Problems with Dpapi Tools zip download link
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 01/25/05
- Next message: Vijay: "Accessing Web application from another Machine"
- Previous message: Ann: "Create users account and home directory on a FTP server at runtime"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: microsoft.public.dotnet.framework.aspnet.security Date: Mon, 24 Jan 2005 16:07:20 -0800
thanks for pointing that out. fixed.
---
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
Dominick,
The download link for your dpapi tools is not functional.
Could you please check the site and your zip file?
Thanks,
Phil
"Phil C." <charlestek@rcn.com> wrote in message
news:%23S4MGylAFHA.3472@TK2MSFTNGP14.phx.gbl...
> Thanks Dominick,
>
> I think this ties in with Svein's last reply regarding creating a dll.
> I will download it and try it.
>
> Finding some answers to this question was difficult as I googled
> considerably and looked
> at a lot of .Net forums, but for some reason no one else seems to have
> needed to document the answers.
>
> Phil
>
> "Dominick Baier [DevelopMentor]" <dbaier@pleasepleasenospamdevelop.com>
> wrote in message news:eYHB8DlAFHA.936@TK2MSFTNGP12.phx.gbl...
>>i wrote a couple of DPAPI tools (extended the ms impl, a command line tool
>>.. and a ASP.NET frontend) - just upload the single aspx file to the
>>server and you can encrypt whatever strings you like with DPAPI...don't
>>forget to secure that page (or better delete it when you are finished)
>>
>> download:
>> http://www.leastprivilege.com/PermaLink.aspx?guid=ebd9956e-a36c-4b57-8d58-6ff79a60e43f
>>
>>
>>
>> ---
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>
>>
>> nntp://news.microsoft.com/microsoft.public.dotnet.framework.aspnet.security/
>>
>> Hi.
>>
>> I'd like to use an encrypted database connection string. I'd also like
>> use
>> an encrypted set of customer tables with a symmetric algorithm (and a
>> secure
>> symmetric key) generated by .Net in my sql server database from asp.net
>> code stored on a shared host asp.net server.
>>
>> I've downloaded a set of vb.net code that is a rewrite of the c# dpapi
>> code posted on msdn. The dpapi should enable me to encrypt the connection
>> string, but the portion of the code that calls the encryption class and
>> encrypts a given string is a console application.
>>
>> The article accompanying the code states: "Note that you'll need to run
>> the
>> console application on the IIS server to generate the encrypted
>> base-64-encoded string. this is because the EncryptString function
>> instructs the DPAPI to use the machine-wide key, so the encryption and
>> ecryption will be valid only on the same machine.
>>
>> Since this is on a shared host thousands of miles away, and I don't
>> belive
>> I can run any local console code on it,
>> does this mean I'm sunk????
>>
>> Basically I need some secure way of storing my encrypted connection
>> string
>> and storing
>> my symmetric encryption key. I know how to write the code to use the keys
>> and algorithms to encrypt and decrypt things.
>>
>> I suppose I could hide bits and pieces of the each key
>> in different places in the code or database and append them together by
>> hardcoding, but
>> I believe that that could be discovered???? by dissassembling my code
>> unless
>> I use a professional obfuscator???.
>>
>> HELP!
>>
>> --Insecure in Boston, MA
>> -->GO PATRIOTS!!!!!!!!!!!!!!!
>>
>>
>>
>> [microsoft.public.dotnet.framework.aspnet.security]
>
>
[microsoft.public.dotnet.framework.aspnet.security]
- Next message: Vijay: "Accessing Web application from another Machine"
- Previous message: Ann: "Create users account and home directory on a FTP server at runtime"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
