By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
448,606 Members | 1,673 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 448,606 IT Pros & Developers. It's quick & easy.

HttpWebRequest encryption?

P: n/a
Hi there,

Can anyone tell me what level of encryption is used when making an HTTPS
POST request through an instance of the System.Net.HttpWebRequest object?

Thanks much in advance!

Mike Cronin
Data On Call - Programmer

--
Message posted via http://www.dotnetmonster.com
Jul 21 '05 #1
Share this Question
Share on Google+
9 Replies


P: n/a
what ever the server supports, not all servers support 128bit
"Mike Cronin via DotNetMonster.com" <fo***@DotNetMonster.com> wrote in
message news:91******************************@DotNetMonste r.com...
Hi there,

Can anyone tell me what level of encryption is used when making an HTTPS
POST request through an instance of the System.Net.HttpWebRequest object?

Thanks much in advance!

Mike Cronin
Data On Call - Programmer

--
Message posted via http://www.dotnetmonster.com

Jul 21 '05 #2

P: n/a
That is defined by the server certificate. For your specific site, take a
look at the cert and you can see the level of encryption that will be used.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"Mike Cronin via DotNetMonster.com" <fo***@DotNetMonster.com> wrote in
message news:91******************************@DotNetMonste r.com...
Hi there,

Can anyone tell me what level of encryption is used when making an HTTPS
POST request through an instance of the System.Net.HttpWebRequest object?

Thanks much in advance!

Mike Cronin
Data On Call - Programmer

--
Message posted via http://www.dotnetmonster.com

Jul 21 '05 #3

P: n/a
Thanks for your reply Nick!

--
Message posted via http://www.dotnetmonster.com
Jul 21 '05 #4

P: n/a
Thanks for your reply Alvin!

--
Message posted via http://www.dotnetmonster.com
Jul 21 '05 #5

P: n/a
If a 128-bit encrypted client sends an HTTPS POST request to a server that
handles 128-bit encryption, does the client need to do anything more than
what follows...

String url = "https://securesite.com?user=xxx&password=yyy";
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);
webRequest.set_ContentType("application/x-www-form-urlencoded");
webRequest.set_ContentLength(query.length());
webRequest.set_Method("POST");
StreamWriter sw = new StreamWriter(webRequest.GetRequestStream());
sw.Write(query.ToString());
sw.Close();

Under the circumstances mentioned, will this simple request produce a 128-
bit encrypted POST?

Is there no need to use System.Security.Cryptography.X509Certificates?

I just need to be clear on the level of encryption.

Any assistance is most appreciated!

Mike Cronin

--
Message posted via http://www.dotnetmonster.com
Jul 21 '05 #6

P: n/a
You have some pretty confused code there.

The set_ContentType method is a method of the page object, used only on the
server side.
In addition, it is a method used internally by .NET and is not intended to
be used from your code.

Considering the fact that you are creating an HttpWebRequest object, the
set_ContentType method doesn't apply.

My guess is that you posted this snippet after it failed to compile...
correct?

A good example of the code you need can be found here
http://msdn.microsoft.com/library/en...engthtopic.asp

And, yes, posting to an HTTPS URL will have the effect of encrypting the
data in-stream. You do not need to use any encryption APIs.
Try it for yourself. Sniff the port. (If you don't have a sniffer, you may
want to try Ethereal or one of the other sniffing utilities that uses
WinPCap to sniff your ports.)

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"Mike Cronin via DotNetMonster.com" <fo***@DotNetMonster.com> wrote in
message news:a1******************************@DotNetMonste r.com...
If a 128-bit encrypted client sends an HTTPS POST request to a server that
handles 128-bit encryption, does the client need to do anything more than
what follows...

String url = "https://securesite.com?user=xxx&password=yyy";
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);
webRequest.set_ContentType("application/x-www-form-urlencoded");
webRequest.set_ContentLength(query.length());
webRequest.set_Method("POST");
StreamWriter sw = new StreamWriter(webRequest.GetRequestStream());
sw.Write(query.ToString());
sw.Close();

Under the circumstances mentioned, will this simple request produce a 128-
bit encrypted POST?

Is there no need to use System.Security.Cryptography.X509Certificates?

I just need to be clear on the level of encryption.

Any assistance is most appreciated!

Mike Cronin

--
Message posted via http://www.dotnetmonster.com

Jul 21 '05 #7

P: n/a
Nope the actual code compiles fine and is used to POST requests to us.

I should have told you that I am working in J#. Using J#, I have a
set_ContentType() not ContentType() method exposed. Sorry about the
confusion.

One other thing, the logic did get a bit tweaked when I modified the
snippet for posting. The following reflects more accurately what is coded
(the URL and query string are separated)...

String url = "https://securesite.com";
String query = "user=xxx&password=yyy";
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);
webRequest.set_ContentType("application/x-www-form-urlencoded");
webRequest.set_ContentLength(query.length());
webRequest.set_Method("POST");
StreamWriter sw = new StreamWriter(webRequest.GetRequestStream());
sw.Write(query.ToString());
sw.Close();

Nevertheless, I just wanted to make sure that in the circumstance
previously described the resulting post would be 128-bit encrypted (one of
our clients needs to be certain their data is 128-bit encrypted).

You are awesome for helping out bud!

Thanks for your quick reply!

