changing file size in encryption filter driver


Our task is to build filter driver for per-file encryption. Each
encrypted file must have data footer (fixed size block at the end of
file). And for other applications file size (and of course file data)
must be in decrypted form without this footer. Encryption part is
done, but with file size masquarade i have big problem. i filter
get\set file information functions for many information classes
(including directory information ones) and fix FilSize field. But
there are problem with cache manager - it reads file with original
size and then return this data to applications. Modyfing FileSize
field in common_fcb_header in post-create fix this problem, but file
on disk will truncate after just entering catalog. Is there any tips
to make file size masquarade ? Underlying file system can be any of
ntfs, fat32, exfat.


>to make file size masquarade ?

I would say this is extremely hard task, which will probably require layered FSD.

This means - your own FSD, with your own FCBs and thus Mm/Cc contexts, which uses the underlying FSD for actual data access.

I would consider using some side database for file encryption keys and avoiding the footer use.

Maxim S. Shatskih
Windows DDK MVP