Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Creating a file that can be only used by my program. How do I differ it from other programs' files?

Tags:

c#

file

file-io

I create my file using File.WriteAllBytes(). Byte[] that is passed to File.WriteAllBytes() is encrypted by algorithm of my own. You need password that was used when file was encrypted (user of the program knows the password) to decrypt it. But when some file is opened by my program using File.ReadAllBytes() there are 3 situations:

  1. File that is being opened is my program's file and user knows the password to open it.
  2. File that is being opened is my program's file but user doesn't know the password to open it.
  3. File that is being opened is not my program's file.

First one is easy to handle. 2nd and 3rd are same for my program because my program doesn't know the difference between encrypted byte[] and byte[] of some random file.

How do I differ these situations? I was thinking of adding some sequence of bytes to the end or beginning of byte[] before passing it to File.WriteAllBytes(). Is that safe? How do modern programs differ their files from other files?

like image 648
foxneSs Avatar asked Nov 08 '14 12:11

foxneSs


2 Answers

You can give your file some structure before encryption, and check that the structure is there after decryption. If the structure is not there, it's not your file.

For example, you could compute a check sum, and store it in the first few bytes prior to the "payload" block of data. Encrypt the check sum along with the rest of the file.

When you decrypt, take the payload content, and compute its check sum again. Compare the stored result to the computed result to see if the two match. If they don't match, it's not your file. If they do match, very good chances are that it is your file.

This is not the only approach - the structure could be anything you wish, from placing a special sequence of bytes at a specific place to using a specific strict format (e.g. an XML) for your content, and then validating this format after the decryption.

[the file is] encrypted by algorithm of my own.

Be very careful with security through obscurity: coming up with an algorithm that is cryptographically secure is an extremely hard task.

like image 124
Sergey Kalinichenko Avatar answered Nov 15 '22 03:11

Sergey Kalinichenko


Many many file format use "Magic numbers" in front of the file to determine their types. Use the first ... 4 bytes, write a custom sequence it it then read it when you load the file.

like image 25
Eric Avatar answered Nov 15 '22 03:11

Eric