locked
Encrypt/Encode, AES, Passphrase, Salt, Most Browser Compatible, ASP.net, Javascript RRS feed

  • Question

  • User1045460610 posted

    I need to pass a hostid in a url string like this  https://attendance.erpise.com/instructorcourse.aspx?hostid=123456 to a web site. The variable is the user id so the web site will need to decode the url and show the user's web page with populated textboxes from the c#, sqlcommand script.

     I have a script for aes encode and decode using URLSearchParams but it's not compatible in Internet Explorer. I have a couple other methods with regex and 64 base encoding. What would be the most browser compatible method for encode/decode for aes, salt, expiring url. Would you use the reference on the web or download it and add it to the asp.net, c# project?

    URLSearchParams
    https://developer.mozilla.org/en-US/docs/Web/API/URLSearchParams/URLSearchParams#Browser_compatibility

    <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>

    <!DOCTYPE html>

    <html xmlns="http://www.w3.org/1999/xhtml">
    <head runat="server">
    <title>Encryption / Decryption Test</title>
    </head>
    <body>
    HostID:
    <input type="text" id="hostId" name="hostId" />

    <h2>URL string</h2>

    <button id="encode_link" onclick="encrypt()">Encode</button>
    <br />
    <br />
    <button id="decode_link" onclick="decrypt()">Decode</button>
    Decrypt result: <span id="decrypt_result"></span>

    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js"></script>
    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>
    <script type="text/javascript">
    function encrypt(hostId) {
    var now = new Date(),
    value = document.getElementById('hostId').value + '|' + now.toISOString(),
    key = 'iaUdrdMy7H';

    var encrypted = CryptoJS.AES.encrypt(value, key);
    location.href = '/?q=' + encodeURIComponent(encrypted.toString());
    }

    function decrypt() {
    var params = new URLSearchParams(window.location.search),
    queryString = params.get('q'),
    key = 'iaUdrdMy7H';

    if (queryString) {
    var decrypted = CryptoJS.AES.decrypt(queryString, key).toString(CryptoJS.enc.Utf8),
    temp = decrypted.split('|'),
    hostId = temp[0],
    timestamp = new Date(temp[1]),
    expired = diff_minutes(new Date(), timestamp) > 30;
    document.getElementById('decrypt_result').innerText = 'Host ID was sent ' + hostId + ', Url ' + (expired ? 'expired' : 'not expired');
    }
    }

    function diff_minutes(dt2, dt1) {
    var diff = (dt2.getTime() - dt1.getTime()) / 1000;
    diff /= 60;
    return Math.abs(Math.round(diff));
    }
    </script>
    </body>
    </html>

    RegExp
    $.urlParam = function(name){
    var results = new RegExp('[\?&]' + name + '=([^&#]*)').exec(window.location.href);
    if (results==null){
    return null;
    }
    else{
    return decodeURI(results[1]) || 0;
    }
    }

    Base64_encoding_and_decoding

    js encode
    function btoaUTF16(sString) {

    var aUTF16CodeUnits = new Uint16Array(sString.length);
    Array.prototype.forEach.call(aUTF16CodeUnits, function (el, idx, arr) { arr[idx] = sString.charCodeAt(idx); });
    return btoa(String.fromCharCode.apply(null, new Uint8Array(aUTF16CodeUnits.buffer)));

    }

    console.log(btoaUTF16("hello")) // result aABlAGwAbABvAA==

    C # decode
    byte[] data = Convert.FromBase64String("aABlAGwAbABvAA==");

    string decodedString = Encoding.UTF8.GetString(data);
    Response.Write(decodedString);

    Monday, May 6, 2019 6:53 PM

All replies