I have a content management system developed in visual basic DotNet which I use for some charities I support.  See

http://www.doncasterstgeorges.org.uk
http://www.DoncasterScouts.org.uk and
http://www.26doncaster.org.uk for examples.

Under the hood the data is stored in XML files rather than in a formal database.  I wanted to ensure that the hosted data is secure so have moved from using plain text XML to compressed and encrypted XML.  This has one main benefit - I feel comfortable using an e-mail message with the files attached to back up the data.

This post explains how I did this.  The encryption is using DES which is good enough and symmetric.  The DES service provider is used in many functions and subroutines so I created it as a function.  The compression is using the inbuilt DotNet GZIP compression routine which uses the standard deflate compression.  It seems particularly efficient on XML.

Imports System.Security.Cryptography
Imports System.IO.Compression
Imports System.Xml

    ' Generic code for encrypting XML serialisations

    Public Function DesSP() As DESCryptoServiceProvider
        Dim locDesSP As New DESCryptoServiceProvider
        locDesSP.IV = ASCIIEncoding.ASCII.GetBytes("ABCDEFGH") ' Any 8 characters
        locDesSP.Key = ASCIIEncoding.ASCII.GetBytes("12345678") ' Any 8 characters
        Return locDesSP
    End Function

I opted for a single routine to save any dataset as a compressed and encrypted file since the generic dataset type would suffice.

    Public Sub SaveXMLds(ByVal FileName As String, ByVal DS As DataSet)

        ' This subroutine serialises the specified data set as encrypted XML to the file specified
        ' It works by
        ' 1. creating a CryptoAPITransform using the DESCryptoServiceProvider which is symmetric
        ' 2. creating an filestream writing to a file
        ' 3. creating an encryption stream which uses the CryptoAPITransform to stream to the filestream
        ' 4. creating a compression stream which uses the gZipStream to stream to the encryption stream
        ' 5. creating a streamwriter to write to the encryption stream
        ' 6. creating an XMLwriter to convert the XML serialisation of the data set into a stream
        ' 7. finally, having all the plumbing in place, creating a simple serialisation of the dataset into the XMLwriter

        ' The flow becomes
        ' DataSet -> XML -> XMLWriter -> streamwriter -> Compression stream -> encryption stream -> filestream -> file

        Dim Encryptor As CryptoAPITransform
        Encryptor = DesSP.CreateEncryptor

        Dim OutFile As New FileStream(FileName, FileMode.Create, FileAccess.Write)
        Dim EncryptStream As New CryptoStream(OutFile, Encryptor, CryptoStreamMode.Write)
        Dim CompressStream As New GZipStream(EncryptStream, CompressionMode.Compress)
        Dim OutgoingStream As New StreamWriter(CompressStream)
        Dim OutgoingXML As XmlWriter = XmlWriter.Create(OutgoingStream)

        ' Save the data

        DS.WriteXml(OutgoingXML)

        ' Now time to tidy up afterwards and clean the pipework
        OutgoingXML.Flush()
        OutgoingXML.Close()
        OutgoingStream.Flush()
        OutgoingStream.Close()
        EncryptStream.Flush()
        EncryptStream.Close()

        ' close the file
        OutFile.Close()

    End Sub

For reading the dataset back in I opted for dataset type specific modules, following this example.  The pdsLibrary object in the example is used to cache the data for reads. 

The function is designed to return an XML file if it exists, and then save the XML dataset as a compressed, encrypted file deleting the XML file.  This is to enable the compressed encrypted data to be initially populated.

If the XML version does not exist, the function sets up the streams and reads the data into the typed dataset.

    Dim pdsLibrary As Library

    Public Function GetLibrary() As Library
        Dim fName As String = GetDBPath() + "\Library"
        Dim fNameDS As String = fName + ".zDS"
        Dim fNameXML As String = fName + ".XML"

        If pdsLibrary Is Nothing Then
            pdsLibrary = New Library

            If File.Exists(fNameXML) Then ' an XML file will be used to oferwrite the encrypted file
                pdsLibrary.ReadXml(fNameXML)
                SaveXMLds(fNameDS, pdsLibrary)
                File.Delete(fNameXML)
            ElseIf File.Exists(fNameDS) Then
                Dim Decryptor As CryptoAPITransform
                Decryptor = DesSP.CreateDecryptor
                Dim InFile As New FileStream(fNameDS, FileMode.Open, FileAccess.Read)
                Dim EncryptStream As New CryptoStream(InFile, Decryptor, CryptoStreamMode.Read)
                Dim CompressStream As New GZipStream(EncryptStream, CompressionMode.Decompress)
                Dim IncomingStream As New StreamReader(CompressStream)
                Dim IncomingXML As XmlReader = XmlReader.Create(IncomingStream)
                pdsLibrary.ReadXml(IncomingXML)
            End If
        End If

        GetLibrary = pdsLibrary
    End Function

If you find this useful or have comments, share them with me.