Skip to main content

C# Encrypt & Decrypt Serialized Object

Hi peeps!

hoh! this is the thing that ive been trying to do for 2-3 days! encountered quite a number of problems!

so guys this thing really forced me to google a lot on exception that thrown to me. I hope This tutorial

really helps those who trying to accomplishing the same objective and encountered bugs along the way.

Objective : To serialized object to a memory stream and encrypt the stream then only write the stream into a file.

Question : Why is it important to Encrypt our data? isnt serialization is sufficient enough?

Answer : As i posted in my serialization tutorial we can see the data that we serialized into a file is not secure enough. Sensitive data are still exposed.

Left : Encrypted data Right: Non Encrypted data
I hope you guys been patient to go tru step by step tutorial that i provided as this implementation if there are missing codes or steps. you wll encountered numerous exception later. so be patient and keep reading through.

1. Declare our global variables.

a) secretKey, any string that you wish to use for encryption purpose. means without this key, other program cant decrypt you stream to get the data values.

b) store the key for encryption and decryption in bytes.

c) store the initialization vectors for encryption and decryption in bytes. in this scenario im using the same string.

d) declare dataObject, des and desencrypt.


2. Write the encryption and serialization function code.

a) serialized our data object into a memory stream.
b) set the memory stream to position 0 because during serialization the stream position has been shift to the end postiion. *****This is really important to avoid exceptions.
c) create the filestream to write out our encrpyted stream to it.
d) read the byte data from memory stream into byteArray 

e) set the des padding, mode, key, iv
f) contruct cryptostream object with filestream and des encryptor.
g) write the byte data to filestream via cryptoStream.write.
h) flush and close all stream.***remember to call FlushFinalBlock to avoid padding exception!


3) Write the Decryption and Deserialization function code.
a) create a file stream to store our file data into it.
b) create des crypto stream provider object together with it padding, mode, key and iv setting.
c) create a decryptor.
d) construct a crypto stream with our file stream and decryptor.
e) create a byte array with our file stream length size.

f) store the crypto stream byte data into our byteArray.
g) create a memory stream object
h) write the byteArray data to our memory stream.
i) deserialize our memory stream into our dataObject.
j) flush and close all streams.
k) return the data object.

4) Write our main program.


P/S: im making use the same DataObjectSerialize class,


Walaaaa... you have finished the tutorial!!!

The result : Able to read the encrypted and serialized object!


Kindly visit my git repo for full code.
https://github.com/aliaramli/c-tutorials/tree/master/EncryptionDecrpytion/EncryptionDecrpytion

if you encountered any problem feel free to comment out, i understand your feelings will try to help if possible! tq

References :
http://stackoverflow.com/questions/306596/end-of-stream-encountered-before-parsing-was-completed?

http://stackoverflow.com/questions/2228850/deserialization-not-working-on-memorystream

http://www.codeproject.com/Articles/26085/File-Encryption-and-Decryption-in-C

http://forums.asp.net/t/1390152.aspx?How+to+solve+System+Security+Cryptography+CryptographicException+Bad+Data+error

https://support.microsoft.com/en-us/kb/307010/

http://geekswithblogs.net/simonc/archive/2012/02/28/oh-no-my-paddings-invalid.aspx




Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

Tutorial on Min3D framework using Android Studio

Salam peeps, UPDATES***, the model on the old link is no longer working. so i have create a github repo, where i put the source code in a project, you guys can try to clone in and run on your android studio device emulator or directly on your phone, Ive replaced the model with a cube. https://github.com/aliaramli/Min3DTutorial Previously i ve posted tutorial on min3D using eclipse IDE, i believe most of us has moved to Android Studio IDE in developing android apps? As previous tutorial shows a lot of support from readers and among hot post in my blog, i ve decided to post the same tutorial but this time using Android Studio. For those who are familiar with Eclipse/Android Studio migration they might not have problem in running this tutorial . For more detail explanation on min3D please visit this website page Ok lets get started. Step One Create a new android project in android studio. you may name it as what you like, below are how i defined my project settings. ...
23 comments
Read more

Get the last active time from users in woocommerce using sql query

To easily get the last active time from users (under Woocommerce extended plugin) we can easily query from database using the meta_key of "wc_last_active" example query: select user_id, meta_value from wp_usermeta where meta_key= "wc_last_active" and user_id in (11111,112222); results: +-------------+------------------+ | user_id    | meta_value | +-------------+-------------------+ |   11111   | 1556755200 | |   112222 | 1566518400 |
1 comment
Read more

AWS Workspace Device is not Authorized Linux Client

Have you guys tried the AWS Workspace? They are offering the service for free from April - June 2020. For a limited time, in response to COVID-19 , starting April 1, 2020 through June 30, 2020, Amazon WorkSpaces Free Tier provides up to 50 WorkSpaces with Windows Standard bundle with 80 GB Root and 50 GB User Volumes, running in AutoStop mode for up to 10,000 hours of combined use per month across all AWS Regions where WorkSpaces Free Tier is currently available. Additionally, the Amazon WorkSpaces Free Tier provides one WorkSpace with Windows Performance bundle with 80 GB Root and 100 GB User Volumes, running in AutoStop mode for up to 200 hours, two WorkSpaces with Linux Standard bundle with 80 GB Root and 50 GB User Volumes, running in AutoStop mode for up to 400 hours, and one WorkSpace with Windows Value bundle with 80 GB Root and 10 GB User Volume, running in AutoStop mode for up to 200 hours. All new customers that start using WorkSpaces for the first time during ...
Post a Comment
Read more