rss
 
comment(s)

archives
J|F|M|A|M|J|J|A|S|O|N|D
(20##) 10 9 8 7 6 5 4 3 2 1 0 <
 
DesktopWeb FormText   WSE from a sandboxSat, 28 Aug 2004 13:57:32 GMT # 

a little more info. the main changes i had to make to get my WSE bits to run in an untrusted environment involved my choice of crypto. i chose a path where i would be able to switch all cryptography over to fully managed classes (the rest is just shaping XML to the WS-Security specs). the best choice for this was to encrypt and sign with a UsernameToken. the crypto for this path involves Random number generation, P_SHA1 for key generation, SHA1 and HMACSHA1 for signing, and TripleDES or AES128 for encryption. what i expected is that everywhere there was *CryptoServiceProvider, i would have to switch it to *Managed, because *CryptoServiceProvider ultimately calls the native CryptoApi. i changed some of them, but missed a couple ... and it still worked, but i dont know how? my expectation was that those calls would throw a SecurityException. will have to so some more digging