In this article I will explain with an example, how to encrypt QueryString parameter values and send it to another page and then decrypt the encrypted QueryString parameter values in ASP.Net Core (.Net Core 8) MVC.
This article makes use of System.Security.Cryptography class and AES algorithm for encryption and decryption in ASP.Net Core (.Net Core 8) MVC
Note: For beginners in ASP.Net Core (.Net Core 8), please refer my article ASP.Net Core 8: Hello World Tutorial with Sample Program example.
 
 

Model

The Model class consists of the following properties.
public class PersonModel
{
    ///<summary>
    /// Gets or sets Name.
    ///</summary>
    public string Name { get; set; }
 
    ///<summary>
    /// Gets or sets Technology.
    ///</summary>
    public string Technology { get; set; }
 
}
 
 

Controllers

Source Controller

The Controller consists of following Action methods.

Action method for handling GET operation

Inside this Action method, simply the View is returned.

Action method for handling POST operation

This Action method gets called when Send button is clicked or when the Form is submitted.
Note: For details about Form Post in Core, please refer my article ASP.Net Core: Form Submit (Post) Example.
 
Inside this Action method, the RedirectToAction method is called where the QueryString values will be encrypted using Encrypt method and passed to another Page.
Note: For details on Encryption method, please refer my article ASP.Net Core: AES Encryption Decryption (Cryptography) Tutorial with example.
 
public class HomeController : Controller
{
    // GET: Home
    public IActionResult Index()
    {
        return View();
    }
 
    [HttpPost]
    public IActionResult Send(PersonModel person)
    {
        //Send Model object in QueryString to another Controller.
        return RedirectToAction("Index", "PersonDetails",
                                new
                                {
                                     Name = this.Encrypt(person.Name),
                                     Technology = this.Encrypt(person.Technology)
                                });
    }
 
    private string Encrypt(string plainText)
    {
        //Secret Key.
        string secretKey = "$ASPcAwSNIgcPPEoTSa0ODw#";
 
        //Secret Bytes.
        byte[]secretBytes Encoding.UTF8.GetBytes(secretKey);
 
        //Plain Text Bytes.
        byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
 
        //Encrypt with AESAlogorithm using Secret Key.
        using (Aes aes Aes.Create())
        {
            aes.Key secretBytes;
            aes.Mode CipherMode.ECB;
            aes.Padding PaddingMode.PKCS7;
 
            byte[] encryptedBytes = null;
            using (ICryptoTransform encryptor aes.CreateEncryptor())
            {
                 encryptedBytes = encryptor.TransformFinalBlock(plainTextBytes, 0, plainTextBytes.Length);
            }
 
            return Convert.ToBase64String(encryptedBytes);
        }
    }
}
 
 

Destination Controller (PersonDetails)

The Controller consists of the following Action method.

Action method for handling GET operation

Inside this Action method, an object of PersonModel class is created and then the values of the Name and Technology will be set with decrypted values of QueryString Parameters extracted from the Request.QueryString collection.
Note: For details on Encryption method, please refer my article ASP.Net Core: AES Encryption Decryption (Cryptography) Tutorial with example.
 
public class PersonDetailsController : Controller
{
    // GET: PersonDetails
    public IActionResult Index()
    {
        PersonModel person = new PersonModel
        {
             Name = this.Decrypt(Request.Query["Name"]),
             Technology = this.Decrypt(Request.Query["Technology"]),
        };
 
        return View(person);
    }
 
    private string Decrypt(string encryptedText)
    {
        //Secret Key.
        string secretKey = "$ASPcAwSNIgcPPEoTSa0ODw#";
 
        //Secret Bytes.
        byte[]secretBytes Encoding.UTF8.GetBytes(secretKey);
 
        //Encrypted Bytes.
        byte[] encryptedBytes = Convert.FromBase64String(encryptedText);
 
        //Decrypt with AESAlogorithm using Secret Key.
        using (Aes aes Aes.Create())
        {
            aes.Key secretBytes;
            aes.Mode CipherMode.ECB;
            aes.Padding PaddingMode.PKCS7;
 
            byte[] decryptedBytes = null;
            using (ICryptoTransform decryptor = aes.CreateDecryptor())
            {
                 decryptedBytes = decryptor.TransformFinalBlock(encryptedBytes, 0, encryptedBytes.Length);
            }
 
            return Encoding.UTF8.GetString(decryptedBytes);
        }
    }
 
}
 
 

Views

HTML Markup

Inside the View, in the very first line ASP.Net TagHelpers is inherited.
The View consists of an HTML Form which has been created using the Html.BeginForm method with the following parameters.
ActionName – Name of the Action. In this case the name is Send.
ControllerName – Name of the Controller. In this case the name is Home.
FormMethod – It specifies the Form Method i.e. GET or POST. In this case it will be set to POST.
The Form consists of an HTML Table with one TextBox and one DropDownList (Select) with option value.
The Form also consists of a Submit button, which when clicked the Form is submitted.
@addTagHelper*, Microsoft.AspNetCore.Mvc.TagHelpers
@model Encrypt_QueryString_Core.Models.PersonModel
 
@{
    Layout = null;
}
 
<!DOCTYPE html>
 
<html>
<head>
    <meta name="viewport" content="width=device-width" />
    <title>Index</title>
</head>
<body>
    <form method="post" asp-action="Send" asp-controller="Home">
        <table border="0" cellpadding="0" cellspacing="0">
            <tr>
                <td>Name:</td>
                <td><input type="text" asp-for="Name" /></td>
            </tr>
            <tr>
                <td>Technology:</td>
                <td>
                    <select asp-for="Technology">
                        <option value="ASP.Net">ASP.Net</option>
                        <option value="PHP">PHP</option>
                        <option value="JSP">JSP</option>
                    </select>
                </td>
            </tr>
        </table>
        <hr />
        <input type="submit" value="Submit" />
    </form>
</body>
</html>
 

Destination View (PersonModel)

Inside the View, in the very first line the PersonModel class is declared as Model for the View.
The View consists of an HTML Table which is used for displaying the detail of Person using the PersonModel class object.
@model Encrypt_QueryString_Core.Models.PersonModel
@{
    Layout = null;
}
 
<!DOCTYPE html>
 
<html>
<head>
    <meta name="viewport" content="width=device-width" />
    <title>Index</title>
</head>
<body>
    <table cellpadding="0" cellspacing="0">
        <tr>
            <td>Name: </td>
            <td>@Model.Name</td>
        </tr>
        <tr>
            <td>Technology: </td>
            <td>@Model.Technology</td>
        </tr>
    </table>
</body>
</html>
 
 

Screenshot

ASP.Net Core: Encrypt Decrypt QueryString
 
 

Demo

View Demo
 
 

Downloads

Download Code