Mike Cronin

--
Message posted via http://www.dotnetmonster.com
Jul 21 '05 #8

P: n/a
I am using the following code to post data to the site on Domino server but
always
gives the following error at this line
Dim streamWriter = New
System.IO.StreamWriter(httpWebRequest.GetRequestSt ream())

"Operation Timed OUT"
or
"Underlying Connection is Closed.."

I have used the following code :

Dim stringPost = "Username=xxx&Password=yyy"

Dim httpWebRequest As System.Net.HttpWebRequest =
System.Net.HttpWebRequest.Create("https://corpmis.ggn.hcltech.com//names.nsf?Login")
httpWebRequest.ContentType = "application/x-www-form-urlencoded"
httpWebRequest.ContentLength = stringPost.Length
httpWebRequest.Method = "POST"

Dim streamWriter = New
System.IO.StreamWriter(httpWebRequest.GetRequestSt ream())
streamWriter.Write(stringPost)
streamWriter.Close()

Dim httpWebResponse As System.Net.HttpWebResponse =
httpWebRequest.GetResponse()
Dim streamReader = New
System.IO.StreamReader(httpWebResponse.GetResponse Stream())
Dim stringResult = streamReader.ReadToEnd()
streamReader.Close()
Please Help!!!!!

Thanks & Regards,
Neeraj

"Mike Cronin via DotNetMonster.com" wrote:
Nope the actual code compiles fine and is used to POST requests to us.

I should have told you that I am working in J#. Using J#, I have a
set_ContentType() not ContentType() method exposed. Sorry about the
confusion.

One other thing, the logic did get a bit tweaked when I modified the
snippet for posting. The following reflects more accurately what is coded
(the URL and query string are separated)...

String url = "https://securesite.com";
String query = "user=xxx&password=yyy";
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);
webRequest.set_ContentType("application/x-www-form-urlencoded");
webRequest.set_ContentLength(query.length());
webRequest.set_Method("POST");
StreamWriter sw = new StreamWriter(webRequest.GetRequestStream());
sw.Write(query.ToString());
sw.Close();

Nevertheless, I just wanted to make sure that in the circumstance
previously described the resulting post would be 128-bit encrypted (one of
our clients needs to be certain their data is 128-bit encrypted).

You are awesome for helping out bud!

Thanks for your quick reply!

Mike Cronin

--
Message posted via http://www.dotnetmonster.com

Jul 21 '05 #9

P: n/a
You need to run a wiresniffer like ethereal to see which side is causing the
timeout or connection close. It is difficult to say by looking at the code.

Also, if all you want to do is forms post, you should look into using
WebClient class. You can do a FormsPost in WebCLient in 2-3 lines of code.

--
feroze

-----------------
This posting is provided as-is. It offers no warranties and assigns no
rights.

See http://weblogs.asp.net/feroze_daud for System.Net related posts.
----------------

"ne*****@noida.nospamhcltech.com"
<ne**************************@discussions.microsof t.com> wrote in message
news:4F**********************************@microsof t.com...
I am using the following code to post data to the site on Domino server
but
always
gives the following error at this line
Dim streamWriter = New
System.IO.StreamWriter(httpWebRequest.GetRequestSt ream())

"Operation Timed OUT"
or
"Underlying Connection is Closed.."

I have used the following code :

Dim stringPost = "Username=xxx&Password=yyy"

Dim httpWebRequest As System.Net.HttpWebRequest =
System.Net.HttpWebRequest.Create("https://corpmis.ggn.hcltech.com//names.nsf?Login")
httpWebRequest.ContentType = "application/x-www-form-urlencoded"
httpWebRequest.ContentLength = stringPost.Length
httpWebRequest.Method = "POST"

Dim streamWriter = New
System.IO.StreamWriter(httpWebRequest.GetRequestSt ream())
streamWriter.Write(stringPost)
streamWriter.Close()

Dim httpWebResponse As System.Net.HttpWebResponse =
httpWebRequest.GetResponse()
Dim streamReader = New
System.IO.StreamReader(httpWebResponse.GetResponse Stream())
Dim stringResult = streamReader.ReadToEnd()
streamReader.Close()
Please Help!!!!!

Thanks & Regards,
Neeraj

"Mike Cronin via DotNetMonster.com" wrote:
Nope the actual code compiles fine and is used to POST requests to us.

I should have told you that I am working in J#. Using J#, I have a
set_ContentType() not ContentType() method exposed. Sorry about the
confusion.

One other thing, the logic did get a bit tweaked when I modified the
snippet for posting. The following reflects more accurately what is coded
(the URL and query string are separated)...

String url = "https://securesite.com";
String query = "user=xxx&password=yyy";
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);
webRequest.set_ContentType("application/x-www-form-urlencoded");
webRequest.set_ContentLength(query.length());
webRequest.set_Method("POST");
StreamWriter sw = new StreamWriter(webRequest.GetRequestStream());
sw.Write(query.ToString());
sw.Close();

Nevertheless, I just wanted to make sure that in the circumstance
previously described the resulting post would be 128-bit encrypted (one
of
our clients needs to be certain their data is 128-bit encrypted).

You are awesome for helping out bud!

Thanks for your quick reply!

Mike Cronin

--
Message posted via http://www.dotnetmonster.com

Jul 21 '05 #10

This discussion thread is closed

Replies have been disabled for this discussion.