How do you call a class


M

momo

Okay guys,

I have this one problem and I admitted I am a novice at this. This is a Code
Behind in an aspx page. You will see where I have the plus signs below in
SecureQueryString2.vb where I am calling another Class called
"InvalidQueryStringException". My problem is where do I put this code so it
can be called from SecureQueryString2.vb. I have tried to put it in the same
code behind SecureQueryString2.vb and I get errors. How should I do this to
make it work and also check my .ASPX page to make sure I and referencing it
correctlly. Thanks for your help in advance.

Here is the code for InvalidQueryStringException:
==============================
Public Class InvalidQueryStringException
Inherits System.Exception
End Class
==============================

Code Behind named: SecureQueryString2.vb
==============================
Imports System
Imports System.Collections.Specialized
Imports System.Security.Cryptography
Imports System.Text
Imports System.Web

Namespace dma

Public Class SecureQueryString
Inherits NameValueCollection
Private Const cryptoKey As String = "test"
Private ReadOnly IV As Byte() = New Byte(7) {240, 3, 45, 29, 0, 76,
173, 59}

Sub New()
End Sub

Sub New(ByVal encStr As String)
deserialize(Decrypt(encStr))
End Sub

Public ReadOnly Property EncryptedString() As String
Get
Return HttpUtility.UrlEncode(Encrypt(Serialize()))
End Get
End Property

Public Overrides Function ToString() As String
Return EncryptedString
End Function

Private Function Encrypt(ByVal serQS As String) As String
Dim buffer As Byte() = Encoding.ASCII.GetBytes(serQS)
Dim des As TripleDESCryptoServiceProvider = New
TripleDESCryptoServiceProvider
Dim md5 As MD5CryptoServiceProvider = New
MD5CryptoServiceProvider
des.Key =
md5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(cryptoKey))
des.IV = IV
Return
Convert.ToBase64String(des.CreateEncryptor.TransformFinalBlock(buffer, 0,
buffer.Length))
End Function

Private Function Decrypt(ByVal encQS As String) As String
Try
Dim buffer As Byte() = Convert.FromBase64String(encQS)
Dim des As TripleDESCryptoServiceProvider = New
TripleDESCryptoServiceProvider
Dim MD5 As MD5CryptoServiceProvider = New
MD5CryptoServiceProvider
des.Key =
MD5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(cryptoKey))
des.IV = IV
Return
Encoding.ASCII.GetString(des.CreateDecryptor().TransformFinalBlock(buffer,
0, buffer.Length()))
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Catch ex As CryptographicException
Throw New InvalidQueryStringException
Catch ex As FormatException
Throw New InvalidQueryStringException
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
End Try
End Function

Private Sub Deserialize(ByVal decQS As String)
Dim nameValuePairs As String() = decQS.Split("&")
Dim i As Integer
For i = 0 To nameValuePairs.Length - 1
Dim nameValue As String() = nameValuePairs(i).Split("=")
If nameValue.Length = 2 Then
Me.Add(nameValue(0), nameValue(1))
End If
Next
End Sub

Private Function Serialize() As String
Dim sb As StringBuilder = New StringBuilder
Dim key As String
For Each key In Me.AllKeys
sb.Append(key)
sb.Append("=")
sb.Append(Me(key))
sb.Append("&")
Next key
Return sb.ToString
End Function

End Class
End Namespace



Here is my .ASPX page code:
====================

<%@ Page language="VB" src="SecureQueryString2.vb" AutoEventWireup="false"
Inherits="SecureQueryString" %>
<%@ Import Namespace="dma" %>

<script language="VB" runat="server">
'Sending page
Dim qs
qs = new SecureQueryString()
qs("Name") = "Test"
qs("Phone") = "704-822-8999"
Response.Redirect("Data2.aspx?x=" + qs.ToString())
</script >

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
</body>
</html>
 
Ad

Advertisements

C

Ciaran

If you want to be able to call the encrypt methods from inside the aspx page
you need to made it protected (thats the csharp keyword, think its the same
in VB). That will enable it to be viewed by classes that inherit from
SecureQueryString.

The other issue which you might not have seen yet is that "test" is to small
a key for triple des.

Also if you are using SSL. The query string will be encrypted under ssl when
the page is requested so you are only protecting the query string in the
users address bar and the web server logs.

Ciaran
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top