Best way to encrypt/decrypt querystring in .Net

Please find the best way to do Encryption/Decryption in .net. If you use standard way of accessing query string parameter values after encrypting or hashing you will get errors. Using following way, it will generate safe Encryption/Decryption in query string.

Encrypt :

    static string Encrypt(string originalString)
    {
        if (String.IsNullOrEmpty(originalString))
        {
            return string.Empty;
        }
        DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
        MemoryStream memoryStream = new MemoryStream();
        CryptoStream cryptoStream = new CryptoStream(memoryStream,
            cryptoProvider.CreateEncryptor(bytes, bytes), CryptoStreamMode.Write);
        StreamWriter writer = new StreamWriter(cryptoStream);
        writer.Write(originalString);
        writer.Flush();
        cryptoStream.FlushFinalBlock();
        writer.Flush();
        return Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length);
    }

string qs = "?uid=" + Encrypt("sample user id & key");

Decrypt :

    static string Decrypt(string cryptedString)
    {
        if (String.IsNullOrEmpty(cryptedString))
        {
            return string.Empty;
        }
        DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
        MemoryStream memoryStream = new MemoryStream(Convert.FromBase64String(cryptedString));
        CryptoStream cryptoStream = new CryptoStream(memoryStream,
            cryptoProvider.CreateDecryptor(bytes, bytes), CryptoStreamMode.Read);
        StreamReader reader = new StreamReader(cryptoStream);
        return reader.ReadToEnd();
    }

    private string GetRawUrlQueryString(string key)
    {
        string val = string.Empty;

        string url = HttpContext.Current.Request.RawUrl;

        int start = url.IndexOf("?");
        if (start >= 0)
        {
            string qs = url.Substring(start + 1);
            string[] parts = qs.Split('&');
            foreach (string part in parts)
            {
                if (part.Trim().StartsWith(key + "="))
                {
                    val = part.Trim().Replace(key + "=", "");
                    break;
                }
            }
        }
        return val;
    }

string receiveduid = GetRawUrlQueryString("uid");
string uid =  Decrypt(receivedui);

Important :

Do not use Request.QueryString["uid"] get the query string value as .net framework by default convert actual query string value with url encode. If so your decryption or base64 conversion will fail.

Comments

Post a Comment

Popular posts from this blog

Embedding PowerBI with ASP.NET Core 2 and Angular(2,4,5)

Image
Background 
Integration of PowerBI into ASP.Net is straightforward as far as you follow the Microsoft documentation. When it comes to ASP.NET Core 2, it is not, at the time of writing this article. Let me guide you through the steps I followed to successfully embed PowerBI reports to our ASP.NET Core2 / Angular5 enterprise website.

Two Scenarios

 1. User Owns Data - where users will be directly registered in PowerBi portal
https://docs.microsoft.com/en-us/power-bi/developer/integrate-report
2. App Owns Data - you have an application which owns the data and you have users to view these reports but they are not registered in PowerBI as direct users - ISV situation
https://docs.microsoft.com/en-us/power-bi/developer/embed-sample-for-customers
Following steps are focused on scenario 2 which is app own data, but it is not limited to use this information for scenario 1 as well.
[Flow of authentication and authorization (from Microsoft documentation)]
Step 1: Register your app
Make sure your app…
Read more

Handling Exit Event of Console Application in C#

Do you wan to do something on the exit event of Console Application. .Net framework does not provide such direct event to do that. You can use following workaround to have that kind of event in your application.


        [STAThread]
        static void Main(string[] args)
        {
            HandlerRoutine hr = new HandlerRoutine(Handler);
            SetConsoleCtrlHandler(hr, true);
            GC.KeepAlive(hr); 

        }

        public static void DoOnAppExit()
        {
                  //Do something......
        }

        #region Handle App Exit

        static Boolean Handler(CtrlTypes CtrlType)
        {
            // A switch to handle the event type.
            switch (CtrlType)
            {
                case CtrlTypes.CTRL_C_EVENT:
                case CtrlTypes.CTRL_BREAK_EVENT:
                case CtrlTypes.CTRL_CLOSE_EVENT:
                case CtrlTypes.CTRL_LOGOFF_EVENT:
                case CtrlTypes.CTRL_SHUTDOWN_EVENT:
                    DoOnAppExit();
  …
Read more

Taxi - Cab services in Colombo - Sri Lanka

This is the list of cab / taxi services operating in Colombo - Sri Lanka.


KangarooCabs
Address: 91 1/6, Galle Road, Colombo 4
Contact Number: 2501501 / 2588588 / 2502888

Radiant Cabs
Address: 455, Galle Road, Colombo3
Contact Number: 2556556

City Cabs
Address: 422, Galle Road, Colombo 6
Contact Number: 2552222

Colombo Cabs
Address: 326, Hospital Road, Kalubowila, Dehiwala
Contact Number: 4203303

Excel Cabs
Address: 831 1.2 Kotte Road,Ethul Kotte
Contact Number: 2889889


Yellow Radio Cabs
Address : 315 St Clair, Wattala, Wattala
Contact Number:: 2942942


ACE Cabs
Address: 298-1/1. Colombo Road, Pepiliyana
Contact Number: 2818818

Airport Express
Address: 65/6, Kirula Road, Colombo 5
Contact Number: 5555050

Airport Link
Address: 73/28, Temple Road, Colombo 5
Contact Number:5336666

A R S Cab service
Address: 46, Sri Siddhartha Road, Colombo 6
Contact Number: 5054153

Create Tours
Address: 3, Wijeyaba Mawatha, Nawala
Contact Number: 5377677

GNTC (Namdo cabs)
Address: 85, Cotta Road, Colombo 6
Read more