search

Azure / api-management-policy-snippets

Re-usable examples of Azure API Management policies
MIT License
345 stars 157 forks source link

No byte[] decrypt / encrypt in api-management-policy-snippets/examples /Encrypt data using expressions.policy.xml #114

Open annie8ell opened 1 year ago

annie8ell commented 1 year ago

Encrypt data using expressions.policy.xml and Decrypt AES Data using policy expressions.xml appear not to work.

 byte[] inBytes = Convert.FromBase64String(context.Request.Body.As<JObject>().SelectToken("encrpText").ToString());
 byte[] decryptedBytes = **inBytes.Decrypt**("Aes", key, IV);**
byte[] gooberBytes = Encoding.UTF8.GetBytes(goober);
byte[] encryptedBytes = gooberBytes**.Encrypt("Aes", key, IV);**

Byte[] doesn't have an encrypt or decrypt method. It also appears that symmetrical encryption isn't possible in API management.

carlingkirk commented 6 months ago

There is an extension method available in their internal library: Microsoft.WindowsAzure.ApiManagement.Proxy.Gateway.Context.CryptographyExtensions.Decrypt(Byte[] input, String alg, Byte[] key, Byte[] iv) I know this because I am trying to implement decryption, but this extension method doesn't support specifying the padding.