AddSecuritytoApplicationsBuiltwithVisualBasicandVisualCS Katheryn

I dont
Microsoft Virtual Labs

Add Security to Applications

Built with Visual Basic.NET and
Visual C#
Add Security to Applications Built with Visual Basic.NET and Visual C#
Table of Contents
Add Security to Applications Built with Visual Basic.NET and Visual C#............................. 1
Exercise 1 Create Certificate Using .Net Framework SDK Certificate Creation Tool ..................................................2
Exercise 2 Add Multiple Signatures on the same document.......................................................................................... 4
Exercise 3 Verify signatures in the document ............................................................................................................. 11
Exercise 4 Bug Tracking in Team Foundation Server (TFS) ...................................................................................... 15
Add Security to Applications Built with

Visual Basic.NET and Visual C#
Objectives After completing this lab, you will be better able to:
Add security to the applications built with Visual Studio by signing the
messages that you create
Add security to the applications built with Visual Studio by verifying
the messages that you receive
Use Visual Studio Team Foundation Server to track bugs
Scenario Add security to the applications you build with Visual Basic.NET and Visual C#
by having multiple parties digitally sign documents to ensure message integrity
and authenticity.
Estimated Time to 45 Minutes

Complete This Lab
Computers used in this

Lab VistaEnt
TFS08RTM
The password for the Administrator account on all computers in this lab is:
Pa$$w0rd. P2ssw0rd for TFS08RTM machine.
Page 1 of 18
Exercise 1
Create Certificate Using .Net Framework SDK Certificate
Creation Tool
Scenario
The public-key infrastructure (PKI) in the Windows platform provides an integrated set of services and
administrative tools for creating, deploying, and managing PK-based applications. This allows application
developers to take advantage of the shared-secret security mechanisms or PK-based security mechanisms, as
appropriate. Enterprises also gain the advantage of being able to manage the environment and applications with
consistent tools and policies.
Tasks Detailed Steps

Complete the following Note: Cryptography is the science of protecting data. Cryptographic algorithms
tasks on: mathematically combine input plaintext data and an encryption key to generate
encrypted data (ciphertext).
VistaEnt Encryption with a public-key encryption key is a one-way function; plaintext turns into
1. Create ciphertext, but the encryption key is irrelevant to the decryption process. A different
Certificate decryption key (related, but not identical, to the encryption key) is needed to turn the
ciphertext back into plaintext. Thus, for PK cryptography, every user has a pair of
keys, consisting of a public key and a private key. By making the public key available,
it is possible to enable others to send you encrypted data that can only be decrypted
using your private key. Similarly, you can transform data using your private key in
such a way that others can verify that it originated with you.
Certificates provide a mechanism for gaining confidence in the relationship between a
public key and the entity that owns the corresponding private key. A certificate is a
digitally signed statement dealing with a particular subject public key, and the
certificate is signed by its issuer (holding another pair of private and public keys).
Typically, certificates also contain other information related to the subject public key,
such as identity information about the entity that has access to the corresponding
private key. Thus, when issuing a certificate, the issuer is attesting to the validity of
the binding between the subject public key and the subject identity information.
The .NET Framework SDK and some versions of a compiler were deployed with a
certificate creation tool. We will start by creating a test certificate by using the
certificate creation tool that comes with the Microsoft SDK.
a. Click Start, and open up the command prompt by typing in cmd in the search
box and hit Enter.
b. Type in cd c:\program files\Microsoft SDKs\Windows\v6.0A\bin and hit Enter
c. Run the command line:
makecert /?
Page 2 of 18
d. Examine the options that can be used with the certificate tool
e. Use the command line to create a certificate for A Test User:

makecert n CN=A Test User ss My
f. Use the command line to create a certificate for Another Test User
makecert n CN=Another Test User ss My
Note: My is the certificate store that the test certificate is created in.
g. Run the command line:
Certmgr
Note: Certificate manager is also included in the .NET Framework SDK.
The Certificate window comes up. In this demo, you will use these test certificates for
demonstration purposes.
h. Click Close.
Page 3 of 18
Exercise 2
Add Multiple Signatures on the same document
Scenario
System.Security.Cryptography.Pkcs is the namespace that contains the managed code implementation of the
Cryptographic Message Syntax (CMS) and Public-Key Cryptography Standards #7 (PKCS #7) standards. CMS is a
superset of PKCS #7. Using this standard, you can implement signed messages, enveloped messages, or signed and
enveloped messages.

