Programming Examples

ChilkatHOMEASPVisual BasicVB.NETC#CC++MFCDelphiFoxProJavaPerlPythonRubySQL ServerVBScript

PHP ActiveX Examples

Bounced Mail
Bz2
Certificates/Keys
Charset
CSV
DKIM / DomainKey
Diffie-Hellman
DSA
Email Object
Encryption
FileAccess
FTP
HTML Conversion
HTTP
IMAP
MHT / HTML Email
MIME
NTLM
POP3
RSA
SMTP
Socket
Spider
SSH Key
SSH
SSH Tunnel
SFTP
Tar
Upload
XML
Zip
Amazon S3


 

 

 

 

 

 

 

 

Encrypt URL Query Parameters

Demonstrates how to encrypt URL query parameters. Query parameter values are encrypted using AES encryption and then base64 encoded. Base64 encoding is the most efficient means of transforming binary data into printable chars. In Base64 encoding, 4 printable chars represent 3 binary bytes. Therefore, the size of the output is expanded by 4/3rds. In addition, the output of AES encryption is always padded to a multiple of 16 bytes (prior to base64 encoding).

One issue with Base64 encoding is that the following alphabet is used: 

ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/

The "+" and "/" characters would disrupt a URL. Therefore, you'll want to URL-encode the base64 output. This example shows how to do it, and then how to reverse the process.

PS> The Base64 encoding algorithm may also include one or two "=" characters at the very end of the encoded data, and this would also disrupt a URL...

Download Chilkat Crypt ActiveX

<?php

$crypt = new COM("Chilkat.Crypt2");

//  We want to arrive at a URL with encrypted query parameter
//  values, such as:
//  www.chilkatsoft.com/login?fieldOne=xxxxxxxxxxxx&fieldTwo=xxxxxxxxxxxx&fieldThree=xxxxxxxxxxx&fieldFour=xxxxxxxxxxx

//  Any string argument automatically begins the 30-day trial.
$success = $crypt->UnlockComponent('30-day trial');
if ($success != true) {
    print $crypt->lastErrorText() . "\n";
    exit;
}

$fieldOne = 'This is a test';

$crypt->CryptAlgorithm = 'aes';

//  The default cipher mode is CBC (Cipher Block Chaining)
//  We'll use ECB here because the amount of data to be
//  encrypted is small anyway...
$crypt->CipherMode = 'ecb';

//  AES supports 128, 192, and 256-bit encryption.
$crypt->KeyLength = 128;

//  We need a 16-byte secret key (i.e. 128 bits)
$crypt->SetEncodedKey('000102030405060708090A0B0C0D0E0F','hex');

$crypt->EncodingMode = 'base64';

$e1 = $crypt->encryptStringENC($fieldOne);

print $e1 . "\n";

//  Let's URL encode it:
$crypt->CryptAlgorithm = 'none';
$crypt->EncodingMode = 'url';
//  Because the encryption algorithm = "none", it's a simple
//  pass-through with encoding...
$e2 = $crypt->encryptStringENC($e1);

print $e2 . "\n";

//  Now form the URL:

$url = 'http://www.chilkatsoft.com/login?fieldOne=' . $e2;

print $url . "\n";

//  Now reverse the process:
$crypt->CryptAlgorithm = 'none';
$crypt->EncodingMode = 'url';
$d2 = $crypt->decryptStringENC($e2);

//  Back to base64:
print $d2 . "\n";

//  Now back to the original string:
$crypt->CryptAlgorithm = 'aes';
$crypt->EncodingMode = 'base64';
$d1 = $crypt->decryptStringENC($d2);

print $d1 . "\n";

//  A final note:  If decrypting in ASP or ASP.NET,
//  depending on what you're doing,
//  you may not need the explicit URL-decoding step.
//  It may be that ASP already did the URL decoding when you
//  fetch the query parameter value.  If so, you only need
//  to decrypt using base64 for the encoding mode.

?>

Need a specific example? Send a request to support@chilkatsoft.com

© 2000-2010 Chilkat Software, Inc. All Rights Reserved.