DPAPI:   Windows Data Protection API for Racket
On this page:
DPAPI:   Windows Data Protection API for Racket
9.0
    contents  ← prev  up   

DPAPI: Windows Data Protection API for Racket🔗

joel

 (require dpapi) package: dpapi-lib

This library provides a Racket interface to the Windows Data Protection API (DPAPI), enabling secure encryption of sensitive data using Windows credentials.

The Windows Data Protection API (DPAPI) is a cryptographic service provided by Windows that allows applications to encrypt data using keys derived from user or machine credentials. This eliminates the need to manage encryption keys explicitly, as Windows handles key generation, storage, and protection automatically.

Requires Windows Vista or later and Racket 8.0 or later. This library has been tested on Windows 11 / x86_64. Source is available on Codeberg.

    1 Getting Started

      1.1 Installation

      1.2 Protecting Data in Memory

      1.3 Saving and Loading Encrypted Data

        1.3.1 Entropy

      1.4 Complete Example: Storing Configuration

    2 API Reference

      2.1 Platform Detection

      2.2 Protected Values

      2.3 Disk Persistence

      2.4 Error Handling

    3 Security Best Practices

      3.1 Understanding the Threat Model

        3.1.1 What DPAPI Protects Against

        3.1.2 What DPAPI Does Not Protect Against

      3.2 Practical Guidance

      3.3 Entropy Management

    contents  ← prev  up