Complete the following Note: The procedure for creating one signature on the document is different from
tasks on: creating multiple signatures on the same document. Creating multiple signatures on
the same document requires the document to be decrypted first, then the document
VistaEnt must be re-signed. For the purpose of this demo, we have assumed that there is an
1. Create a Resign existing signed document.
Project in Visual a. Click Start, and click Microsoft Visual Studio 2008.
Studio 2008 b. If prompted, type in username Brian with the password: P2ssw0rd
c. Click File, New, Project.
d. In the Project types pane, expand Visual Basic,click Windows, and select the
Console Application template. If you want to use C#, in the Project types pane,
expand Visual C#, click Windows, and select the Console Application template.
e. Type in Resign as Name.
f. Click Browse, and Browse to C:\Security\SecuringApplications\Starter, and
click Select Folder.
g. Click OK.
2. Add a reference Note: Add a reference to the cryptography assembly.

to the project The common language runtime and the .NET Framework provide many useful classes
and services that enable developers to easily write security code. These classes and
services also enable system administrators to customize the access that code has to
protected resources. In addition, the runtime and the .NET Framework provide useful
classes and services that facilitate the use of cryptography and role-based security.
a. Right-click on Resign in the Solution Manager, and click Add Reference
b. Select System.Security in the .NET tab and click OK in the Add Reference
window.
Note: Add namespaces needed for the project.
c. In the beginning of the file before Module1 code, type in the following based on
your language preference:
VB:
Imports System
Imports System.IO
Imports System.Security.Cryptography.Pkcs
Imports System.Security.Cryptography.X509Certificates
C#:
using System;
using System.IO;
Page 4 of 18
using System.Security.Cryptography.Pkcs;
using System.Security.Cryptography.X509Certificates;
3. Create a a. Enter the following code after the End Sub:
function to Note: Create a function called GetSigningCertficateBySubjectName that takes the
search for parameters signer and cert, and returns the certificate if found.
certificate by VB:
subject name.
Function GetSigningCertificateBySubjectName(ByVal signer
As String, ByRef cert As X509Certificate2) As Boolean
End Function
C#:
static public bool
GetSigningCertificateBySubjectName(String subject,
out X509Certificate2 cert)

