Encrypt and Decrypt Text in Web API (2024)

Encrypt and Decrypt Text in Web API (1)

  • 138.8k
  • 0
  • 2

Introduction

In this article, I will show you how to encrypt and decrypt text. Here we convert the text into a secret form by encrypting it and convert it back into its original text by decrypting it.

Encrypt : It is process of converting text into a secret form that cannot be readable by other humans. It can only be read by that person that has the encryption key. This is basically used for security.

Decrypt : It is the reverse of encryption. It converts the encrypted text back into its original text. It requires a secret key.

Procedure for creating the application.

See Also
JSON Web Token (JWT) with RSA encryptionSecuring Microservices (Part I)JSON WEB TOKEN to encrypt Your data in NODE JS 2022Securing Tokens with help from JOSE

Step 1

First we create a Web API application as in the following:

  • Start Visual Studio 2012.
  • From the start window select "New Project".
  • From the new project window select "Installed" -> "Visual C#" -> "Web".
  • Select "ASP.NET MVC4 Web Application" and click the "OK" button.

    Encrypt and Decrypt Text in Web API (3)

  • From the "MVC4 Project" window select "Web API".

    Encrypt and Decrypt Text in Web API (4)

  • Click the "OK" button.

Step 2

Create a Model class as in the following:

  • In the "Solution Explorer".
  • Right-click on the "Model folder" then select "Add" -> "Class".
  • From the Add Item window select "Installed" -> "Visual C#".

    Encrypt and Decrypt Text in Web API (5)

  • Select Class and click the "Add" button.

Add the following code:

  1. usingSystem;
  2. usingSystem.Collections.Generic;
  3. usingSystem.Linq;
  4. usingSystem.Web;
  5. namespaceEncriptCode.Models
  6. {
  7. publicclassEModel
  8. {
  9. publicstringword{get;set;}
  10. }
  11. }

Step 3

In the "HomeController" write the code to encrypt and decrypt the text. This file exists:

See Also
NodeJS Crypto Module - Encrypt and Decrypt Data | CodeForGeek

  • In the "Solution Explorer".
  • Expand the Controller folder.
  • Select "HomeController".

    Encrypt and Decrypt Text in Web API (6)

Add the following code:

  1. usingSystem;
  2. usingSystem.Collections.Generic;
  3. usingSystem.Linq;
  4. usingSystem.Web;
  5. usingSystem.Web.Mvc;
  6. usingEncriptCode.Models;
  7. usingSystem.Text;
  8. usingSystem.Security.Cryptography;
  9. namespaceEncriptCode.Controllers
  10. {
  11. publicclassHomeController:Controller
  12. {
  13. stringkey="1prt56";
  14. publicActionResultIndex()
  15. {
  16. EModelobj=newEModel();
  17. returnView(obj);
  18. }
  19. [HttpPost]
  20. publicActionResultIndex(EModelobj)
  21. {
  22. intreq=Convert.ToInt32(Request.Form["type"]);
  23. if(req==1)
  24. {
  25. ViewBag.Result=Encryptword(obj.word);
  26. }
  27. else
  28. {
  29. ViewBag.Result=Decryptword(obj.word);
  30. }
  31. returnView(obj);
  32. }
  33. publicstringEncryptword(stringEncryptval)
  34. {
  35. byte[]SrctArray;
  36. byte[]EnctArray=UTF8Encoding.UTF8.GetBytes(Encryptval);
  37. SrctArray=UTF8Encoding.UTF8.GetBytes(key);
  38. TripleDESCryptoServiceProviderobjt=newTripleDESCryptoServiceProvider();
  39. MD5CryptoServiceProviderobjcrpt=newMD5CryptoServiceProvider();
  40. SrctArray=objcrpt.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
  41. objcrpt.Clear();
  42. objt.Key=SrctArray;
  43. objt.Mode=CipherMode.ECB;
  44. objt.Padding=PaddingMode.PKCS7;
  45. ICryptoTransformcrptotrns=objt.CreateEncryptor();
  46. byte[]resArray=crptotrns.TransformFinalBlock(EnctArray,0,EnctArray.Length);
  47. objt.Clear();
  48. returnConvert.ToBase64String(resArray,0,resArray.Length);
  49. }
  50. publicstringDecryptword(stringDecryptText)
  51. {
  52. byte[]SrctArray;
  53. byte[]DrctArray=Convert.FromBase64String(DecryptText);
  54. SrctArray=UTF8Encoding.UTF8.GetBytes(key);
  55. TripleDESCryptoServiceProviderobjt=newTripleDESCryptoServiceProvider();
  56. MD5CryptoServiceProviderobjmdcript=newMD5CryptoServiceProvider();
  57. SrctArray=objmdcript.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
  58. objmdcript.Clear();
  59. objt.Key=SrctArray;
  60. objt.Mode=CipherMode.ECB;
  61. objt.Padding=PaddingMode.PKCS7;
  62. ICryptoTransformcrptotrns=objt.CreateDecryptor();
  63. byte[]resArray=crptotrns.TransformFinalBlock(DrctArray,0,DrctArray.Length);
  64. objt.Clear();
  65. returnUTF8Encoding.UTF8.GetString(resArray);
  66. }
  67. }
  68. }

UTF8Encoding.UTF8.GetBytes : It encodes the specified string into a specified byte array.

