2

I need to encrypt a file with AES 192 and send it to a client via socket. I'm using this code to encrypt the file:

string outputFile = "crypted";

            //Confidentiality
            RijndaelManaged AES192Confidentiality = new RijndaelManaged();
            AES192Confidentiality.KeySize = 192;
            AES192Confidentiality.BlockSize = 192;
            AES192Confidentiality.IV = ConfIV;
            AES192Confidentiality.Key = ConfKey;
            AES192Confidentiality.Mode = CipherMode.CBC;
            FileStream inputFileStream = new FileStream(par.GetFilePath(), FileMode.Open, FileAccess.Read);
            FileStream outputFileStream = new FileStream(outputFile, FileMode.Create, FileAccess.Write);
            byte[] inputFileData = new byte[(int)inputFileStream.Length];
            inputFileStream.Read(inputFileData, 0, (int)inputFileStream.Length);
            CryptoStream encryptStream = new CryptoStream(outputFileStream, AES192Confidentiality.CreateEncryptor(), CryptoStreamMode.Write);
            encryptStream.Write(inputFileData, 0, (int)inputFileStream.Length);
            encryptStream.FlushFinalBlock();
            encryptStream.Close();

I'm wondering how I can now send this encrypted temporary file through the socket, so that the receiver can reconstruct the file and decrypt it. Can someone give me some tutorial or guide ? Thank you all in advance

Francesco
  • 77
  • 1
  • 11
  • If you would be happy to use a network library checkout this article http://www.networkcomms.net/using-encryption/. I'm a developer for this library. – MarcF May 18 '13 at 14:09
  • Thank you for your answer, but since this program is for a school assignement I'm not allowed to use external libraries :) – Francesco May 18 '13 at 14:11
  • http://www.codeproject.com/Articles/26085/File-Encryption-and-Decryption-in-C –  May 18 '13 at 14:25
  • 1
    Start by solving the decryption problem *without* a socket. Can you add more statements to your existing program that open up the output stream you just wrote as a *second* input stream, read the encrypted bytes out, decrypt those bytes, and print out the original plaintext? Because that's the hard part. – Eric Lippert May 18 '13 at 14:26
  • 1
    Well, actually, that's not the hardest part. The hardest part is sending the key across the socket such that an eavesdropper cannot recover the key. But solve one problem at a time; if you don't know how the receiver is going to decrypt the message, solve that first. – Eric Lippert May 18 '13 at 14:29
  • Actually the receiver knows how to decrypt the file, I mean he has all the required infos: block size, key size, key itself and IV. So this isn't the hardest part :) – Francesco May 18 '13 at 14:30
  • It looks like you might be using a static IV, this can compromise confidentiality, have a read of: http://stackoverflow.com/questions/8041451/good-aes-initialization-vector-practice – Steve May 18 '13 at 14:35

2 Answers2

1

you can create instance of NetworkStream for a socket and then call encryptStream.CopyTo(myNetworkStream);

dkozl
  • 32,814
  • 8
  • 87
  • 89
1

Consider using TcpClient to connect to the server and send the data. I'm not going to write a full answer as you've indicated this is school work, but look at how the example writes data:

// Get a client stream for reading and writing. 
NetworkStream networkStream = client.GetStream();

// Send the message to the connected TcpServer. 
networkStream.Write(data, 0, data.Length);

You might want to avoid tweak it slightly to use CopyTo to write the data directly from the crypto stream onto the network stream.

This assumes you don't have to solve the problem of secure key exchange.

Steve
  • 7,171
  • 2
  • 30
  • 52
  • Thank you for your answer, as you said I don't have to solve the secure exchange key issue, is out of the scope of this program. I want to ask you one question, with this method that you showed me how I can reconstruct at receiver side the extension of the file? – Francesco May 18 '13 at 14:39
  • 1
    If you mean the extension of the original file name, you will have to send that either with the encrypted data or separately. You could encrypt it with the file data and send it. On the server side, after decryption, you will have to read the extension out and then the original data. – Steve May 18 '13 at 14:45