Data encryption
Option 1: With certificate and without HMAC
Step - I have the required data in the JSON String
Step - Convert the JSON String to UTF8 Byte array
Step - Encrypt the UTF8 Byte array to the PKCS7 Envelope using the public key (Certificate download here)
Step - Convert acquired Byte array to Base64
//Steps 3 and 4
public static string EncryptByteArray(byte[] plainTextPayload, Org.BouncyCastle.X509.X509Certificate cert)
{
var random = new Org.BouncyCastle.Security.SecureRandom();
var generator = new Org.BouncyCastle.Cms.CmsEnvelopedDataGenerator(random);
generator.AddKeyTransRecipient(cert);
var envelopedData = generator.Generate(new Org.BouncyCastle.Cms.CmsProcessableByteArray(plainTextPayload), Org.BouncyCastle.Cms.CmsEnvelopedGenerator.Aes256Cbc);
return Convert.ToBase64String(envelopedData.GetEncoded());
}
Step - I will place the resulting Base64 String widget by using the setProtectedData (Base64String) method
owidget.setProtectedData(Base64String);
Option 2: With certificate and HMAC key
Step - Contact mluvii and get HMAC Base64 key
Step - You have the required data in the JSON String
Step - Convert the JSON String to UTF8 Byte array
Step - Encrypt the UTF8 Byte array to the PKCS7 Envelope using the public key (Certificate can be downloaded here)
Step - Convert acquired Byte array to Base64
// Steps 4 and 5
public static string EncryptByteArray(byte[] plainTextPayload, Org.BouncyCastle.X509.X509Certificate cert)
{
var random = new Org.BouncyCastle.Security.SecureRandom();
var generator = new Org.BouncyCastle.Cms.CmsEnvelopedDataGenerator(random);
generator.AddKeyTransRecipient(cert);
var envelopedData = generator.Generate(new Org.BouncyCastle.Cms.CmsProcessableByteArray(plainTextPayload), Org.BouncyCastle.Cms.CmsEnvelopedGenerator.Aes256Cbc);
return Convert.ToBase64String(envelopedData.GetEncoded());
}
Encrypt byte array from step 3 with HMAC Base64 key
4th step: Encrypt byte array from step 3 with HMAC Base64 key
public static string ComputeAuthentication(byte[] plainTextPayload, string base64Hmac)
{
var key = Convert.FromBase64String(base64Hmac);
var hmac = new Org.BouncyCastle.Crypto.Macs.HMac(new Org.BouncyCastle.Crypto.Digests.Sha256Digest());
var result = new byte[hmac.GetMacSize()];
hmac.Init(new Org.BouncyCastle.Crypto.Parameters.KeyParameter(key));
hmac.BlockUpdate(plainTextPayload, 0, plainTextPayload.Length);
0);
return Convert.ToBase64String(result);
}
5th step - You will place the resulting Base64 String widget by using the setProtectedData (Base64String) method
owidget.setProtectedData(Base64String,ComputedBase64Hmac);
Last updated
Was this helpful?