How to encrypt a folder with large files using AES algorithm in C#

Question

0.00/5 (No votes)

See more:

Hi Code project mates,

I have a serious problem with encryption and decryption. What I have is a folder which can be in varied sizes but can have an amount 100 GB or so.

My project need:
The need is when I log off the system the windows service I have created should encrypt the folder(which is the folder with 100 GB data). And when I log in again it should decrypt it and make the folder usable.

So here comes my problem:
I am right now have a method which encrypts and decrypts files inside a folder in a loop format. So just imagine if I have a 100 GB or above in a folder while we log off or log in. The system may hang with such large amount of data.

What I want from you guys:
I am not asking for complete code from you guys. I need just an help.

Actually I want some code samples or something which helps me get rid of the problem. Also I am searching for the encrypting the folder on the whole instead of individual files inside.

I am looking for making this software similar to BITLOCKER. My service should handle the large files with ease.

What I have tried:

I have tried the below code:

protected void enCrypt(string filePath, string passWord)
        {
            //File.SetAttributes(filePath, FileAttributes.Normal);

            byte[] filestobeEncrypted = File.ReadAllBytes(filePath);
            byte[] passwordBytes = Encoding.UTF8.GetBytes(passWord);
            passwordBytes = SHA256.Create().ComputeHash(passwordBytes);

            byte[] bytesEncrypted = AES_Encrypt(filestobeEncrypted, passwordBytes);
            File.WriteAllBytes(filePath, bytesEncrypted);
        }

        protected void deCrypt(string filePath, string passWord)
        {
            //File.SetAttributes(filePath, FileAttributes.Normal);

            byte[] filestobeDecrypted = File.ReadAllBytes(filePath);
            byte[] passwordBytes = Encoding.UTF8.GetBytes(passWord);
            passwordBytes = SHA256.Create().ComputeHash(passwordBytes);

            byte[] bytesDecrypted = AES_Decrypt(filestobeDecrypted, passwordBytes);
            File.WriteAllBytes(filePath, bytesDecrypted);
        }

        public static byte[] AES_Encrypt(byte[] bytesToBeEncrypted, byte[] passwordBytes)
        {
            byte[] encryptedBytes = null;

            // Set your salt here, change it to meet your flavor:
            // The salt bytes must be at least 8 bytes.
            byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };

            using (MemoryStream ms = new MemoryStream())
            {
                using (RijndaelManaged AES = new RijndaelManaged())
                {
                    AES.KeySize = 256;
                    AES.BlockSize = 128;

                    var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000);
                    AES.Key = key.GetBytes(AES.KeySize / 8);
                    AES.IV = key.GetBytes(AES.BlockSize / 8);

                    AES.Mode = CipherMode.CBC;

                    using (var cs = new CryptoStream(ms, AES.CreateEncryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(bytesToBeEncrypted, 0, bytesToBeEncrypted.Length);
                        cs.Close();
                    }
                    encryptedBytes = ms.ToArray();
                }
            }

            return encryptedBytes;
        }

        public static byte[] AES_Decrypt(byte[] bytesToBeDecrypted, byte[] passwordBytes)
        {
            byte[] decryptedBytes = null;

            // Set your salt here, change it to meet your flavor:
            // The salt bytes must be at least 8 bytes.
            byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };

            using (MemoryStream ms = new MemoryStream())
            {
                using (RijndaelManaged AES = new RijndaelManaged())
                {
                    AES.KeySize = 256;
                    AES.BlockSize = 128;

                    var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000);
                    AES.Key = key.GetBytes(AES.KeySize / 8);
                    AES.IV = key.GetBytes(AES.BlockSize / 8);

                    AES.Mode = CipherMode.CBC;

                    using (var cs = new CryptoStream(ms, AES.CreateDecryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(bytesToBeDecrypted, 0, bytesToBeDecrypted.Length);
                        cs.Close();
                    }
                    decryptedBytes = ms.ToArray();
                }
            }

            return decryptedBytes;
        }

Posted 17-Jul-18 1:07am

R. B. Krish

Updated 17-Jul-18 1:17am

v3

Add a Solution

Comments

CS2011 17-Jul-18 7:20am

I am not sure about the folders but if you want to encrypt the complete drive you can use WMI (Win32_EncryptableVolume) which uses bit locker drive encryption.

F-ES Sitecore 17-Jul-18 7:32am

The problem is likely to be that you are loading the entire file into memory, which might light to memory exceptions if the files are too big, and bad performance\hanging applications almost certainly. Your decrypt and encrypt functions both handle arrays of bytes so rather than loading the whole file into an array, load it in chunks of a few k at a time (or whatever you think appropriate). That is also a process you could possibly do in parallel with threads but that might be fairly complex to achieve.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

#realJSOP · Answer 1 · 2018-07-17T01:17:00

You can use multi-threading to handle the encryption (fire off a few threads at a time so as not to bind the CPU up).

You cannot encrypt a folder. You have to encrypt the files inside the folder. Here's a CP article that talks about AES encryption:

FIPS Encryption Algorithms and Implementation of AES in C# and SQL Server 2008[^]

You could create an encrypted ZIP file containing all of the files, but that would take a LONG time.

I think a better solution would be to add a server to the network that has bitlocker on it, copy the folder to that server, and then add appropriate user permissions for access. Don't ask me for details - I'm just throwin' stuff at the wall to see what sticks.