Introduction
Authenticity plays a very important role in the web application during round trip.
We are going to discuss about Asp.Net Core Data Protection API introduced with .Net core for data protection.
We are going to cover,
- What is Asp.Net Core Data Protection API?
- How to implement Asp.Net Core Data Protection in Web Application
- Data Protection API Methods
- CreateProtector
- Protect
- Unprotect
Prerequisite
We have created this demo using VS2022 and .Net Core 6.0.
- Visual studio 2022 + .Net Core 6.0
What is Asp.net Core Data Protection API?
Much of the important information could not be disclosed to the untrusted clients and also need to verify that nothing has been tempered during the round trip.
In today’s world, Modern applications are looking for.
- Confidentiality
- Authenticity
- isolation
The ASP.NET Core data protection provides a cryptographic API to protect data, including key management and rotation.
See the below image for more clarification,
Please note that the Asp.net Core Data Protection system uses symmetric key Encryption to protect your data.
By default, Data Protection keys have a lifetime of 90 days. The data-protection system automatically creates new keys when old keys are near expiration. The collection of all the available keys is called the key ring.
The developer was using <machineKey> element in the previous version of the .Net (ASP.NET 1.x – 4.x), Asp .net Core Data Protection is designed to serve as the replacement for the <machineKey>.
Let’s create the sample application to learn more about Asp.net Core Data Protection,
How to implement Asp.Net Core Data Protection in Web Application
Please follow the below steps to implement Asp.Net Core Data Protection API in .Net Core applications.
Step 1. Create a .Net Core MVC application.
Click on the Next button,
Step 2. Provide the Project Name and click on the Next button.
Step 3. Please provide Framework, Authentication type, and click on the Create button.
Step 4. Enabled Asp.net Core Data Protection Service in the .Net Core 6.
Add the below code to the program.cs file.
builder.Services.AddDataProtection();
Step 5. We are going to use the below namespaces, interfaces, and Methods used in this project.
Let's understand that first before writing any code.
Namespace: Microsoft.AspNetCore.DataProtection;
Interfaces
- IDataProtector
- IDataProtectionProvider
Method
1. CreateProtector: “CreateProtector” takes a unique purpose as input and returns IdataProvider. The purpose is that it will increase security and provide isolation between cryptographic consumers. Let's see the below specifications of the method.
IDataProtector CreateProtector(string purpose)
2. Protected: This method takes plain text as input and returns encrypted data as output.
public static string Protect(this IDataProtector protector,string plaintext)
3. Unprotected: This method will take Encrypted data as input and Decrypt the data.
public static string Unprotect(this IDataProtector protector,string plaintext)
Step 6. Write the below code in the HomeController.cs file.
using DataPRotection Demo. Models;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.Mvc;
using System.Diagnostics;
namespace DataPRotectionDemo.Controllers
{
public class HomeController: Controller
{
private readonly ILogger<HomeController> _logger;
private readonly IDataProtector _dataProtector;
public HomeController (ILogger<Home Controller> logger, IDataProtectionProvider dataProtectionProvider)
{
_logger Logger;
_dataProtector = dataProtectionProvider.CreateProtector("DataProtectionDemo");
}
public IActionResult Index()
{
string stroriginal= "This is is Original Data";
ViewBag.Original = stroriginal;
string Encrypted0Priginal = _dataProtector. Protect(stroriginal);
ViewBag. EncryptedOriginal = Encrypted0Priginal;,
ViewBag. Decryptoriginal = _dataProtector. Unprotect (Encrypted0Priginal);
return View();
}
}
}
In the above code,
- Added readonly variable of IDataProtector.
- In the constructor, we will call IDataProtectionProvider. CreateProtector method. This method will be returned IDataProtector.
- dataProctor.Protect method Encrypt data.
- dataProctor.Unprotect method Decrypt data.
Step 7. Write code in the index.cshtml file.
@{
ViewData["Title"] = "Home Page";
}
<div class="text-center">
<p><h3>Original Value: </h3>@ViewBag. Original</p>
<p><h3>Encrypted Original Value: </h3>@ViewBag.EncryptedOriginal</p>
<p><h3>Decrypted Original Value: </h3>@ViewBag.DecryptOriginal</p>
</div>
Execute the Project and see the output at the below.
Output
In the output screen, we can see the original string, Encrypted string, and original string back after decryption.
Hope you learned how to Encrypt and Decrypt data. In the next article, we will learn more about Asp.Net Core Data Protector.
Thanks for your time!!!