阅读:1692回复:10
如何为密文添加特殊标记
要求:
在加密文件时为文件加一个标记, 如一个TXT文件,大小是32字节,加密的处理例程在IRP_MJ_WRITE,当写这个TXT文件时,调试发现write.length为4KB,我就在4096这最后一个字节上添加了一个字符‘d’,但读的时候读不到这个‘d’。只有在32个字节长度上写字符才能被读出来,但这会影响原文,请问怎样做才能保证不影响原文又能添加字符呢 |
|
沙发#
发布于:2005-05-13 14:12
楼主:
这个问题我也想知道。 顺便问一下:你上次说的通过DeviceObject来判断是否为CDROM REMOVABLE等等,如果是本地硬盘怎么判断? |
|
板凳#
发布于:2005-05-13 14:50
本地硬盘的类型为FILE_DEVICE_DISK,DDK上说的
|
|
地板#
发布于:2005-05-13 16:13
那REMOVABLE_MEDIA的devicetype也是FILE_DEVICE_DISK
难道如果除了deviceobject->characteristic==FILE_REMOVABLE_MEDIA,和FILE_FLOPPY_DISLEETE之外 都是本地硬盘??? 如何区分?? |
|
地下室#
发布于:2005-05-13 16:22
你看ddk文档吧,那里有说明的,
|
|
5楼#
发布于:2005-05-13 16:28
各位老大关心一下添加标记的问题吧,假如某个文件大小为32字节,现在只能在32字节之内修改内容,超过这个长度就写不进去,虽然调试时显示写长度为4KB,
|
|
6楼#
发布于:2005-05-14 00:42
If you only want to mark the file to be encrypted, maybe you can use EFS\'s encryption flag instead of changing file size.
|
|
7楼#
发布于:2005-05-14 11:22
不太明白你的意思
|
|
8楼#
发布于:2005-05-15 15:06
What I mean is that if you only want to show file as encrypted, you can try to change file attribute instead of changing file size. Changing file size is always a challenge to filter driver developers.
|
|
9楼#
发布于:2005-05-15 20:47
我最终显示的明文,即加密为密文后,若本地访问的话就要解密,因此磁盘上可能有原来没有加密的文件,若本地访问就会对它解密这样就错误了,所以我要加标记,
你现在知道我的用意了吧 |
|
10楼#
发布于:2005-05-16 22:17
I think I answered your question. Try to change file attribute (for example EFS flag) instead of file itself. But this approach only works on NTFS. There are other ways to do it such as using a local database to keep encrypted file name etc.
No file system guarantees you to write data beyond file size. That\'s why you cannot get correct data back after 32 bytes. If you want to add special tag in file itself either as header or trailer, you have to change file size on the fly accordingly. But this is very difficult. |
|