All geek questions in one place

Creating a file that can only be used by my program. How can I distinguish it from files of other programs?

I create my file using File.WriteAllBytes() . Byte [], which is passed to File.WriteAllBytes() , is encrypted with its own algorithm. You need a password that was used when the file was encrypted (the user of the program knows the password) in order to decrypt it. But when a file is opened by my program using File.ReadAllBytes() , there are 3 situations:

  • The file that opens is my program file, and the user knows the password to open it.
  • The file that opens is my program file, but the user does not know the password to open it.
  • The file that opens is not my program file.

The first one is easy to handle. 2 and 3 are the same for my program, because my program does not know the difference between the encrypted byte [] and byte [] of some random file.

How can I distinguish between these situations? I was thinking of adding some sequence of bytes to the end or beginning of byte [] before passing it to File.WriteAllBytes() . It is safe? How do modern programs differ in files from other files?

+5
source share
2 answers

You can provide your file with some structure before encryption and check if the structure exists after decryption. If there is no structure there, this is not your file.

For example, you can calculate the checksum and store it in the first bytes before the “payload” data block. Encrypt the checksum along with the rest of the file.

When you decrypt, load the contents of the payload and calculate its checksum again. Compare the result with the calculated result to see if the two match. If they do not match, this is not your file. If they match, there is a very good chance that this is your file.

This is not the only approach - the structure can be anything you want, from placing a special sequence of bytes in a certain place to using a certain strict format (for example, XML) for your content, and then checking this format after decryption.

[file] is encrypted using my own algorithm.

Be very careful with security through obscurity: coming up with an algorithm that is cryptographically secure is an extremely difficult task.

+4
source

In many format files, the Magic Number files in front of the file determine their types. Use the first ... 4 bytes, write a user sequence that it will then read when you upload the file.

+2
source

Source: https://habr.com/ru/post/1206475/

More articles:


All Articles