Search code examples
c#encryptioncryptographyaescryptojs

CryptoJs file encryption increasing file size drastically

Encrypting a file through cryptojs is increasing the file size by almost 30%. This is causing an issue while decrypting the file using AESManaged class in C#. How do I save the encrypted object as a file without increasing the size that much?

File encryption in JS:

function esp() {
        selectedFiles = document.getElementById("MainContent_file1");
        var sfile = selectedFiles.files[0];
        var read = new FileReader();
        read.onload = function (e) {
            var encrypted = CryptoJS.AES.encrypt(read.result, '123456');
            var ct = encrypted.toString();
            debugger;
            $.ajax({
                async: 'true',
                url: "http://localhost:51936/WebService1.asmx/FileUpload",
                method: "POST",
                processData: 'false',
                headers: {
                    'content-type': "application/json",
                    'cache-control': "no-cache"
                },
                data: JSON.stringify({ 'folderPath': folderPath, 'uploadData': ct, 'fileName': sfile.name + '.encrypted' }),
                success: function (response) {
                    console.log(response);
                },
                error: function (xhr, textStatus, error) {
                    console.log(xhr.statusText);
                }
            });
        }
        read.readAsDataURL(sfile);
    }

Webservice that saves the encrypted object as file:

[WebMethod]
    public bool FileUpload(string folderPath, string uploadData, string fileName)
    {
        //NOTE: A CODE SCAN TOOL is showing a PATH TRAVERSAL ERROR. a folderPath can be retrieve from DATABASE for remove the error but would affect the performance which is not advisable.
        bool returnValue = false;
        try
        {
            byte[] byteUploadFile = Convert.FromBase64String(uploadData);
            BinaryWriter binWriter = new BinaryWriter(File.Open(Path.Combine(folderPath, fileName), FileMode.Create, FileAccess.ReadWrite));
            binWriter.Write(byteUploadFile);
            binWriter.Close();
            returnValue = true;
        }
        catch (Exception ex)
        {
            returnValue = false;
        }
        return returnValue;
    }
Solution

  • The way I am saving the encrypted string (base64) as a file is correct. However in order to decrypt it correctly and make the original file from the decrypted string, some stripping is necessary. See below for how I am getting the decrypt string from encrypted file and saving it as original file.

    Mywebservice.Mywebservice dts = new Mywebservice.Mywebservice();
            using (var rijAlg = new RijndaelManaged())
            {
                rijAlg.Key = keybytes;
                rijAlg.IV = iv;
                var decryptor = rijAlg.CreateDecryptor(rijAlg.Key, rijAlg.IV);
                using (var msDecrypt = new MemoryStream(cipherText))
                {
                    using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                    {
                        using (var srDecrypt = new StreamReader(csDecrypt))
                        {
                            plaintext = srDecrypt.ReadToEnd();
                        }
                    }
                }
            }
            plaintext = plaintext.Substring(23); //This is the part to strip. The first
            //23 chars are the mime type of the file. Remove that and just save the string data.
            string name = filename.Replace(".encrypted", "");
            dts.FileUpload(folderPath, plaintext, name); //call the same webservice used for saving encrypted object.
        }