Problems with Dpapi Tools zip download link

Discussion in 'ASP .Net Security' started by Dominick Baier [DevelopMentor], Jan 25, 2005.

  1. thanks for pointing that out. fixed.

    Dominick Baier - DevelopMentor



    The download link for your dpapi tools is not functional.
    Could you please check the site and your zip file?



    "Phil C." <> wrote in message
    > Thanks Dominick,
    > I think this ties in with Svein's last reply regarding creating a dll.
    > I will download it and try it.
    > Finding some answers to this question was difficult as I googled
    > considerably and looked
    > at a lot of .Net forums, but for some reason no one else seems to have
    > needed to document the answers.
    > Phil
    > "Dominick Baier [DevelopMentor]" <>
    > wrote in message news:...
    >>i wrote a couple of DPAPI tools (extended the ms impl, a command line tool
    >>.. and a ASP.NET frontend) - just upload the single aspx file to the
    >>server and you can encrypt whatever strings you like with DPAPI...don't
    >>forget to secure that page (or better delete it when you are finished)
    >> download:
    >> ---
    >> Dominick Baier - DevelopMentor
    >> nntp://<>
    >> Hi.
    >> I'd like to use an encrypted database connection string. I'd also like
    >> use
    >> an encrypted set of customer tables with a symmetric algorithm (and a
    >> secure
    >> symmetric key) generated by .Net in my sql server database from
    >> code stored on a shared host server.
    >> I've downloaded a set of code that is a rewrite of the c# dpapi
    >> code posted on msdn. The dpapi should enable me to encrypt the connection
    >> string, but the portion of the code that calls the encryption class and
    >> encrypts a given string is a console application.
    >> The article accompanying the code states: "Note that you'll need to run
    >> the
    >> console application on the IIS server to generate the encrypted
    >> base-64-encoded string. this is because the EncryptString function
    >> instructs the DPAPI to use the machine-wide key, so the encryption and
    >> ecryption will be valid only on the same machine.
    >> Since this is on a shared host thousands of miles away, and I don't
    >> belive
    >> I can run any local console code on it,
    >> does this mean I'm sunk????
    >> Basically I need some secure way of storing my encrypted connection
    >> string
    >> and storing
    >> my symmetric encryption key. I know how to write the code to use the keys
    >> and algorithms to encrypt and decrypt things.
    >> I suppose I could hide bits and pieces of the each key
    >> in different places in the code or database and append them together by
    >> hardcoding, but
    >> I believe that that could be discovered???? by dissassembling my code
    >> unless
    >> I use a professional obfuscator???.
    >> HELP!
    >> --Insecure in Boston, MA
    >> -->GO PATRIOTS!!!!!!!!!!!!!!!
    >> []


    Dominick Baier [DevelopMentor], Jan 25, 2005
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Steve C. Orr [MVP, MCSD]
    Steve C. Orr [MVP, MCSD]
    Mar 7, 2005
  2. m.niinimaki
    Aug 29, 2010
  3. Martin

    Further DPAPI (user store) problems

    Martin, Sep 12, 2004, in forum: ASP .Net Security
    Sep 22, 2004
  4. Phil C.

    DpAPI Encrypted Aes Key Problems

    Phil C., Mar 5, 2005, in forum: ASP .Net Security
    Phil C.
    Mar 5, 2005
  5. Replies: