Best way to encrypt/decrypt querystring in .Net

Please find the best way to do Encryption/Decryption in .net. If you use standard way of accessing query string parameter values after encrypting or hashing you will get errors. Using following way, it will generate safe Encryption/Decryption in query string.

Encrypt :

    static string Encrypt(string originalString)
    {
        if (String.IsNullOrEmpty(originalString))
        {
            return string.Empty;
        }
        DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
        MemoryStream memoryStream = new MemoryStream();
        CryptoStream cryptoStream = new CryptoStream(memoryStream,
            cryptoProvider.CreateEncryptor(bytes, bytes), CryptoStreamMode.Write);
        StreamWriter writer = new StreamWriter(cryptoStream);
        writer.Write(originalString);
        writer.Flush();
        cryptoStream.FlushFinalBlock();
        writer.Flush();
        return Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length);
    }

string qs = "?uid=" + Encrypt("sample user id & key");

Decrypt :

    static string Decrypt(string cryptedString)
    {
        if (String.IsNullOrEmpty(cryptedString))
        {
            return string.Empty;
        }
        DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
        MemoryStream memoryStream = new MemoryStream(Convert.FromBase64String(cryptedString));
        CryptoStream cryptoStream = new CryptoStream(memoryStream,
            cryptoProvider.CreateDecryptor(bytes, bytes), CryptoStreamMode.Read);
        StreamReader reader = new StreamReader(cryptoStream);
        return reader.ReadToEnd();
    }

    private string GetRawUrlQueryString(string key)
    {
        string val = string.Empty;

        string url = HttpContext.Current.Request.RawUrl;

        int start = url.IndexOf("?");
        if (start >= 0)
        {
            string qs = url.Substring(start + 1);
            string[] parts = qs.Split('&');
            foreach (string part in parts)
            {
                if (part.Trim().StartsWith(key + "="))
                {
                    val = part.Trim().Replace(key + "=", "");
                    break;
                }
            }
        }
        return val;
    }

string receiveduid = GetRawUrlQueryString("uid");
string uid =  Decrypt(receivedui);

Important :

Do not use Request.QueryString["uid"] get the query string value as .net framework by default convert actual query string value with url encode. If so your decryption or base64 conversion will fail.

Comments

Post a Comment

Popular posts from this blog

CSS text-overflow ellipsis in the beginning of the the text - Left Ellipsis using CSS in a Flex box

Image
Problem: If you want to have css text overflow ellipsis in the left (beginning of the text), there is no straight forward solution to get it working in all browsers (especially in Safari). There are several CSS tricks that you will end up only working few browsers. It will be further difficult, if you are trying to achieve this in flex container. Solution: Combining few ideas found in the stack-overflow, manged to get it working in most of the browsers including safari. ".cont" is flex box and either you can set a width to it, or can inherit the width from parent container element. .ellipsis:after { content: ""; background-color: white; color: transparent; position: relative; z-index: 2; min-width: 100%; display: inline-block; min-height: 1rem; } .ellipsis { direction: rtl; display: inline-block; width: calc(100% - .1em); white-space: nowrap; overflow: h
Read more

Selenium With .Net

Recently I had a chance to work with Selenium framwork. It is pretty easy to intrgrate automated testing into .net with Selenium. Also for project like web site scrapping and automated posting, can be easily developped with few lines of code. Following code lines will automate a web site login with use of selenium framework. ISelenium selenium = new DefaultSelenium(seleniumServer, port, browser, website); selenium.Start(); selenium.Open(ConfigLoader.Configurations.LoginPageUrl); selenium.WaitForPageToLoad((ConfigLoader.Configurations.WaitingTime * 1000).ToString()); selenium.Type("ctl00_PageContent_UserName", ConfigLoader.Configurations.UserName); selenium.Type("ctl00_PageContent_Password", ConfigLoader.Configurations.Password); selenium.Click("ctl00_PageContent_OKButton__Button"); selenium.WaitForPageToLoad((ConfigLoader.Configurations.WaitingTime * 1000).ToString());
Read more

Handling Exit Event of Console Application in C#

Do you wan to do something on the exit event of Console Application. .Net framework does not provide such direct event to do that. You can use following workaround to have that kind of event in your application.         [STAThread]         static void Main(string[] args)         {             HandlerRoutine hr = new HandlerRoutine(Handler);             SetConsoleCtrlHandler(hr, true);             GC.KeepAlive(hr);          }         public static void DoOnAppExit()         {                   //Do something......         }         #region Handle App Exit         static Boolean Handler(CtrlTypes CtrlType)         {             // A switch to handle the event type.             switch (CtrlType)             {                 case CtrlTypes.CTRL_C_EVENT:                 case CtrlTypes.CTRL_BREAK_EVENT:                 case CtrlTypes.CTRL_CLOSE_EVENT:                 case CtrlTypes.CTRL_LOGOFF_EVENT:                 case CtrlTypes.CTRL_SHUTDOWN_EVENT:           
Read more