Appending data to an encrypted file

Question

I'd like to append data to an already encrypted file (AES, CBC-Mode, padding PKCS#7) using CryptoStream without reading and writing the whole file.

Example:

Old Content: "Hello world..."

New Content: "Hello world, with appended text"

Of course I would have to read individual blocks of data and append then to a already present block. In the above mentioned example I would have to read the number of bytes present in the first block (14 bytes) and append two bytes to the first block, then writing the rest of the appended text

"Hello world, wi"
"th appended text"

One problem I am facing is that I am unable to read the number of bytes in a data block. Is there a way to find out the number of bytes present (in the example, 14)?

Additionally I am stuck since the CryptoStreamMode only has members for Read and Write, but no Update.

Is there a way to accomplish my desired functionality using CryptoStream?

Answer 1

It is a little complex, but not too much. Note that this is for CBC mode + PKCS#7!

Three methods: WriteStringToFile will create a new file, AppendStringToFile will append to an already encrypted file (works as WriteStringToFile if the file is missing/empty), ReadStringFromFile will read from the file.

public static void WriteStringToFile(string fileName, string plainText, byte[] key, byte[] iv)
{
    using (Rijndael algo = Rijndael.Create())
    {
        algo.Key = key;
        algo.IV = iv;
        algo.Mode = CipherMode.CBC;
        algo.Padding = PaddingMode.PKCS7;

        // Create the streams used for encryption.
        using (FileStream file = new FileStream(fileName, FileMode.Create, FileAccess.Write))
        // Create an encryptor to perform the stream transform.
        using (ICryptoTransform encryptor = algo.CreateEncryptor())
        using (CryptoStream cs = new CryptoStream(file, encryptor, CryptoStreamMode.Write))
        using (StreamWriter sw = new StreamWriter(cs))
        {
            // Write all data to the stream.
            sw.Write(plainText);
        }
    }
}

public static void AppendStringToFile(string fileName, string plainText, byte[] key, byte[] iv)
{
    using (Rijndael algo = Rijndael.Create())
    {
        algo.Key = key;
        // The IV is set below
        algo.Mode = CipherMode.CBC;
        algo.Padding = PaddingMode.PKCS7;

        // Create the streams used for encryption.
        using (FileStream file = new FileStream(fileName, FileMode.OpenOrCreate, FileAccess.ReadWrite))
        {
            byte[] previous = null;
            int previousLength = 0;

            long length = file.Length;

            // No check is done that the file is correct!
            if (length != 0)
            {
                // The IV length is equal to the block length
                byte[] block = new byte[iv.Length];

                if (length >= iv.Length * 2)
                {
                    // At least 2 blocks, take the penultimate block
                    // as the IV
                    file.Position = length - iv.Length * 2;
                    file.Read(block, 0, block.Length);
                    algo.IV = block;
                }
                else
                {
                    // A single block present, use the IV given
                    file.Position = length - iv.Length;
                    algo.IV = iv;
                }

                // Read the last block
                file.Read(block, 0, block.Length);

                // And reposition at the beginning of the last block
                file.Position = length - iv.Length;

                // We use a MemoryStream because the CryptoStream
                // will close the Stream at the end
                using (var ms = new MemoryStream(block))
                // Create a decrytor to perform the stream transform.
                using (ICryptoTransform decryptor = algo.CreateDecryptor())
                using (CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read))
                {
                    // Read all data from the stream. The decrypted last
                    // block can be long up to block length characters
                    // (so up to iv.Length) (this with AES + CBC)
                    previous = new byte[iv.Length];
                    previousLength = cs.Read(previous, 0, previous.Length);
                }
            }
            else
            {
                // Use the IV given
                algo.IV = iv;
            }

            // Create an encryptor to perform the stream transform.
            using (ICryptoTransform encryptor = algo.CreateEncryptor())
            using (CryptoStream cs = new CryptoStream(file, encryptor, CryptoStreamMode.Write))
            using (StreamWriter sw = new StreamWriter(cs))
            {
                // Rewrite the last block, if present. We even skip
                // the case of block present but empty
                if (previousLength != 0)
                {
                    cs.Write(previous, 0, previousLength);
                }

                // Write all data to the stream.
                sw.Write(plainText);
            }
        }
    }
}

public static string ReadStringFromFile(string fileName, byte[] key, byte[] iv)
{
    string plainText;

    using (Rijndael algo = Rijndael.Create())
    {
        algo.Key = key;
        algo.IV = iv;
        algo.Mode = CipherMode.CBC;
        algo.Padding = PaddingMode.PKCS7;

        // Create the streams used for decryption.
        using (FileStream file = new FileStream(fileName, FileMode.Open, FileAccess.Read))
        // Create a decrytor to perform the stream transform.
        using (ICryptoTransform decryptor = algo.CreateDecryptor())
        using (CryptoStream cs = new CryptoStream(file, decryptor, CryptoStreamMode.Read))
        using (StreamReader sr = new StreamReader(cs))
        {
            // Read all data from the stream.
            plainText = sr.ReadToEnd();
        }
    }

    return plainText;
}

Example of use:

var key = Encoding.UTF8.GetBytes("Simple key");
var iv = Encoding.UTF8.GetBytes("Simple IV");

Array.Resize(ref key, 128 / 8);
Array.Resize(ref iv, 128 / 8);

if (File.Exists("test.bin"))
{
    File.Delete("test.bin");
}

for (int i = 0; i < 100; i++)
{
    AppendStringToFile("test.bin", string.Format("{0},", i), key, iv);
}

string plainText = ReadStringFromFile("test.bin", key, iv);

How does the AppendStringToFile works? Three cases:

• Empty file: as WriteStringToFile
• File with a single block: the IV of that block is the IV passed as the parameter. The block is decrypted and then reencrypted together with the passed plainText
• File with multiple blocks: the IV of the last block is the penultimate block. So the penultimate block is read, and is used as the IV (the IV passed as the parameter is ignored). The last block is decrypted and then reencrypted together with the passed plainText. To reencyrpt the last block, the IV used is the penultimate block.