Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Encrypt & Decrypt querystring values using AES 256

I am using the following code to Encrypt/Decrypt a querystring and pass it from one page to another. The resulting output is missing a '+' (see at the bottom of the question). What can I do to make sure the '+' comes thru as I am already using urlencode/urldecode?

//Encryption page

    protected void Page_Load(object sender, EventArgs e)
    {
        string text = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";            
        Response.Write("256:" + Decrypt256(Encrypt256(text)));
        Response.Write(string.Format("<br/><a href=\"decrypt.aspx?p={0}\">{0}</a>", HttpUtility.UrlEncode(Encrypt256(text))));            
    }


    private const string AesIV256 = @"!QAZ2WSX#EDC4RFV";
    private const string AesKey256 = @"5TGB&YHN7UJM(IK<5TGB&YHN7UJM(IK<";


    private string Encrypt256(string text)
    {            
        // AesCryptoServiceProvider
        AesCryptoServiceProvider aes = new AesCryptoServiceProvider();            
        aes.BlockSize = 128;
        aes.KeySize = 256;
        aes.IV = Encoding.UTF8.GetBytes(AesIV256);
        aes.Key = Encoding.UTF8.GetBytes(AesKey256);
        aes.Mode = CipherMode.CBC;
        aes.Padding = PaddingMode.PKCS7;

        // Convert string to byte array
        byte[] src = Encoding.Unicode.GetBytes(text);

        // encryption
        using (ICryptoTransform encrypt = aes.CreateEncryptor())
        {
            byte[] dest = encrypt.TransformFinalBlock(src, 0, src.Length);

            // Convert byte array to Base64 strings
            return Convert.ToBase64String(dest);
        }
    }

    /// <summary>
    /// AES decryption
    /// </summary>
    private string Decrypt256(string text)
    {            
        // AesCryptoServiceProvider
        AesCryptoServiceProvider aes = new AesCryptoServiceProvider();
        aes.BlockSize = 128;
        aes.KeySize = 256;
        aes.IV = Encoding.UTF8.GetBytes(AesIV256);
        aes.Key = Encoding.UTF8.GetBytes(AesKey256);
        aes.Mode = CipherMode.CBC;
        aes.Padding = PaddingMode.PKCS7;

        // Convert Base64 strings to byte array
        byte[] src = System.Convert.FromBase64String(text);

        // decryption
        using (ICryptoTransform decrypt = aes.CreateDecryptor())
        {
            byte[] dest = decrypt.TransformFinalBlock(src, 0, src.Length);
            return Encoding.Unicode.GetString(dest);
        }
    }

Decryption page (I use this page to print out what I the decrypted string from the first page and then compare it what I get in the URL:

     protected void Page_Load(object sender, EventArgs e)
    {
        string urlValue = HttpUtility.UrlDecode(Request.QueryString["p"].Trim());
     Decrypt256(Encoding.ASCII.GetString(s2));            

        Response.Write(urlValue + "<br /><br />");     
        Response.Write("AUwsHc8j/llULnuwVnspNwolBUAhl5GFqC6iOrUN5euZFrOgFVypqTGfhAaooLxa0Fko+9KGtRh3UcQJtzkfSw==");            

    }

The end result is the following two lines (the first line is the output from the URL). They almost match except the first URL (the encoded/decoded querystring result) is missing the '+' symbol. Any idea how to avoid this?

AUwsHc8j/llULnuwVnspNwolBUAhl5GFqC6iOrUN5euZFrOgFVypqTGfhAaooLxa0Fko 9KGtRh3UcQJtzkfSw==

AUwsHc8j/llULnuwVnspNwolBUAhl5GFqC6iOrUN5euZFrOgFVypqTGfhAaooLxa0Fko+9KGtRh3UcQJtzkfSw==

like image 335
Dkong Avatar asked Feb 19 '15 18:02

Dkong


People also ask

Is it safe to encrypt?

Generally, encryption is safe. Data transmitted and stored with encryption is safer than when left unencrypted. The average user uses encryption automatically many times daily when using a web browser or mobile app. Manual file encryption is safe with responsible handling of the decryption keys.

What is encrypt in phone?

Encryption stores your data in a form that can be read only when your phone or tablet is unlocked. Unlocking your encrypted device decrypts your data. Encryption can add protection in case your device is stolen.

How do I encrypt a word?

Windows. Open a note and highlight the text you wish to encrypt. Right-click the highlighted text and select Encrypt Selected Text. Enter a chosen passphrase into the form.

What is encrypt in simple words?

In simple words, Encryption is the process by which digital messages are transformed into secret codes so that it remains safe and hidden until it reaches the receiver.


1 Answers

ok fixed it, simply removed the urldecode method. The decode appears to happen automatically.

like image 200
Dkong Avatar answered Sep 23 '22 01:09

Dkong