• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 711
  • Last Modified:

C# - encrypt class structure into file.

Currently, I write an instance of class Setups into a file using XML serialization.  And I will read the instance back when my application startup.  I use result of the  XML serialization as the configuration file of my application.

Now I would like to encrypt the result of the xml serialization and able to read it back into a class instance.


Save configuration
class instance -->XML Serialization --> write XML file
Read configuraiont
Read XML File  --> XML Serialization --> class instance

Now I am hoping to incorporate encrypt/decrypt

Save configuration
class instance  -->XML Serialization -->  encrypt --> write XML file
Read configuraiont
Read XML File  --> decrypt --> XML Serialization --> class instance

Is this the right way to be expected or what is the right steps? And any good tutorial and examples for this type of operation?

Below is the class I try to do.

   [XmlRootAttribute("Setups", IsNullable = false)]
    public class Setups
        public int TradeType;

        public Setup[] Setup;

    public class Setup

        [XmlAttribute("entry")]         public int _entry;
        [XmlAttribute("type")]          public string _typeString;
        [XmlIgnore]                             public string _type;
       [XmlElement("Name")]         public string _name;
       [XmlElement("Entry")]           public string _entryName;
  • 2
1 Solution
tommym121Author Commented:
This is how I serialize the object po

            XmlSerializer serializer = new XmlSerializer(typeof(T));
            TextWriter writer = new StreamWriter(filename);
            serializer.Serialize(writer, po);

It seems that if there is a some type of encryptStreamWriter, it will be perfect.
if you do encryption after serialization, the xml syntax also was encrypted and therefore the xml file could not be written. so, in my opinion you have two choices:

first, you do encryption before or while serialization such that only the contents were encrypted.

second, you encrypt the xml-file.

for the first, you best would need to "hook" into the serialization method such that the serialized strings could be encrypted (note, the encryption must produce 'printable' output).
see http://msdn.microsoft.com/en-us/library/zhwtaz29.aspx?cs-save-lang=1&cs-lang=csharp#code-snippet-1 for sample code.

for the second, you would need to decrypt the file before reading it with xml. the decryption should be done in memory and xml reading should happen in memory as well. otherwise you would have a security leak cause the decrypted data could be read from anyone while the temporary file exists.

tommym121Author Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now