Hi,
I am writing a minifilter for encryption of file data.
I handle only IRP_NOCACHE calls since these guarantee the read/writes will
be sector-aligned.
However I am noticing that for Read operations, the underlying drivers
(file system driver or whatever) read only till EOF and not the full sector.
This is creating problem with decryption, since if the EOF is not at the
end of encryption block, the encryption algorithm gets incorrect block to
decrypt.
Why could this be happening? Would appreciate if somebody could help me
solve this problem.
Regards,
Dhirendra.
The drivers are working as designed. Your code is not correct. If you
are doing block-encryption of fixed-size blocks, then your file must have
a size that is an integer multiple of those blocks. Otherwise, you must
provide a standard “fill” for the last partial-block and use the same
“fill” when you read the last partial-buffer. This is one of the hazards
of block-level encryption.
Note that “seek” (SetFilePosition) has problems also; you have to seek to
the logical position in the file represented by the requestor, then round
it down to the encryption-block boundary, read the encrypted block,
decrypt it, and return only the portion from the logical seek-position
forward.
It is safe to assume that the file will be read randomly at any byte
position for any length.
joe
Hi,
I am writing a minifilter for encryption of file data.
I handle only IRP_NOCACHE calls since these guarantee the read/writes will
be sector-aligned.
However I am noticing that for Read operations, the underlying drivers
(file system driver or whatever) read only till EOF and not the full
sector.
This is creating problem with decryption, since if the EOF is not at the
end of encryption block, the encryption algorithm gets incorrect block to
decrypt.
Why could this be happening? Would appreciate if somebody could help me
solve this problem.
Regards,
Dhirendra.
NTFSD is sponsored by OSR
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Thanks Alex, Joe.
Otherwise, you must provide a standard “fill” for the last partial-block
and use the same “fill” when you read the last partial-buffer.
As I understand you are talking about filling the last block beyond the EOF
with something known.
But would not that require me to change the EOF position of the file to end
of this block?
This is because if I fill something beyond the actual EOF, I still need the
encrypted form (a block) of this block to be written and read from the disk
in whole. Is this correct?
If i do need to change the EOF, how do I go about it as I understand “paging
I/O write can never extend EOF” (from
http://www.osronline.com/showthread.cfm?link=176455 ) ?
Thanks,
Dhirendra.