How to Encrypt a String for URL Parameter and Decrypt it in a WebApp | Community
Skip to main content
N
nagendersingh80
Level 2
October 16, 2023
Solved

How to Encrypt a String for URL Parameter and Decrypt it in a WebApp

  • October 16, 2023
  • 1 reply
  • 10855 views

Hi All Adobe Specialists,

This is my first question on this portal. After checking 10+ questions answer without a proper answer, I thought it is best to ask the question here in hope someone who might have faced the same issue, might be able to help.

What I am trying to achieve:
I am looking to Encrypt PII values (e.g., AccountID, Name, Surname etc.) in Adobe Campaign Classic V7 so it can be added to the URL of a landing page/WebApp. This will be done on the App Server where all the Email deliveries are generated.
 Then I want to be able to read/decrypt this encrypted PII value (e.g. Account Number, Name) in the WebApp. Once I have decrypted value, it will allow to search for customer’s record and make necessary amendments to the record. The reason I cannot use Primary key (id) is because there is one to many relationship between Recipient Schema and the other schema I am trying to query.

The WebApp runs from Web Server.

 

The Issue I am facing:

I can encrypt the value within Email URL using “Name=<%= escapeUrl(cryptString(targetData.nameString)) %>”. This creates the URL parameter value for Name parameter. E.g.

https://site/webApp/APP1091?id=%40m0KkhOASXaRVoSIj%2FT&PrefID=A&CampCode=2000086120&Name=%40BOW5W%2FFQa3KJfD6r8rWKCg%3D%3D

When I click on the email link, it takes me to the landing page. The “logInfo” on my WebApp’s JavaScript showing that the encrypted value is coming through fine without the URL encode.

Name: @BOW5W/FQa3KJfD6r8rWKCg==

However if I try to decrypt using decryptString() function, it is throwing warning “JST-310040 Function decryptString used to get a password, please use decryptPassword.” And it is not decrypting the string.

The strange thing is that if I pass hard-coded encrypted string as URL parameter value, I am able to decrypt it using decryptString() function within WebApp.
For example:

https://site/webApp/APP1091?id=%40m0KkhOASXaRVoSIj%2FT&PrefID=A&CampCode=2000086120&Name=@3EP4kQNJfQRTnKT4yK8Vcw==

The WebApp is reading this parameter value as “@3EP4kQNJfQRTnKT4yK8Vcw==” and decryptString() function returning value I am after. e.g.

 

Name: @3EP4kQNJfQRTnKT4yK8Vcw==

DecryptName Value: MARK  


So we know the decryptString() function still works but not where we would like it to work.

 

Question/Help is needed for:

How can we encrypt and decrypt URL parameter value within WebApp using JavaScript or any other method?
Can you please provide an example where you are encrypting and decrypting attribute of recipient schema, but it is not the Primary Key?

Most of the article I have read, they either have half the information (how to encrypt). Something like this:

var key = "CF12D5998AE799C6";
var mBuffer = new MemoryBuffer(); mBuffer.fromString(key);
var b64Key = mBuffer.toBase64();
var cryptedString = cryptString("MARK",b64Key, false) ;
logInfo("Encytped Value is: " + cryptedString);

//This will print "Encytped Value is: @sPxil9Ez302G2wF+28PQkA=="


Or they article pointing to the document which now says the decryptString() has been deprecated.
I would highly appreciate if you have an example, which covers both Encryption and Decryption of an attribute from an Email to WebApp.

 

 

Thank you

Nagender

(16/10/2023)

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by Parvesh_Parmar

Hello @nagendersingh80 

 

Did you try to use the following function?

https://experienceleague.adobe.com/developer/campaign-api/api/f-cryptString.html

https://experienceleague.adobe.com/developer/campaign-api/api/f-decryptString.html

 

For e.g.

