Hello, I just found the following article on how to encrypt connection strings in .config files with .NET 2.0: http://msdn2.microsoft.com/en-us/library/dtkwfdky.aspx However it focus on ASP.NET applications, and I also want to do it in Windows Forms applications. Is this possible? Could...more >>

Thanks for the reply. But can you tell me if PKCS #7 is used only for signing the message or is it also used to encrypt the message before signing it? Can you point me to some examples where the above is done? Thanks in adavance. ...more >>

Hi I am new to cryptography. Our application is supposed to send out an XML message to an external system. The requirement is to encrypt it with PKCS#7? How do I do this in c# code. I could not find any examples. Thanks in advance. ...more >>

My Windows forms client application (written in C#.NET) needs to be able to connect to a web service regardless of the configuration of the proxy server it goes through. I am using the following code to achieve this: IWebProxy iwp20 = WebRequest.DefaultWebProxy; iwp20.Credentials =...more >>

I want to use CheckSignature function of SignedCms class to verify the signature of a CMS. I also want the function to verify the certificate chain to see if the signer is trusted. So I call the function with 'false' as parameter: SignedCms signedCms = new SignedCms(); .... signedCms.CheckSi...more >>

Is there a way to check to see if a firewall is going to block my apps communication? .NET 2.0 I've seen some more recent Microsoft games that were able to test for blocking and then prompt the user if they would like to add the application to the "unblock list". This functionality is wha...more >>

Well lucky old me has managed to write the first dotnet Windows Form application for our company. (VB.Net Framework 2.0) After a month of coding I attempt to deploy the project to a Windows2003 server and execute it from my local machine. Of course it doesn't work :-) The error: "Reque...more >>

Hi I have an ASP .NET 2.0 app connecting to an ADAM AzMan Store on a DC. I tested this from my machine and it worked fine. When I moved the app to a server, I get an error when it tries to initialize the AzManStore: The system cannot open the device or file specified (Exception from HRESULT: ...more >>

Hi, can I configure/program my vb.net exe/dll to trust on only a particular Certification Authority (CA)? For example, I would create a new CA, it would certainly those dlls that I created. Then, my exe would trust only this CA, thus only those dlls that I created. What I want to do is to p...more >>

Hi all, Is there any way to load a System.Security.PermissionSet with all the permissions that are defined in the runtime security policy for a specific zone? For example I want to set up an application to simulate running in a browser, so I want it to be set up with all the permissions def...more >>

We have a multi tier application spread over multiple servers. As pr today the clients (IE 6) have used Integrated (NTLM) autentication against IIS running the presentation layer. Each layer is communicating with the next layer using WSE3 web services. We are using kerberos for delegated authent...more >>

I am developing a C#.NET Windows forms client-server application. The client software needs to be able to access the server software regardless of the proxy server configuration of the machine on which the client runs. Using the following code, the client can access the server via any proxy serve...more >>

I have a Personal Information Exchange PCKS #12 certificate file that requires a password when manually installing. This certificate was issued by a 3rd party company I need to communicate with via https. Initially I exported the PCKS #12 certificate to DER encoded binary X.509 certificate and ...more >>

If an ASP.NET page with the usual username and password fields is not secure (it's called at http, not https) but posts to a page through https that does the username/password lookups, is this process secure? Or do both pages need to be going through https? In other words: http://mydoma...more >>

Dear all, How can I identify if the current logged in user have WRITE access on aprticular folder ? then if it not the case force it to have it thanks for your answer regards serge...more >>

Dear all, I have a windows application that can be use by any user. In order to check my applciation least priviledge i nee to be sure that my applciation runs correctly with minimum rights. One phase of my appliction is that it store some log information in a file whatever the user logg...more >>

Hi, i only need to make the scoket access unrestricted and nothing else. How do i do this in an xml which i will be using in adding a permission set using caspol? <PermissionSet class="System.Security.NamedPermissionSet" version="1"> <Permission class="System.Net.SocketPermissionAttribute, m...more >>

Hi - I am successfully able to retrieve tokenGroups data for a given sAmAccountName from a .NET 2.0 web page. However, I'm still in test mode on my own machine. What will I need to do to access AD from the web page when it goes out on a corporate IIS server? Do I need to use a specific ac...more >>

Dear all, I have build a WIndows application that is deployed under 2000 or XP workstation. If I set to 1 the entry in <Diagnostics> elements of App.config file, then it generates log file entry under a LOG folder located below the Installation Folder in Program File. Now problem comes ...more >>

Dear all, I have a windows application with a Windows login dialog which is used to handle different specific users different that Windows login users. When I start my application I get a security exception when I am loged in as a Restricted Windows user. The generated exception is normal be...more >>

Hi, I am using below code to give access to a user but when I check in explorer only "Special Permission' is checked instead of "FullControl"? DirectoryInfo di = Directory.CreateDirectory("C:\\zDeleteMe"); DirectorySecurity dSecurity = di.GetAccessControl(); // Add the FileSystem...more >>

Hi, I am trying to developp an admin application permitting me to rerieve passwords from users. (their password is encrypted by a public key and they send me the file) First time the application starts, I have to generate a key pair. So my question is how can I know if a key already exists...more >>

Hello everyone, I am using the following class to encrypt/decrypt a string using C# in .NET Framework 2.0. When I call decrypt (in testing, straight after calling encrypt) I get a 'Bad Data' Cryptographic Exception. Can anyone offer any advice as to where I may be going wrong? Thanks in ...more >>

Had to do a system recovery, now I cannot reinstall my security, any suggestions...more >>

