-1

I am downloading a binary file from a server and accessing it partially while the download progresses. I'd like to encrypt the file prior to uploading, and decrypt its content as my program receives it.

The file arrives in byte chunks of random size using the code below, so I think I need a method which acts on individual bytes, or at least a fixed number of bytes, and keeping the overall file size intact.

    private void DownloadFile()
    {
        WebClient client = new WebClient();
        Stream stream = client.OpenRead(address);

        byte[] readBuffer = new byte[139043];   // File size known ahead of time
        int totalBytesRead = 0;
        int bytesRead;
        int i = 0;

        while ((bytesRead = stream.Read(readBuffer, totalBytesRead, readBuffer.Length - totalBytesRead)) > 0)
        {
            File.WriteAllBytes("file_" + i + ".ext", readBuffer);   // Save partially downloaded file
            totalBytesRead += bytesRead;
            i++;
        }
    }

Solution: I opted for the simple XOR algorithm shown in my answer below. It works on individual bytes and considering I can generate a unique key for each file, I am comfortable with the level of protection.

livin_amuk
  • 1,285
  • 12
  • 26
  • 1
    Take a look at CryptoStream https://msdn.microsoft.com/en-us/library/system.security.cryptography.cryptostream(v=vs.110).aspx – Andrey Dec 01 '15 at 17:28
  • 1
    Just for clarification, it seems like you are trying to duplicate SSL, is there a reason you cannot just request across HTTPS? Are, or should these files be stored encrypted on either the client or server side, or is this only for transmission? – gmiley Dec 01 '15 at 17:30
  • The files themselves must be stored in encrypted form server side. Reworded the question for clarification. – livin_amuk Dec 01 '15 at 17:34

2 Answers2

0

You would want to look into AES CTR encryption. There is a related SO question: Can I use AES in CTR mode in .NET?

There is an answer there that points to an MSDN article about implementing that encryption in your applications: https://msdn.microsoft.com/en-us/library/system.security.cryptography.aesmanaged.aesmanaged%28v=vs.90%29.aspx#2

Community
  • 1
  • 1
gmiley
  • 6,531
  • 1
  • 13
  • 25
-1

I have written the following XOR based algorithm which I believe sufficient for my purposes.

The password and salt can be derived from miscellaneous information about the file (eg. its size or unique file name) and as a consequence, no key will be ever used more than once.

All criticism and hate is welcome.

    public void Crypt(byte[] data, string filepath)
    {
        // Define password and salt
        byte[] pwd = GetBytes("PASSWORD");
        byte[] salt = GetBytes("SALT");

        // Generate PasswordDeriveBytes from the password and salt.
        PasswordDeriveBytes pdb = new PasswordDeriveBytes(pwd, salt);

        // Generate key from PasswordDeriveBytes
        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        tdes.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 192, tdes.IV);

        // Encrypt/Decrypt
        for(int i = 0; i < data.Length; i++)
        {
            data[i] = (byte)(data[i] ^ tdes.Key[i % tdes.Key.Length]);
        }

        // Save File
        File.WriteAllBytes(filepath, data);   
    }
livin_amuk
  • 1,285
  • 12
  • 26
  • Are you saying in this scenario TripleDES is equivalent to DES? And I don't want to decrypt the files anywhere but within my program. – livin_amuk Dec 04 '15 at 01:56
  • Wow. You deleted your comment and downvoted both my question and this answer. Whoever you are, you're petty, unhelpful, but a consequence of your past, and for that, I forgive you. – livin_amuk Dec 05 '15 at 11:06