c#

How to handle improper parameter values in ASP.NET in C#

You should take care about the values coming with the HTTP requests, because improper values are dangerous. These values can alter behavior of your application, generate runtime exceptions, and expose the error details to an attacker. You need to inspect these values and protect your application, by using a unified approach to sanitize them.

You …

Learn more

How to use encrypted URL queries in ASP.NET in C#

The article How to hide URL query information in ASP.NET in C# describes a class named EncryptedQueryString which is used in the next example to illustrate how you can use it in your projects. You have to build two web pages:

– The first one (QueryStringSender) can contain a text box for …

Learn more

How to hide URL query information in ASP.NET in C#

In many cases, the URL query contains information that should keep on hidden from the user. You can switch to another form of state management or encrypt the query string. You can encrypt the query string by using the cryptography classes provided with .NET and by leveraging the DPAPI.

As a first step you should build an …

Learn more

How to use asymmetric encryption in ASP.NET in C#

If you have to use asymmetric encryption in your ASP.NET project you can use the class described in the article How to create asymmetric encryption utility class in ASP.NET in C#. To illustrate this you can create a page that permits you to generate a key and enter clear-text data through a text box. You can …

Learn more

How to create asymmetric encryption utility class in ASP.NET in C#

The major difference between symmetric and asymmetric algorithms is key management. Symmetric algorithms have one key, and asymmetric algorithms have two keys: public key for encrypting data and private key for decrypting data. The public key can be available to everyone who wants to encrypt data, the private key should be available only to those decrypting …

Learn more

How to use symmetric encryption in ASP.NET in C#

If you have to use Symmetric Encryption in your ASP.NET project you can use the class described in the article How to create symmetric encryption utility class in ASP.NET in C#. To illustrate this you can create a page that permits you to generate a key and enter clear-text data through a text box. You can …

Learn more

How to create symmetric encryption utility class in ASP.NET in C#

Symmetric encryption algorithms use one key for encrypting and decrypting data. You can create a utility class that performs the encryption and decryption of sensitive data:

public static class SymmetricEncryptionUtility

{

private static bool _ProtectKey;

private static string _AlgorithmName;

 

// You can use this property to specify the name of the algorithm (DES, TripleDES, Rijndael …

Learn more

How to manage secret keys in ASP.NET

Microsoft Windows supports a built-in way for storing and protecting secrets and it uses a machine key generated with the system installation for encrypting data. Only the local operating system has access to this machine key which is unique for every installation. Windows supports the DPAPI for protecting data with this key. You don’t have direct …

Learn more