Query String Encryption

Question

0.00/5 (No votes)

See more:

Hi

i am encrypt my query string using from Authentication. my code is pasted below. is this method is good or not.

please help me to find out.

  public static string Encrypt(string encryptQuery)
    {
        FormsAuthenticationTicket tk = 
                   new FormsAuthenticationTicket(encryptQuery, false, 30);
        return FormsAuthentication.Encrypt(tk);
    }

i get encripted string using this method like photos.aspx?aid=3306F85765AA9E9CA5F41AA0269BE6F13F6DCD51<br />EE419DF1E4C711CE22671B617C396C1DEC67089FEE19616FC1D1E808ED<br />C9287A8A10213D40D51F900363A243

and working properly without any errors.

But i don't know is this a correct method to encrypt.

thank you all, i think my method also a correct answer to encrypt and decrypt string

public static string Decrypt(string decritptext)
    {
        FormsAuthenticationTicket tk = FormsAuthentication.Decrypt(decritptext);
        return tk.Name.ToString();
    }

this is my method to decrypt.

Posted 25-Nov-09 3:23am

raju melveetilpurayil

Updated 25-Nov-09 4:33am

v4

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Abhishek Sur · Accepted Answer · 2009-11-25T04:30:00

I think the best way is how ASP.NET handles this.

ASP.NET actually encrypts the viewstate into SHA1(by default) for tamper proffing, which you can easily configure to 3DES, MD5 or AES based on your requirement. After it applies encryption, it then Converts it to Base64 stream and embeds into the body.

You might also use any encryption and convert it to Base64.

For Url's It is better to use HttpUtility.UrlEncode(url) before doing redirection.

Hope you will like the solution.

Christian Graus · Accepted Answer · 2009-11-25T03:36:00

Solution 1

If it works, then I would assume that means it is correct. The method you're calling is called 'encrypt', so that is obviously what it is doing.

Posted 25-Nov-09 3:36am

Christian Graus

Updated 25-Nov-09 4:21am

v2