XML Encryption/Decryption in Separate Files

StackOverflow https://stackoverflow.com/questions/5800224

Question

I need to encrypt an XML file, send it to another location and decrypt it there. As you can see from the codes below, I am using the same key but it won't work (for now im simply using two local files).

The error I get is as follows:

Padding is invalid and cannot be removed.

on this line in Decrypt.aspx: Dim xReader As XmlTextReader

I am thinking it might be at the actual encryption stage causing errors e.g., file not saving correctly.

Encrypt.aspx

 Dim rijnAlg As RijndaelManaged
 rijnAlg = RijndaelManaged.Create()

 rijnAlg.Key = {118, 123, 23, 17, 161, 152, 35, 68, 126, 213, 16, 115, 68, 217, 58, 108, 56, 218, 5, 78, 28, 128, 113, 208, 61, 56, 10, 87, 187, 162, 233, 38}
 rijnAlg.IV = {33, 241, 14, 16, 103, 18, 14, 248, 4, 54, 18, 5, 60, 76, 16, 191}
 Dim encryptor As ICryptoTransform
 encryptor = rijnAlg.CreateEncryptor(rijnAlg.Key, rijnAlg.IV)

 Dim wStream As FileStream
 wStream = File.Open("C:\test.xml", FileMode.Create)

 Dim cStream As CryptoStream
 cStream = New CryptoStream(wStream, encryptor, CryptoStreamMode.Write)

 Dim sWriter As StreamWriter
 sWriter = New StreamWriter(cStream)

 XMLDoc.Save(sWriter)

 'Clear memory'
 wStream.Flush()
 wStream.Close()

Decrypt.aspx

 Dim rijnAlg As RijndaelManaged
 rijnAlg = RijndaelManaged.Create()

 rijnAlg.Key = {118, 123, 23, 17, 161, 152, 35, 68, 126, 213, 16, 115, 68, 217, 58, 108, 56, 218, 5, 78, 28, 128, 113, 208, 61, 56, 10, 87, 187, 162, 233, 38}
 rijnAlg.IV = {33, 241, 14, 16, 103, 18, 14, 248, 4, 54, 18, 5, 60, 76, 16, 191}
 Dim decryptor As ICryptoTransform
 decryptor = rijnAlg.CreateDecryptor(rijnAlg.Key, rijnAlg.IV)

 Response.Write(rijnAlg.Key)
 Response.Write(rijnAlg.IV)

 Dim rStream As FileStream
 rStream = File.OpenRead("C:\test.xml")

 Dim cStream As CryptoStream
 cStream = New CryptoStream(rStream, decryptor, CryptoStreamMode.Read)

 Dim xReader As XmlTextReader
 xReader = New XmlTextReader(cStream)

 Dim xDoc As XDocument
 xDoc = XDocument.Load(xReader)

 xDoc.Save("C:\test.xml")

And for the sake of possible interest, here is the XML creation code I am using:

Dim XMLDoc As XDocument
    XMLDoc = New XDocument(
        New XDeclaration("1.0", "utf-8", "yes"),
        New XElement("user",
            New XElement("details",
                New XElement("firstname", Firstname.Text),
                New XElement("surname", Lastname.Text)
            )
        )
    )

 XMLDoc.Save("C:\test.xml")
Was it helpful?

Solution 2

A big thanks to Jon Skeet who pointed out the best conclusion to my issues. The final code (and improvements):

Encrypt.aspx

Using ra As RijnDaelManaged = RijndaelManaged.Create()

    ra.Key = {118, 123, 23, 17, 161, 152, 35, 68, 126, 213, 16, 115, 68, 217, 58, 108, 56, 218, 5, 78, 28, 128, 113, 208, 61, 56, 10, 87, 187, 162, 233, 38}
    ra.IV = {33, 241, 14, 16, 103, 18, 14, 248, 4, 54, 18, 5, 60, 76, 16, 191}

    encrypt = ra.CreateEncryptor(ra.Key, ra.IV)

    Using ws As FileStream = File.Open("C:\test1.xml", FileMode.Create)

        Using cs As CryptoStream = New CryptoStream(ws, encrypt, CryptoStreamMode.Write)

            XMLDoc.Save(cs)

        End Using

    End Using

End Using

Decrypt.aspx

Using ra As RijndaelManaged = RijndaelManaged.Create()

    ra.Key = {118, 123, 23, 17, 161, 152, 35, 68, 126, 213, 16, 115, 68, 217, 58, 108, 56, 218, 5, 78, 28, 128, 113, 208, 61, 56, 10, 87, 187, 162, 233, 38}
    ra.IV = {33, 241, 14, 16, 103, 18, 14, 248, 4, 54, 18, 5, 60, 76, 16, 191}

    decrypt = ra.CreateDecryptor(ra.Key, ra.IV)

    Using rs As FileStream = File.OpenRead("C:\test1.xml")

        Using cs As CryptoStream = New CryptoStream(rs, decrypt, CryptoStreamMode.Read)

            Using xr As XmlTextReader = New XmlTextReader(cs)

                xDoc = XDocument.Load(xr)
                xDoc.Save("C:\test2.xml")

            End Using

        End Using

    End Using

End Using

OTHER TIPS

You're only closing/flushing the FileStream, not the CryptoStream or the StreamWriter. That doesn't give the CryptoStream a chance to flush its final block.

Personally I would use Using statements for all of them, at which point everything will be closed automatically, and I suspect you'll find it works fine. That also means your resources will be released if there's an exception - at the moment, you're not closing anything if the write fails, for example.

I would also not bother with the StreamWriter - just save directly to the CryptoStream instead. Otherwise you've got both the XML and the StreamWriter trying to control the encoding used.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top