Securing client side json

Question

I am new in Windows store apps development. I am creating a Windows Store App which requires to store some data on client side. This data is present in JSON format having Build Action as Content. Whenever user runs the application, I am initializing some objects by reading this JSON file. However this is just a plain text and contains data that should not be revealed to the user. Can I encrypt this JSON by any means. I need basically a workaround where I encrypt the json data while building the application and decrypt this json while reading and initializing the objects. Please suggest.

Answer 1

I'm assuming your code looks like this:

string json = File.ReadAllText("/<path to json>/config.json");
// Parse the json ...

You can encrypt the content of the JSON file using AES encryption. You will need to define a key that will be used for encryption and decryption.

Take a look in here : using AES encrypt / decrypt in c#

---

After using encryption your code will look like this:

when you need to read your configuration:

string encryptedJson = File.ReadAllText("/<path to json>/config.json");
string aesKey = "<your aes key>";
string plainJson = AesDecrypt(encryptedJson, aesKey);
// Parse the json ...

When you need save the configuration:

// Generate json ...
string plainJson;

string aesKey = "<your aes key>";
string encryptedJson = AesEncrypt(plainJson, aesKey);
File.WriteAllText("/<path to json>/config.json", encryptedJson);

Note that your key can be extracted from your compiled assemblies using reflection methods