Encrypt a Visualforce URL Param

I have a VF page that I pass in parameters to such as Contact Id. As such, I don’t want people clicking the links to see the actual Id since that doesn’t seem very secure.

So I build a simple encrypt/decrypt routine which is what I use in an email merge etc

Blob cipherText = Crypto.encryptWithManagedIV('AES256', getKey(), Blob.valueOf(sLink));
String encodedCipherText = EncodingUtil.convertToHex(cipherText); 
return EncodingUtil.urlEncode(encodedCipherText,'UTF-8') ;

This works fine, but the generated URL is very long which makes it difficult to copy and share. I know I can use URL shortners but I was wondering if there is a way to make a shorter link that I can still then read with my decryption utility?

Answer

I think one way would be sum up the URL to SHA-256 and store it to different table together with actual URL. Then on page load search for it.

Using SHA1/MD5 would result to similar length of Salesforce ID, hence it’s kind of pointless, unless you are still building a gatekeeper that is smart enough (hint: it wont, unless you use machine learning) to monitor requests.

The basis of your question is a fallacy. You wan’t to introduce some security, but then you wan’t to reduce it 🙂

Below some code and results.

    Blob key = Blob.valueOf('1234567812345678');
    Blob data = Blob.valueOf('Data to be encrypted');
    Blob encrypted = Crypto.encryptWithManagedIV('AES128', key, data);
system.debug('MD5 '+ EncodingUtil.base64Encode((Crypto.generateDigest('MD5',encrypted))).length() +
            ' SHA1 '+ EncodingUtil.base64Encode((Crypto.generateDigest('SHA1',encrypted))).length() +
            ' SHA-256 '+ EncodingUtil.base64Encode((Crypto.generateDigest('SHA-256',encrypted))).length() +
            ' SHA-512 '+ EncodingUtil.base64Encode((Crypto.generateDigest('SHA-512',encrypted))).length() +
            ' AES128 '+ EncodingUtil.base64Encode(encrypted).length());

USER_DEBUG [17]|DEBUG|MD5 24 SHA1 28 SHA-256 44 SHA-512 88 AES128 64

Edit: I now see that you are using function convertToHex. Base64Encode will result in shorter URLs as it is using more characters to encode URL.

Attribution
Source : Link , Question Author : BritishBoyinDC , Answer Author : dzh

Leave a Comment