I am writing encryption minifilter based on swapbuffers sample. For now I plan to use aes algorithm that doesn’t increase output buffer size. So for now I don’t need isolation filter.
However I am thinking about writes and reads at the end of the file if file size is not multiple of sector size. In that case part of encrypted buffer won’t get to disk and only partial buffer will be returned. Therefore file tail won’t be encrypted correctly since I use block cipher.
For now I think about just obfuscating end of file xoring it with some key.
Is there some better way to solve this problem?
I also thought about writing and reading directly to/from volume, but this won’t work- requirement is for user to be able to copy file on any number of storages on machines without encryption filter. He shouldn’t be able to read this file on external machine, but file should be read correctly on work machine after any number of copies.
Thank you !