How to Encrypt and Decrypt values in Querystring using Asp.Net C#

Encrypt and Decrypt values in Querystring

We are passing the username one page to another page by querystring but it can be modify on url  how to avoid the problem using Encryption and Decryption values(Username).

DEMO




                            Download

Namespace


using System.Security.Cryptography;
using System.IO;

using System.Text;

Login page


<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    <table><tr><td>Username</td><td>
        <asp:TextBox ID="txtUsername" runat="server"></asp:TextBox>
        </td></tr>
        <tr><td>Password</td><td>
            <asp:TextBox ID="txtPassword" runat="server"></asp:TextBox>
            </td></tr>
        <tr><td></td><td>
            <asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="Login" />
            </td></tr>

    </table>
    </div>
    </form>
</body>
</html>


 login.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

using System.Security.Cryptography;
using System.IO;
using System.Text;

public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        if (txtUsername.Text == "admin" && txtPassword.Text == "admin")
        {
            string encryptID = txtUsername.Text.ToString();

            Response.Redirect("Home.aspx?Username=" + encryptQueryString(encryptID));
        }
    }
    public string encryptQueryString(string strQueryString)
    {       

        return Encrypt(strQueryString, "!#$a54?3");
    }             

    public static string Encrypt(string stringToEncrypt, string strEncryptionKey)
    {
        byte[] key = { };
        byte[] eight = { 10, 20, 30, 40, 50, 60, 70, 80 };

        byte[] inputByteArray;
     
            key = Encoding.UTF8.GetBytes(strEncryptionKey.Substring(0, 8));
            DESCryptoServiceProvider des = new DESCryptoServiceProvider();

            inputByteArray = Encoding.UTF8.GetBytes(stringToEncrypt);
            MemoryStream ms = new MemoryStream();

            CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(key, eight), CryptoStreamMode.Write);
            cs.Write(inputByteArray, 0, inputByteArray.Length);

            cs.FlushFinalBlock();

            return Convert.ToBase64String(ms.ToArray());
        }          
}


Home Page 

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    <br />
        <br />
        <br />
      Username= <asp:LinkButton ID="lbtUsername" ForeColor="Red" runat="server"></asp:LinkButton>
    </div>
    </form>
</body>
</html>


 Home.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

using System.Security.Cryptography;
using System.IO;
using System.Text;

public partial class Home : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        string DecryptId = Request.QueryString["Username"];
        DecryptId = DecryptId.Replace(" ", "+");
        lbtUsername.Text = decryptQueryString(DecryptId);
    }

    public string decryptQueryString(string strQueryString)
    {
        return Decrypt(strQueryString, "!#$a54?3");
    }

    public static string Decrypt(string stringToDecrypt, string strEncryptionKey)
    {
        byte[] key = { };
        byte[] eight = { 10, 20, 30, 40, 50, 60, 70, 80 };

        byte[] inputByteArray = new byte[stringToDecrypt.Length];

        key = Encoding.UTF8.GetBytes(strEncryptionKey.Substring(0, 8));
        DESCryptoServiceProvider des = new DESCryptoServiceProvider();

        inputByteArray = Convert.FromBase64String(stringToDecrypt);
        MemoryStream ms = new MemoryStream();

        CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(key, eight), CryptoStreamMode.Write);
        cs.Write(inputByteArray, 0, inputByteArray.Length);

        cs.FlushFinalBlock();

        Encoding encoding = Encoding.UTF8; return encoding.GetString(ms.ToArray());
    }           

}


Add New Web form - Add required label and textbox




Next - Login codebehind page - Add - Namespaces and Encryption condition 





Next - Call the Encryption method to redirect url





Next - Home.cs codebehind page - Add - Namespaces and Decryption condition 




Next - Convert to decryption a username and asign the username linkbutton








0 comments:

Post a Comment