JarCasting
JarCasting JarCasting

WinDPAPI4J: A Windows DPAPI Wrapper for Java

WinDPAPI4J is a Java Native Access(JNA)- based wrapper for Microsoft Windows Data Protection API (DPAPI) CryptProtectData and CryptUnprotectData methods.

License

License
GroupId

GroupId

com.github.peter-gergely-horvath
ArtifactId

ArtifactId

windpapi4j
Last Version

Last Version

1.0
Release Date

Release Date
Type

Type

jar
Description

Description

WinDPAPI4J: A Windows DPAPI Wrapper for Java
WinDPAPI4J is a Java Native Access(JNA)- based wrapper for Microsoft Windows Data Protection API (DPAPI) CryptProtectData and CryptUnprotectData methods.
Project URL

Project URL

https://github.com/peter-gergely-horvath/windpapi4j
Source Code Management

Source Code Management

https://github.com/peter-gergely-horvath/windpapi4j

Download windpapi4j

Filename Size
windpapi4j-1.0.pom
windpapi4j-1.0.jar 11 KB
windpapi4j-1.0-sources.jar 12 KB
windpapi4j-1.0-javadoc.jar 49 KB
Browse

How to add to project

<!-- https://jarcasting.com/artifacts/com.github.peter-gergely-horvath/windpapi4j/ -->
<dependency>
    <groupId>com.github.peter-gergely-horvath</groupId>
    <artifactId>windpapi4j</artifactId>
    <version>1.0</version>
</dependency>
// https://jarcasting.com/artifacts/com.github.peter-gergely-horvath/windpapi4j/
implementation 'com.github.peter-gergely-horvath:windpapi4j:1.0'
// https://jarcasting.com/artifacts/com.github.peter-gergely-horvath/windpapi4j/
implementation ("com.github.peter-gergely-horvath:windpapi4j:1.0")
'com.github.peter-gergely-horvath:windpapi4j:jar:1.0'
<dependency org="com.github.peter-gergely-horvath" name="windpapi4j" rev="1.0">
  <artifact name="windpapi4j" type="jar" />
</dependency>
@Grapes(
@Grab(group='com.github.peter-gergely-horvath', module='windpapi4j', version='1.0')
)
libraryDependencies += "com.github.peter-gergely-horvath" % "windpapi4j" % "1.0"
[com.github.peter-gergely-horvath/windpapi4j "1.0"]

Dependencies

compile (1)

Group / Artifact Type Version
net.java.dev.jna : jna jar 4.2.1

test (1)

Group / Artifact Type Version
org.testng : testng jar 6.9.9

Project Modules

There are no modules declared in this project.

WinDPAPI4J: A Windows DPAPI Wrapper for Java

Introduction

Starting from Microsoft(R) Windows(R) 2000, Windows operating systems provide a built-in cryptographic feature called "Windows Data Protection API" (DPAPI), which allows any application to securely encrypt confidential user data using the user's credentials in a way that it can only be decrypted by the same user.

This Java library exposes Windows Data Protection encryption and decryption features as an easy to use Java API. Behind the scenes, JNA (Java Native Access) library is used to invoke the native Windows CryptoAPI CryptProtectData and CryptUnprotectData functions.

Note:

  • Since this library exposes a Windows feature, it will only work, when called from a Java application running on Windows
  • Only an essential subset of Windows Data Protection API (DPAPI) is supported by this library: advanced cases involving showing prompts to the user etc. are not implemented.

The JavaDoc is part of the Maven Central installation and can be viewed online via javadoc.io

Passing special flags to Windows DPAPI

As described in Microsoft Development Network Documentation on Cryptography Functions, both CryptProtectData and CryptUnprotectData functions accept optional flag values, which control their behaviour.

These optional flag values are defined in WinDPAPI.CryptProtectFlag as enum constants and can be passed to the static factory method WinDPAPI#newInstance(CryptProtectFlag...) after which the WinDPAPI instance returned will pass them to the target native Windows DPAPI method.

Mapping of methods

Methods for encryption

WinDPAPI library methods Windows CryptoAPI method
WinDPAPI#protectData(byte[]) CryptProtectData
WinDPAPI#protectData(byte[], byte[]) CryptProtectData
WinDPAPI#protectData(byte[], byte[], java.lang.String) CryptProtectData

Methods for decryption

WinDPAPI library methods Windows CryptoAPI method
WinDPAPI#unprotectData(byte[]) CryptUnprotectData
WinDPAPI#unprotectData(byte[], byte[]) CryptUnprotectData

Sample Code

package test;
  
import com.github.windpapi4j.WinDPAPI;
import com.github.windpapi4j.WinDPAPI.CryptProtectFlag;

public class Sample {

    public static void main(String[] args) throws Exception {

        if(WinDPAPI.isPlatformSupported()) {
            WinDPAPI winDPAPI = WinDPAPI.newInstance(CryptProtectFlag.CRYPTPROTECT_UI_FORBIDDEN);

            String message = "Hello World!";
            String charsetName = "UTF-8";

            byte[] clearTextBytes = message.getBytes(charsetName);

            byte[] cipherTextBytes = winDPAPI.protectData(clearTextBytes);

            byte[] decryptedBytes = winDPAPI.unprotectData(cipherTextBytes);

            String decryptedMessage = new String(decryptedBytes, charsetName);

            if(! message.equals(decryptedMessage) ) {
                // should not happen
                throw new IllegalStateException(message + " != " + decryptedMessage); 
            }

            System.out.println(decryptedMessage);

        } else {
            System.err.println("ERROR: platform not supported");
        }
    }
}

Availability

This library has been made available in Maven Central Repository.

Versions

Version
1.0