0

I want to encrypt the following parameters:

  • user
  • pass
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope>
   <soap:Body>
      <user>User</user>
      <pass>Pass</pass>
   </soap:Body>
</soap:Envelope>

The ideal final XML document would be something like this:
(The values are random letters with no meaning just to show you what I want to do)

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope>
   <soap:Body>
      <user>gsdfhnsafjjetjte</user>
      <pass>herahrejhtjhsteajt</pass>
   </soap:Body>
</soap:Envelope>
  • I have to use Rijndael in order to encrypt , but I can not figure out how to do this.
  • I have already checked the Microsoft's Documentation about Rijndael , but I can not find a way to implement this in my code.
  • I have also checked a lot of articles and resources , but none of this helped me.
  • I have to send it back to the XML document as a string , as you can see in the above code , but the documentation for Rijndael returns byte[].

IMPORTANT
I must use as a Rijndael Key a token from an Ouath 2.0 API. How can I use this and where in the Rijndael code?

EDIT For example: I have to encrypt with Rijndael the below parameters in the method:

APISoapClient soapClient = new APISoapClient ();

string id = "callID";
string username = "user";
string password = "pass";
string data = "someData";

string test = soapClient.getInfo(id, username, password , data);

Could anyone provide me with a sample of code which encrypts the above using the Rijndael algorithm?

LopDev
  • 1
  • 4
  • 25
  • The link you posted has encrypt and decrypt methods that are as good as you are going to get as an answer here on SO. You will have to set the key and iv instead of allowing the object to generate them, but I don't understand how you are going to use an oauth token as a key. Finally, you can easily convert a byte array to a Base64 string so that would ultimately be your encrypted string in the xml. – Crowcoder Jul 02 '20 at 11:31
  • @Crowcoder, I have to encrypt using Rijndael the parameters, but for authentication the API uses Oath 2..0 and it provides me with calls in order to get a token, do you know what does it mean? – LopDev Jul 02 '20 at 11:34
  • @I do not know how to use it , if you could help I would appreciate it , because I do know what to do – LopDev Jul 02 '20 at 11:34
  • I understand Oauth (to a certain extent) but I don't know how you will use a token as a key, and then there is the initialization vector (iv) you still need. And whatever decrypts this data needs the same key and iv. I wonder why you have to do this at all, is the connection not using https? – Crowcoder Jul 02 '20 at 11:36
  • @Crowcoder , the hypothesis that I have to use the token is mine , because I do know how to use it, as far as encryption is concerned and about the key I have these information : Key - (16 chars + IV Key) – LopDev Jul 02 '20 at 11:43
  • @Crowcoder , is this enough to understand anything and help me please? – LopDev Jul 02 '20 at 11:44
  • 2
    I'm sorry, I could not explain encryption and decryption any better than that microsoft link and I have no idea what the business with using an oauth token as a key is all about. If I had that requirement I"d probably be here asking this question myself. – Crowcoder Jul 02 '20 at 11:45
  • @Crowcoder, maybe I am wrong, the oauth token is about authentication, my problem is the encryption of the parameters with Rijndael , could you help me this issue? – LopDev Jul 02 '20 at 11:48
  • I could help you with whatever trouble you are having using the sample code that you linked to but you need a specific problem, not just "*I can not find a way to implement this in my code.*" – Crowcoder Jul 02 '20 at 11:56
  • @Crowcoder, I edit my question, is this helps you , or you want more details , and if yes please clarify which details – LopDev Jul 02 '20 at 12:02
  • I could copy and paste the code from the documentation you linked to but I don't see the point in that. – Crowcoder Jul 02 '20 at 12:06
  • @Crowcoder, oh ok , so this is the solution, and what about the information that says - Key - (16 chars + IV Key) , should I do something with that? Thank you in advance for your valued help and consideration so far – LopDev Jul 02 '20 at 12:08
  • @Crowcoder, also the code in Microsoft Documentation returns byte[] and I want to use string as you can see in the method, I tried this piece of code , https://stackoverflow.com/questions/1003275/how-to-convert-utf-8-byte-to-string/1003289#1003289 , but this returns a string which contains some weird symbols which can not be read , so I do not know what to do , this way I ask so many questions, because I have already try to find the solution by I have not achieved anything so far , – LopDev Jul 02 '20 at 12:16
  • Does that mean the first 16 chars of the oauth token plus an IV? Can you ask whoever has given you these requirements? Second, it doesn't matter if the string is human readable, it is just a format that can be transported by http. Presumably the receiver will will convert back to bytes but I don't know how the receiver will have your key and iv to decrypt. – Crowcoder Jul 02 '20 at 12:22
  • No, "session" is an overloaded term, I'm not sure what they mean. – Crowcoder Jul 02 '20 at 12:27
  • @Crowcoder , I have problem when I want to transform byte[] to string , because in order to put in the XML I have to make it as a string , do you know which is the correct way , I have tried both , System.Text.Encoding.UTF8.GetString(byteArray); , and , Encoding.ASCII.GetString(byteArray); , when I decrypt it regurarly as a byte array it works but when I send it as a string to the API it is not working , do you know any other way? – LopDev Jul 02 '20 at 13:48
  • The API will have to decode it based on how you encoded it. A common encoding for transfer [is base64](https://docs.microsoft.com/en-us/dotnet/api/system.convert.tobase64string?view=netcore-3.1#System_Convert_ToBase64String_System_Byte___). The API will have to reverse that with [Convert.FromBase64String](https://docs.microsoft.com/en-us/dotnet/api/system.convert.frombase64string?view=netcore-3.1) before it can decrypt. – Crowcoder Jul 02 '20 at 14:00
  • @Crowcoder , I have made a new different question about the conversion itself , if you can help me with this I would appreciate it , thank you in advance for your valued , valid and kind help , https://stackoverflow.com/questions/62698275/which-is-the-proper-way-to-convert-a-byte-to-a-string-in-order-to-have-the-exp – LopDev Jul 02 '20 at 14:12

0 Answers0