We help IT Professionals succeed at work.

PHP encrypted string and passing to a ASP Page

dogsareit
dogsareit asked
on
619 Views
Last Modified: 2017-04-07
I have a PHP page in which i need to pass values as an encrypted string to a asp page.
Creating the string is not a problem, but will ASP be able to decode it??
Any advice/help is appreciated...
Comment
Watch Question

Big MontyWeb Ninja at large
CERTIFIED EXPERT

Commented:
Yes, you would use Server.HTMLDecode( str)
gr8gonzoConsultant
CERTIFIED EXPERT

Commented:
Depends on how you encrypt it, but generally speaking, yes. There are dozens of ways to encrypt data, so it largely depends on you encrypting things correctly and matching the same crypto settings on the ASP side. The more common encryption techniques are AES-128 or AES-256 nowadays, but that is not the whole list by any means.

I'm less familiar with classic ASP, but if you're talking about ASP.NET, then you should have all the major cryptographic engines and ciphers available to you.

Big Monty mentions HTMLDecode, but that has nothing to do with encryption. HTMLDecode is used to decode HTML-encoded strings. Encoding/decoding is NOT the same as encryption/decryption.

Encoding/decoding is like putting data into an envelope and sending it through the post office. It's a way of "packaging" up some data temporarily for transport, but it has absolutely no security.

Encryption/decryption is putting data into a locked safe.

You might want to use encrypt the data first, and THEN encode it in a certain fashion. If you have a big chunk of data, you'd probably be better off using Base64 encoding on the data after encrypting and then POST-ing the encoded data to the ASP page. The ASP page would then base64-decode the data, and then subsequently decrypt it back to its original form.

When you POST the data, just use application/x-www-form-urlencoded as your content-type header and pass in a variable name and the URL-encoded version of your Base64 chunk. ASP should be able to recognize that as a normal form POST.

Author

Commented:
Does this work for encoding in base-64? I am not sure I need to go that strongly on encoding. Your thoughts?

Author

Commented:
I see what you are saying gr8gonzo and your comment is helpful. What I want is to encrypt it, send in a quertystring to an asp page.
And I am not sure of my footing here. I know how to encrypt/decrypt in PHP, extract data from quertystrings in ASP, but I am concern that the asp page will not be able to extract it correctly and unsure on how to code it.
So what you are saying, and it makes sense, that if I use AES-128 (or AES-256) on sending end, I need to use it one the receiving page. Makes sense.
Big MontyWeb Ninja at large
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
gr8gonzoConsultant
CERTIFIED EXPERT

Commented:
Are you dealing with ASP.NET or classic ASP?

Author

Commented:
I am using PHP v5.6  page to a Classical ASP.  Mcrypt is depreciated in PHP 5.5 and removed in PHP 7.0.0
I am not sure at all on my approach, and what is best so your guidance is much appreciated.
Big MontyWeb Ninja at large
CERTIFIED EXPERT

Commented:
As far as i know, and I just did a quick search) there is no equivalent of PHP's mcrypt function. Are you tied to that algorithm, or can you use a more universal encryption algorithm? If you can move to SHA256, then there are asp libraries of they're which will handle the actual encryption / decryption functions
Consultant
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Most Valuable Expert 2011
Author of the Year 2014
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
Thank you all for responding. A lof of information/thoughts to digest, but good information. Let me have a day to review/research/experiment with and see what the results will be.
More in a day.

Author

Commented:
I thank all of you....when I am able to return to the section of coding that I am working on, I will let you folks know how it went...:}
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.