Hi,
I want to write a filter driver for file encryption/decryption. Initially I
was thinking to write a minifilter driver for this.
After writing it I realized that this operation is taking too much time for
encryption and decryption.
Now I want to write a storage filter driver so that I can encrypt and
decrypt the blocks of file data below the file system driver.
I dont know from where to start.
Can somebody tell me how to do it?
–
Kapil Bhadke
Post Graduate Student
IIT Kanpur
If it is just for study and learning purposes
Something which is Open Source and already there - http://www.truecrypt.org/
If you are thinking of building a product, it’s already there in market
PGP & Guardian Edge (both symantec now) and many others provide same
solution both at file and block level.
-Deepak
On Fri, Feb 11, 2011 at 11:31 AM, kapil bhadke wrote:
> Hi,
> I want to write a filter driver for file encryption/decryption. Initially I
> was thinking to write a minifilter driver for this.
> After writing it I realized that this operation is taking too much time for
> encryption and decryption.
> Now I want to write a storage filter driver so that I can encrypt and
> decrypt the blocks of file data below the file system driver.
> I dont know from where to start.
> Can somebody tell me how to do it?
>
>
> –
> Kapil Bhadke
> Post Graduate Student
> IIT Kanpur
> — NTFSD is sponsored by OSR For our schedule of debugging and file system
> seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List
> Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
There is a upper filter sample in ddk which you may want to check.
But still I want to ask a question. Why do you think it is not possible for minifilter.
Think like this, your disk stack does not relate to a file (fileObj is NULL IIRC), so if your objective is to encrypt files, do it at FS stack. If on the other hand you want to encrypt disk blocks, do it at disk stack.
On Fri, Feb 11, 2011 at 12:54 PM, wrote:
> There is a upper filter sample in ddk which you may want to check.
>
> But still I want to ask a question. Why do you think it is not possible for
> minifilter.
>
I am not saying that its not possible for minifilter. In fact I have already
written minifilter for that.
But the thing is it is taking too much time(whole operation is slow) and
also the cache contents will be encrypted.
So I want to do it below cache.
> –
Kapil Bhadke
Post Graduate Student
IIT Kanpur
>>also the cache contents will be encrypted.
^ This,
you handled it incorrectly as your cache should contain normal data.
>So I want to do it below cache.
And what do you mean by that, FS initialize cache. If the section is not valid it will cause a fault which will come to disk after FS passes it. the data given by disk will go to to FS and than to cache.
So the behavior is same for both and it will *NOT* change, irrespective of where you are trying to solve it.
Just encrypt/decrypt on non cached path in your mini-filter and you should be good to go. I wonder what make you think that its minifilter model causing problem.
you handled it incorrectly as your cache should contain normal data.
Is it possible to create a minifilter driver for encryption/decryption and
still the contents of cache will be normal data??
If so tell me something about it.
Just encrypt/decrypt on non cached path in your mini-filter and you should
be good to go. I wonder what make you think that its minifilter model
causing problem.
Let me tell you what I did.
I looked into the swapBuffers sample example provided by DDK and I modified
read and write pre/post operations to handle
encryption and decryption.
Now isn’t it the case that the file data contained in the cache will be in
encrypted form??
–
Kapil Bhadke
Post Graduate Student
IIT Kanpur
>>I looked into the swapBuffers sample example provided by DDK and I modified read and write pre/post operations to handle encryption and decryption.
quite usual what you did, :). we all do that in start.
Now do your encryption/decryption only if read/write are non-cached.(there is a flag for it)
>
quite usual what you did, :). we all do that in start.
Now do your encryption/decryption only if read/write are non-cached.(there
is a flag for it)
I have done exactly like that by checking IRP_NOCACHE flag.
But I am still confused. What will be the contents of cache when a
read/write is called??
–
Kapil Bhadke
Post Graduate Student
IIT Kanpur
Assuming that you are not missing paging IO (by explicitly asking for that), and you are doing your encryption/decryption when the flag is non-cached.
Your cache should have normal data as I already said.
Just out of curiosity, was PGP open source before Symantec acquired it?
mm
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Deepak Gupta
Sent: Friday, February 11, 2011 2:20 AM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] Storage filter driver vs minifilter
If it is just for study and learning purposes
Something which is Open Source and already there - http://www.truecrypt.org/
If you are thinking of building a product, it’s already there in market
PGP & Guardian Edge (both symantec now) and many others provide same
solution both at file and block level.
-Deepak
On Fri, Feb 11, 2011 at 11:31 AM, kapil bhadke
wrote:
Hi,
I want to write a filter driver for file encryption/decryption. Initially I
was thinking to write a minifilter driver for this.
