Sensitive Information Hiding

Sometimes we need to hide or encode some sensitive data in our application, such as user email and password properties. We can easily do this by using the LINQ extension method. But here my intention is to make a generic implementation for hiding sensitive data. 

Let's start.

At first, we need to create a Console application. To do this, open visual studio then navigate to File > New > Project and select Console application template.

For our application, we have 2 models that are Article and User,

public class User {
    public int UserId {
        get;
        set;
    }
    public string Name {
        get;
        set;
    }
    public string Password {
        get;
        set;
    }
}
public class Article {
    public int ArticleId {
        get;
        set;
    }
    public string Title {
        get;
        set;
    }
    public string Email {
        get;
        set;
    }
    public string Password {
        get;
        set;
    }
}

For the User model, the sensitive property is "Password" and for the article model the sensitive property is "Email" and "Password".

Let us check the main method code,

static void Main(string[] args) {
    var articles = new List < Article > {
        new Article {
            ArticleId = 1,
                Title = "test-a1",
                Email = "test email 1",
                Password = "test password 1"
        },
        new Article {
            ArticleId = 2,
                Title = "test-a2",
                Email = "test email 2",
                Password = "test passowrd 2"
        }
    };
    var users = new List < User > {
        new User {
            UserId = 1,
                Name = "user1",
                Password = "test password 1"
        },
        new User {
            UserId = 2,
                Name = "user2",
                Password = "test password 2"
        }
    };
    articles.ForEach(article => SafeEncoding(article));
    users.ForEach(user => SafeEncoding(user));
    Console.WriteLine("-----Output-----\n");
    Console.WriteLine("----For article-------\n");
    foreach(var article in articles) {
        Console.WriteLine($ "ArticleId : {article.ArticleId}");
        Console.WriteLine($ "Title : {article.Title}");
        Console.WriteLine($ "Email : {article.Email}");
        Console.WriteLine($ "Password : {article.Password}\n");
    }
    Console.WriteLine("----For user-------");
    foreach(var user in users) {
        Console.WriteLine($ "UserId : {user.UserId}");
        Console.WriteLine($ "Name : {user.Name}");
        Console.WriteLine($ "Password : {user.Password}\n");
    }
    Console.ReadLine();
}

At first, I added two mock list objects for the article and user model. The sensitive information for this mock data is what we are going to hide.

To handle hiding functionality in generic, I added a method given below

private static void SafeEncoding < T > (T value) {
    var dicObj = typeof(T).GetProperties();
    foreach(var dic in dicObj.Where(propertyInfo => propertyInfo.Name == "Email" | propertyInfo.Name == "Password")) {
        string newValue = "*****";
        PropertyInfo propertyInfo = value.GetType().GetProperty(dic.Name);
        propertyInfo.SetValue(value, Convert.ChangeType(newValue, propertyInfo.PropertyType), null);
    }
}

The safeEncoding method takes a value argument which is a generic type. This method uses reflection to change the actual value of the sensitive data to some other value, here I change it to "*****".

The final output of this application is given below. In the output, you can see that Email and Password in Article object and Password in User object are hidden.

Sensitive Information Hiding

Thanks for reading.

Next Recommended Reading C# Hidden Gems - Discards Variable (_)