Encryptar / Desencryptar QueryString ASP NET

HTML Markup
Page 1
The following HTML Markup consists of a TextBox, a DropDownList and a Button. The value from the TextBox and the DropDownLists will be encrypted and send using QueryString Parameters to the next page on Button click.
<table border=»0″ cellpadding=»0″ cellspacing=»0″>
    <tr>
        <td>
            Name:
        </td>
        <td>
            <asp:TextBox ID=»txtName» runat=»server» Text=»Mudassar Khan» />
        </td>
    </tr>
    <tr>
        <td>
            Technology:
        </td>
        <td>
            <asp:DropDownList ID = «ddlTechnology» runat=»server»>
                <asp:ListItem Text=»ASP.Net» Value = «ASP.Net» />
                <asp:ListItem Text=»PHP» Value = «PHP» />
                <asp:ListItem Text=»JSP» Value = «JSP» />
            </asp:DropDownList>
        </td>
    </tr>
</table>
<hr />
<asp:Button ID=»Button1″ Text=»Submit» runat=»server» OnClick = «Submit» />
 
Page 2
The following HTML Markup consists of two Label controls which will be used to display the QueryString Parameter values received on the page.
<table border=»0″ cellpadding=»0″ cellspacing=»0″>
    <tr>
        <td>
            Name:
        </td>
        <td>
            <asp:Label ID=»lblName» runat=»server» Text=»» />
        </td>
    </tr>
    <tr>
        <td>
            Technology:
        </td>
        <td>
            <asp:Label ID=»lblTechnology» runat=»server» Text=»» />
        </td>
    </tr>
</table>
 
 
Namespaces
You will need to import the following namespaces.
C#
using System.IO;
using System.Text;
using System.Security.Cryptography;
VB.Net
Imports System.IO
Imports System.Text
Imports System.Security.Cryptography
 
 
AES Algorithm Encryption and Decryption functions
Below are the functions for Encryption and Decryption which will be used for the Encrypting or Decrypting QueryString Parameter Values.
Note: The following functions have been explained in the article AES Encryption Decryption (Cryptography) Tutorial with example in ASP.Net using C# and VB.Net
 
 
Encrypting the QueryString Parameter Values
When the Button is clicked the following event handler is executed. Here the values of the TextBox and the DropDownList are first encrypted using the AES Symmetric Key Algorithm and then encoded using the UrlEncode method of the HttpUtility class. Finally these values are sent as QueryString Parameters to the next page.
Note: Here Encoding is required as the Encrypted string contains special characters and it is necessary to encode special characters before sending them as QueryString parameter.
C#
protected void Submit(object sender, EventArgs e)
{
    string name = HttpUtility.UrlEncode(Encrypt(txtName.Text.Trim()));
    string technology = HttpUtility.UrlEncode(Encrypt(ddlTechnology.SelectedItem.Value));
    Response.Redirect(string.Format(«~/CS2.aspx?name={0}&technology={1}», name, technology));
}
private string Encrypt(string clearText)
{
    string EncryptionKey = «MAKV2SPBNI99212»;
    byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
    using (Aes encryptor = Aes.Create())
    {
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        encryptor.Key = pdb.GetBytes(32);
        encryptor.IV = pdb.GetBytes(16);
        using (MemoryStream ms = new MemoryStream())
        {
            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
            {
                cs.Write(clearBytes, 0, clearBytes.Length);
                cs.Close();
            }
            clearText = Convert.ToBase64String(ms.ToArray());
        }
    }
    return clearText;
}
 
VB.Net
Protected Sub Submit(sender As Object, e As EventArgs)
    Dim name As String = HttpUtility.UrlEncode(Encrypt(txtName.Text.Trim()))
    Dim technology As String = HttpUtility.UrlEncode(Encrypt(ddlTechnology.SelectedItem.Value))
    Response.Redirect(String.Format(«~/VB2.aspx?name={0}&technology={1}», name, technology))
End Sub
Private Function Encrypt(clearText As String) As String
    Dim EncryptionKey As String = «MAKV2SPBNI99212»
    Dim clearBytes As Byte() = Encoding.Unicode.GetBytes(clearText)
    Using encryptor As Aes = Aes.Create()
        Dim pdb As New Rfc2898DeriveBytes(EncryptionKey, New Byte() {&H49, &H76, &H61, &H6E, &H20, &H4D, _
         &H65, &H64, &H76, &H65, &H64, &H65, _
         &H76})
        encryptor.Key = pdb.GetBytes(32)
        encryptor.IV = pdb.GetBytes(16)
        Using ms As New MemoryStream()
            Using cs As New CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write)
                cs.Write(clearBytes, 0, clearBytes.Length)
                cs.Close()
            End Using
            clearText = Convert.ToBase64String(ms.ToArray())
        End Using
    End Using
    Return clearText
End Function
 
 
Decrypting the QueryString Parameter Values
In the Page Load event of the page, the values of the TextBox and DropDownList sent from the previous page are first fetched from the QueryString Parameters and then are decoded using the UrlDecode method of the HttpUtility class.
After decoding the string is decrypted using the AES Symmetric Key Algorithm and then the decrypted values are displayed using Label controls.
C#
protected void Page_Load(object sender, EventArgs e)
{
    if (!this.IsPostBack)
    {
        lblName.Text = Decrypt(HttpUtility.UrlDecode(Request.QueryString[«name»]));
        lblTechnology.Text = Decrypt(HttpUtility.UrlDecode(Request.QueryString[«technology»]));
    }
}
private string Decrypt(string cipherText)
{
    string EncryptionKey = «MAKV2SPBNI99212»;
    cipherText = cipherText.Replace(» «, «+»);
    byte[] cipherBytes = Convert.FromBase64String(cipherText);
    using (Aes encryptor = Aes.Create())
    {
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        encryptor.Key = pdb.GetBytes(32);
        encryptor.IV = pdb.GetBytes(16);
        using (MemoryStream ms = new MemoryStream())
        {
            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
            {
                cs.Write(cipherBytes, 0, cipherBytes.Length);
                cs.Close();
            }
            cipherText = Encoding.Unicode.GetString(ms.ToArray());
        }
    }
    return cipherText;
}
 
VB.Net
Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load
    If Not Me.IsPostBack Then
        lblName.Text = Decrypt(HttpUtility.UrlDecode(Request.QueryString(«name»)))
        lblTechnology.Text = Decrypt(HttpUtility.UrlDecode(Request.QueryString(«technology»)))
    End If
End Sub
Private Function Decrypt(cipherText As String) As String
    Dim EncryptionKey As String = «MAKV2SPBNI99212»
    cipherText = cipherText.Replace(» «, «+»)
    Dim cipherBytes As Byte() = Convert.FromBase64String(cipherText)
    Using encryptor As Aes = Aes.Create()
        Dim pdb As New Rfc2898DeriveBytes(EncryptionKey, New Byte() {&H49, &H76, &H61, &H6E, &H20, &H4D, _
         &H65, &H64, &H76, &H65, &H64, &H65, _
         &H76})
        encryptor.Key = pdb.GetBytes(32)
        encryptor.IV = pdb.GetBytes(16)
        Using ms As New MemoryStream()
            Using cs As New CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write)
                cs.Write(cipherBytes, 0, cipherBytes.Length)
                cs.Close()
            End Using
            cipherText = Encoding.Unicode.GetString(ms.ToArray())
        End Using
    End Using
    Return cipherText
End Function
 

Encrypt and Decrypt QueryString Parameter Values in ASP.Net using C# and VB.Net

Encrypt and Decrypt QueryString Parameter Values in ASP.Net using C# and VB.Net

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *