Encrypting/Decrypting a File

If data size is small, you only need to send one chunk of data to the server. For details, refer to Encrypt a String Using an AES Key and Decrypt a String Using an AES Key pages. In the below examples, let's assume that the file is large enough that you need to send multiple chunks. To do so, use the CreateEncryptor(FileStream stream) and CreateDecryptor(FileStream stream) APIs.

The supported algorithm is AES.

1. Create a NAE Session. Pass the NAE username, password, and property file path as arguments.

   NaeSession session = new NaeSession(user, passwd, propFilePath);
   

2. Create an NaeRijndaelKey object. Pass the NaeSession object and keyname as arguments.

   NaeRijndaelKey key = new NaeRijndaelKey(session, keyname);
   

3. Specify an IV, if necessary, by creating a new byte array.

   byte[] iv = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31,
   0x32, 0x33, 0x34, 0x35 };
   key.IV = iv;
   

4. Set key mode and padding.

   key.Padding = PaddingMode.PKCS7;
   key.Mode = CipherMode.CBC;
   

   To encrypt a file

   using (FileStream fsIn = new FileStream(string.Concat(_fileIn), FileMode.Open, FileAccess.Read))      //create a file stream for input
       {
           using (FileStream fsOut = new FileStream(string.Concat(_fileOut), FileMode.OpenOrCreate, FileAccess.Write))       //create a file stream for output
           {
               ICryptoTransform encryptor = key.CreateEncryptor(fsIn);         //create encryptor
               using (CryptoStream cs = new CryptoStream(fsOut, encryptor, CryptoStreamMode.Write))
               {
                   try
                   {
                       int bufferLen = 81920;
                       byte[] buffer = new byte[bufferLen];
   
                       int bytesRead;
                       do
                       {   
                           bytesRead = fsIn.Read(buffer, 0, bufferLen);     // read a chunk of data from the input file                         
                           cs.Write(buffer, 0, bytesRead);      // write to cryptostream
                       }
                       while (bytesRead != 0);
                       Array.Clear(buffer, 0, buffer.Length);
                       buffer = null;
                       encryptor.Dispose();
                   }
                   catch (Exception e)
   
                   { throw new Exception("Error occurred while encrypting file: " + e.Message); }
               }
               fsOut.Close();
           }
           fsIn.Close();
       }
   

   Here is the explanation of the above code-snippet used to encrypt a large file.

   1. Create a file stream for the input.

   2. Create a file stream for the output where the ciphertext will be saved.

   3. Create an encryptor and pass the input file stream as a parameter.

   4. Create a Cryptostream object and pass the output stream.

   5. Create a buffer of size bufferLen (multiple of 16 bytes and minimum 4096 bytes).

   6. Create a loop that reads data from the input file and stores it in the buffer.

   7. Pass the buffer to the Write method of the CyptoStream object. This is where the actual encryption is done. The file reads bufferLen bytes chunks at a time.

   8. Run the loop until all the bytes are read from the input file stream.

   9. The Dispose() marks the completion of the input.

   10. Close the input and output files.

   11. The output file will contain the ciphertext stored.

   To decrypt a file

   using (FileStream fsIn = new FileStream(string.Concat(_fileIn), FileMode.Open, FileAccess.Read))  //create a file stream for input
   {
       using (FileStream fsOut = new FileStream(string.Concat(_fileOut), FileMode.OpenOrCreate, FileAccess.Write))    //create a file stream for output
       {
           ICryptoTransform decryptor = key.CreateDecryptor(fsIn);  //create decryptor
           using (CryptoStream cs = new CryptoStream(fsOut, decryptor, CryptoStreamMode.Write))
           {
               try
               {
                   int bufferLen = 81920;
                   byte[] buffer = new byte[bufferLen];
   
                   int bytesRead;
                   do
                   {
                       bytesRead = fsIn.Read(buffer, 0, bufferLen);    // read a chunk of data from the input file
                       cs.Write(buffer, 0, bytesRead);      // write to cryptostream
                   }
                   while (bytesRead != 0);
                   Array.Clear(buffer, 0, buffer.Length);
                   buffer = null;
                   decryptor.Dispose();
               }
               catch (Exception e)
               {
   
               throw new Exception("Error occurred while decrypting file: " + e.Message); }
           }
           fsOut.Close();
       }
       fsIn.Close();  
   }
   

   Here is the explanation of the above code-snippet used to decrypt a large file.

   1. Create a file stream for the input.

   2. Create a file stream for the output where the decrypted plaintext will be saved.

   3. Create an decryptor and pass the input file stream as a parameter.

   4. Create a Cryptostream object and pass the output stream.

   5. Create a buffer of size bufferLen (multiple of 16 bytes and minimum 4096 bytes).

   6. Create a loop that reads data from the input file and stores it in the buffer.

   7. Pass the buffer to the Write method of the CyptoStream object. This is where the actual decryption is done. The file reads bufferLen bytes chunks at a time.

   8. Run the loop until all the bytes are read from the input file stream.

   9. The Dispose() marks the completion of the input.

   10. Close the input and output files.

   11. The output file will contain the plaintext stored.