I have a project which requires encryption of customer ids. The encrypted value is used as a query string value for a website which then returns a personalized form for completion.
The problem I’m having is that the website we are working with has a security policy which disallows non-alphanumeric characters from a query string.
I’m currently trying to get confirmation of exactly which characters are being blocked, but the ideal solution would be to use an encryption algorithm which returns an alphanumeric string.
I haven’t found any such algorithm in the System.Security.Cryptography namespace yet – evidently because the key size is generally 64bit or some multiple of – but I’m hoping that such an algorithm is available.
The only alternative at this stage is to swap out whichever characters are deemed illegal with other allowable characters, however I don’t think I’m going to have enough allowable characters for this to work.
Does anything have any experience with this or suggestions on how to proceed?
You just need to create a reversible mapping between arbitrary bytes (the output of the encryption algorithm) and characters in your allowable set.
Base64 works like this – it encodes arbitrary binary into characters in the set
[A-Za-z0-9+/](which is almost exactly what you want, with the addition of+and/). You could potentially use Base64 encoding, then replace+and/with two other “allowed characters”, if there are any (perhaps-and_?).There should be existing Base64 encoding and decoding functions available in your language.