{
}
b. Declare variables to be used in the function that you just created:
VB:
Dim found As Boolean
Dim personalCerts As X509Store
Dim certsColl As X509Certificate2Collection
Cert = Nothing
Found = False
C#:
bool found;
X509Store personalCerts;
X509Certificate2Collection certsColl;
cert = null;
found = false;
c. Enter in the following code after the variable declaration:
Note: Open the private certificate store of the current user for read only access.
VB:
personalCerts = New X509Store(StoreName.My,
StoreLocation.CurrentUser)
personalCerts.Open(OpenFlags.ReadOnly)
C#:
personalCerts = new X509Store(StoreName.My,
StoreLocation.CurrentUser);
personalCerts.Open(OpenFlags.ReadOnly);
d. Enter the following code after the personalCerts are opened:
Note: Search for the certificate in the certificate store. In this demo, we will pass false
in the third parameter, which indicates whether or not to only search valid
certificates. Normally, in a production environment, you should only pass true.
VB:
certsColl =
personalCerts.Certificates.Find(X509FindType.FindBySubject
Name, signer, false)
Page 5 of 18
C#:
certsColl =
personalCerts.Certificates.Find(X509FindType.FindBySubject
Name, subject, false);
e. Enter the following code after certsColl has been assigned:
Note: Search through the whole collection, if a certificate has a private key, then
return the certificate.
VB:
For Each c As X509Certificate2 In certsColl
If c.HasPrivateKey Then
found = True
cert = c
Exit For
End If
Next
C#:
foreach (X509Certificate2 c in certsColl)
{
if (c.HasPrivateKey)
{
found = true;
cert = c;
break;
}
}
f. Enter the following code after the code shown above:
Note: Close the personal certificates, and return the result.
VB:
personalCerts.Close()
Return found
C#:
personalCerts.Close();
return found;
4. Create a a. Enter the following code after the End function:
function to sign Note: Declare the function that would sign a message with the certificate provided.
a message using VB:
the certificate
Function SignMsg(ByVal msg As Byte(), ByVal signerCert As
X509Certificate2) as byte()
C#:
static public byte[] SignMsg(Byte[] msg, X509Certificate2
signerCert)
{
}
b. Declare variables that will be used in the function:
Note: Adding multiple signatures on the same document requires an already signed
document. The following will decode the document that was previously signed.
VB:
Dim cmsSigner As CmsSigner
Dim signedCms As SignedCms
Page 6 of 18
C#:
CmsSigner cmsSigner;
SignedCms signedCms;
c. Enter the following code after declaring the variable:
VB:
signedCms = New SignedCms()
signedCms.Decode(msg)
C#:
signedCms = new SignedCms();
signedCms.Decode(msg);
d. Enter the following code after decoding the message:
Note: Re-sign and return the object.
VB:
cmsSigner = New CmsSigner(signerCert)
signedCms.ComputeSignature(cmsSigner)
Return signedCms.Encode()
C#:
cmsSigner = new CmsSigner(signerCert);
signedCms.ComputeSignature(cmsSigner);
return signedCms.Encode();
5. Create the main a. For those using VB, replace the Sub Main() with the following code:
function VB:
Sub Main(ByVal args As String())
C#:
N/A
b. Create variables in the beginning of the program:
Note: Take the name of the file and the party who will sign the document as command
line arguments.
VB:
Dim encodedSignedCms1, encodedSignedCms2 As Byte()
Dim signer As String
Dim signerCert As X509Certificate2
C#:
byte[] encodedSignedCms1, encodedSignedCms2;
String signer;
X509Certificate2 signerCert;
c. Check whether the command line arguments are valid. Place the code after
creating the variables:
VB:
Try
If args.Length < 2 Then
Console.WriteLine("Enter <file name>
<signer name>")
Else
End If
Catch ex As Exception
Page 7 of 18
End Try
C#:
try
{
if (args.Length < 2)
Console.WriteLine("This application adds a
signature to an already signed file.\r\n" +
"Enter <file name> <signer
name>");
else
{
}
}
catch (Exception e)
{
Console.WriteLine("{0}: {1}", e.GetType().Name,
e.Message);
}
d. Enter the following code in the Else statement:
Note: Read in the file as the first command line and the signer as the second command
line argument and if there are two command line arguments.
VB:
encodedSignedCms1 = File.ReadAllBytes(args(0))
signer = args(1)
C#:
encodedSignedCms1 = File.ReadAllBytes(args[0]);
signer = args[1];
e. If you are using VB, enter the following code:
Note: Assume the signer certificate does not exist.
VB:
signerCert = Nothing
C#:
N/A
f. Search the Certificate store by calling the function created previously. If no signed
certificate was found, display a message:
Note: We now need to access the certificate store, find the certificate and sign the
message with the certificate.
VB:
If Not GetSigningCertificateBySubjectName(signer,
signerCert) Then
Console.WriteLine("Failed to find a
signing certificate for {0} ", signer)
Else
End If
C#:
if (!GetSigningCertificateBySubjectName(args[1], out
signerCert))
Console.WriteLine("Failed to find a signing certificate
Page 8 of 18
for {0}", signer);
else
{
}
g. Locate the Else statement, and enter the following code:
Note: If a certificate was found, then use the SignMsg function created earlier to sign
the message with the private key from the certificate, and write out the result to a file
with an extension .signed.
VB:
encodedSignedCms2 = SignMsg(encodedSignedCms1, signerCert)
File.WriteAllBytes(args(0) + ".signed", encodedSignedCms2)
C#:
// Sign the message with the private key from the
certificate
encodedSignedCms2 = SignMsg(encodedSignedCms1,
signerCert);
// Write out the result
File.WriteAllBytes(args[0] + ".signed",
encodedSignedCms2);
6. Build and run a. Click Build, and Build Solution.

