C# Note4:XML序列化和反序列化(含加密解密等)
前言
在项目中,我们经常用到各种配置文件,比如xml文件、binary文件等等,这里主要根据实践经验介绍下xml文件的序列化和反序列化(毕竟最常用)。
实践背景:我要做一个用户管理功能,用户账号信息存储在xml/binary文件中,需要对其进行读写,而且为了不让用户修改,必须对其加密,当时想的有3种做法:
(1)实现读写xml配置文件,并将关键信息加密;
(2)实现读写binary配置文件,并将关键信息加密;
(3)直接对配置文件进行加密解密和读写,不管它所使用的文件格式是xml、binary或其它。
这三种做法我都实现了,不过经过最后manager的确认觉得采用第(3)种方法最好。
方法一:
(推荐:Load and save objects to XML using serialization 本方法参考其思路)
(1)在我们将对象序列化为XML之前,对象的类代码必须包含各种自定义元数据属性(例如,[XmlAttributeAttribute(DataType = " date "])告诉编译器类及其字段和/或属性可以被序列化。
using System;
using System.Xml.Serialization;
using System.Collections.ObjectModel; namespace XXX.GlobalTypes
{
/// <summary>
/// Save user account information
/// </summary>
[Serializable]
[XmlRoot("UserManagement")]
public class UserAccountInfo
{
private readonly Collection<UserInfo> _users = new Collection<UserInfo>(); [XmlElement("UserAccountInfo")]
public Collection<UserInfo> Users
{
get { return this._users; }
}
} [Serializable]
public class UserInfo
{ [XmlElement("UserName")]
public string UserName
{
get;
set;
} [XmlElement("UserPwd")]
public string UserPwd
{
get;
set;
} [XmlElement("UserRole")]
public ACCESS_LEVEL UserRole
{
get;
set;
} [XmlElement("Description")]
public string Description
{
get;
set;
}
} }
(2)封装XML序列化的类(其中作为样例,我加入了加密解密的参数tDESkey,在将数据对象保存到xml文件后进行加密,从xml文件中读取数据前先进行解密):
using System;
using System.Xml;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Xml.Serialization; // For serialization of an object to an XML Document file.
using System.Runtime.Serialization.Formatters.Binary; // For serialization of an object to an XML Binary file.
using System.IO; // For reading/writing data to an XML file.
using System.IO.IsolatedStorage; // For accessing user isolated data. namespace XXX.Utilities.Common
{
/// <summary>
/// Serialization format types.
/// </summary>
public enum SerializedFormat
{
/// <summary>
/// Binary serialization format.
/// </summary>
Binary, /// <summary>
/// Document serialization format.
/// </summary>
Document
} /// <summary>
/// Facade to XML serialization and deserialization of strongly typed objects to/from an XML file.
///
/// References: XML Serialization at http://samples.gotdotnet.com/:
/// http://samples.gotdotnet.com/QuickStart/howto/default.aspx?url=/quickstart/howto/doc/xmlserialization/rwobjfromxml.aspx
/// </summary>
public static class ObjectXMLSerializer<T> where T : class // Specify that T must be a class.
{
#region Load methods /// <summary>
/// Loads an object from an XML file in Document format.
/// </summary>
/// <example>
/// <code>
/// serializableObject = ObjectXMLSerializer<SerializableObject>.Load(@"C:\XMLObjects.xml");
/// </code>
/// </example>
/// <param name="path">Path of the file to load the object from.</param>
/// <returns>Object loaded from an XML file in Document format.</returns>
public static T Load(string path, TripleDESCryptoServiceProvider tDESkey)
{
T serializableObject = LoadFromDocumentFormat(null, path, null, tDESkey);
return serializableObject;
} /// <summary>
/// Loads an object from an XML file using a specified serialized format.
