Devart Forums

Discussion forums for open issues and questions concerning database tools, data access components and developer tools from Devart
https://forums.devart.com/

Do you encrypt connections?

https://forums.devart.com/viewtopic.php?f=3&t=27827

Page 1 of 1

Do you encrypt connections?

Posted: Thu 29 Aug 2013 16:42
by drysg
We are getting an with Linq about the connection using the wrong form of encryption. I did not ask for encrypted connections, so I don't know where this is occuring.

What I have found out is that many .NET users use:

SHA256Managed

and the federal government requires that if you do encrypt the Connections, that you use:


SHA256CryptoServiceProvider


Here is how I create the connection to the database:

Code: Select all

        private void makeConnectionString()
        {
            Devart.Common.DbConnectionStringBuilder csb = new Devart.Common.DbConnectionStringBuilder();
            ViewModel vm = ViewModel.myself;
            csb["Host"] = vm.HostName;
            csb["Port"] = vm.PortNumber;
            csb["User Id"] = vm.UserID;
            csb["Password"] = vm.Password;
            csb["Database"] = vm.DataBaseName;
            csb["Max Pool Size"] = 150;
            csb["Connection Timeout"] = 30;
            csb["Default Command Timeout"] = 600;       // ten minutes for one search request
            this.connString = csb.ConnectionString;
        }

Re: Do you encrypt connections?

Posted: Thu 29 Aug 2013 17:07
by drysg
I found that some machines that we deploy to have this setting enabled:

[Start]-->[Administrative Tools]-->[Local Security Policy]-->[Local Policies]-->[Security Options]-->[System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing]

When that is enabled the connection fails. Since we cannot tell the customer to turn off FIPS compliance, what should we do for such customers (how to change the connection?).

Re: Do you encrypt connections?

Posted: Fri 30 Aug 2013 13:19
by Shalex
Thank you for your report. We are investigating the compatibility of dotConnect for PostgreSQL with FIPS.

Re: Do you encrypt connections?

Posted: Fri 30 Aug 2013 14:20
by drysg
I see someone else asked for something similar in a forum:
http://forums.devart.com/viewtopic.php?t=18262


If it helps, I have been told that if you use: SHA256CryptoServiceProvider Class

http://msdn.microsoft.com/en-us/library ... vider.aspx

Then FIPS will work. I have not tested this myself, but it might be a useful option, since we deal with Federal and other government services, and they are locking up their machine with FIPS and other things more and more. So it might be market you don't want to lose.

Re: Do you encrypt connections?

Posted: Fri 18 Oct 2013 10:42
by Shalex
We have fixed the problem in the new (7.0) version of dotConnect for PostgreSQL.

Re: Do you encrypt connections?

Posted: Fri 18 Oct 2013 16:22
by drysg
Tested it, and it is working great.

Thank you so much for this. We are shipping the new version of our system today, I was able to squeeze this into this release!

:D :D :D :D :D :D :D :D :D :D :D :D
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/