the solution b. After the build succeeds, use Windows Explorer to browse to the directory:
C:\Security\ SecuringApplications\Solution\VB-Sign3_vb\Resign\bin\Release
c. Copy the board.txt and board.txt.signed files, browse to the directory
C:\Security\SecuringApplications \Starter\Resign\Resign\bin\Debug
d. Paste the files into the directory.
e. Switch to the command prompt Window.
f. Browse to C:\SecuringApplications \Starter\Resign\Resign\bin\Debug by
typing in the following command line:
cd C:\Security\SecuringApplications \Starter\Resign\Resign\bin\Debug
g. Hit Enter.
h. Type in the following command to explore the original text file:
Write board.txt
i. Close the Notepad.
j. Type in command to examine the signed text file:
Write board.txt.signed
Note: In the Notepad, notice the person who signed it was A Test User, and the text of
the original text file.
k. Type in the command to sign the message with another user:
Resign.exe board.txt.signed Another Test User
l. Type in command:
Note: Check the directory with the signed messages.
dir *.signed
Page 9 of 18
Page 10 of 18
Exercise 3
Verify signatures in the document
Scenario
The fundamental issue when receiving a signed message is whether or not to trust that the signature is valid and was
made by whoever claimed to make it. We can confirm that the signature is mathematically valid, that is, if we can
verify the integrity of the signature using a known public key. However, we must still determine whether the public
key used to verify the signature does in fact belong to the entity claiming to have made the signature in the first
place. If we do not implicitly trust the public key to be the sender's, we need to acquire strong evidence that the key
belongs to the message sender. We are likely to trust that we really have the message sender's public key if we find a
certificate that has a cryptographically valid signature from its issuer, attests to a binding between the sender and
sender's public key, and was issued by an issuer that we trust.

Complete the following Note: Lets create the ReVerify Project in Visual Studio 2008.
tasks on: a. Switch to VSTS08RTM machine.
b. Click Start, Microsoft Visual Studio 2008.
VSTS08RTM
c. If prompted, type in username: Darren with password P2ssw0rd.
1. Create a
Verification d. Click File, New, Project.
Project in Visual e. In the Project types pane, expand Visual Basic, click Windows, and select the
Studio 2008 Console Application template. If you want to use C#, in the Project types pane,
expand Visual C#, click Windows, and select the Console Application template.
f. Fill in ReVerify as Name.
g. Click Browse, and Browse to C:\Security\SecuringApplications\Starter, and
click Select Folder.
h. Ensure the Create directory for solution is checked.
i. Click OK.
2. Add a reference Note: Add a reference to the cryptography assembly.
to the project The common language runtime and the .NET Framework provide many useful classes
and services that enable developers to easily write security code. These classes and
services also enable system administrators to customize the access that code has to
protected resources. Additionally, the runtime and the .NET Framework provide
useful classes and services that facilitate the use of cryptography and role-based
security.
a. Right-click on ReVerify in the Solution Manager, and click Add Reference.
b. Select System.Security in the .NET and click OK in the Add Reference window.
Note: Add namespaces needed for the project.
c. In the beginning of the file before Module1 code, type in the following:
VB:
Imports System
Imports System.IO
Imports System.Security.Cryptography.Pkcs
C#:
using System;
using System.IO;
using System.Security.Cryptography.Pkcs;
Page 11 of 18
3. Create Function a. Enter the following code after the End Sub:
to verify Note: Create a function called VerifyMessage that takes the parameter a string of
message. bytes called encoded signed cms.
VB:
Function VerifyMessage(ByVal encodedSignedCms As Byte())
As Boolean
End Function
C#:
static public bool VerifyMsg(byte[] encodedSignedCms)
{
}
b. Declare variables to be used in the function:
VB:
Dim i As Int32
Dim signedCms As SignedCms
c. Enter in the following code after the variable declaration:

