I am validating a connection to Salesforce and other external apps. I created a UI in AngularJS and MVC and whatever details the user types in the UI , I send that to my MVC controller (Post) and then send the information across as plain text to try and validate connection to the external app, which is not very secure. I then save the details to a database , which are encrypted and if I want to re valiate , I decrypt the details and send again, once again not secure.

Surely there must be a class or some way in .Net that I can encrypt or hide these sensitive information across the internet How can i do this , or is there some example that show how to do this that i can take a guide from ?

CodePudding user response：

any method of securing the data needs to be 2 sided you can use encryption to obscure the data but the receiver has to be able to decrypt it. so if you have access to both ends of the system you can do that.

see https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.cryptostream?view=net-6.0

if you don't you can't, however if you have access to both sides then why create a custom solution when you can use a prebuilt one such as https

incase you aren't aware how https works it takes a regular http packet and encrypts it into a new packet using the public key(encrypt only) of the receiving server, where the only thing that isn't encrypted is the address, once the receiving server receives the packet it uses its private key(decrypt and encrypt) to decrypt the packet so it can read the headers, body, etc and then handles the packet like a normal http request. this means just by using the https protocol you have secured the entire communication from sender to receiver with out actually changing the way anything works at either end