Click here to Skip to main content
15,612,441 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
What is the best way to implement encrypt and decrypt file content using core web API.
It should be compatible with swagger also. I have tried this with the same way as encrypt string but there is limitation of size length or may be incomplete file will send over API.
My requirement is file content should be encrypt at client end before API call via swagger or postman and should be decrypt at service end .
File content encrypt at client end then only data at transmission will safe.

What I have tried:

public static string encrypt(string PlainText, byte[] key, byte[] iv)
          string sR = string.Empty;

          byte[] plainBytes = Encoding.UTF8.GetBytes(PlainText);

          GcmBlockCipher cipher = new GcmBlockCipher(new AesFastEngine());
          AeadParameters parameters =
                       new AeadParameters(new KeyParameter(key), 128, iv, null);

          cipher.Init(true, parameters);

          byte[] encryptedBytes = new byte[cipher.GetOutputSize(plainBytes.Length)];
          Int32 retLen = cipher.ProcessBytes
                         (plainBytes, 0, plainBytes.Length, encryptedBytes, 0);
          cipher.DoFinal(encryptedBytes, retLen);
          sR = Convert.ToBase64String(encryptedBytes, Base64FormattingOptions.None);

          return sR;
Updated 5-Jul-21 4:39am
Chris Copeland 5-Jul-21 9:58am    
An API generally deals with requests and responses, and very rarely with actual files. When you say "file content should be encrypt" do you actually mean an uploaded file, or the body of the request being sent?
vishal_h 5-Jul-21 10:16am    
I want to create .net core web api which will allow file upload so i have two options as
1) IFormFile - where no file encryption with AES option i have seen
2) send encrypted file content and create file at server end but limitation is size of string.
Please let me know better alternative if know

1 solution

file content should be encrypt at client end ... and should be decrypt at service end
What you are describing is precisely what HTTPS does:
HTTPS - Wikipedia[^]

All requests and responses are encrypted over the wire, and can only be decrypted by a computer with access to the private key.

Implementing your own encryption on top of this would not increase the security of your application in any way.

(If you were talking about end-to-end encryption, where the server cannot decrypt the uploaded file, that would be a different story.)
Share this answer
vishal_h 5-Jul-21 10:52am    
but in transaction file want to create end to end encryption over https so looking for solution.
Richard Deeming 5-Jul-21 13:26pm    
End-to-end encryption means the server cannot decrypt the file.

Your question specifically states that the server needs to decrypt the file. What you described in your question is HTTPS.
vishal_h 6-Jul-21 0:22am    
Yes Server will decrypt the file because service having decryption key . And only client application can encrypt file as client is also having encryption key so message in transmission cant be view with the help of any hacking tool.
Richard Deeming 6-Jul-21 3:30am    
And as I keep telling you, that is precisely what HTTPS does.

Requests are encrypted on the client, and can only be decrypted by the server. Responses are encrypted on the server, and can only be decrypted by the client. Nobody who intercepts the traffic can view the decrypted payloads.

You don't need to add anything to your code. You just need to make sure your service is only available over HTTPS.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900