Hi all
I have designed an
encryption filter driver, first I used a simple encryption algorithm, it works
well. I replace simple encrypt algorithm with the standard encryption algorithm
(DES) but decryption doesn’t work correct and I don’t retrieve the correct plain
data (I test des algorithm outside of my code and it works correct!?).
I Look thru the archives and FAQ.I found that
In??? read completion, we can decrypt
buffer in place (don’t need to create another buffer for this)so
?
My code as following:
NTSTATUS
SfReadCompletion(
IN PDEVICE_OBJECT
DeviceObject,
IN PIRP Irp,
IN PVOID Context
(
This function is the
read completion routine for this // file system driver?
?filter//
{
…
if(Found) //file is in
the protected place
{
if(Irp->Flags &(IRP_PAGING_IO
| IRP_NOCACHE | IRP_SYNCHRONOUS_PAGING_IO))
{
if(Irp->MdlAddress)
UserBuffer = MmGetSystemAddressForMdlSafe(
Irp->MdlAddress,HighPagePriority);
else
UserBuffer = Irp->UserBuffer;
//use des algorithm
decrypt(UserBuffer ,key ,UserBuffer
,size);
?
}
}
…
}
is this my code wrong? Or
my problem is because of bad implementation of des algorithm?
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Do you account for the fact that you may get I/O that is not aligned on an even block boundary for your chosen cipher?
If your “simple encryption algorithm” was to, say, simply xor every byte in the I/O with a constant, then that does not really represent the complexities inherent in an encryption filter particularly well.
From: fatima Gh
Sent: Saturday, October 18, 2008 11:08
To: Windows File Systems Devs Interest List
Subject: [ntfsd] encryption driver SfReadcompletion() routine
Hi all
I have designed an encryption filter driver, first I used a simple encryption algorithm, it works well. I replace simple encrypt algorithm with the standard encryption algorithm (DES) but decryption doesn’t work correct and I don’t retrieve the correct plain data (I test des algorithm outside of my code and it works correct!?).
I Look thru the archives and FAQ.I found that In read completion, we can decrypt buffer in place (don’t need to create another buffer for this)so
My code as following:
NTSTATUS
SfReadCompletion(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp,
IN PVOID Context
(
This function is the read completion routine for this // file system driver filter//
{
…
if(Found) //file is in the protected place
{
if(Irp->Flags &(IRP_PAGING_IO | IRP_NOCACHE | IRP_SYNCHRONOUS_PAGING_IO))
{
if(Irp->MdlAddress)
UserBuffer = MmGetSystemAddressForMdlSafe(
Irp->MdlAddress,HighPagePriority);
else
UserBuffer = Irp->UserBuffer;
//use des algorithm
decrypt(UserBuffer ,key ,UserBuffer ,size);
}
}
…
}
is this my code wrong? Or my problem is because of bad implementation of des algorithm?
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com — NTFSD is sponsored by OSR For our schedule debugging and file system seminars (including our new fs mini-filter seminar) visit: http://www.osr.com/seminars You are currently subscribed to ntfsd as: xxxxx@valhallalegends.com To unsubscribe send a blank email to xxxxx@lists.osr.com