I tried the following code to encrypted  a string and attached it to a URL.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" ""><HTML><HEAD> </HEAD> <BODY><% var encryptedString = cryptString("This is a secret message.", "my_encryption_key"); %> <P><%=encryptedString%><BR></P> <P><BR></P> <P><a href="http://www.google.com?name=<%=encryptedString%>">Google</A></P> <P><BR></P></BODY></HTML>

Screenshot form campaign delivery:

 

 

To decrypt the encrypted string, you can use the following code:

var decryptedString = decryptString(encryptedString, "my_encryption_key");


This will decrypt the encrypted string stored in the variable encryptedString using the encryption key "my_encryption_key". The decrypted string will be stored in the variable decryptedString.

 

Hope it will help you.

 

Kr,

Parvesh

 

1 reply

Parvesh_Parmar
Community Advisor
Parvesh_ParmarCommunity AdvisorAccepted solution
Community Advisor
October 16, 2023

Hello @nagendersingh80 

 

Did you try to use the following function?

https://experienceleague.adobe.com/developer/campaign-api/api/f-cryptString.html

https://experienceleague.adobe.com/developer/campaign-api/api/f-decryptString.html

 

For e.g.

I tried the following code to encrypted  a string and attached it to a URL.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" ""><HTML><HEAD> </HEAD> <BODY><% var encryptedString = cryptString("This is a secret message.", "my_encryption_key"); %> <P><%=encryptedString%><BR></P> <P><BR></P> <P><a href="http://www.google.com?name=<%=encryptedString%>">Google</A></P> <P><BR></P></BODY></HTML>

Screenshot form campaign delivery:

 

 

To decrypt the encrypted string, you can use the following code:

var decryptedString = decryptString(encryptedString, "my_encryption_key");


This will decrypt the encrypted string stored in the variable encryptedString using the encryption key "my_encryption_key". The decrypted string will be stored in the variable decryptedString.

 

Hope it will help you.

 

Kr,

Parvesh

 

Parvesh Parmar – Adobe Community Advisor https://www.linkedin.com/in/parvesh-parmar/
    N
    nagendersingh80Author
    Level 2
    October 17, 2023

    Hi @parvesh_parmar,

    Thank you so much for your help and sharing a detailed example. I am happy to confirm it worked for me and I am now able to Encrypt AccountID in the email and pass it as a URL Parameter.

    <%

    var key32Bytes = "C7C4thjPcOTApnTzo/bOtHm0W3EsPDCQiPO8vohARjRtkJeBV8pJgHspkiRHWT9b";

    var encryptedString = cryptString(targetData.AccountId,key32Bytes);

    %>
    <a id="opt-all" href="https://Adobe-customers.co.uk/webApp/APP1091?id=<%= Name.cryptedNameId %>&PrefID=A&ACCID=<%=encryptedString%>" style="display:none;" target="_blank">


    Using DecryptString() function with 32 bytes key I used in the email, I can decrypt the AccountID within WebApp too.

    ctx.vars.key32Bytes = "C7C4thjPcOTApnTzo/bOtHm0W3EsPDCQiPO8vohARjRtkJeBV8pJgHspkiRHWT9b";
    ctx.vars.ACCID = ctx.vars.ACCID.toString();
    ctx.vars.ACCID = decryptString(ctx.vars.ACCID,ctx.vars.key32Bytes);
    logInfo("--- Decrypted ACCID: " + ctx.vars.ACCID);

    It is working as I was hoping for. Using this decrypted AccountID I am able to pull data from the second schema using queryDef function.

    Although it is working, I am getting an warning on the Web logs. 
    JST-310047 The length of the key for cryptString/decryptString is invalid (16, 24 or 32 bytes are expected).

    The Key I am using is 32 Bytes, but not sure why I am getting the warning and what would be the consequences of this warning in the future. 

    Once again thank you for your help.

    Regards

    Nagender

      N
      nagendersingh80Author
      Level 2
      October 17, 2023

      An update about the Warning message
      The Key I was using earlier, Adobe didn't like it. I used an online tool to generate 32Bytes Key. But it seems it was not what it claimed.
       
      I end up using another online tool "https://acte.ltd/utils/randomkeygen" and used the Encryption Key 256 key. Now, I am not getting those warning message. All is working fine.

        Terms & ConditionsAccessibility statement

        Loading footer...