EN

Data Encryption/Decryption Options Example

To protect our clients' data, we offer two new data encryption/decryption options that safeguard data from unauthorized access and minimize the risk of data breaches. This guide explains the usage and application methods for each option.

1. Query String Encryption

User data transmitted as URL query strings is encrypted using the AES-256 method. The Key used for encryption is generated using the API Key we provide. You can see how to apply this in the example below.

Example: First, create the data to be encrypted in JSON format. (You may remove any unused fields.)

{
    "email": "email@email.com",
    "userid": "userid",
    "cf1": "value 1",
    "cf2": "value 2",
    "cf3": "value 3",
    "blacklistCountries": false,
    "approvePeriod": false,
    "rejectPeriod": false,
    "ageLimit": false,
    "rejectDuplicateUser": true,
    "token": "token_id"
}

Encrypt the JSON text above using AES-256 and add it to the encrypted field of the Query String.

https://form.argosidentity.com/?pid={project_Id}&encrypted={encrypted_json_text}

Important: The pid and lang query strings, as well as the sid and action query strings used on the 'Injection' page, are not supported for encryption.

2. Secure Data Transmission Option

This option encrypts data using AES-256 and PKI methods when calling API methods (POST/SUBMISSION, GET/SUBMISSION, PUT/SUBMISSION, WEBHOOK). The Key used for encryption is generated using the API Key we provide.

Application Method:

  • When calling POST/SUBMISSION, GET/SUBMISSION, PUT/SUBMISSION, WEBHOOK methods, the transmitted data is encrypted using AES-256.

  • PKI ensures data integrity and authentication.

(Common) Encryption/Decryption Method

We explain how to generate an AES-256 key using the API Key and use it to encrypt and decrypt data for client data security.

Notice of Encryption/Decryption Method Change (August 1, 2024)

Previously, we used CBC as the AES-256 encryption mode, but we have changed to ECB mode, and therefore no longer use IV (Initialization Vector). Please refer to the example code below.

1. Generating Hash Key

Generate an AES-256 key using the project's unique API Key.

Node.js crypto module
var crypto = require('crypto');
var hashedKey = crypto.createHash('sha256').update(APIKEY).digest();
Javascript crypto-js library
import CryptoJS from 'crypto-js';
const hashedKey = CryptoJS.SHA256(APIKEY);

2. Encryption Example

The example below shows how to encrypt data using AES-256.

Node.js crypto module
var crypto = require('crypto');

/**
 * @param {string} data - Stringified JSON data
 * @param {string} apiKey - Project API key
 * @returns {string} Encrypted data
 */
function encrypt(data, apiKey) {
  var hashedKey = crypto.createHash('sha256').update(apiKey).digest();
  var cipher = crypto.createCipheriv('aes-256-ecb', hashedKey, null);
  return cipher.update(data, 'utf8', 'base64') + cipher.final('base64');
}
Javascript crypto-js library
import CryptoJS from 'crypto-js';

const encrypt = (data, apiKey) => {
  const hashedKey = CryptoJS.SHA256(apiKey);
  const encrypted = CryptoJS.AES.encrypt(data, hashedKey, {
    mode: CryptoJS.mode.ECB,
  });
  return encrypted.ciphertext.toString(CryptoJS.enc.Base64);
};
Java
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.Base64;

public class Encryption {
    public static String encrypt(String data, String apiKey) throws Exception {
        // API 키를 SHA-256으로 해시
        MessageDigest digest = MessageDigest.getInstance("SHA-256");
        byte[] hashedKey = digest.digest(apiKey.getBytes(StandardCharsets.UTF_8));

        // AES 암호화를 위한 키 생성
        SecretKeySpec secretKey = new SecretKeySpec(hashedKey, "AES");

        // AES/ECB/PKCS5Padding 모드로 Cipher 초기화
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, secretKey);

        // 데이터 암호화
        byte[] encryptedBytes = cipher.doFinal(data.getBytes(StandardCharsets.UTF_8));

        // Base64 인코딩하여 결과 반환
        return Base64.getEncoder().encodeToString(encryptedBytes);
    }
}

3. Decryption Example

The example below shows how to decrypt data encrypted using AES-256.

var crypto = require('crypto');

/**
 * @param {string} encryptedData
 * @param {string} apiKey
 * @returns {string} Decrypted data
 */
function decrypt(encryptedData, apiKey) {
  var hashedKey = crypto.createHash('sha256').update(apiKey).digest();
  var decipher = crypto.createDecipheriv('aes-256-ecb', hashedKey, null);
  return decipher.update(encryptedData, 'base64', 'utf8') + decipher.final('utf8');
}
import CryptoJS from 'crypto-js';

const decrypt = (encryptedData, apiKey) => {
  const hashedKey = CryptoJS.SHA256(apiKey);
  const decrypted = CryptoJS.AES.decrypt(encryptedData, hashedKey, {
    mode: CryptoJS.mode.ECB
  });
  return decrypted.toString(CryptoJS.enc.Utf8);
};

PreviousGetting StartedNextSubmit Via Liveform

Last updated