Note: Decode the signature found in the file.
VB:
signedCms = New SignedCms()
signedCms.Decode(encodedSignedCms)
C#:
SignedCms signedCms = new SignedCms();
signedCms.Decode(encodedSignedCms);
d. Enter the following code after the message is decoded:
Note: We will list the number of signatures in the message.
VB:
Console.WriteLine("Verifying {0} signatures",
signedCms.SignerInfos.Count)
C#:
Console.WriteLine("Verifying {0} signatures",
signedCms.SignerInfos.Count);
e. Enter the following code after the number of signatures is displayed:
Note: Display each signature in the document.
VB:
For i = 0 To signedCms.SignerInfos.Count - 1
Console.WriteLine(" #{0}. {1}", i + 1,
signedCms.SignerInfos(i).Certificate.Subject)
Next
C#:
for (int i = 0; i < signedCms.SignerInfos.Count; i++)
Console.WriteLine("\t#{0}. {1}", i + 1,
signedCms.SignerInfos[i].Certificate.Subject);
f. Enter the following code after the code shown above:

Note: By passing True, we only want to check the signature, not the certificate chain.
Page 12 of 18
If the signature is not valid, it will return an exception.
VB:
signedCms.CheckSignature(True)
Return True
C#:
signedCms.CheckSignature(true);
return true;
4. Create the main a. Replace the Sub Main() with the following code:
function VB:
Sub Main(ByVal args As String())
C#:
N/A
b. Create variables in the beginning of the program:
Note: Take the name of the file and the party who will sign the document as command
line arguments.
VB:
Dim encodedSignedCms As Byte()
C#:
byte[] encodedSignedCms;
c. Place the code after creating the variables:
Note: Check whether or not the command line arguments are valid.
VB:
Try
If args.Length < 1 Then
Console.WriteLine("Enter the name of a
file to verify")
Else
End If
Catch ex As Exception
Console.WriteLine("{0}: {1}", ex.GetType.Name,
ex.Message)
End Try
C#:
try
{
if (args.Length < 1)
Console.WriteLine("Enter <filename>");
else
{
}
}
catch (Exception e)
{
Console.WriteLine("{0}: {1}", e.GetType().Name,
e.Message);
}
d. Enter the following code in the Else statement:
Page 13 of 18
Note: The main function calls the verify message function that we have created to
validate the message. Then displays the result.
VB:
encodedSignedCms = File.ReadAllBytes(args(0))
VerifyMessage(encodedSignedCms)
Console.WriteLine("The signature is valid")
C#:
encodedSignedCms = File.ReadAllBytes(args[0]);
VerifyMsg(encodedSignedCms);
Console.WriteLine("All signatures are valid");
5. Build and run a. Click Build, and Build Solution.
the solution b. After the build succeeds, use Windows Explorer to browse to the directory:
C:\Security\ SecuringApplications\Solution\VB-Sign3_vb\Resign\bin\Release
c. Copy the board.txt.signed.signed file, browse to the directory C:\Security\
SecuringApplications\Starter\ReVerify\ReVerify\bin\Debug
d. Paste the file into the directory.
e. Open a command prompt window.
f. Browse to C:\Security\SecuringApplications
\Starter\ReVerify\ReVerify\bin\Debug by typing in the following command line:
cd C:\Security\SecuringApplications \Starter\ReVerify\ReVerify\bin\Debug
g. Hit Enter.
Note: Verify the message and display the signatures in the message.
h. Type in the command to sign the message with another user:
ReVerify.exe board.txt.signed.signed
Note: Notice the result: there are two valid signatures in the message.
Page 14 of 18
Exercise 4
Bug Tracking in Team Foundation Server (TFS)
Scenario
Team Foundation is a set of tools and technologies that enable a team to collaborate and coordinate their efforts on
building a product or completing a project. Team Foundation enhances team communication, tracks work status,
supports team roles, enacts the team process, and integrates team tools.