/// </summary>
/// <example>
/// <code>
/// serializableObject = ObjectXMLSerializer<SerializableObject>.Load(@"C:\XMLObjects.xml", SerializedFormat.Binary);
/// </code>
/// </example>
/// <param name="path">Path of the file to load the object from.</param>
/// <param name="serializedFormat">XML serialized format used to load the object.</param>
/// <returns>Object loaded from an XML file using the specified serialized format.</returns>
public static T Load(string path, SerializedFormat serializedFormat, TripleDESCryptoServiceProvider tDESkey)
{
T serializableObject = null; switch (serializedFormat)
{
case SerializedFormat.Binary:
serializableObject = LoadFromBinaryFormat(path, null);
break; case SerializedFormat.Document:
default:
serializableObject = LoadFromDocumentFormat(null, path, null, tDESkey);
break;
} return serializableObject;
} /// <summary>
/// Loads an object from an XML file in Document format, supplying extra data types to enable deserialization of custom types within the object.
/// </summary>
/// <example>
/// <code>
/// serializableObject = ObjectXMLSerializer<SerializableObject>.Load(@"C:\XMLObjects.xml", new Type[] { typeof(MyCustomType) });
/// </code>
/// </example>
/// <param name="path">Path of the file to load the object from.</param>
/// <param name="extraTypes">Extra data types to enable deserialization of custom types within the object.</param>
/// <returns>Object loaded from an XML file in Document format.</returns>
public static T Load(string path, System.Type[] extraTypes, TripleDESCryptoServiceProvider tDESkey)
{
T serializableObject = LoadFromDocumentFormat(extraTypes, path, null, tDESkey);
return serializableObject;
} /// <summary>
/// Loads an object from an XML file in Document format, located in a specified isolated storage area.
/// </summary>
/// <example>
/// <code>
/// serializableObject = ObjectXMLSerializer<SerializableObject>.Load("XMLObjects.xml", IsolatedStorageFile.GetUserStoreForAssembly());
/// </code>
/// </example>
/// <param name="fileName">Name of the file in the isolated storage area to load the object from.</param>
/// <param name="isolatedStorageDirectory">Isolated storage area directory containing the XML file to load the object from.</param>
/// <returns>Object loaded from an XML file in Document format located in a specified isolated storage area.</returns>
public static T Load(string fileName, IsolatedStorageFile isolatedStorageDirectory, TripleDESCryptoServiceProvider tDESkey)
{
T serializableObject = LoadFromDocumentFormat(null, fileName, isolatedStorageDirectory, tDESkey);
return serializableObject;
} /// <summary>
/// Loads an object from an XML file located in a specified isolated storage area, using a specified serialized format.
/// </summary>
/// <example>
/// <code>
/// serializableObject = ObjectXMLSerializer<SerializableObject>.Load("XMLObjects.xml", IsolatedStorageFile.GetUserStoreForAssembly(), SerializedFormat.Binary);
/// </code>
/// </example>
/// <param name="fileName">Name of the file in the isolated storage area to load the object from.</param>
/// <param name="isolatedStorageDirectory">Isolated storage area directory containing the XML file to load the object from.</param>
/// <param name="serializedFormat">XML serialized format used to load the object.</param>
/// <returns>Object loaded from an XML file located in a specified isolated storage area, using a specified serialized format.</returns>
public static T Load(string fileName, IsolatedStorageFile isolatedStorageDirectory, SerializedFormat serializedFormat, TripleDESCryptoServiceProvider tDESkey)
{
T serializableObject = null; switch (serializedFormat)
{
case SerializedFormat.Binary:
serializableObject = LoadFromBinaryFormat(fileName, isolatedStorageDirectory);
break; case SerializedFormat.Document:
default:
serializableObject = LoadFromDocumentFormat(null, fileName, isolatedStorageDirectory, tDESkey);
break;
} return serializableObject;
} /// <summary>
/// Loads an object from an XML file in Document format, located in a specified isolated storage area, and supplying extra data types to enable deserialization of custom types within the object.