FxCop advise me to assign some security to my library, with this warning: http://www.gotdotnet.com/team/fxcop/docs/rules.aspx?version=1.35&url=/Usage/AssembliesShouldDeclareMinimumSecurity.html I should confess that I have little knowledge about this, never done it before. And I face the fo...more >>

Hi, I have written a small web server using the HttpListener from .NET framework 2.0. What I cannot get him to do is communicate over ssl. Apparently I don't have to do anything in my code besides setting the HttpListener to listen to https://localhost/ instead of http:/localhost/. I have cr...more >>

I recently bought a laptop that has Windows XP Professional SP2. I was surprised to discover that algorithms under Outlook didn't include SHA1 or 3DES, which seem to be the minimum 'lingua franca' for strong crypto. I looked up the suported algorithms in the CryptoAPI, and found reference to add...more >>

Hello, Having trouble importing a SIMPLEBLOB AES 128 bit session key that was exported from CryptExportKey(...) in CAPI. Using a machine wide key container. CAPI Code snippet: // Determine size of the key BLOB, and allocate memory. if(!CryptExportKey(hKey, hPubKey, SIMPLEBLOB, CRYPT_OAEP,...more >>

how can set the asp.net 2 application to authenticate user using windows integrated authetication with a single signon, with a custom role independant from the user domain role. (role might be stored in SQL server) any artcile would be greatly helpfull. ...more >>

Hi All, This code has been working all right for a couple of days, but suddenly I'm getting the error detailed later (C#): System.Security.Principal.WindowsIdentity ui; System.Security.Principal.WindowsPrincipal up; ui = System.Security.Principal.WindowsIdentity.GetCurrent(); up = new Sy...more >>

hi,every one! I have an urgent question. My codes need to be published now,but I learn programs produced with .net are very easy to be reverse-engineered. Could anyone give me some sugguestions to protect my c# codes? Crespo 2006-06-15 ...more >>

Just simple code: using System; using System.Reflection; using System.Security.Permissions; [assembly : ReflectionPermission(SecurityAction.RequestRefuse, Flags=ReflectionPermissionFlag.AllFlags)] namespace UseReflect { public class Program { public static void Main(s...more >>

Hi, Our applications are running under visual basic 6 and SQL Server.Security for these applications like user,roles,groups and object permissions are been stored in sqlserver and checked through the application.We have our dynamic menu which is been stored in SQL Server and displayed dynamic...more >>

After a great deal of research and investigation I must concede defeat and ask the help of the experts. In ASP.Net 1.1 I used to attach roles to the current context in the AuthenticateRequest event as such: protected void Application_AuthenticateRequest(Object sender, EventArgs e) { // p...more >>

Reading - Parsing Records From An LDAP LDIF File In .Net? I am in need of a .Net class that will allow for the parsing of a LDAP LDIF file. An LDIF file is the standard format for representing LDAP objects. I need to be able to read the records from an LDIF file into ..Net. There exists a...more >>

Hi there, I have an application with exists out of 1 exe with lots of referenced dll's. The application is on a shared network drive, and then started from the client. It'is made an compiled in VS 2005 and running on Windows XP machines with SP2 and the latest updates. The executable work...more >>

Platform: VB.Net/1.1/Winforms My application consists of standard layers: WindowsUI, BLL, OdbcDAL, Data Model and Interface for DAL I am trying to invoke the application from a network drive. I have given strong name to all the assemblies (Same .snk file). I have provided the required attr...more >>

Does anyone know which encryption algorithm is used by NegotiateStream for encrypting the content? I can't find this anywhere in the documentation. And how long is the key, if that's not implied by the algorithm? Thanks, ...more >>

Hi All, I am new bie to RSA. I am trying to use the RSA for my requirement of handling the license management. My requirement is as below: I want to issue a license to the client. The license will be generated by a desktop application using .Net 2.0 and client will have another desktop a...more >>

Hi there, I've created a custom CAS permission in my .NET 2.0 application, but I'm having some problems to get it to work properly. I've based the design of my code on the article at http://msdn2.microsoft.com/en-us/library/yctbsyf4(VS.80).aspx Everything seems to be in order and pretty mu...more >>

I am currently using 3des in a web farm environment to generate a token that is sent to and from our partner application. The IV and key are stored in the web.config file and are deployed to 6 servers along with the encryption / decryption code. When our partner application sends back the toke...more >>

Hi Folks, we write a lot of small intern applications using VS 2005 (2.0 Framework). Each application works if we copy the needed .exe and .dll to the client computer drives. If we start them from a folder located a the server we get an error massage. Now we try to find a simple way to se...more >>

(please read this before posting the regular kb, I AM using the UseMachineKeyStore flag) I've tried the workaround in http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322371 I have the following code that runs on a client and in a webservice, 1.1 CLR. CspParameters parms = new CspPa...more >>

I'm working on decypting Java encrypted text using TripleDES. Below is the algorithm submitted by the producer of the ciher text: Things needed for the consumer (vendor) 1) String used to generate the key and also the algorithm used to generate the key Algorithm for generating the key --...more >>

I've successfully installed my Verising SSL pro certification on my web server, but I'm not sure how to force IIS to use SSL on my deployed web app residing on that server? Any hints? what I currently have is www.myDomain.com works but issues a security warning from IE but my site still ...more >>

I had already put my debit card number to let my child use Microsoft messenger but it wont let him in....more >>

Hi, I develop a sharepoint web part which access a database via OleDbConnection. In my IIS trust file I have defined the permissions like this: <SecurityClasses> .... <SecurityClass Name="OleDbPermission" Description="System.Data.OleDb.OleDbPermission, System.Data,Version=1.0.5...more >>