Encryption of a C#class

Asked

Viewed 148 times

1

I have the following code in PHP:

    $params = json_decode(trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $api_secret, base64_decode($enc_request), MCRYPT_MODE_ECB)));

Where the result is an array and not a string.

The data I need to send is this:

Dados dados = new Dados ();

dados.Controller = "Get";
dados.Action = "FindIdUsuario_get";
dados.Email = "[email protected]";
dados.Pass = "teste";

How do I encrypt these classes using Rijndael to submit to my url?

UPDATE

Follow the encryption code I use in php:

$request_params = array();
$request_params['controller'] = 'Get';
$request_params['action'] = 'FindIdUsuario_get';
$request_params['email'] = '[email protected]';
$request_params['pass'] = 'teste';
echo base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $public_key, json_encode($request_params), MCRYPT_MODE_ECB));
  • 3

    http://stackoverflow.com/questions/20567056/rijndael-encryption-decryption-c-sharp-vs-php

  • I don’t want to encrypt a string, but a class.

  • 1

    it’s not gonna happen what you want to do.

  • 1

    Short answer: serialize the object in JSON, encrypt, on the other side decrypt and de-serialize the JSON back into an object. But: a) why go through GET, and not through POST? b) why not use SSL/TLS instead of "handmade" encryption? c) both sides of communication hold the secret key? d) NEVER USE ECB MODE IN PRACTICE!!! Use a safer mode, such as CBC or CTR, or better an authenticated one, such as OCB/CCM/GCM/EAX.

  • P.S. If the code in PHP cannot be modified for any reason (for example, if it is third party) and all you need is to create a C# "compatible" code, please edit your question giving an example of the expected result, then maybe we can help you better (but there is still the caveat that using ECB is not safe in practice, in particular if you send the same block more than once).

  • What is this $public_key? AES/Rijndael is an encryption algorithm symmetrical, so that the same key is used to encrypt and to decipher. By chance this variable is the same as $api_secret?

  • And the same yes. I just want to know how to encrypt a c# array the same way I do in PHP.

Show 2 more comments

1 answer

0

Classes are data sets. Basically (and totally roughly) it’s a structure. You could even manipulate at low level and encrypt this class, but from this done, the VM will no longer recognize this class and eliminate it from memory.

If you want to hide ALL the data of this class, you have to apply encryption to each field of it, since underneath the screens this data will be sequential and there will not be this beautiful and readable division that we see when programming, leaving the "Class" fully encrypted.

To send this one by a URL, you just have to organize it into a larger string, encrypt this string and pass. Another method MUCH BETTER is by Post (form).

Browser other questions tagged

You are not signed in. Login or sign up in order to post.