Improving Web Application Security: Threats and - CGISecurity

818 Improving Web Application Security: Threats and CountermeasuresWithout further modification, you can only call the managed DPAPI wrapper in thereferenced How To article from full trust code. To be able to call the DPAPI wrapperfrom partial trust code, such as a medium trust ASP.NET Web application, you mustsandbox the calls to the unmanaged DPAPI functions. To do this, make the followingmodifications:● Assert the unmanaged code permission in the DPAPI wrapper code. This meansthat any calling code does not require the unmanaged code permission.● Authorize the calling code inside the wrapper by demanding the customEncryptionPermission. The Demand call occurs before the Assert call to, inaccordance with the Demand/Assert usage pattern. For more information aboutusing Assert safely, see “Assert and RevertAssert,” in Chapter 8, “Code AccessSecurity in Practice.” To modify the DPAPI managed wrapper1. Build the DPAPI managed wrapper by following the instructions in “How To:Create a DPAPI Library.”2. Add a reference to the CustomPermission assembly.3. Open dataprotection.cs from the managed wrapper library, and add the followingusing statements beneath the existing using statements at the top of the file.using System.Security;using System.Security.Permissions;using CustomPermissions;4. Locate the Encrypt method in dataprotection.cs, and add the following code at thetop of the outer try block in the Encrypt method.// Set the storeFlag depending on how the caller uses// the managed DPAPI wrapper.StorePermissionFlag storeFlag;if(Store.USE_MACHINE_STORE == store){storeFlag = StorePermissionFlag.Machine;}else{storeFlag = StorePermissionFlag.User;}// Demand custom EncryptionPermission.(new EncryptionPermission(EncryptionPermissionFlag.Encrypt, storeFlag)).Demand();// Assert the unmanaged code permission.(new SecurityPermission(SecurityPermissionFlag.UnmanagedCode)).Assert();// Now use P/Invoke to call the unmanaged DPAPI functions.