/// </summary>
/// <example>
/// <code>
/// serializableObject = ObjectXMLSerializer<SerializableObject>.Load("XMLObjects.xml", IsolatedStorageFile.GetUserStoreForAssembly(), new Type[] { typeof(MyCustomType) });
/// </code>
/// </example>
/// <param name="fileName">Name of the file in the isolated storage area to load the object from.</param>
/// <param name="isolatedStorageDirectory">Isolated storage area directory containing the XML file to load the object from.</param>
/// <param name="extraTypes">Extra data types to enable deserialization of custom types within the object.</param>
/// <returns>Object loaded from an XML file located in a specified isolated storage area, using a specified serialized format.</returns>
public static T Load(string fileName, IsolatedStorageFile isolatedStorageDirectory, System.Type[] extraTypes, TripleDESCryptoServiceProvider tDESkey)
{
T serializableObject = LoadFromDocumentFormat(null, fileName, isolatedStorageDirectory, tDESkey);
return serializableObject;
} #endregion #region Save methods /// <summary>
/// Saves an object to an XML file in Document format.
/// </summary>
/// <example>
/// <code>
/// SerializableObject serializableObject = new SerializableObject();
///
/// ObjectXMLSerializer<SerializableObject>.Save(serializableObject, @"C:\XMLObjects.xml");
/// </code>
/// </example>
/// <param name="serializableObject">Serializable object to be saved to file.</param>
/// <param name="path">Path of the file to save the object to.</param>
public static void Save(T serializableObject, string path, TripleDESCryptoServiceProvider tDESkey)
{
SaveToDocumentFormat(serializableObject, null, path, null, tDESkey);
} /// <summary>
/// Saves an object to an XML file using a specified serialized format.
/// </summary>
/// <example>
/// <code>
/// SerializableObject serializableObject = new SerializableObject();
///
/// ObjectXMLSerializer<SerializableObject>.Save(serializableObject, @"C:\XMLObjects.xml", SerializedFormat.Binary);
/// </code>
/// </example>
/// <param name="serializableObject">Serializable object to be saved to file.</param>
/// <param name="path">Path of the file to save the object to.</param>
/// <param name="serializedFormat">XML serialized format used to save the object.</param>
public static void Save(T serializableObject, string path, SerializedFormat serializedFormat, TripleDESCryptoServiceProvider tDESkey)
{
switch (serializedFormat)
{
case SerializedFormat.Binary:
SaveToBinaryFormat(serializableObject, path, null);
break; case SerializedFormat.Document:
default:
SaveToDocumentFormat(serializableObject, null, path, null, tDESkey);
break;
}
} /// <summary>
/// Saves an object to an XML file in Document format, supplying extra data types to enable serialization of custom types within the object.
/// </summary>
/// <example>
/// <code>
/// SerializableObject serializableObject = new SerializableObject();
///
/// ObjectXMLSerializer<SerializableObject>.Save(serializableObject, @"C:\XMLObjects.xml", new Type[] { typeof(MyCustomType) });
/// </code>
/// </example>
/// <param name="serializableObject">Serializable object to be saved to file.</param>
/// <param name="path">Path of the file to save the object to.</param>
/// <param name="extraTypes">Extra data types to enable serialization of custom types within the object.</param>
public static void Save(T serializableObject, string path, System.Type[] extraTypes, TripleDESCryptoServiceProvider tDESkey)
{
SaveToDocumentFormat(serializableObject, extraTypes, path, null, tDESkey);
} /// <summary>
/// Saves an object to an XML file in Document format, located in a specified isolated storage area.
/// </summary>
/// <example>
/// <code>
/// SerializableObject serializableObject = new SerializableObject();
///
/// ObjectXMLSerializer<SerializableObject>.Save(serializableObject, "XMLObjects.xml", IsolatedStorageFile.GetUserStoreForAssembly());
/// </code>
/// </example>
/// <param name="serializableObject">Serializable object to be saved to file.</param>
/// <param name="fileName">Name of the file in the isolated storage area to save the object to.</param>
/// <param name="isolatedStorageDirectory">Isolated storage area directory containing the XML file to save the object to.</param>
public static void Save(T serializableObject, string fileName, IsolatedStorageFile isolatedStorageDirectory, TripleDESCryptoServiceProvider tDESkey)
{
SaveToDocumentFormat(serializableObject, null, fileName, isolatedStorageDirectory, tDESkey);
} /// <summary>
/// Saves an object to an XML file located in a specified isolated storage area, using a specified serialized format.
