Data encryption

Option 1: With certificate and without HMAC

Step - I have the required data in the JSON String
Step - Convert the JSON String to UTF8 Byte array
Step - Encrypt the UTF8 Byte array to the PKCS7 Envelope using the public key (Certificate download here)
Step - Convert acquired Byte array to Base64

    //Steps 3 and 4
    public static string EncryptByteArray(byte[] plainTextPayload, Org.BouncyCastle.X509.X509Certificate cert)
        {

            var random = new Org.BouncyCastle.Security.SecureRandom();
            var generator = new Org.BouncyCastle.Cms.CmsEnvelopedDataGenerator(random);

            generator.AddKeyTransRecipient(cert);

            var envelopedData = generator.Generate(new Org.BouncyCastle.Cms.CmsProcessableByteArray(plainTextPayload), Org.BouncyCastle.Cms.CmsEnvelopedGenerator.Aes256Cbc);
            return Convert.ToBase64String(envelopedData.GetEncoded());
        }

Step - I will place the resulting Base64 String widget by using the setProtectedData (Base64String) method
```
owidget.setProtectedData(Base64String);
```

Option 2: With certificate and HMAC key

Step - Contact mluvii and get HMAC Base64 key
Step - You have the required data in the JSON String
Step - Convert the JSON String to UTF8 Byte array
Step - Encrypt the UTF8 Byte array to the PKCS7 Envelope using the public key (Certificate can be downloaded here)
Step - Convert acquired Byte array to Base64

    // Steps 4 and 5
    public static string EncryptByteArray(byte[] plainTextPayload, Org.BouncyCastle.X509.X509Certificate cert)
        {

            var random = new Org.BouncyCastle.Security.SecureRandom();
            var generator = new Org.BouncyCastle.Cms.CmsEnvelopedDataGenerator(random);

            generator.AddKeyTransRecipient(cert);

            var envelopedData = generator.Generate(new Org.BouncyCastle.Cms.CmsProcessableByteArray(plainTextPayload), Org.BouncyCastle.Cms.CmsEnvelopedGenerator.Aes256Cbc);
            return Convert.ToBase64String(envelopedData.GetEncoded());
        }

Encrypt byte array from step 3 with HMAC Base64 key

4th step: Encrypt byte array from step 3 with HMAC Base64 key

    public static string ComputeAuthentication(byte[] plainTextPayload, string base64Hmac)
        {
            var key =  Convert.FromBase64String(base64Hmac);

            var hmac = new Org.BouncyCastle.Crypto.Macs.HMac(new Org.BouncyCastle.Crypto.Digests.Sha256Digest());
            var result = new byte[hmac.GetMacSize()];

            hmac.Init(new Org.BouncyCastle.Crypto.Parameters.KeyParameter(key));
            hmac.BlockUpdate(plainTextPayload, 0, plainTextPayload.Length);
            0);

            return Convert.ToBase64String(result);
        }

5th step - You will place the resulting Base64 String widget by using the setProtectedData (Base64String) method

owidget.setProtectedData(Base64String,ComputedBase64Hmac);

PreviousSoftware architecture NextTelephony

Last updated 3 years ago

Was this helpful?