I am using windows Data Protection API (DPAPI) to protect private key used in my application. I cannot hide entropy used in DPAPI call because my application needs to be open source. Where should I store encrypted data so as to have app-exclusive access?
I believe there is way to do this ==> Ask Windows Credential Manager to save it on behalf of my app, which it will provide back only to my app. I am not sure if it exist, if not what can I do to achieve this?
This is a secret data which this application dont want to share with anyone else, NOT even with another application running on same user context. And also no application should have privilege to alter/delete it.
