakeReadOnly();
      return secure;
    }

    public static string ToInsecureString(SecureString input) {
      string returnValue = string.Empty;
      IntPtr ptr = Marshal.SecureStringToBSTR(input);
      try {
        returnValue = Marshal.PtrToStringBSTR(ptr);
      }
      finally {
        Marshal.ZeroFreeBSTR(ptr);
      }
      return returnValue;
    }
  }
}