We create a lot of coontrols every day but generally we never bother about licensing them. Licensing only comes into the picture when we need to share our controls with others.

Let us today create a licensed control then we will use lc.exe and embed the license in our assembly.

1) Open a new peoject Windows Control Library.

2) Add a new control to it. Could be inheriting from control or usercontrol.

3) There are a few thing that we need to do to make our licensed component.

4) Add LicenseProvider Class attribute giving the type of license provider we are using. LicFileLicenseProvider comes with the .Net Framework.

[LicenseProvider(typeof(LicFileLicenseProvider))]

private License license;

6) Validate the license in our constructor

lc /target:licCtrlClient.exe /complist:LicCtrlClientlic.txt /i:CL.dll

13) <application.exe>.licenses file will be generated.

Today we gonna discuss Soapsuds tool.

Soapsuds is shipped with .Net Framework and is used by .Net remoting Client Applications to generate xml schema, proxy class or assembly for there HTTP Remoting Server. Client App can use this proxy class or assembly as a reference to the remoting server object.

Confused???

Let us take an example and look into it.

Step 1: Create a remoting HTTP server.
Step 2: Generate WSDL for HTTP Server using IE.
Step 3: Use soapsuds to create proxy class, xml schema and assembly.
Step 4: Crete a remoting client that uses the proxy class or assembly.   
Step 5: Checking out some imp options of soapsuds.

Step 1:

1) Create a new console application called Remoting Server.
2) Add a class called Calc, which will hold our calculation services.
3) Our Calc class should be inherited from "MarshalByRefObject"
4) Add four methods to this class Add, Del, Mul, Div as shown in the code below.

using System;
using System.Runtime.Remoting;
using System.Runtime.Remoting.Channels;
using System.Runtime.Remoting.Channels.Http;

       public class Calc:MarshalByRefObject
       {
               public int Add(int i , int j)
               {
                       return i+j;
               }
               public int Del(int i , int j)
               {
                       return i-j;

               public int Mul(int i , int j)
               {
                       return i*j;
               }
               public int Div(int i , int j)
               {
                       return i/j;
               }
       }

5) Add another class called ClassMain which will hold function Main() as follows :

using System;
using System.Runtime.Remoting;
using System.Runtime.Remoting.Channels;
using System.Runtime.Remoting.Channels.Http;

class ClassMain
       {
               /// <summary>
               /// The main entry point for the application.
               /// </summary>
               [STAThread]
               static void Main(string[] args)
               {
                       HttpChannel httpChannel = new HttpChannel(8765);
                       ChannelServices.RegisterChannel(httpChannel);
                       RemotingConfiguration.ApplicationName ="MyRemotingApp";
                 RemotingConfiguration.RegisterWellKnownServiceType(typeof(Calc),"MyCalc",WellKnownObjectMode.Singleton);
                       Console.WriteLine("Server started ..... ");
                       Console.ReadLine();
               }

       }

6) Our Http Remoting Server is now ready which will work on port 8765. This is a Singleton server i.e. only object will be  created and this object will server to all the clients.

7) Compile the application and create the executable.
8) Run the executable and you should get a message "Server started". The server executable should be running hence forth throughout the example.

Step 2:

1) Open IE and type the below link to generate the WSDL.

       http://localhost:8765/MyRemotingApp/MyCalc?WSDL

I have attached MyCalc.xml file with this mail. You check out the generated WSDL.

Step 3:

1) See that the server is running (Run the executable).
2) Go to the VS.NET command prompt and type soapsuds /? . This will list all the available options.

Input Sources (only one can be specified)
-urlToSchema(-url):[SchemaUrl]
-types:[type1,assemblyname[,serviceEndpoint]][;type2,assemblyname[,serviceEndpoint]][...]
-inputSchemaFile(-is):schemafile Input Schema File
-inputAssemblyFile(-ia):assemblyfile

Input Options
-inputDirectory(-id):directory     Location of input dlls.
-serviceEndpoint(-se): Url for Service Endpoint placed in Wsdl file

Output Options
-outputSchemaFile(-os):schemafile
-outputDirectory(-od):directory for generated source files
-outputAssemblyFile(-oa):assemblyfile

Generate Options
-GenerateCode(-gc)  (equivalent to "-od:.")