TripleDESCrptoServiceProvider : It provides a wrapper object for accessing the cryptographic service provider version of the TripelDES algorithm. We use the "System.Security.Cryptography" namespace for it.

CipherMode.ECB : CipherMode specifies a block cipher mode for the encryption and the ECB (Electronic Codebook) that encrypts every block individually.

MD5CryptoServiceProvider : It computes the MD5 hash value for the input data using the implementation provided by the cryptographic service provider.

PaddingMode.PKCS7 : Padding is applied when the message data block is shorter than the number of bytes needed for the cryptography. And the PKCS7 padding string consists of a sequence of bytes.

Step 4

Now use the "index.cshtml" file. This file exists:

  • In the "Solution Explorer".
  • Expand the Views folder.
  • Select "Home" -> "index.cshtml".

    Encrypt and Decrypt Text in Web API (7)

Add the following code:

  1. @modelEncriptCode.Models.EModel
  2. @{
  3. ViewBag.Title="CodeforEncryptandDecrypttheTextinWebAPI";
  4. }
  5. @using(Html.BeginForm("Index","Home",FormMethod.Post))
  6. {
  7. <h2>
  8. EncryptandDecryptText</h2>
  9. @Html.TextBoxFor(p=>p.word,new{@style="width:200px"})
  10. <div>
  11. @Html.RadioButton("type",1,true)EncryptText
  12. <br>@Html.RadioButton("type",2,false)DecryptText
  13. </div>
  14. <div>
  15. <b>Output</b>:@ViewBag.Result</div>
  16. <inputtype="submit"value="submit"/>
  17. }

Step 5

Execute the application.

Encrypt and Decrypt Text in Web API (8)

Type some text and select "Encrypt". Click on the "Submit" button. It generates an encrypted code version of the text.

Encrypt and Decrypt Text in Web API (9)

Copy the encrypted code and paste it into the text box and select decrypt. Now click on the "Submit" button. It generates the original text.

Encrypt and Decrypt Text in Web API (10)

Encrypt and Decrypt Text in Web API (2024)

FAQs

Should API response be encrypted? ›

Authentication acts as a gatekeeping mechanism by guaranteeing that only authorized users can access the API, while encryption protects data from being intercepted or tampered with. Both are necessary for API security, as they address different security needs within the ecosystem.

Read On
How do I encrypt and decrypt REST API? ›

To encrypt a REST API with RSA and AES, you would typically follow these steps: Generate a public/private RSA key pair. The public key is used to encrypt data, while the private key is used to decrypt it. The private key should be kept secret and secure, while the public key can be shared freely.

Discover More Details
What information do you need to decrypt and encrypted message? ›

To decrypt an encrypted message, one needs the correct decryption key or password. When a message is encrypted, it is encoded into a form that is not understandable by anyone who does not possess the key required to decipher it. Therefore, to read an encrypted message, you will require the decryption key or password.

Continue Reading
How to encrypt data in web API? ›

One of the simplest and most effective ways to secure and encrypt your API data and traffic is to use HTTPS, or Hypertext Transfer Protocol Secure. HTTPS is a protocol that adds a layer of encryption and authentication to the standard HTTP protocol.

See Details
What is the best encryption for API? ›

Encryption

This will make it much more difficult for sensitive data to end up in the wrong hands. You and your partners should cipher all exchanges with TLS (the successor to SSL), whether it is one-way encryption (standard one-way TLS) or, even better, mutual encryption (two-way TLS).

Find Out More
Do API keys need to be encrypted? ›

Storing API keys directly in your database is bad practice and not secure. They should be hashed and/or encrypted first before being stored. This would ensure the keys cannot be used, even if someone malicious gained access to your database.

Tell Me More
How do I know if my API is encrypted? ›

4 Quick Ways to Test if Your API is Secure
  1. Parameter tampering. Parameter tampering is when an attacker changes the values in an API request. ...
  2. Injection. An injection attack occurs when an attacker inserts hostile input into an API. ...
  3. Input Fuzzing. ...
  4. Unhandled HTTP Methods.
Sep 7, 2020

Show Me More
Are rest APIs encrypted? ›

A TLS certificate uses end-to-end encryption to protect API data and access credentials while they are in transit. TLS protects your information sent via your API through encryption of all messages sent through that API.

Explore More
Can data be encrypted at rest? ›

Encrypting data at rest secures files and documents, ensuring that only those with the key can access them. The files are useless to anyone else. This prevents data leakage, unauthorized access, and physical theft—unless attackers manage to compromise the key management scheme and gain access to the key.

Continue Reading
What is the formula for encryption and decryption? ›

The encryption formula is En(x) = (x + n) mod 26 and the Decryption formula is Dn(x) = (x – n) mod 26. While it's easy to implement but it can't withstand the modern era. As computers can break it easily.

Show Me More

How do I encrypt data to decrypt? ›

To encrypt more than a small amount of data, symmetric encryption is used. A symmetric key is used during both the encryption and decryption processes. To decrypt a particular piece of ciphertext, the key that was used to encrypt the data must be used.

