deserialization c#

Question

I have a WPF application contains this class:*

{[Serializable]
public class Parametres
{
    private string admin_login;
    private string admin_pwd;
    private string server;
    private string db;
    private string user;
    private string pwd;}

i serialize an object with this function:

  public static void Serialize_Parametres(string filename, Parametres obj)
    {
        using (FileStream fs = File.Open(filename, FileMode.OpenOrCreate))
        {
            using (CryptoStream cs = new CryptoStream(fs, key.CreateEncryptor(), CryptoStreamMode.Write))
            {
                XmlSerializer xmlser = new XmlSerializer(typeof(Parametres));
                xmlser.Serialize(cs, obj);
            }
        }
    }

it's works fine and it generates a file .txt , but when i try to deserialize this file and get the object parametres whith this function:

 public static Parametres DeSerialize_Parametres(string filename)
        {
            using (FileStream fs = File.Open(filename, FileMode.Open))
            {

              using (CryptoStream cs = new CryptoStream(fs, key.CreateDecryptor(), CryptoStreamMode.Read))

                {

                    XmlSerializer xmlser = new XmlSerializer(typeof(Parametres));
                    return (Parametres)xmlser.Deserialize(cs);

                }
            }


        }

i got this error Length of the data to decrypt is invalid in the line return (Parametres)xmlser.Deserialize(cs);

What is exactly the reason of this error? how can i fix it?

Answer 1

When using this techique to serialize an object you have to do in two parts. The length encrypted stream must be stored as part of the final stream and its up to you to do this. However, you should break this up into a more resuable form.

For example, first serialze the graph you want into a byte stream; then Encrypte the byte stream; then Save it to a file.

Below is an example on how to Serialize to a file using AES:

    public class ObjectXmlSerializer
    {
        //---------------------------------------------------------------------
        public override Byte[] Serialize(Object obj)
        {
            using (MemoryStream ms = new MemoryStream())
            {
                new XmlSerializer(obj.GetType()).Serialize(ms, obj);
                return ms.ToArray();
            }
        }
        //---------------------------------------------------------------------
        public override T Deserialize<T>(Byte[] bObj)
        {
            using (MemoryStream ms = new MemoryStream(bObj))
            {
                return (T)new XmlSerializer(typeof(T)).Deserialize(ms);
            }
        }
        //---------------------------------------------------------------------
        public override T Deserialize<T>(Stream iostream)
        {
            return (T)new XmlSerializer(typeof(T)).Deserialize(iostream);
        }
    }

// next

public static class CryptoSerivces
{
        //---------------------------------------------------------------------
        public static Byte[] AesEncrypt(Byte[] src, Byte[] key, Byte[] IV)
        {
            using (RijndaelManaged myRijndael = new RijndaelManaged())
            {
                try
                {
                    myRijndael.Mode = CipherMode.CBC;
                    myRijndael.Key = key;
                    myRijndael.IV = IV;
                    myRijndael.Padding = PaddingMode.PKCS7;

                    using (ICryptoTransform encryptor = myRijndael.CreateEncryptor())
                    using (MemoryStream msEncrypt = new MemoryStream())
                    using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                    {
                        csEncrypt.Write(src, 0, src.Length);
                        csEncrypt.FlushFinalBlock();

                        return msEncrypt.ToArray();
                    }
                }
                finally
                {
                    myRijndael.Clear();
                }
            }
        }
        //---------------------------------------------------------------------
        public static Byte[] AesDecrypt(Byte[] src, Byte[] key, Byte[] IV)
       {
        using (RijndaelManaged myRijndael = new RijndaelManaged())
        {
            try
            {
                myRijndael.Mode = CipherMode.CBC;
                myRijndael.Key = key;
                myRijndael.IV = IV;
                myRijndael.Padding = PaddingMode.PKCS7;

                using (ICryptoTransform decryptor = myRijndael.CreateDecryptor())
                using (MemoryStream msDecrypt = new MemoryStream())
                using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Write))
                {
                    csDecrypt.Write(src, 0, src.Length);
                    csDecrypt.FlushFinalBlock();

                    return msDecrypt.ToArray();
                }
            }
            finally
            {
                myRijndael.Clear();
            }
        }
    }
}

// put all the peices together

void SaveToFile(String fileName, Parametres obj)
{
   ObjectXmlSerializer oxs = new ObjectXmlSerializer();
   Byte[] bObj = oxs.Serialize(obj);
   Byte[] bEncObj = CryptoSerivces.AesEncrypt(bObj, SomeKey, SomeIV);

   using (FileStream fs = File.Open(filename, FileMode.OpenOrCreate))
   {
      fs.Write(bEncObj, 0, bEncObj.Length);
   }
}

// I'll leave the reading up to you.