/// </summary>
/// <example>
/// <code>
/// SerializableObject serializableObject = new SerializableObject();
///
/// ObjectXMLSerializer<SerializableObject>.Save(serializableObject, "XMLObjects.xml", IsolatedStorageFile.GetUserStoreForAssembly(), SerializedFormat.Binary);
/// </code>
/// </example>
/// <param name="serializableObject">Serializable object to be saved to file.</param>
/// <param name="fileName">Name of the file in the isolated storage area to save the object to.</param>
/// <param name="isolatedStorageDirectory">Isolated storage area directory containing the XML file to save the object to.</param>
/// <param name="serializedFormat">XML serialized format used to save the object.</param>
public static void Save(T serializableObject, string fileName, IsolatedStorageFile isolatedStorageDirectory, SerializedFormat serializedFormat, TripleDESCryptoServiceProvider tDESkey)
{
switch (serializedFormat)
{
case SerializedFormat.Binary:
SaveToBinaryFormat(serializableObject, fileName, isolatedStorageDirectory);
break; case SerializedFormat.Document:
default:
SaveToDocumentFormat(serializableObject, null, fileName, isolatedStorageDirectory, tDESkey);
break;
}
} /// <summary>
/// Saves an object to an XML file in Document format, located in a specified isolated storage area, and supplying extra data types to enable serialization of custom types within the object.
/// </summary>
/// <example>
/// <code>
/// SerializableObject serializableObject = new SerializableObject();
///
/// ObjectXMLSerializer<SerializableObject>.Save(serializableObject, "XMLObjects.xml", IsolatedStorageFile.GetUserStoreForAssembly(), new Type[] { typeof(MyCustomType) });
/// </code>
/// </example>
/// <param name="serializableObject">Serializable object to be saved to file.</param>
/// <param name="fileName">Name of the file in the isolated storage area to save the object to.</param>
/// <param name="isolatedStorageDirectory">Isolated storage area directory containing the XML file to save the object to.</param>
/// <param name="extraTypes">Extra data types to enable serialization of custom types within the object.</param>
public static void Save(T serializableObject, string fileName, IsolatedStorageFile isolatedStorageDirectory, System.Type[] extraTypes, TripleDESCryptoServiceProvider tDESkey)
{
SaveToDocumentFormat(serializableObject, null, fileName, isolatedStorageDirectory, tDESkey);
} #endregion #region Private private static FileStream CreateFileStream(IsolatedStorageFile isolatedStorageFolder, string path)
{
FileStream fileStream = null; if (isolatedStorageFolder == null)
fileStream = new FileStream(path, FileMode.OpenOrCreate);
else
fileStream = new IsolatedStorageFileStream(path, FileMode.OpenOrCreate, isolatedStorageFolder); return fileStream;
} private static T LoadFromBinaryFormat(string path, IsolatedStorageFile isolatedStorageFolder)
{
T serializableObject = null; using (FileStream fileStream = CreateFileStream(isolatedStorageFolder, path))
{
BinaryFormatter binaryFormatter = new BinaryFormatter();
serializableObject = binaryFormatter.Deserialize(fileStream) as T;
} return serializableObject;
} private static T LoadFromDocumentFormat(System.Type[] extraTypes, string path, IsolatedStorageFile isolatedStorageFolder, TripleDESCryptoServiceProvider tDESkey)
{
XmlDocument xmlDoc = new XmlDocument();
try
{
xmlDoc.PreserveWhitespace = true; xmlDoc.Load(path);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
} // Decrypt the "UserManagement" element.