Other Options
-WrappedProxy(-wp) Create wrapped proxy (default)
-NoWrappedProxy(-nowp)   No wrapped proxy
-proxyNamespace(-pn)  Namespace on generated proxy (Only used for interopNamespaces)
-StrongNameFile(-sn):filename   Use strong name to build assembly

Connection Information Options
-username(-u):username
-password(-p):password
-domain(-d):domain
-httpProxyName(-hpn):name
-httpProxyPort(-hpp):number

Note : After these options there are some examples given about the usuage of the tool. Check them out.

3) -url := URL , -gc := Generate Code, oa:= output assembly and os:output schema are few important options that we will be  using.

4) Now we will generate code (proxy class),proxy assembly and xml schema for our remoting server.

5) Lets generate code using for our remoting http server using the server URL. We will using this further with our client application to reference our remoting server. The below code should generate a class named Remotingserver.cs .

    soapsuds -url:http://localhost:8765/MyRemotingApp/MyCalc?WSDL -gc

6) After generating code now we will create an assembly named MyServer.dll for our http remoting server.

    soapsuds -url:http://localhost:8765/MyRemotingApp/MyCalc?WSDL -oa:MyServer.dll

7) Now we will generate xml schema for our server object.

    soapsuds -url:http://localhost:8765/MyRemotingApp/MyCalc?WSDL -os:MyServer.xml

Step 4:

1) Create an client console application which will communicate with our server.
2) Add Class called Client.cs and in the Main write code to communicate with our server object.

using System;
using System.Runtime.Remoting.Channels;
using System.Runtime.Remoting.Channels.Http;
using RemotingServer;

namespace RemotingClient
{
       /// <summary>
       /// Summary description for Client
       /// </summary>
       class Client
       {
               /// <summary>
               /// The main entry point for the application.
               /// </summary>
               [STAThread]
               static void Main(string[] args)
               {

                       HttpChannel httpChannel = new HttpChannel();
                       ChannelServices.RegisterChannel(httpChannel);
                       RemotingServer.Calc obj = new Calc();
          obj =(RemotingServer.Calc)Activator.GetObject(typeof(RemotingServer.Calc),                     "http://localhost:8765/MyRemotingApp/MyCalc");
                       Console.WriteLine(((RemotingServer.Calc)obj).Add(1,2));
                       Console.ReadLine();
               }
       }
}

3) In this we are opening an HTTP channel to communicate with our remote object. Our remote object is a SAO i.e. Server activated
object. Finally we are calling the Add function, which should return us 3.

4) First we will add our proxy class i.e. RemotingServer.cs to our application. Add compile the project.

Note: There should not be any reference to any remoting server dll's in our project. The only addition should be Remoting server  class, which will communicate with the remote object.

5) Result 3 should be displayed.

6) Stop the application and remove the proxy class RemotingServer.cs. NOW ADD reference to MyServer.dll and compile the project and execute it.

7) Result 3 should be displayed.

8) This way we can use either the proxy class or the proxy dll to communicate with our remoting object.

Step 5 :

Let us now check out some other important options of soapsuds.

1) Generating xml schema, assembly and code for a particular type in the assembly.

       soapsuds -types:Calc.MyServer,MyServer -gc
       soapsuds -types:RemotingServer.Calc,MyServer -os:MyCalc.xml
       soapsuds -types:RemotingServer.Calc,MyServer -oa:MyCalc.dll

2) Generating code and assembly from xml schema.

       soapsuds -is:MyServer.xml -gc
       soapsuds -is:MyServer.xml -oa:MyServer1.dll

3) You can reference these in your client application.

Today we will discuss migpol.exe. This tool is shipped with .NET Framework SDK.

This tool is used to migrate security policies from one version of .NET to another version of dot net.

When .NET Framework is installed there are two configuration files installed i.e. machine.config and security.config for each  .NET Framework version.

. Net allows side by side installation of more than one versions of .NET Framework. Thus, if you are having version 1.0 you can install version 1.1 at the same time on the same machine.

These config files are different for each version. So configuration setting of one version is not shared with another.

There is no tool available in the .NET Framework which can aid to copy or migrate your machine configuration settings from your older version to your new version. you have to do the changes manually or use some third party tool.

Fortunately .NET Framework has provided us with a tool to copy the security policy setting. (Read my article on CASPOL to know more on security policy This is a link in Mumbaiusergroup ).

CAS has three policy levels : User, Machine , Enterprise. Migpol only migrates Enterprise and Machine level security policies.

Hence tomorrow when you load Whidbey you can migrate your security settings from your current version of .NET to the new version.

Note: Security migration only works between compatible Versions of .NET.

To check out migpol options. Type migpol /? on VS.NET command prompt.

Help screen requested

Usage: migpol <option> <args> ...

migpol -migrate <toVersion> <fromVersion>
   Migrate security policy.

migpol -l[istversions]
   List all CLR versions installed on this machine.

migpol -?
migpol /?
migpol -h[elp]
   Displays this screen

You can use -l option to list all the versions of .NET installed on your machine.

        Type migpol -l

To migrate one version to another you can use a similar command
        migpol <old version> <new version>

We have almost covered all the .NET Framework Tools except a few, which we will cover in the coming days.

Today we will are going to check out a tool called as mscorcfg.msc. This is a .Net configuration tool, which allows you to manage .Net Framework GAC, security policies through Microsoft management console.

You will fing this tool in

        <drive>:\WINNT\Microsoft.NET\Framework\<version>

You also run this tool from VS.NET command prompt by typing: - mscorcfg.msc

Run the tool using either of the above options. You will notice it has windows explorer look and feel with a tree view at the left and  a  list view on the right.

Check out the options in the left panel and you will notice that you know some other way of configuring and managing these options except for the last option Applications.

You should see the below options under My Computer: -

-> Assembly Cache & Configured Assemblies:- As the name says this allows you to manage assemblies in GAC. You have options to Add Assembly, Export Assembly List  and customize your GAC view.

-> Remoting Services :- You can use this to configure remoting communication channels.

-> Runtime Security Policy :- Allows you to configure CASPOL at Enterprise, User and Machine levels.

-> Applications : - Add a .NET application (.exe) to view its dependencies, configured assemblies and remoting services.

Right the .Net application and select Fix Application to fix any dependency problems or issues with the assembly.

You will get a dialogue giving you a few options one of which is 'Application SafeMode' . On selecting this option the tool will detect any dependency issues and update the config file (create if not present) for runtime assembly binding settings.

Today we will discuss Management Strongly Typed Class Generator aka Mgmtclassgen.exe. This tool is used to generate an early  -  bound managed class for Windows Management Instrumentation Classes.

What are Windows Management Instrumentation Classes ?

Well windows SDK has a set of classes by which you can access the various devices associated to your computer like your  harddisk, memory,floppy drive, processor, sound card , mointor etc.

You have an entire list of these classes. Check out the below link for the list

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/computer_system_hardware_classes.asp

Creating a managed class for WMI class is very simple.

Go to VS.Net command prompt type

       mgmtclassgen /?  /// this will list all the options.

/N <WMINamespace>               WMI namespace containing the class.Defaults to root\cimv2
/O <ClassNamespace>             .NET namespace in which the class isgenerated
/L <Generated Language>         One of the following. Defaulted to CS
                                                        CS - CSharp(C#)
                                                        VB - Visual Basic
                                                        JS - JScript
/P <FilePath>                               Output file path
/M <Machine>                            Remote computer to connect. Defaults to the local machine
/U <User>                                    User name
/PW <Password>                        Password
/?                                                   Displays this help screen

Example : MgmtclassGen Win32_Logicaldisk /L VB /N root\cimv2 /P c:\temp\logicaldisk.vb

Note : The help also gives an example showing how to use the tool.

