Solved

C# - encrypt class structure into file.

Posted on 2013-06-23
3
689 Views
Last Modified: 2013-06-24
Currently, I write an instance of class Setups into a file using XML serialization.  And I will read the instance back when my application startup.  I use result of the  XML serialization as the configuration file of my application.

Now I would like to encrypt the result of the xml serialization and able to read it back into a class instance.

Currently.

Save configuration
class instance -->XML Serialization --> write XML file
Read configuraiont
Read XML File  --> XML Serialization --> class instance

Now I am hoping to incorporate encrypt/decrypt

Save configuration
class instance  -->XML Serialization -->  encrypt --> write XML file
Read configuraiont
Read XML File  --> decrypt --> XML Serialization --> class instance

Is this the right way to be expected or what is the right steps? And any good tutorial and examples for this type of operation?

Below is the class I try to do.

   [XmlRootAttribute("Setups", IsNullable = false)]
    public class Setups
    {
        public int TradeType;

        //[XmlArrayItem]
        [XmlElement("Setup")]
        public Setup[] Setup;
     }

    public class Setup
    {

        [XmlAttribute("entry")]         public int _entry;
        [XmlAttribute("type")]          public string _typeString;
        [XmlIgnore]                             public string _type;
       [XmlElement("Name")]         public string _name;
       [XmlElement("Entry")]           public string _entryName;
    }
0
Comment
Question by:tommym121
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Author Comment

by:tommym121
ID: 39269817
This is how I serialize the object po

            XmlSerializer serializer = new XmlSerializer(typeof(T));
            TextWriter writer = new StreamWriter(filename);
            serializer.Serialize(writer, po);

It seems that if there is a some type of encryptStreamWriter, it will be perfect.
0
 
LVL 34

Accepted Solution

by:
sarabande earned 500 total points
ID: 39271742
if you do encryption after serialization, the xml syntax also was encrypted and therefore the xml file could not be written. so, in my opinion you have two choices:

first, you do encryption before or while serialization such that only the contents were encrypted.

second, you encrypt the xml-file.

for the first, you best would need to "hook" into the serialization method such that the serialized strings could be encrypted (note, the encryption must produce 'printable' output).
see http://msdn.microsoft.com/en-us/library/zhwtaz29.aspx?cs-save-lang=1&cs-lang=csharp#code-snippet-1 for sample code.

for the second, you would need to decrypt the file before reading it with xml. the decryption should be done in memory and xml reading should happen in memory as well. otherwise you would have a security leak cause the decrypted data could be read from anyone while the temporary file exists.

Sara
0
 

Author Closing Comment

by:tommym121
ID: 39273615
Thanks
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Easy filter aspnet 2 35
Asp.Net Session Question 2 36
C# Windows Form Navigation - Total Beginner 9 46
Build a string of emails from a gridview 2 17
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question