EncryptXml.Decrypt(xmlDoc, tDESkey);
xmlDoc.Save(path); T serializableObject = null; using (TextReader textReader = CreateTextReader(isolatedStorageFolder, path))
{
XmlSerializer xmlSerializer = CreateXmlSerializer(extraTypes);
serializableObject = xmlSerializer.Deserialize(textReader) as T;
} EncryptXml.Encrypt(xmlDoc, "UserManagement", tDESkey);
xmlDoc.Save(path); return serializableObject;
} private static TextReader CreateTextReader(IsolatedStorageFile isolatedStorageFolder, string path)
{
TextReader textReader = null; if (isolatedStorageFolder == null)
textReader = new StreamReader(path);
else
textReader = new StreamReader(new IsolatedStorageFileStream(path, FileMode.Open, isolatedStorageFolder)); return textReader;
} private static TextWriter CreateTextWriter(IsolatedStorageFile isolatedStorageFolder, string path)
{
TextWriter textWriter = null; if (isolatedStorageFolder == null)
textWriter = new StreamWriter(path);
else
textWriter = new StreamWriter(new IsolatedStorageFileStream(path, FileMode.OpenOrCreate, isolatedStorageFolder)); return textWriter;
} private static XmlSerializer CreateXmlSerializer(System.Type[] extraTypes)
{
Type ObjectType = typeof(T); XmlSerializer xmlSerializer = null; if (extraTypes != null)
xmlSerializer = new XmlSerializer(ObjectType, extraTypes);
else
xmlSerializer = new XmlSerializer(ObjectType); return xmlSerializer;
} private static void SaveToDocumentFormat(T serializableObject, System.Type[] extraTypes, string path, IsolatedStorageFile isolatedStorageFolder, TripleDESCryptoServiceProvider tDESkey)
{
using (TextWriter textWriter = CreateTextWriter(isolatedStorageFolder, path))
{
XmlSerializer xmlSerializer = CreateXmlSerializer(extraTypes);
xmlSerializer.Serialize(textWriter, serializableObject); textWriter.Close(); XmlDocument xmlDoc = new XmlDocument();
try
{
xmlDoc.PreserveWhitespace = true; xmlDoc.Load(path);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
} EncryptXml.Encrypt(xmlDoc, "UserManagement", tDESkey); xmlDoc.Save(path);
}
} private static void SaveToBinaryFormat(T serializableObject, string path, IsolatedStorageFile isolatedStorageFolder)
{
using (FileStream fileStream = CreateFileStream(isolatedStorageFolder, path))
{
BinaryFormatter binaryFormatter = new BinaryFormatter();
binaryFormatter.Serialize(fileStream, serializableObject);
}
} #endregion
}
}
(3)Saving an object to an XML file/Loading an object from an XML file
// Load the userManagement object from the XML file using our UserAccountInfo class...
UserAccountInfo userManagement =ObjectXMLSerializer<UserAccountInfo>.Load(path, tDESkey); // Load the userManagement object from the XML file using our userManagement class...
ObjectXMLSerializer<UserAccountInfo>.Save(usermanagement, XML_FILE_NAME, tDESkey);
方法二:
其实,要想仅仅实现xml的序列化和反序列化还是很简单的,作为常用的类,可以很简单地将其实现为公共类:
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Xml;
using System.Xml.Serialization; namespace XXX.Common
{
public static class XmlHelper
{
public static object DeserializeObject<T>(string filePath)
{
try
{
var xs = new XmlSerializer(typeof(T));
using (var fs = new FileStream(filePath, FileMode.Open))
{
var reader = XmlReader.Create(fs);
return xs.Deserialize(reader);
}
}
catch (Exception exp)
{
throw new XmlException($"Failed in XML Deserialization {filePath}", exp);
}
} public static void SerializeObject<T>(string filePath, T o)
{
try
{
var x = new XmlSerializer(typeof(T));
using (var fs = new FileStream(filePath, FileMode.Create))
{
var writer = XmlWriter.Create(fs);
x.Serialize(writer, o);
}
}
catch (Exception exp)
{
throw new XmlException($"Failed in XML Serialization {filePath}", exp);
}
}
}
}
另可参考文章:
1.XML序列化和反序列化
C# Note4:XML序列化和反序列化(含加密解密等)的更多相关文章
- 第四节:IO、序列化和反序列化、加密解密技术
一. IO读写 这里主要包括文件的读.写.移动.复制.删除.文件夹的创建.文件夹的删除等常规操作. 注意:这里需要特别注意,对于普通的控制台程序和Web程序,将"相对路径"转换成& ...
- C# UTF8的BOM导致XML序列化与反序列化报错:Data at the root level is invalid. Line 1, position 1.
最近在写一个xml序列化及反序列化实现时碰到个问题,大致类似下面的代码: class Program { static void Main1(string[] args) { var test = n ...
