|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
How to ByPass Protected Storage PromptI have a vb dot net application that signs some code. I want it to run
unattended but when it signs the code and accesses the private key then a Dialog is displayed. The dialog ask if I am sure i want this application to access my private key. Is there a way to identify for the protected storage service acceptable applications that need no user interaction? Thanks in advance DanB Do you have the password? If so, you might try the new KeyPassword property
on CspParameters. I'm not sure if this will work, but I think that is what it is intended for. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Danb" <agen***@kc.rr.com> wrote in message news:eXVb33GqGHA.524@TK2MSFTNGP05.phx.gbl... >I have a vb dot net application that signs some code. I want it to run >unattended but when it signs the code and accesses the private key then a >Dialog is displayed. > > The dialog ask if I am sure i want this application to access my private > key. > > Is there a way to identify for the protected storage service acceptable > applications that need no user interaction? > > Thanks in advance > > DanB > Your reply I think is based upon using Makecab.exe but actually I am using
Capicom directly from within the dot net application. The Capicom documentation is a little lite on some the properties and methods. Plus I am very new to this whole signing software and other security issues. I think when I got my cert from the CA it had me create a password which I wrote down. So hopefully when I find out where to insert it then it will work. Show quoteHide quote "Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote in message news:uzJ$IdHqGHA.2464@TK2MSFTNGP03.phx.gbl... > Do you have the password? If so, you might try the new KeyPassword > property on CspParameters. I'm not sure if this will work, but I think > that is what it is intended for. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services > Programming" > http://www.directoryprogramming.net > -- > "Danb" <agen***@kc.rr.com> wrote in message > news:eXVb33GqGHA.524@TK2MSFTNGP05.phx.gbl... >>I have a vb dot net application that signs some code. I want it to run >>unattended but when it signs the code and accesses the private key then a >>Dialog is displayed. >> >> The dialog ask if I am sure i want this application to access my private >> key. >> >> Is there a way to identify for the protected storage service acceptable >> applications that need no user interaction? >> >> Thanks in advance >> >> DanB >> > > Oops.
I meant signcode.exe not makecab in the previous post. Dan Show quoteHide quote "Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote in message news:uzJ$IdHqGHA.2464@TK2MSFTNGP03.phx.gbl... > Do you have the password? If so, you might try the new KeyPassword > property on CspParameters. I'm not sure if this will work, but I think > that is what it is intended for. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services > Programming" > http://www.directoryprogramming.net > -- > "Danb" <agen***@kc.rr.com> wrote in message > news:eXVb33GqGHA.524@TK2MSFTNGP05.phx.gbl... >>I have a vb dot net application that signs some code. I want it to run >>unattended but when it signs the code and accesses the private key then a >>Dialog is displayed. >> >> The dialog ask if I am sure i want this application to access my private >> key. >> >> Is there a way to identify for the protected storage service acceptable >> applications that need no user interaction? >> >> Thanks in advance >> >> DanB >> > > I don't know if you can do this with capicom directly. I assumed you were
using a pure .NET solution with System.Security.Cryptography and .NET 2.0. You might ask over in platformsdk.security or something for more capicom info as this isn't really a .NET problem specifically. In your situation, I'd suggest exporting the cert/key pair as pfx file, then importing it again without a password. To make this more secure, you might consider importing this into a user account that will be used to run your program and will be very restricted in use otherwise. Best of luck, Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Danb" <agen***@kc.rr.com> wrote in message news:%23J%23G4uNqGHA.612@TK2MSFTNGP03.phx.gbl... > Oops. > > I meant signcode.exe not makecab in the previous post. > > Dan > "Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote > in message news:uzJ$IdHqGHA.2464@TK2MSFTNGP03.phx.gbl... >> Do you have the password? If so, you might try the new KeyPassword >> property on CspParameters. I'm not sure if this will work, but I think >> that is what it is intended for. >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> "Danb" <agen***@kc.rr.com> wrote in message >> news:eXVb33GqGHA.524@TK2MSFTNGP05.phx.gbl... >>>I have a vb dot net application that signs some code. I want it to run >>>unattended but when it signs the code and accesses the private key then a >>>Dialog is displayed. >>> >>> The dialog ask if I am sure i want this application to access my private >>> key. >>> >>> Is there a way to identify for the protected storage service acceptable >>> applications that need no user interaction? >>> >>> Thanks in advance >>> >>> DanB >>> >> >> > > Thanks
Show quoteHide quote "Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote in message news:uBnuQpOqGHA.512@TK2MSFTNGP03.phx.gbl... >I don't know if you can do this with capicom directly. I assumed you were >using a pure .NET solution with System.Security.Cryptography and .NET 2.0. >You might ask over in platformsdk.security or something for more capicom >info as this isn't really a .NET problem specifically. > > In your situation, I'd suggest exporting the cert/key pair as pfx file, > then importing it again without a password. To make this more secure, you > might consider importing this into a user account that will be used to run > your program and will be very restricted in use otherwise. > > Best of luck, > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services > Programming" > http://www.directoryprogramming.net > -- > "Danb" <agen***@kc.rr.com> wrote in message > news:%23J%23G4uNqGHA.612@TK2MSFTNGP03.phx.gbl... >> Oops. >> >> I meant signcode.exe not makecab in the previous post. >> >> Dan >> "Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> >> wrote in message news:uzJ$IdHqGHA.2464@TK2MSFTNGP03.phx.gbl... >>> Do you have the password? If so, you might try the new KeyPassword >>> property on CspParameters. I'm not sure if this will work, but I think >>> that is what it is intended for. >>> >>> Joe K. >>> >>> -- >>> Joe Kaplan-MS MVP Directory Services Programming >>> Co-author of "The .NET Developer's Guide to Directory Services >>> Programming" >>> http://www.directoryprogramming.net >>> -- >>> "Danb" <agen***@kc.rr.com> wrote in message >>> news:eXVb33GqGHA.524@TK2MSFTNGP05.phx.gbl... >>>>I have a vb dot net application that signs some code. I want it to run >>>>unattended but when it signs the code and accesses the private key then >>>>a Dialog is displayed. >>>> >>>> The dialog ask if I am sure i want this application to access my >>>> private key. >>>> >>>> Is there a way to identify for the protected storage service acceptable >>>> applications that need no user interaction? >>>> >>>> Thanks in advance >>>> >>>> DanB >>>> >>> >>> >> >> > > Uncheck the "strong protection" checkbox when importing the .pfx file.
Show quoteHide quote > I have a vb dot net application that signs some code. I want it to > run unattended but when it signs the code and accesses the private key > then a Dialog is displayed. > > The dialog ask if I am sure i want this application to access my > private key. > > Is there a way to identify for the protected storage service > acceptable applications that need no user interaction? > > Thanks in advance > > DanB > 
Other interesting topics
WindowsIdentity.GetCurrent().Token cannot be used when remoting?
Credentials not passed on when using ASP.NET SMIME Decryption Creating New Process Under Alternate Credentials (createprocessasuser) RSA Encryption: Saving keys as files, and size of encrypted data code access security across the network Detecting if a NTAccount is user or a group Encrypt elements in XML file Web App Impersonation Console App Security Context |
|||||||||||||||||||||||
