Last post Mar 09, 2015 01:44 AM by Sherwin Zhao
Mar 06, 2015 04:39 PM|johnaspnet|LINK
I have C# asp.net REST web api service that is consumed from clients who use C++ or Java language. One of C# POST methods lets client programs to post data to my web api service with JSON format. One example, on the client side, the request body must
be provided as:
key :"<key value must be encrypted>"
Client programs (written in C++ or Java) must encode the value of JSON field "key". But what I cannot figure out is how can my Web API providing codes (C#) can understand the Encryption algorithm used from clients and decrypt the encrypted "key" field properly.
How can I reach a right approach so that server side and client side can understand each other in coding/decoding POSTed data?
I am using HTTPs protocol for my ASP.NET RESTful web api. Is HTTPs secured enough for data if client programs do not encrypt the "key" filed value?
Mar 07, 2015 07:23 AM|rezaxp|LINK
You just need to know which algorithm your client app is using. For example if you are encrypting using base64 you can decrypt with the same algorithm. As far as I know the only thing is that you need to replace "-" to "+" and "_" to "/" before you decrypt
a java encrypted base64 string in c#
Mar 07, 2015 10:12 AM|johnaspnet|LINK
@rezaxp. Thank you for your reply.
I have 1 extra question: For C++ or other programming languages, how can I know which
specific characters I need to replace when I decrypt with C#? It sounds complicated, isn't it? Any idea?
Mar 07, 2015 08:40 PM|rezaxp|LINK
I'm not sure, but I don't think there is any between c++ and c#. It should be possible to just use System.Convert.FromBase64String to convert it.
Mar 09, 2015 01:44 AM|Sherwin Zhao|LINK
For you post, I think you need to point out what Encryption algorithm was used in Server side in your production document. Let the client use the same encryption algorithm. For example base64, md5 etc..
And I think base64, md5, they are same in C#, C++, Java language.
Hope this can be helpful to you.