I need a way to protect a private key on a mobile device.
I know in "Writing Secure Code" chapter "Protecting Secret Data" says "Windows CE" cannot be used in secure environments. But the book is many years old now, 2003.
Is this still the case? Tell me it ain't so. There has to be a way to secure a private key today.
Best Answer
The DPAPI is embodied in a set of Win32 functions, CryptProtectData and CryptUnprotectData. These functions are available on Windows CE and Windows Mobile platforms (see links), although I don't know at what version they added support.
The .NET wrapper for the DPAPI is the ProtectedData class in System.Security.Cryptography namespace (assembly System.Security.dll). However, I don't think .NET Compact Framework implements this yet, so you'll have to use P/Invoke if using .NET.