Question

I have 2 methods as shown below which read and write to my XML file. What is the easiest method to encrypt the XML file and allow read/write of it from my code ?

Read XML File

XmlSerializer SerializerObj = new XmlSerializer(typeof(List<ItemsUnderControlObject>));
// Create a new file stream for reading the XML file
FileStream ReadFileStream = new FileStream(System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location.ToString()) + @"\itemlist.xml", FileMode.Open, FileAccess.Read, FileShare.Read);

// Load the object saved above by using the Deserialize function
MyGlobals.ListOfItemsToControl = (List<ItemsUnderControlObject>)SerializerObj.Deserialize(ReadFileStream);
// Cleanup
ReadFileStream.Close();

Write XML File

// Create a new XmlSerializer instance with the type of the test class
 XmlSerializer SerializerObj = new XmlSerializer(typeof(List<ItemsUnderControlObject>));
// Create a new file stream to write the serialized object to a file
TextWriter WriteFileStream = new StreamWriter(System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location.ToString()) + @"\itemlist.xml");
SerializerObj.Serialize(WriteFileStream, MyGlobals.ListOfItemsToControl);
WriteFileStream.Close();
Was it helpful?

Solution

Look into System.Security.Cryptography namespace that provides a bunch of classes that let you encrypt/decrypt. Many will take a stream to en/decrypt, so just pass your WriteFileStream/ReadFileStream instances to a crypto class, and that'll do it.

The example below is based in part on example in MSDN on set up of AES crypto provider (and can be adapted for other crypto algorithms). It requires some initialization code that would be dependent on your implementation - see example there.

        using (AesCryptoServiceProvider aesAlg = new AesCryptoServiceProvider())
        {
            aesAlg.Key = Key;
            aesAlg.IV = IV;

            // Create a decrytor to perform the stream transform.
            ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);

            // Create the streams used for encryption. 
            using (Stream msEncrypt = new FileStream(System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location.ToString()) + @"\itemlist.xml"))
            {
                using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                {
                    using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                    {
                        // Create a new XmlSerializer instance with the type of the test class
                        XmlSerializer SerializerObj = new XmlSerializer(typeof(List<ItemsUnderControlObject>));
                        // Create a new file stream to write the serialized object to a file
                        SerializerObj.Serialize(swEncrypt, MyGlobals.ListOfItemsToControl);
                    }
                }
            }
        }
  • Code is best effort - don't have means to build it at the moment. So may need a bit of TLC... But should give a pretty good idea of what's needed.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top