EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Reading other file during callback for one file

Also by EldoS: SecureBlackbox
200+ components and classes for digital security, signing, encryption and secure networking.
Posted: 11/06/2013 16:24:53
by Jasmeet Chhabra (Priority Standard support level)
Joined: 11/06/2013
Posts: 7

I need to do the following:
1) Process reads File A
2) I get the callback for the read call
3) I read File B
4) I provide data for the read call based on data in file B.
Can I read another file using OpenFile() besides the one for which the callback is being done? Does it matter if File A is a virtual file or not for this to succeed?

If not, is there any other way to do this?
Can I do this using a separate process to read file B and then using IPC from by callback filter app to get the data if this is not possible?

Posted: 11/07/2013 03:56:33
by Eugene Mayevski (Team)

You can use CallbackFilter.CreateNonCbFile() method and use the obtained handle in regular WinAPI or .NET functions. But you need to call CreateNonCbFile from OnPostOpenFile or OnPostCreateFile callbacks. Stability of the system if you call CreateNonCbFile from other callbacks is questionable.

But with reading of this file the situation is more complicated. If your file B resides on the different volume - that's fine, everything will work correctly. If file B is on the same volume, then a deadlock can happen in certain cases.

Our Encrypt* samples use CallbackFilter.OpenFile() method and it was crafted specifically to work around the problem with callbacks and possible deadlocks.

Sincerely yours
Eugene Mayevski
Posted: 11/07/2013 09:55:27
by Jasmeet Chhabra (Priority Standard support level)
Joined: 11/06/2013
Posts: 7

File B resides on the same volume. I plan to use the CallbackFilter.OpenFile() method during openfile/createfile callbacks fro File A to get the handle as described in you documentation. I will store the handle in context and access it during read callbacks.
So, that will work?
Posted: 11/07/2013 10:06:28
by Vladimir Cherniga (Team)

CallbackFilter.OpenFile() method is only suitable when you read/write file A in callback fired for file A. Reading another file(B) from file A callback can be done using handle opened with CallbackFilter.CreateNonCbFile()
Posted: 11/07/2013 10:10:32
by Eugene Mayevski (Team)

Calling ReadFile from OnReadFile callback can cause a deadlock in certain cases (the same applies to writing). You need to somehow buffer the data and read/write them in a different thread.

Sincerely yours
Eugene Mayevski
Posted: 11/07/2013 10:21:14
by Jasmeet Chhabra (Priority Standard support level)
Joined: 11/06/2013
Posts: 7

ok. I think I understand. So, given what you have said, I can do the following sequence of things:
1. A file called "f.doc" is created/opened and I get the corresponding callback
2. I use the CallbackFilter.CreateNonCbFile() to create f.doc.enc file
3. For all writes for "f.doc", I write to "f.doc.enc" file after encryption
4. For all reads for "f.doc", I read "f.doc.enc" file after decryption.
5. I leave the f.doc empty, but return the correct size as required for me to let it be read/written.
6. Any process which reads f.doc.enc gets the encrypted file.

I am assuming, I will still get hooks for enumeration calls for the directory etc., so I can hide/unhide the .enc file as needed.

Posted: 11/07/2013 10:44:28
by Vladimir Cherniga (Team)

Enumerate directory callback can hide file entries, but it will not hide the file from direct open request with a fully qualified path. There is also another problem, if you keep "f.doc" file empty. The file sizes could be read from disk storage during open request and thus file size viewed by file system and reported by filter to applications will be different. It could cause a problems with system cache initialization and others. Anyway such method requires testing for the possible traps on a working system.
Posted: 11/07/2013 10:50:18
by Jasmeet Chhabra (Priority Standard support level)
Joined: 11/06/2013
Posts: 7

ok. Thanks Vladimir. I am going to go with the Virtual file method as you replied in the other thread. Looks like that approach is better for what I need as it will avoid deadlocks during reads if I understand correctly.
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.



Topic viewed 5042 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!