Let us now create our own managed class for SoundDevice and Desktop Monitor associated with our machine.

Go to VS.Net and type the following command to generate a managed class forsound device

       Mgmtclassgen Win32_SoundDevice /L CS /N root\cimv2 /P soundDevice.cs

You should get the following message

       Microsoft (R) Management Strongly Typed Class Generator Version 1.1.4322.573
       Copyright c Microsoft Corporation 1998-2002. All rights reserved.
       Generating Code for WMI Class Win32_SoundDevice ...
       Code Generated Successfully!!!!

Use the below command to generate a managed class for desktop monitor

       Mgmtclassgen Win32_DesktopMonitor /L CS /N ROOT/CIMV2 /P DesktopMonitor.cs

You should get the following message

       Microsoft (R) Management Strongly Typed Class Generator Version 1.1.4322.573
       Copyright c Microsoft Corporation 1998-2002. All rights reserved.
       Generating Code for WMI Class Win32_DesktopMonitor ...
       Code Generated Successfully!!!!

Managed classes for SoundDevice and DesktopMonitor are ready !!!!

Let use them in our application.

Create a console application and add these two classes to the project.

Add using WMI = ROOT.CIMV2.Win32 at the top. Here WMI is an alias to the namespace name.

Type the following code in the static Main() for your class

               public static void Main()
               {
                       Console.WriteLine(WMI.SoundDevice.GetInstances().Count);

                       foreach(WMI.SoundDevice sd in WMI.SoundDevice.GetInstances())
                       {
                               Console.WriteLine(sd.DeviceID);
                               Console.WriteLine(sd.SystemName);
                               Console.WriteLine(sd.Description);
                       }

                       Console.WriteLine("MONITOR");

                       Console.WriteLine("       ");

                       Console.WriteLine(WMI.DesktopMonitor.GetInstances().Count);

                       foreach(WMI.DesktopMonitor DM in WMI.DesktopMonitor.GetInstances())
                       {
                               Console.WriteLine(DM.ScreenHeight + " " + DM.ScreenWidth);
                       }

                       Console.ReadLine();
               }

In the above code we displaying values of some basic properties for sound device and desktop monitor.

After discussing most of the security tools today we will look at certificate manager. This tool is shipped with dotnet and allows us to manage certificates on your machine.

This tool can be used as a console application as well as a windows application.

To check out the various options of certmgr type certmgr /?. If you type only certmgr then the windows interface will be loaded.

Let us explore the windows interface of this application.

The application starts by showing the "Certificates" windows dailogue. You can view 4 tabs on it namely Personal, Other people, Intermediate certification authorities and trusted root certification. All these tabs will show certificates which are registered under them.  

You also have options to add,delete or export the certificate. Check out the advanced options which allows you to load or import a certificate FOR A LIST OF DIFFERENT PURPOSES IN DIFFERENT FORMATS.

To view the certificate select the certificate and click on view.

All these options which are available to you through the windows interface are also available to you through the VS.NET command prompt options.

Let us create our own certificate and add it. Adding the certificate with the windows interface of this untility is very easy so let us try and add the certifiicate from the console.

Let us create a certificate for a company called as Nasha.com

        makecert MyCer.cer -n "CN=Nasha.com"

Now let us add this certificate to the default system certificate store

        certmgr -add MyCer1.cer  -s my

Note: to add this to any other store write the store name instead of "my". "my" points to the default personal store n your machine.

To view all the certificates in the store type the following command :--

        certmgr -all -s my ( or the store name instead of "my").

To delete your certificate from the store use the -del option. If you want to delete all the certificates in the store use -all option along with it.

        certmgr -del -all -s my

To save the certificate in another file use /put option. E.g. to save the certificate in the MyStoreFile.

Type certmgr.exe -put -c -s MyStoreFile ... At the end you will be prompted from the certificate number to be copied to the mentioned file. Certificate number is any between 1 to the number certificates present in that store. If you carefully observe the output all certificates are displayed with output number. E.g.

