|
Chilkat •
HOME •
Android™ •
ASP •
Visual Basic •
VB.NET •
C# •
iOS (IPhone) •
Objective-C •
C++ •
C •
MFC •
Delphi •
FoxPro •
Java •
Perl •
PHP Extension •
PHP ActiveX •
Python •
PowerShell •
Ruby •
SQL Server •
VBScript
Encrypt URL Query ParametersDemonstrates how to encrypt URL query parameters. Query parameter values are encrypted using AES encryption and then base64 encoded. Base64 encoding is the most efficient means of transforming binary data into printable chars. In Base64 encoding, 4 printable chars represent 3 binary bytes. Therefore, the size of the output is expanded by 4/3rds. In addition, the output of AES encryption is always padded to a multiple of 16 bytes (prior to base64 encoding). One issue with Base64 encoding is that the following alphabet is used: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/ The "+" and "/" characters would disrupt a URL. Therefore, you'll want to URL-encode the base64 output. This example shows how to do it, and then how to reverse the process. PS> The Base64 encoding algorithm may also include one or two "=" characters at the very end of the encoded data, and this would also disrupt a URL... Downloads: MS Windows Visual C/C++ Libraries Linux/CentOS C/C++ Libraries MAC OS X C/C++ Libraries Solaris C/C++ Libraries C++ Builder Libraries FreeBSD C++ Libraries HP-UX C++ Libraries BlackBerry QNX C++ Libraries // Needs #include <CkCrypt2.h> CkString strOut; CkCrypt2 crypt; // We want to arrive at a URL with encrypted query parameter // values, such as: // www.chilkatsoft.com/login?fieldOne=xxxxxxxxxxxx&fieldTwo=xxxxxxxxxxxx&fieldThree=xxxxxxxxxxx&fieldFour=xxxxxxxxxxx // Any string argument automatically begins the 30-day trial. bool success; success = crypt.UnlockComponent("30-day trial"); if (success != true) { strOut.append(crypt.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } const char * fieldOne; fieldOne = "This is a test"; crypt.put_CryptAlgorithm("aes"); // The default cipher mode is CBC (Cipher Block Chaining) // We'll use ECB here because the amount of data to be // encrypted is small anyway... crypt.put_CipherMode("ecb"); // AES supports 128, 192, and 256-bit encryption. crypt.put_KeyLength(128); // We need a 16-byte secret key (i.e. 128 bits) crypt.SetEncodedKey("000102030405060708090A0B0C0D0E0F","hex"); crypt.put_EncodingMode("base64"); const char * e1; e1 = crypt.encryptStringENC(fieldOne); strOut.append(e1); strOut.append("\r\n"); // Let's URL encode it: crypt.put_CryptAlgorithm("none"); crypt.put_EncodingMode("url"); // Because the encryption algorithm = "none", it's a simple // pass-through with encoding... const char * e2; e2 = crypt.encryptStringENC(e1); strOut.append(e2); strOut.append("\r\n"); // Now form the URL: const char * url; url.append(e2); strOut.append(url); strOut.append("\r\n"); // Now reverse the process: crypt.put_CryptAlgorithm("none"); crypt.put_EncodingMode("url"); const char * d2; d2 = crypt.decryptStringENC(e2); // Back to base64: strOut.append(d2); strOut.append("\r\n"); // Now back to the original string: crypt.put_CryptAlgorithm("aes"); crypt.put_EncodingMode("base64"); const char * d1; d1 = crypt.decryptStringENC(d2); strOut.append(d1); strOut.append("\r\n"); // A final note: If decrypting in ASP or ASP.NET, // depending on what you're doing, // you may not need the explicit URL-decoding step. // It may be that ASP already did the URL decoding when you // fetch the query parameter value. If so, you only need // to decrypt using base64 for the encoding mode. SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); |
Need a specific example? Send a request to support@chilkatsoft.com
© 2000-2010 Chilkat Software, Inc. All Rights Reserved.