Read The Full Story
What are the two keys to decrypt? ›

Public key cryptography is a method of encrypting or signing data with two different keys and making one of the keys, the public key, available for anyone to use. The other key is known as the private key. Data encrypted with the public key can only be decrypted with the private key.

See Details
How do I make my Web API more secure? ›

API Security Best Practices
  1. Always Use a Gateway.
  2. Always Use a Central OAuth Server.
  3. Only Use JSON Web Tokens Internally.
  4. Use Scopes for Coarse-Grained Access Control.
  5. Use Claims for Fine-Grained Access Control at the API Level.
  6. Trust No One.
  7. Create or Reuse Libraries for JWT Validation.
  8. Do Not Mix Authentication Methods.

Get More Info Here
How to secure data in REST API? ›

The top five ways to build security into a REST API design are:
  1. Always use TLS encryption.
  2. Implement a sound and scalable authentication and authorization model.
  3. Don't include sensitive information in URLs.
  4. Narrowly define allowed RESTful API requests and responses.
  5. Implement continuous API discovery capabilities.
Nov 15, 2023

Continue Reading
How do I secure API documentation? ›

Always use TLS

Every web API should use TLS (Transport Layer Security). TLS protects the information your API sends (and the information that users send to your API) by encrypting your messages while they're in transit. You might know TLS by its predecessor's name, SSL.

View More
Do I need to secure my API? ›

Protect All APIs

Even internal APIs should have protections implemented. This way, you're sure that the API is protected from any threat from inside your organization.

View Details
Should my API be HTTPS? ›

All APIs should use and require HTTPS to help guarantee confidentiality, authenticity, and integrity. HTTPS provides a stronger guarantee that a client is communicating with the real API and receiving back authentic contents. It also enhances privacy for applications and users using the API.

See More
Are response headers encrypted? ›

HTTPS encrypts all message contents, including the HTTP headers and the request/response data.

Learn More
Top Articles
22 Ways to Cut Your Heating Bills
9 Types Of Investment Assets
Davita Internet
Melson Funeral Services Obituaries
Citibank Branch Locations In Orlando Florida
Otterbrook Goldens
Fire Rescue 1 Login
Blue Ridge Now Mugshots Hendersonville Nc
Newgate Honda
Bestellung Ahrefs
Nebraska Furniture Tables
Grace Caroline Deepfake
Tracking Your Shipments with Maher Terminal
SXSW Film & TV Alumni Releases – July & August 2024
Daily Voice Tarrytown
Clear Fork Progress Book
Hanger Clinic/Billpay
Buy Swap Sell Dirt Late Model
TBM 910 | Turboprop Aircraft - DAHER TBM 960, TBM 910
Persona 4 Golden Taotie Fusion Calculator
Google Doodle Baseball 76
Tyrone Unblocked Games Bitlife
Kingdom Tattoo Ithaca Mi
8000 Cranberry Springs Drive Suite 2M600
Koninklijk Theater Tuschinski
Sorrento Gourmet Pizza Goshen Photos
1979 Ford F350 For Sale Craigslist
4 Methods to Fix “Vortex Mods Cannot Be Deployed” Issue - MiniTool Partition Wizard
Truvy Back Office Login
O'reilly's In Mathis Texas
Narragansett Bay Cruising - A Complete Guide: Explore Newport, Providence & More
Leben in Japan &#8211; das muss man wissen - Lernen Sie Sprachen online bei italki
Combies Overlijden no. 02, Stempels: 2 teksten + 1 tag/label & Stansen: 3 tags/labels.
Cvs Sport Physicals
Frequently Asked Questions - Hy-Vee PERKS
3473372961
Kaiser Infozone
Log in or sign up to view
Greater Keene Men's Softball
Wo ein Pfand ist, ist auch Einweg
Fapello.clm
Prior Authorization Requirements for Health Insurance Marketplace
Rocky Bfb Asset
Pathfinder Wrath Of The Righteous Tiefling Traitor
Login
Aloha Kitchen Florence Menu
1990 cold case: Who killed Cheryl Henry and Andy Atkinson on Lovers Lane in west Houston?
Competitive Comparison
When Is The First Cold Front In Florida 2022
Philasd Zimbra
Pauline Frommer's Paris 2007 (Pauline Frommer Guides) - SILO.PUB
Latest Posts
What is Investment Planning and Why is it Important?
What is Investment Planning and Why is it Important? - Jupiter Money
Article information

Author: Delena Feil

Last Updated:

Views: 5833

Rating: 4.4 / 5 (45 voted)

Reviews: 92% of readers found this page helpful

Author information

Name: Delena Feil

Birthday: 1998-08-29

Address: 747 Lubowitz Run, Sidmouth, HI 90646-5543

Phone: +99513241752844

Job: Design Supervisor

Hobby: Digital arts, Lacemaking, Air sports, Running, Scouting, Shooting, Puzzles

Introduction: My name is Delena Feil, I am a clean, splendid, calm, fancy, jolly, bright, faithful person who loves writing and wants to share my knowledge and understanding with you.