===========Certificate # 1 ==========

This utility can also be used to manage certificate trust lists (CTL) and certificate revocation lists (CRL).

To view all the CTLs and CRLs in MyComp Store

certmgr -all -crl -s MyComp
certmgr -all -ctl -s MyComp

Yesterday we created our own certificate installed the certificate in the certificate store and even created a key container for the same.

Today we will use this certificate to create our Software Publicers certificate and then sign our assembly with it.

To create a software publishers certificate .net framework has provided us with cert2spc tool.

This utility takes one or more X.509 certificates and creates a software publishers certificate (SPC).

Let us create our SPC.

        cert2spc myComp.cer Mycomp.spc

After creating our SPC we will now go ahead and sign our assembly.

Go to VS.Net command prompt and type signcode a wizard will open up. This is a wizard based utility for signing your assemblies although you can use it with various options from the command prompt also.

To check out the various options by typing signcode /?. For signing our assembly we will use the wizard.

Type signcode and hit the Enter key to intiate the wizard.
Go ahead and select the file that you want to digitally sign (SELECT AN EXECUTABLE FILE I.E. .exe).
From the signing options select the Custom and click next
Then select the select from file option and select either your .cer or your .spc file (Both are supported). Click Next.
To select the private key you can either select the private key from the .pvk file or you can select the private from your key store.

Note: You can extract your private key to .pvk file using makecert if you wish to store it in your machine ( but pls be careful if u are using this option). Since we had added our key to the key container in our machine we will pick up from there.

So select the first option private key file on disk if you have .pvk file or select  private key in a CSP if you want to select it from your key container.

We will go ahead with the second option let rest of the values be default .... select the key container as MyCompCont. The one we created yesterday.

Select any one of the hash algo's either md5 or sha1. Click Next , Next , enter the description and web location (they are optional) and reach to the finish.  Click finish . you should get a message saying " The Digital Signing wizard was completed successfully."

Go to Windows Explorer and check the properties of your assembly it will now show a new tab called Digital Signatures shown your digital signed certificate.    

Let us now check whether the this assembly is trust worthy source or not.

For that we will use an another chktrust tool that is shipped with .NET FrameWork tools.

Go to VS.NET command prompt and run chktrust.exe with the name of your signed exe.

        chktrust.exe MyExecutable.exe

If the trust for test root is enabled on your machine then then chk trust will succeed else it will fail. By default it should be disabled hence this chktrust should fail

Hence when you run for your excutable ir should give u a warn pop-up saying that test root is not enabled as trusted root.

To enable test root as a trusted root we will have to set its value to true

Go to VS.Net command promt and run setreg as follows

        setreg.exe 1 true /// This will set test root as trusted root.

Now re-run the above command

         chktrust.exe MyExecutable.exe

This time it should give u a security wanring saying  " *** TEST CERTIFICATE *** " and saking you whether content from MyComp Technologies should be trusted or not. Click on yes ...

To explore other options of chktrust and setreg type chktrust /? and setreg /?.

Today we look in to creating software digital certificates but we take a plunge in that we will look at certain aspects of Crytography.

Cryptography is about keys for encryption. These keys can be symmeteric or asymmetric. When we say symmetric keys what we mean is that the same key is used for encryption and decryption. In case Asymmetric keys there are different keys for encryption and decryption like the public key and the private key. e.g. if something is encrypted with private key then it can decrypted with public key and vice-versa.

These keys are always created as a "key-pair". Generally public key is given to everyone and private key is kept safely with oneself.

.Net provides us with a utility called as makecert.exe to create X.509 test certificates. Now the most obivious question that comes to mind is what are these X509 certificates and what is there relation to cryptography?

Well, X.509 certificates is a certificate issued by Certification Authorities like Verisign etc which holds the public key. This certificate ensures that the digital certificate actually belongs to the organisation u trust and not any other 3rd party.

This concept has not been introduced with .Net infact it has used since quite some time to sign Active X controls. In .Net these certificates can be used to sign assemblies so that the client who is using these assemblies is sure of its source.

