Pass SecureString to web service?

RMT · Jun 6, 2006

Hi,

Is there a way to get the encrypted bits from a SecureString, rather than
pinning it down and getting it's actual, decrypted value in unmanaged
memory?

What I would like to do is simply compare the unicode encrypted string in
the database with the unicode eyncrypted string passed by the client to the
web service. Presumably I cannot use SecureString to do this and will have
to roll my own encryption?

Robin

Joe Kaplan \(MVP - ADSI\) · Jun 6, 2006

Yes, you'd need to roll your own encryption. Typically, the most difficult
part of getting this secure is coming up with a secure means of exchanging
keys. That's why SSL is generally regarded as good (it does this well and
has been well tested).

Joe K.

RMT · Jun 6, 2006

Okay tyvm.

Joe Kaplan (MVP - ADSI) said:
Yes, you'd need to roll your own encryption. Typically, the most
difficult part of getting this secure is coming up with a secure means of
exchanging keys. That's why SSL is generally regarded as good (it does
this well and has been well tested).

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net

Pass through Windows Identity to Web Service	2	Nov 15, 2007
I'm tempted to quit out of frustration	1	Aug 13, 2023
Help: OWSADM hangs when executing from C# web service	0	May 23, 2005
How to pass the parameters (soap message) to a web service...	0	Nov 27, 2007
[howto] pass a byte array to a web service	9	Apr 5, 2005
Safest way to pass data between web apps?	4	Mar 11, 2005
Call web service in java	0	Jan 6, 2016
ASP.NET Forms Authentication site calling web service	8	Feb 3, 2010

Pass SecureString to web service?

RMT

Joe Kaplan \(MVP - ADSI\)

RMT

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads