Hi All,
I want to develop an Encryption File system Filter Driver, where I want to
support On Fly encryption and decryption for selective files.
Can any one of you suggest me the way to acheive this.
Thanx in advance.
Regards,
Kedar.
Hi Kedar,
I think you would be developing a filter driver.
Do you have any experience with developing File System
Drivers or Filter drivers?
If you are new to this, then I suggest reading
Rajeev Nagar's Windows NT File System Internals: A
Developer's Guide - O'Reilly, 1997.
ISBN 1565922492
Hope this helps!
Regards,
Manoj
=====
Manoj Paul Joseph,
Master of Computer Applications (final year student),
School of Computer Science and Engineering,
Anna University,
Chennai (Madras),
India.
Looking for a job? Visit Yahoo! India Careers
Visit http://in.careers.yahoo.com
Kedar,
Funny you should ask - we talked about this very type of project last week
at the PlugFest.
First, you need to determine how much time you have to devote to the
project, since on the fly encryption/decryption drivers are somewhat
challenging to implement on Windows NT/2000/XP systems.
Next, you should start to review the NTFSD archives because many others have
asked this exact question - so many of the answers are already lurking in
the archives.
Next, you need to build up your own knowledge of how drivers work on
NT/2000/XP systems at all. Maybe you are already familiar with how drivers
work, which is a real plus.
Then you need to design your encryption mechanism. Be aware that if you are
going to create a commercial product that there are quite a large number of
existing patented mechanisms in place here, so you may find that whatever
clever technique you’ve thought up has already been implemented - and
patented - by someone else. If this is non-commercial you still technically
have to worry about the patents as well (but most academic work does not do
so).
Just as a general guideline - figure that this is a project which will
consume you for at least a year, perhaps more, depending upon your existing
level of knowledge and experience. Not that I am trying to discourage you,
but rather I am hoping to set your expectations at this level. Of course,
others on this list may disagree with me and if so I invite them to weigh in
with their opinions!
Regardless of what you decide, best of luck on your project!
Regards,
Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com
-----Original Message-----
From: xxxxx@hotmail.com [mailto:xxxxx@hotmail.com]
Sent: Tuesday, March 05, 2002 1:31 AM
To: File Systems Developers
Subject: [ntfsd] Encryption File system Filter Driver
Hi All,
I want to develop an Encryption File system Filter Driver, where I want to
support On Fly encryption and decryption for selective files.
Can any one of you suggest me the way to acheive this.
Thanx in advance.
Regards,
Kedar.
You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to %%email.unsub%%
Hi Tony Manson,
Thanx for your information.
Actually I started working on this for some time before.
I have the Rajeev Nagar’s Windows NT File System Internals: A Developer’s
Guide - O’Reilly book and
I have gone through the Filemon Sample.
But none of things say how to modify the Data.
After spending some time I have started to see the IRP_MJ_READ and
IRP_MJ_WRITE requests with IRP_NOCAHCE flag, here i am able to see the
data that is being written to the disk.
But this is working fine for files with less than 500 bytes and when the
size is increased I am unable to see the data, this is the PROBLEM i am
facing and have struck here. I faced this problem when trying to encrypt
the Contents of a MS-Word File.
Can you tell me whether I have started at a wrong place or am I doing
something wrong.
Eventhough i spent some time i could not solve the problem.
Thanx in advance.
Regards,
Kedar.
Kedar,
The data is attached to the IRP - Irp->MdlAddress is the MDL describing the
location of the data. If there is no MDL (as is the case for user-level
I/O) then Irp->UserAddress is the user’s buffer for the I/O operation. Of
course, for a write operation you cannot modify this buffer directly
(because other processes might see the encrypted form of the data).
How the data is described is independent of the size, so I’m not quite sure
how you could see it for small files, but not for large files.
Regards,
Tony
Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com
-----Original Message-----
From: xxxxx@hotmail.com [mailto:xxxxx@hotmail.com]
Sent: Tuesday, March 05, 2002 5:49 AM
To: File Systems Developers
Subject: [ntfsd] Re: Encryption File system Filter Driver
Hi Tony Manson,
Thanx for your information.
Actually I started working on this for some time before.
I have the Rajeev Nagar’s Windows NT File System Internals: A Developer’s
Guide - O’Reilly book and
I have gone through the Filemon Sample.
But none of things say how to modify the Data.
After spending some time I have started to see the IRP_MJ_READ and
IRP_MJ_WRITE requests with IRP_NOCAHCE flag, here i am able to see the
data that is being written to the disk.
But this is working fine for files with less than 500 bytes and when the
size is increased I am unable to see the data, this is the PROBLEM i am
facing and have struck here. I faced this problem when trying to encrypt
the Contents of a MS-Word File.
Can you tell me whether I have started at a wrong place or am I doing
something wrong.
Eventhough i spent some time i could not solve the problem.
Thanx in advance.
Regards,
Kedar.
You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to %%email.unsub%%
Rajeev Nagar’s book on file systems is an essential.
Sources from the IFS kit - too.
David Solomon’s book - too (for general picture of things).
Max
----- Original Message -----
From: “T.Umapathy”
To: “File Systems Developers”
Sent: Monday, February 25, 2002 10:32 AM
Subject: [ntfsd] File System Filter Driver
> Hi all,
> I have to develop a file system filter driver for Windows for
> encryption/decryption of file content. But I don’t have worked in driver
> development. please advice me how to start with this and give me related
> information.
> Regards,
> T.Umapathy
>
> —
> You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to %%email.unsub%%
>