You find more details of how to go about using X.509 certificates in .Net through code under the System.Security.Cryptograpgy.X509Cerficates Namespace

You can go to the VS.Net command prompt and type makecert.exe this will down all the options.To view the basic options type -? option and to view the extended options type -!.

Some of the important options are :

-sk <keyName> Subject's key container name; To be created if not present
-ss <store> Subject's certificate store name that stores the output certificate
-sr <location> Subject's certificate store location. <CurrentUser|LocalMachine>. Default to 'CurrentUser'
-n <X509name> Certificate subject X500 name (eg: CN=Fred Dews)
-sv <pvkFile> Subject's PVK file; To be created if not present
-b <mm/dd/yyyy> Start of the validity period; default to now.
-e <mm/dd/yyyy> End of validity period; defaults to 2039
-r Create a self signed certificate

Let us create our certificate. To create a certificate it has to be issue to an authority e.g. here we are creating an certificate for a company called MyComp technologies. We want that the certificate that is created is to stored in our personal certificate store on our machine hence we give an option -ss with value as my. Along with that we also want to create a key container for the certificate called MyCompCont. Finally our command will be

makecert -sk MyCompCont -ss my -n "CN=MyComp Technologies" MyComp.cer

This command will create a certificate and install it in Personal Certificate Store on your machine for the current user and also create a key container named MyCompCont to store your public and private keys.

You can also use -sv option to create a .pvk to store your private key in a file. If you do this than please be careful of not leaving your private key any where your key must be immediately backed up and delete from your machine else any one can use it easily.

You can view the store from Microsoft Management Console using (mmc.exe).
Run the mmc.exe
Select the Add/Remove Snapin Option
select the Certificate from the list of snapins.
Then you will be presented with a choice between MyUserAccount, Computer Account etc.
Select MyUserAccount and Add the snap in.
Then re-select the Certificate snap in this time select the Computer Account option.
Select your local machine in the wizard options.
Thus now you have both Certificate (Local Computer) and Certificate for Current User in your mmc console.

Check out Personal store for Current User. The certificates folder under it will contain the certificate.

If you want to create a certificate for any user on the local machine then use "-sr Localmachine" option

makecert -sk MyCompCont -ss my -n "CN=MyComp Technologies" MyComp.cer -sr LocalMachine

Similarly you will find the certificate created in Personal store under certificates for local machine.

The certificate file is created by any of the above options is stored at the path from where the exe is executed from the VS.Net command prompt. Go to the folder respective folder and check out your certificate file i.e. MyComp.cer.

All us of us has had issues with assembly binding, but very few of us know about the assembly binding viewer. This is a utility tool which is packaged along with the .Net FrameWork Tools. This utility tool allows you to view all assembly bindings of an application.In case there is a failure then the failure can be logged and you can view the log later. This log gives a complete discription of the failure.

Let us get started with fuslogvw aka Assembly binding viewer.

1) Create three dot net projects one a class library called BindiingDLL , one a Console App called BindingConsoleClient and other one a Web Application know as WebBindingClient.

2) The console app and the web app will have a reference to the class library.

3) Create a method in the Class Library project called as Add which simply add's two numbers and returns the result

public int Add (int i ,int j)

{

return i + j;

}

[STAThread]

static void Main(string[] args)

==> HKLM\Software\Microsoft\Fusion\ForceLog

8) Go to VS.Net command prompt and type fuslogvw.

To continue with our exploration on Isolated Storage Let us go ahead and create a sample application.

After a long week end I am back again. Its nice and refreshing after a short vacation so lets get started with .NET once again.

All of us have worked with web services but very of us have worked with the command line tools provided by .Net framwork. Today we will discuss .Net Webservice Tools disco.exe and wsdl.exe.

Today we will discuss Ngen.exe and then there are some questions regarding Ngen which ahve always bothered me. I have managed to get answers to them .... please read thru and let me know your answers to them ... coz I am sure these questions must have bothered u also.

Today we are going to look at Code Access Security.

/keycontainer:FileName Key container holding strong name key pair