Complete the following Note: All team members work with team projects by using Team Explorer in the
tasks on: Visual Studio IDE. Team Explorer connects to one Team Foundation Server and
displays team projects from that server. By using Team Explorer, every team member
VSTS08RTM can find and update work items, view reports, manage documents, and work with
1. Start Team product builds.
Explorer and a. In the VSTS08RTM machine:
create a new b. If Visual Studio 2008 was not started, click Start, All Programs, Visual Studio
project for 2008.
Security
Note: Team Explorer provides you with an organized view of your team projects. To
Multiple
access Team Explorer, click Team Explorer on the View menu.
Signature
c. If Team Explorer is not visible, click View, Team Explorer.
Note: Team Explorer displays team projects from only one Team Foundation Server
at a time. When you first open Team Explorer, it will be empty and you must connect it
to a Team Foundation Server. Then you can select which team projects you want
displayed in Team Explorer.
d. If prompted, sign in as Darren with password P2ssw0rd.
Note: We now will create a new team project called Security-Multiple Signature.
e. Right-click on the Root node: TFSRTM08, and click New Team Project.
f. In the name field, type in Security-Multiple Signature.
g. Click Next until Finish.
h. Click Finish.
i. Click Close.
j. If prompted, type in user name Darren with password P2ssw0rd.
Complete the following a. Switch to VistaEnt machine.
tasks on: Note: Brian created the Resign solution for the Security Multiple Signature project,
now he will add the solution in the team explorer so his teammates are able to view
VistaEnt the code.
2. Upload Resign b. If Visual Studio 2008 has not been started, click Start Microsoft Visual Studio
into source 2008.
control c. If prompted, type in username Brian with password: P2ssw0rd.
d. If Team Explorer is not visible, click View, Team Explorer.
e. Click on the Add Existing Team Project button.
f. Check Security Multiple Signature.
g. Click OK.
h. In the Team Explorer, double-click on Source Control under Security
Multiple Signature.
Page 15 of 18
Note: Source Control node provides access to the team project source control
management hierarchy.
i. Right-click on Security-Multiple Signature and click Get Latest Version.
j. In the Browse for Folder, click C:\Security\SecuringApplications \Starter.
k. Click OK.
l. Click File, Open, Project/Solution, browse to C:\Security\SecuringApplications
\Starter\Resign, and double-click on Resign solution.
m. In the Solution Explorer, right-click on Resign solution and click Add solution to
source control.
n. Right-click on Security Multiple Signature in the Source Control Explorer
and click Check in Pending Changes.
o. Click Check in.
Note: Now, Brian will add a work item for Darren to finish the Re-verify program and
upload to the team project.
p. Click on Team Explorer, right-click on Work Item under Security Multiple
Signature.
q. Highlight Add Work Item, select Task
r. In the Title field, add: Code Reverify program to verify signature.
s. Discipline: Development.
t. Assigned to: Darren.
u. Description: Need to Create ReVerify program to verify signature.
v. Click File, Save New Task.
Complete the following a. Switch to VSTS08RTM machine.