- XML 序列化与反序列化
XML序列化与反序列化 1.将一个类转化为XML文件 /// <summary> /// 对象序列化成XML文件 /// </summary> /// <param na ...
- XmlSerializer 对象的Xml序列化和反序列化
http://www.cnblogs.com/yukaizhao/archive/2011/07/22/xml-serialization.html 这篇随笔对应的.Net命名空间是System.Xm ...
- C#的XML序列化及反序列化
webservice在工作中用到的很多,基本都是以XML格式问通讯内容,其中最关键的就是XML串的序列化及反序列化. XML的运用中有两种信息传递,一种为XML的请求信息,另一种为返回信息,要运用XM ...
- .NET XML序列化与反序列化
闲着没事,写了两个通用的XML序列化与反序列化的方法. 贴出来当作笔记吧! /// <summary> /// XML序列化 /// </summary> /// <ty ...
- XmlSerializer 对象的Xml序列化和反序列化,XMLROOT别名设置
这篇随笔对应的.Net命名空间是System.Xml.Serialization:文中的示例代码需要引用这个命名空间. 为什么要做序列化和反序列化? .Net程序执行时,对象都驻留在内存中:内存中 ...
- c# XML序列化与反序列化
c# XML序列化与反序列化 原先一直用BinaryFormatter来序列化挺好,可是最近发现在WinCE下是没有办法进行BinaryFormatter操作,很不爽,只能改成了BinaryWrite ...
- Xml序列化、反序列化帮助类
之前从网络上找了一个Xml处理帮助类,并整理了一下,这个帮助类针对Object类型进行序列化和反序列化,而不需要提前定义Xml的结构,把它放在这儿供以后使用 /// <summary> / ...
随机推荐
- CentOS7下使用YUM安装MySQL5.6
(1)检查系统中是否已安装 MySQL. rpm -qa | grep mysql 返回空值的话,就说明没有安装 MySQL . 注意:在新版本的CentOS7中,默认的数据库已更新为了Mariadb ...
- Hibernate基本映射类型
- http: server gave HTTP response to HTTPS client & Get https://192.168.2.119/v2/: dial tcp 192.168.2.119:443: getsockopt: connection refused
http: server gave HTTP response to HTTPS client 出现这问题的原因是:Docker自从1.3.X之后docker registry交互默认使用的是HTTP ...
- Python之TabError: inconsistent use of tabs and spaces in indentation和ModuleNotFoundError:No module named 'win32api'
1.TabError: inconsistent use of tabs and spaces in indentation 这是我的代码,感觉没啥不对, 后来运行之后出现了下面的错误,我也是弄了好久 ...
- WiFi-ESP8266入门http(1)-建立服务器,直接发送网
#include <ESP8266WiFi.h> /*** 该工程可以在2.4.0版本esp8266库中运行,没在更高版本库中进行测试 ***/ const char *ssid = &q ...
- Spring Security(十九):6. Security Namespace Configuration
6.1 Introduction Namespace configuration has been available since version 2.0 of the Spring Framewor ...
- 【Windows】+ windows下在某一文件夹下按“shift+鼠标右键”打开CMD窗口
前言:没更改之前是打开的powershell窗口,超不习惯 新建一个txt文件,然后复制以下代码,然后保存为OpenCmdHere.reg 格式,然后双击即可 Windows Registry Edi ...
- Generative Adversarial Nets[EBGAN]
0. 背景 Junbo Zhao等人提出的"基于能量的GAN"网络,其将判别器视为一个能量函数而不需要明显的概率解释,该函数可以是一个可训练的损失函数.能量函数是将靠近真实数据流形 ...
- 几种content-type提交以及$_POST 和php://input
在表单提交数据时,需要告诉服务端自己的content-type,好让服务端处理. 默认表单提交是x-www-form-urlencoded,还有一种常见的 multipart/form-data.那这 ...
- ASP.NET Core中代码使用X509证书,部署到IIS上后报错:System cannot find the specified file 的解决办法(转载)
问: I am trying to embrace the mysteries of SSL communication and have found a great tutorial on this ...