.NET Standard 2.0 and System.Security.Cryptography.ProtectedData.Protect

ProtectedData uses DPAPI from Windows. I created the library CrossProtectedData that uses ProtectedData in Windows and AspNetCore.DataProtection when running in non-Windows.

To use, simply add the NuGet package CrossProtect and replace any calls to ProtectedData with CrossProtect. Example:

using Integrative.Encryption;
using System;
using System.Security.Cryptography;
using System.Text;

namespace CrossProtectedExample
{
    class Program
    {
        static void Main(string[] args)
        {
            // our text to protect
            var text = "Hello!";

            // get bytes from text
            var bytes = Encoding.UTF8.GetBytes(text);

            // optional entropy
            var entropy = new byte[] { 100, 25, 31, 213 };

            // protect (encrypt)
            var protectedBytes = CrossProtect.Protect(bytes, entropy,
                DataProtectionScope.CurrentUser);

            // unprotect (decrypt)
            var unprotected = CrossProtect.Unprotect(protectedBytes, entropy,
                DataProtectionScope.CurrentUser);

            // convert bytes back to text
            var result = Encoding.UTF8.GetString(unprotected);

            // print result
            Console.WriteLine(result);
            Console.ReadKey();
        }
    }
}

This API is not available "in" .NET Standard 2.0, but it is available "for" .NET Standard 2.0 as a "Platform Extension" which means that there is a NuGet package you have to add to get support for it.

If you add a reference to the System.Security.Cryptography.ProtectedData NuGet package, you can develop a .NET Standard library that uses these APIs.

However, this support only works when run on Windows, since those APIs are described as

Provides access to Windows Data Protection Api.

so it won't work on platforms other than Windows. Depending on your needs, this may be just fine.

If you are looking to implement similar concepts cross-platform, I suggest looking into the ASP.NET Core Data Protection APIs which could also be used outside of the context of an ASP.NET Core app since it is made out of NuGet packages that provide cryptographic logic and key storage solutions (e.g. directory, windows certificate stores, Azure KeyVault).