CRC verification

OSR_Community_User · August 5, 2004, 7:18am

Hello,

I have developed an upper disk driver filter driver.

I have been observing that for one or two application
programs on the encrypted drive, i get a “windows -
Corrupt file” message.
But if i run those applications from the cmd line with
/NCRC switch they work fine.
My question is - is CRC verification done for only a
few applications ?

Again while copying some files to the encrypted drive
i again get this “Windows - Corrupt File” Msg box.But
everything copies properly though.
Why is it so?

Im using the encryption algorithm in CBC mode.

When i do the encryption at byte level, i dnt see any
problems.

But as soon as i start doing the encryption in sector
mode, i start observing the aforementioned problems.

For each sector im taking the LBA as IV.

Cheers and Regards
V.S.

Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail

Maxim_S_Shatskih · August 5, 2004, 2:22pm

Yes. PE binary checksum is verified for kernel mode modules and for
KnownDLLs only.

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “vartika Singh”
To: “Windows System Software Devs Interest List”
Sent: Thursday, August 05, 2004 3:16 PM
Subject: [ntdev] CRC verification

> Hello,
>
> I have developed an upper disk driver filter driver.
>
> I have been observing that for one or two application
> programs on the encrypted drive, i get a “windows -
> Corrupt file” message.
> But if i run those applications from the cmd line with
> /NCRC switch they work fine.
> My question is - is CRC verification done for only a
> few applications ?
>
> Again while copying some files to the encrypted drive
> i again get this “Windows - Corrupt File” Msg box.But
> everything copies properly though.
> Why is it so?
>
> Im using the encryption algorithm in CBC mode.
>
> When i do the encryption at byte level, i dnt see any
> problems.
>
> But as soon as i start doing the encryption in sector
> mode, i start observing the aforementioned problems.
>
> For each sector im taking the LBA as IV.
>
> Cheers and Regards
> V.S.
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Read only the mail you want - Yahoo! Mail SpamGuard.
> http://promotions.yahoo.com/new_mail
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com

OSR_Community_User · August 5, 2004, 11:16pm

Hi Maxim,

Do u have any idea, why do i face this error just as i
switch to sector level encryption.Im not facing any
such problem when i do byte level encryption.
I calculate the IV for each sector by dividing
readlength /writelength Byteoffset by 512, and for the
next sector i just increment the previous LBA
obtained.

Cheers and Regards
V.S.

Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail

OSR_Community_User · August 6, 2004, 3:20am

It seems you’re able to switch between “byte” and “sector” encryption
relatively easily. In that case, have your driver write its encryption
results to a log file. Then generate a log for both byte and sector
modes. Compare the logs to see where they differ, and deduce the source
cause of the difference.

Chuck

----- Original Message -----
From: “vartika Singh”
To: “Windows System Software Devs Interest List”
Sent: Friday, August 06, 2004 10:14 AM
Subject: Re: [ntdev] CRC verification

> Hi Maxim,
>
> Do u have any idea, why do i face this error just as i
> switch to sector level encryption.Im not facing any
> such problem when i do byte level encryption.
> I calculate the IV for each sector by dividing
> readlength /writelength Byteoffset by 512, and for the
> next sector i just increment the previous LBA
> obtained.
>
> Cheers and Regards
> V.S.

OSR_Community_User · August 6, 2004, 12:47pm

You aren’t trying to encrypt the write buffer in place before sending it
to the lower driver are you?

-p

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of vartika Singh
Sent: Thursday, August 05, 2004 8:14 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] CRC verification

Hi Maxim,

Do u have any idea, why do i face this error just as i switch to sector
level encryption.Im not facing any such problem when i do byte level
encryption.
I calculate the IV for each sector by dividing readlength /writelength
Byteoffset by 512, and for the next sector i just increment the previous
LBA obtained.

Cheers and Regards
V.S.

Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Maxim_S_Shatskih · August 6, 2004, 1:12pm

Peter is correct as usually. Doing so will bring havoc to the app’s data.

Always allocate a second buffer as encryption target in the write path.
Write paths must never modify the data “in place”.

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “Peter Wieland”
To: “Windows System Software Devs Interest List”
Sent: Friday, August 06, 2004 8:45 PM
Subject: RE: [ntdev] CRC verification

> You aren’t trying to encrypt the write buffer in place before sending it
> to the lower driver are you?
>
> -p
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of vartika Singh
> Sent: Thursday, August 05, 2004 8:14 PM
> To: Windows System Software Devs Interest List
> Subject: Re: [ntdev] CRC verification
>
> Hi Maxim,
>
> Do u have any idea, why do i face this error just as i switch to sector
> level encryption.Im not facing any such problem when i do byte level
> encryption.
> I calculate the IV for each sector by dividing readlength /writelength
> Byteoffset by 512, and for the next sector i just increment the previous
> LBA obtained.
>
> Cheers and Regards
> V.S.
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail is new and improved - Check it out!
> http://promotions.yahoo.com/new_mail
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>

OSR_Community_User · August 9, 2004, 2:28am

Hi Maxim,

No.Im not encrypting the write buffer in place.
I solved the problem I was having.
Actually i was calculating the offset in Dispatch
routine and storing it in my device extension.
And later on using it in the completion routine.
Thus, my offset value was being updated incorrectly.I
solved the problem by using a spin lock and passing
the offset value in the context field of the
Completion Routine.

Thanx and Regards
V.S.

Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail