EldoS | Feel safer!

Software components for data protection, secure storage and transfer

EncryptwithHeader Sample

Also by EldoS: SecureBlackbox
200+ components and classes for digital security, signing, encryption and secure networking.
#24300
Posted: 03/26/2013 05:04:12
by Manoj Jain (Standard support level)
Joined: 02/28/2013
Posts: 94

Thanks for informative reply.

My final requirement is not notepad but I was able to relate it to my need. Thanks.

My normal project that I made two days before suddenly stopped working as it was working till day-before-yesterday.

When I copy/paste or move files ... it encrypts but not on save as ?

Can you suggest where it could have gone wrong ?

I uninstalled and re-installed driver [with reboot in between even though not required] but no change.

I will try original vc++ sample again ....
#24301
Posted: 03/26/2013 05:33:01
by Vladimir Cherniga (EldoS Corp.)

Quote
When I copy/paste or move files ... it encrypts but not on save as ?

It depends on how does application handle that request. From filesystem view, any of that operation may be a new file creation and writing to that file, or it could be a rename request (handled by RenameOrMove callback). To get the details on particular actions, you may use a handle utility ProcMon from sysinternals.com. It shows a detail info with an advanced output enabled(from application menu).
Quote
Can you suggest where it could have gone wrong ?

This question requires a detail analyzes of your code, I would suggest to check the utility mentioned above, it could help to understand a data flow within filesystem. Within Basic support level,available to users which don't have a license, does not include analysis of their code. You are welcome to purchase a license for CallbackFilter, then we will be able to work with your question.
#24302
Posted: 03/26/2013 06:26:57
by Manoj Jain (Standard support level)
Joined: 02/28/2013
Posts: 94

The code is exactly same as Encryptwithheader sample.

Regarding purchasing license, I had plan to make payment today but after following comment, I need clarity and hence sent an email to sales regarding:

Quote
Here is a bug in current implementation that may cause hang in SetEOFAsync call on Windows Vista or later. The fix is on the way to the next build of CallbackFilter.


Will send payment on Thursday after reply from sales.

Comming back to main issue:
Quote
if you allow some application to open and read file, then nothing to prevent it open an arbitrary file and save it somewhere else.


I do not want to prevent saving but ensure that all formats saved are encrypted. This is where the problem is.

Using mask "*.txt", I can ensure all .txt files to be encrypted but if the program allows "*.* or all files" ... It becomes impossible to ensure encrypted saving of all formats.

My main need is to ensure that all the formats saved by a specific program are encryted. I can get originator program name and apply suitable control at OpenCallBack but if I give Mask as *.* and bypass "windows", program files" program files x86" folders .... system still hangs.


Second problem I am facing is the files are not opening properly even with the exe file sent by you via help desk [vc++ encryptwithheader].

The behavior is not consistent ... same all the time ...

I posted a detailed analysis of the file formats in this thread ..... next day the behavior was not same .... third day it was again different ......
#24303
Posted: 03/26/2013 07:01:49
by Vladimir Cherniga (EldoS Corp.)

Quote
I do not want to prevent saving but ensure that all formats saved are encrypted. This is where the problem is.

Encryption is possible for on disk files data only, when trusted application opens the file and read it to memory, from this point it has a decrypted data in his local memory as well as decrypted data in system cache. How do you going to force notepad, for example, to encrypt or not selectively some files, when they "saved as.." to the arbitrary location ? Not sure how it will work with notepad, or there will be a special program that is the only one have access to the selected folder, and not others do ? Anyway, for the problems with hangs and others we need a working sample with source code to reproduce the problem. Kernel dump from the hang system are welcome too. If You ready to provided it with a detail instruction how to reproduce the problem, we may continue our discussion in the heldesk.
#24304
Posted: 03/26/2013 07:35:53
by Manoj Jain (Standard support level)
Joined: 02/28/2013
Posts: 94

Quote
Kernel dump from the hang system are welcome too


I tried but could not create. I will try again on Thursday as Wednesday is holiday in our office.


Quote
Encryption is possible for on disk files data only,

This is what we require.

Quote
when trusted application opens the file and read it to memory, from this point it has a decrypted data in his local memory as well as decrypted data in system cache.

A normal user is not concerned with memory or cache data.

Quote
How do you going to force notepad, for example, to encrypt or not selectively some files, when they "saved as.." to the arbitrary location ?


Here is problem. With Mask *.txt we can encrypt all .txt file in any location.
but cannot encrypt all file formats ... or a file without extension? That's why I was trying "*.*" as mask which was not correct approach.

Considering your replies, I have concluded that it is impossible to protect a file if it is opened in a program [like notepad] which provides "file type as "*.*" during save as.

I am working on EDIUS project file .prproj which is a XML file and opens in EDIUS Video editing software. During save as EDIUS has *.* as file type option like notepad. A XML is also a text file only. user can save the project file in any format such as "abc.abc".

If we apply mask "*.ezp", all .ezp files will be encrypted but abc.abc will not be encrypted. User is able to get hold of actual file which is originally protected. User can rename the file later as abc.ezp.

Other similar software like Adobe premiere has only one file format during save as [.prproj] we can protect this format and user always gets encrypted file when he uses save as command.


so the conclusion is I should not waste my time with programs allowing *.* in save as but I can work with other programs where limited formats are allowed and I can apply callbackfilter.

Am I right?
#24307
Posted: 03/26/2013 08:42:37
by Vladimir Cherniga (EldoS Corp.)

Quote
A normal user is not concerned with memory or cache data.

Yes, but anyone else read this file, will get a cached representation of file, without reading actual data from backup storage, this is how file system caching works.

Quote
so the conclusion is I should not waste my time with programs allowing *.* in save as but I can work with other programs where limited formats are allowed and I can apply callbackfilter.

Even if you rely on some trusted application with a specific file mask "save as..." functionality, you also required to encrypt that data on write file request. So it does mean that all required callbacks must be called to encrypt on arbitrary location.
#24348
Posted: 03/27/2013 22:50:39
by Manoj Jain (Standard support level)
Joined: 02/28/2013
Posts: 94

Thanks.

Though it reduces the use of callbackfilter that I had envisaged still I will be able to use it with these limitations.

Thanks again for your support.
#24417
Posted: 04/02/2013 23:04:39
by Manoj Jain (Standard support level)
Joined: 02/28/2013
Posts: 94

I just downloaded registered version today. Regarding Vista and Win 7 .. you had commented

Quote
Here is a bug in current implementation that may cause hang in SetEOFAsync call on Windows Vista or later. The fix is on the way to the next build of CallbackFilter.



Please let me know when can I expect this bug to be fixed?
So that I can download the same.
#24419
Posted: 04/03/2013 02:43:17
by Vladimir Cherniga (EldoS Corp.)

It will be available in a few day. Now it testing with different AVs. I will inform you from this thread, when it will be available.
Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.

Reply

Statistics

Topic viewed 14300 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!