ASP.NET Core Data Protection API

Introduction

Authenticity plays a very important role in the web application during round trip.

We are going to discuss about Asp.Net Core Data Protection API introduced with .Net core for data protection.

We are going to cover,

  1. What is Asp.Net Core Data Protection API?
  2. How to implement Asp.Net Core Data Protection in Web Application
  3. Data Protection API Methods
  • CreateProtector
  • Protect
  • Unprotect

Prerequisite

We have created this demo using VS2022 and .Net Core 6.0.

  1. Visual studio 2022 + .Net Core 6.0

What is Asp.net Core Data Protection API?

Much of the important information could not be disclosed to the untrusted clients and also need to verify that nothing has been tempered during the round trip.

In today’s world, Modern applications are looking for.

  1. Confidentiality
  2. Authenticity
  3. isolation

The ASP.NET Core data protection provides a cryptographic API to protect data, including key management and rotation.

See the below image for more clarification,

Data protection API

Please note that the Asp.net Core Data Protection system uses symmetric key Encryption to protect your data.

By default, Data Protection keys have a lifetime of 90 days. The data-protection system automatically creates new keys when old keys are near expiration. The collection of all the available keys is called the key ring.

The developer was using <machineKey> element in the previous version of the .Net (ASP.NET 1.x – 4.x), Asp .net Core Data Protection is designed to serve as the replacement for the <machineKey>.

Let’s create the sample application to learn more about Asp.net Core Data Protection,

How to implement Asp.Net Core Data Protection in Web Application

Please follow the below steps to implement Asp.Net Core Data Protection API in .Net Core applications.

Step 1. Create a .Net Core MVC application.

Create MVC

Click on the Next button,

Step 2. Provide the Project Name and click on the Next button.

ASP.NET Core Web App( MVC)

Step 3. Please provide Framework, Authentication type, and click on the Create button.

Additional information

Step 4. Enabled Asp.net Core Data Protection Service in the .Net Core 6.

Asp.net Core Data Protection Service

Add the below code to the program.cs file.

builder.Services.AddDataProtection();

Step 5. We are going to use the below namespaces, interfaces, and Methods used in this project.

Let's understand that first before writing any code.

Namespace: Microsoft.AspNetCore.DataProtection; 

Interfaces

  1. IDataProtector
  2. IDataProtectionProvider

Method

1. CreateProtector: “CreateProtector” takes a unique purpose as input and returns IdataProvider. The purpose is that it will increase security and provide isolation between cryptographic consumers. Let's see the below specifications of the method.

Data Protection code

IDataProtector CreateProtector(string purpose)

2. Protected: This method takes plain text as input and returns encrypted data as output.

Method input

public static string Protect(this IDataProtector protector,string plaintext)

3. Unprotected: This method will take Encrypted data as input and Decrypt the data.

Encrypted data

public static string Unprotect(this IDataProtector protector,string plaintext)

Step 6. Write the below code in the HomeController.cs file.

Home controler

using DataPRotection Demo. Models;
using Microsoft.AspNetCore.DataProtection; 
using Microsoft.AspNetCore.Mvc;
using System.Diagnostics;

namespace DataPRotectionDemo.Controllers
{

public class HomeController: Controller
{
   private readonly ILogger<HomeController> _logger;
   private readonly IDataProtector _dataProtector;

public HomeController (ILogger<Home Controller> logger, IDataProtectionProvider dataProtectionProvider)
 {
   _logger Logger;
   _dataProtector = dataProtectionProvider.CreateProtector("DataProtectionDemo");
 }

public IActionResult Index()
 {
   string stroriginal= "This is is Original Data";
   ViewBag.Original = stroriginal;

   string Encrypted0Priginal = _dataProtector. Protect(stroriginal);
   ViewBag. EncryptedOriginal = Encrypted0Priginal;,

   ViewBag. Decryptoriginal = _dataProtector. Unprotect (Encrypted0Priginal);
   return View();
 }
}
}

In the above code,

  1. Added readonly variable of IDataProtector.
  2. In the constructor, we will call IDataProtectionProvider. CreateProtector method. This method will be returned IDataProtector.
  3. dataProctor.Protect method Encrypt data.
  4. dataProctor.Unprotect method Decrypt data.

Step 7. Write code in the index.cshtml file.

 index.cshtml file

@{
ViewData["Title"] = "Home Page";
}

<div class="text-center">
<p><h3>Original Value: </h3>@ViewBag. Original</p>
<p><h3>Encrypted Original Value: </h3>@ViewBag.EncryptedOriginal</p> 
<p><h3>Decrypted Original Value: </h3>@ViewBag.DecryptOriginal</p>

</div>

Execute the Project and see the output at the below.

Output

Output

In the output screen, we can see the original string, Encrypted string, and original string back after decryption.

Hope you learned how to Encrypt and Decrypt data. In the next article, we will learn more about Asp.Net Core Data Protector.

Thanks for your time!!!


Similar Articles