After writing it I realized that this operation is taking too much time for
encryption and decryption.
Now I want to write a storage filter driver so that I can encrypt and
decrypt the blocks of file data below the file system driver.
I dont know from where to start.
Can somebody tell me how to do it?
–
Kapil Bhadke
Post Graduate Student
IIT Kanpur
— NTFSD is sponsored by OSR For our schedule of debugging and file system
seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List
Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
— NTFSD is sponsored by OSR For our schedule of debugging and file system
seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List
Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
No it wasn’t.
-Deepak
On Sat, Feb 12, 2011 at 4:00 AM, Martin O’Brien <
xxxxx@gmail.com> wrote:
Just out of curiosity, was PGP open source before Symantec acquired it?
mm
*From:* xxxxx@lists.osr.com [mailto:
xxxxx@lists.osr.com] *On Behalf Of *Deepak Gupta
*Sent:* Friday, February 11, 2011 2:20 AM
*To:* Windows File Systems Devs Interest List
*Subject:* Re: [ntfsd] Storage filter driver vs minifilterIf it is just for study and learning purposes
Something which is Open Source and already there -
http://www.truecrypt.org/If you are thinking of building a product, it’s already there in market
PGP & Guardian Edge (both symantec now) and many others provide same
solution both at file and block level.-Deepak
On Fri, Feb 11, 2011 at 11:31 AM, kapil bhadke
> wrote:
>
> Hi,
> I want to write a filter driver for file encryption/decryption. Initially I
> was thinking to write a minifilter driver for this.
> After writing it I realized that this operation is taking too much time for
> encryption and decryption.
> Now I want to write a storage filter driver so that I can encrypt and
> decrypt the blocks of file data below the file system driver.
> I dont know from where to start.
> Can somebody tell me how to do it?
>
>
> –
> Kapil Bhadke
> Post Graduate Student
> IIT Kanpur
> — NTFSD is sponsored by OSR For our schedule of debugging and file system
> seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List
> Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
> — NTFSD is sponsored by OSR For our schedule of debugging and file system
> seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List
> Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
Thanks.
Mm
On Feb 11, 2011 9:08 PM, “Deepak Gupta” wrote:
> No it wasn’t.
>
> -Deepak
>
> On Sat, Feb 12, 2011 at 4:00 AM, Martin O’Brien <
> xxxxx@gmail.com> wrote:
>
>> Just out of curiosity, was PGP open source before Symantec acquired it?
>>
>>
>>
>>
>>
>> mm
>>
>>
>>
>> From: xxxxx@lists.osr.com [mailto:
>> xxxxx@lists.osr.com] *On Behalf Of *Deepak Gupta
>> Sent: Friday, February 11, 2011 2:20 AM
>> To: Windows File Systems Devs Interest List
>> Subject: Re: [ntfsd] Storage filter driver vs minifilter
>>
>>
>>
>> If it is just for study and learning purposes
>> Something which is Open Source and already there -
>> http://www.truecrypt.org/
>>
>> If you are thinking of building a product, it’s already there in market
>> PGP & Guardian Edge (both symantec now) and many others provide same
>> solution both at file and block level.
>>
>> -Deepak
>>
>> On Fri, Feb 11, 2011 at 11:31 AM, kapil bhadke
>> wrote:
>>
>> Hi,
>> I want to write a filter driver for file encryption/decryption. Initially
I
>> was thinking to write a minifilter driver for this.
>> After writing it I realized that this operation is taking too much time
for
>> encryption and decryption.
>> Now I want to write a storage filter driver so that I can encrypt and
>> decrypt the blocks of file data below the file system driver.
>> I dont know from where to start.
>> Can somebody tell me how to do it?
>>
>>
>> –
>> Kapil Bhadke
>> Post Graduate Student
>> IIT Kanpur
>> — NTFSD is sponsored by OSR For our schedule of debugging and file
system
>> seminars visit: http://www.osr.com/seminars To unsubscribe, visit the
List
>> Server section of OSR Online at
>> http://www.osronline.com/page.cfm?name=ListServer
>>
>>
>> — NTFSD is sponsored by OSR For our schedule of debugging and file
system
>> seminars visit: http://www.osr.com/seminars To unsubscribe, visit the
List
>> Server section of OSR Online at
>> http://www.osronline.com/page.cfm?name=ListServer
>>
>> —
>> NTFSD is sponsored by OSR
>>
>> For our schedule of debugging and file system seminars visit:
>> http://www.osr.com/seminars
>>
>> To unsubscribe, visit the List Server section of OSR Online at
>> http://www.osronline.com/page.cfm?name=ListServer
>>
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer