|
PrincipalPermission Demands :
// We use declarative PrincipalPermission demands on the current thread.
// Here, we are stating that any person with OPERATIONAL and MANAGER
// roles may perform OperationsAction().
// However, ONLY a person named "janet" with ADMIN role may perform
// OperationsAction().
[PrincipalPermissionAttribute(SecurityAction.Demand, Role="OPERATIONAL")]
[PrincipalPermissionAttribute(SecurityAction.Demand, Name="janet", Role="ADMIN")]
[PrincipalPermissionAttribute(SecurityAction.Demand, Role="MANAGER")]
private void OperationsAction()
{
Message("Operations Action");
}
// We use declarative PrincipalPermission demands on the current thread.
// Here, we are stating that any person with ADMIN and MANAGER
// roles may perform OperationsAction().
[PrincipalPermissionAttribute(SecurityAction.Demand, Role="ADMIN")]
[PrincipalPermissionAttribute(SecurityAction.Demand, Role="MANAGER")]
private void AdminAction()
{
Message("Admin Action");
}
private void ManagerAction()
{
// We use imperative PrincipalPermission demand to ensure that
// only "john", "paul", "george" and "ringo" (all having ADMIN role)
// can perform important action in this function.
PrincipalPermission principal_permission_john = new PrincipalPermission("john", m_strAvailableRoles[(int)role.MANAGER]);
PrincipalPermission principal_permission_paul = new PrincipalPermission("paul", m_strAvailableRoles[(int)role.MANAGER]);
PrincipalPermission principal_permission_george = new PrincipalPermission("george", m_strAvailableRoles[(int)role.MANAGER]);
PrincipalPermission principal_permission_ringo = new PrincipalPermission("ringo", m_strAvailableRoles[(int)role.MANAGER]);
try
{
principal_permission_john.Union(principal_permission_paul.Union(principal_permission_george.Union(principal_permission_ringo))).Demand();
Message("Manager Action");
}
catch (SecurityException se)
{
Message("Security Exception : " + se.Message);
}
}
|
|
|
|
|
In order to combine the use of SymmetricAlgorithm and AsymmetricAlgorithm for key exchange purposes, it seems that the key and block sizes must each be 256.
Otherwise, we get a "System.Security.Cryptography.CryptographicException" with additional info : "PKCS7 padding is invalid and cannot be removed."
|
|
|
|
|
In addition, if you were to use the CryptoStream object to perform Symmetric Encryption, e.g. :
public static void Encrypt_SymmetricAlgorithm_File
(
ref Stream stream_in,
ref Stream stream_out,
ref SymmetricAlgorithm sa
)
{
CryptoStream c = new CryptoStream
(
stream_out,
sa.CreateEncryptor(),
CryptoStreamMode.Write
);
byte [] buf = new byte[BUFSIZE];
int siz;
while ((siz = stream_in.Read(buf,0, BUFSIZE)) > 0)
c.Write(buf, 0, siz);
c.Close(); // This better be called.
return;
}
You better call the CryptoStream.Close() method. Otherwise, the cryptographic output to the output stream ("stream_out" in the above example), may become corrupted.
|
|
|
|
|
Also, it would be good programming practice to call CryptoStream.Close() when you use the CryptoStream for dercyption, e.g. :
public static void Decrypt_SymmetricAlgorithm_File
(
ref Stream stream_in,
ref Stream stream_out,
ref SymmetricAlgorithm sa
)
{
CryptoStream c = new CryptoStream
(
stream_in,
sa.CreateDecryptor(),
CryptoStreamMode.Read
);
byte [] buf = new byte[BUFSIZE];
int siz;
while ((siz = c.Read(buf,0, BUFSIZE)) > 0)
stream_out.Write(buf, 0, siz);
c.Close(); // This better be called.
}
|
|
|
|
|
The Close() ensures that padding is correctly performed. Without it, the stream is likely to be corrupted.
|
|
|
|
|
1. Suppose that you have created a string out of a DateTime object e.g. :
string strDateTime = DateTime.Now.ToShortDateString();
2. To later convert this DateTime string back to its original DateTime object, use the Parse() method together with DateTimeFormatInfo.CurrentInfo :
DateTime dt = DateTime.Parse(strDateTime, DateTimeFormatInfo.CurrentInfo);
3. CurrentInfo is a property of DateTimeFormatInfo which returns a read-only DateTimeFormatInfo object that formats values based on the current culture.
4. Note that because "strDateTime" was formatted according to the current culture, we can use DateTimeFormatInfo.CurrentInfo to retrieve -that- culture.
|
|
|
|
|
|