Click here to Skip to main content
15,879,535 members
Search within:


How to handle encrypt and decrypt file in ASP.NET core web API
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
C#
encryption
API
What is the best way to implement encrypt and decrypt file content using asp.net core web API.
It should be compatible with swagger also. I have tried this with the same way as encrypt string but there is limitation of size length or may be incomplete file will send over API.
My requirement is file content should be encrypt at client end before API call via swagger or postman and should be decrypt at service end .
File content encrypt at client end then only data at transmission will safe.

What I have tried:

public static string encrypt(string PlainText, byte[] key, byte[] iv)
      {
          string sR = string.Empty;

          byte[] plainBytes = Encoding.UTF8.GetBytes(PlainText);

          GcmBlockCipher cipher = new GcmBlockCipher(new AesFastEngine());
          AeadParameters parameters =
                       new AeadParameters(new KeyParameter(key), 128, iv, null);

          cipher.Init(true, parameters);

          byte[] encryptedBytes = new byte[cipher.GetOutputSize(plainBytes.Length)];
          Int32 retLen = cipher.ProcessBytes
                         (plainBytes, 0, plainBytes.Length, encryptedBytes, 0);
          cipher.DoFinal(encryptedBytes, retLen);
          sR = Convert.ToBase64String(encryptedBytes, Base64FormattingOptions.None);


          return sR;
      }
Posted
Updated 5-Jul-21 4:39am
v2
Add a Solution
Comments
Chris Copeland 5-Jul-21 9:58am    
An API generally deals with requests and responses, and very rarely with actual files. When you say "file content should be encrypt" do you actually mean an uploaded file, or the body of the request being sent?
vishal_h 5-Jul-21 10:16am    
I want to create .net core web api which will allow file upload so i have two options as
1) IFormFile - where no file encryption with AES option i have seen
2) send encrypted file content and create file at server end but limitation is size of string.
Please let me know better alternative if know

1 solution

Quote:
file content should be encrypt at client end ... and should be decrypt at service end
What you are describing is precisely what HTTPS does:
HTTPS - Wikipedia[^]

All requests and responses are encrypted over the wire, and can only be decrypted by a computer with access to the private key.

Implementing your own encryption on top of this would not increase the security of your application in any way.

(If you were talking about end-to-end encryption, where the server cannot decrypt the uploaded file, that would be a different story.)
 
Share this answer
 
Posted
Comments
vishal_h 5-Jul-21 10:52am    
but in transaction file want to create end to end encryption over https so looking for solution.
Richard Deeming 5-Jul-21 13:26pm    
End-to-end encryption means the server cannot decrypt the file.

Your question specifically states that the server needs to decrypt the file. What you described in your question is HTTPS.
vishal_h 6-Jul-21 0:22am    
Yes Server will decrypt the file because service having decryption key . And only client application can encrypt file as client is also having encryption key so message in transmission cant be view with the help of any hacking tool.
Richard Deeming 6-Jul-21 3:30am    
And as I keep telling you, that is precisely what HTTPS does.

Requests are encrypted on the client, and can only be decrypted by the server. Responses are encrypted on the server, and can only be decrypted by the client. Nobody who intercepts the traffic can view the decrypted payloads.

You don't need to add anything to your code. You just need to make sure your service is only available over HTTPS.
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Connection refused - ASP.NET core 7.0 web api call
Handling values entered in an ASP.NET core form to a controller
How to upload file with data from angular 8 to ASP.NET core 3 web api
How to add images of user in folder and save the address in database in ASP.NET core web api
Want to show multiple images in ASP.NET core web api using jquery
JWT configuration ASP.NET core web api
Issue with implementing oauth authentication in ASP.NET core
Decrypt file encrypted with gnupg
CORS issue when angular and web API(.NET core) is used [SOLVED]
How do I export pdf from crystal report using ASP.NET core web api

Advertise
Privacy
Cookies
Terms of Use
Last Updated 5 Jul 2021
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web02 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900