1

I want to pass an id to QueryString of my webpage, as I don't want visitors to see the number, I encode it using RijndaelManaged algorithm, My issue is, this encryption sometimes add a character for example '+' which causes double escape sequence error. I was wondering if there is way to exclude some characters from encryption output.

My encryption code is as below:

  public static  string Encrypt(string plainText)
    {
        byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);

        byte[] keyBytes = new Rfc2898DeriveBytes(PasswordHash, Encoding.ASCII.GetBytes(SaltKey)).GetBytes(256 / 8);
        var symmetricKey = new RijndaelManaged() { Mode = CipherMode.CBC, Padding = PaddingMode.Zeros };
        var encryptor = symmetricKey.CreateEncryptor(keyBytes, Encoding.ASCII.GetBytes(VIKey));

        byte[] cipherTextBytes;

        using (var memoryStream = new MemoryStream())
        {
            using (var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
            {
                cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
                cryptoStream.FlushFinalBlock();
                cipherTextBytes = memoryStream.ToArray();
                cryptoStream.Close();
            }
            memoryStream.Close();
        }
        return Convert.ToBase64String(cipherTextBytes);
    }
Artjom B.
  • 61,146
  • 24
  • 125
  • 222
Nick Mehrdad Babaki
  • 11,560
  • 15
  • 45
  • 70

1 Answers1

1

You could convert your bytearray to a Hex string instead of a base64 string. Hex will only contain [a-f0-9] See this question for details.

But as for your original Problem: you should really use URL encoding for your query strings, which will solve the Problem of the + character.

Community
  • 1
  • 1
derpirscher
  • 14,418
  • 3
  • 18
  • 35