tasks on: b. In the Team Explorer, double-click on Source Control.
Note: Source Control node provides access to the team project source control
VSTS08RTM management hierarchy.
3. Upload Reverify Darren uploads his Reverify solution to the Security-Multiple Signature team project,
program and and check off the work item that was assigned to him.
complete task
c. Right-click on Security-Multiple Signature and click Get Latest Version.
d. In the Browse for Folder, click C:\Security\SecuringApplications \Starter.
e. Click OK.
f. Click File, Open, Project/Solution, browse to C:\Security\SecuringApplications
\Starter\Reverify, and double-click on Reverify solution.
g. In the Solution Explorer, right-click on Reverify solution and click Add solution
to source control.
h. Right-click on Security Multiple Signature in the Source Control Explorer and
click Check in Pending Changes.
i. Click Work Items.
j. Check the Code Reverify program to verify signature task.
k. Click Check in.
Complete the following Note: Now, lets see how TFS can tracks bugs. Team requested to have the keyword
tasks on: signature changed to certificates for all projects. Brian will now log it as a bug in the
Team Foundation Server, and have Darren fix the issue.
VistaEnt Most activity in Team Foundation Server revolves around a "work item." Work items
4. File a Bug are a single unit of work which needs to be completed. In many respects they are
similar to a "bug" item in bug tracking systems such as Bugzilla, in that a work item
has fields to define Area, Iteration, Assignee, Reported By, a history, file attachments,
Page 16 of 18
and any number of other attributes. Work items themselves can be of several different
types, such as a Bug, a Task, a Quality of Service Assessment, a Scenario, and so
forth. The framework chosen for any given project in a Team Foundation Server
defines what types of work items are available and what attributes each type of work
item contains.
a. Switch to VistaEnt machine.
b. In the Team Explorer, right-click on Work Items under Security Multiple
Signature.
c. Highlight Add Work Item, and select Bug.
d. In the title fill out: We no longer use the term signature in the project, please
use the term certificate instead.
e. Assigned to: Darren.
f. Click File, Save New Bug.
Complete the following Note: Now, Darren will change all the signature keywords to certificates in the code.
tasks on: a. Switch to VSTS08RTM machine.
b. Double click on Program.cs.
VSTS08RTM
c. Replace all the signature keywords with word Certificate in Writeline code.
5. Fix a bug
6. Build and run Note: Build and Verify the Result.
the solution a. Click Build, and Build Solution.
Note: After the build succeeds:
b. Switch to the command prompt Window.
Note: Verify the message and that all signature keywords have been changed
tocertificates.
c. Type in the command to sign the message with another user:
ReVerify.exe board.txt.signed.signed
Note: Notice the result--, there are two valid certificates in the message.
7. Check in the fix Note: Darren checks the project back to the TFS and checks off the bug that was
in TFS assigned to him regarding to the keyword switch.
a. Switch back to Visual Studio 2008.
b. Right-click on the Module1.vb or Program.cs depending on your language
preference.
c. Click on Check in.
d. Click on Work Items tab.
e. Check the bug that Darren has created earlier, ensure that the Check-in Action is
Resolve.
f. Click on Source Files.
g. In the Comment, type in the following: All keywords have been changed to
certificates.
h. Click on Check-In Notes.
Note: Notice that you are able to add in comments from the Code Reviewer, Security
Reviewer, and the Performance Reviewer.
i. Click Check In.
j. Expand Work Items under Security Multiple Signature in the Team
Explorer.
k. Expand Team Queries.
Page 17 of 18
l. Double-click on Active Bugs.
Note: Notice that there are no more active bugs that need to be resolved for the
project.
m. Double-click on Resolved Bugs.
Note: Notice that the Bug that was reported by Brian has been resolved.
n. Double-click on the Bug that was resolved.
o. Scroll down to the details area and select History Tab.
Note: Notice the history of the bug which was created by Brian has been resolved by
Darren.
Page 18 of 18

AddSecuritytoApplicationsBuiltwithVisualBasicandVisualCS Katheryn

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AddSecuritytoApplicationsBuiltwithVisualBasicandVisualCS Katheryn

Uploaded by

Copyright:

Available Formats

I dont

Microsoft Virtual Labs

Add Security to Applications

Add Security to Applications Built with

Estimated Time to 45 Minutes

Computers used in this

Tasks Detailed Steps

e. Use the command line to create a certificate for A Test User:

Tasks Detailed Steps

2. Add a reference Note: Add a reference to the cryptography assembly.

out X509Certificate2 cert)

6. Build and run a. Click Build, and Build Solution.

Tasks Detailed Steps

c. Enter in the following code after the variable declaration:

f. Enter the following code after the code shown above:

Tasks Detailed Steps

Complete the following a. Switch to VSTS08RTM machine.

You might also like