locked
Best way to incorporate Encryption in WFP Callout RRS feed

  • Question

  • Hi, 

    I'm new to WFP and driver development. 

    I need to encrypt part of the protocol data at the callout driver. 

    Is there any WDF / other way to use standard protocol's "out of the box"? for example i would like to encrypt a chunk of 100 bytes with AES, at the callout driver.

    Kind regards.

    Saturday, June 2, 2012 11:42 AM

Answers

All replies

  • Best way?  use the built-in IPsec :).  If you wish to do your own data encryption, then for TCP, you'll likely want to sit at the STREAM layers.  For Non-TCP, sitting at either DATAGRAM_DATA or the {IN/OUT}BOUND_TRANSPORT layers will meet your needs.

    IPsec is implemented @ both INBOUND and OUTBOUND TRANSPORT.

    Hope this helps,


    Dusty Harper [MSFT]
    Microsoft Corporation
    ------------------------------------------------------------
    This posting is provided "AS IS", with NO warranties and confers NO rights
    ------------------------------------------------------------

    Sunday, June 3, 2012 2:06 AM
    Moderator
  • I want to do my own data encryption. only on specific part's. and use algorithm like AES or 3DES. (currently encrypting only 2 bytes out of the entire payload).

    Any idea on an API that will enable me to encrypt data ? ( For example: AESEncryptDataBlock(PVOID* myData) which will return an encrypted data block )

    Kind regards,

    Yechiel Levi

    Sunday, June 3, 2012 1:27 PM
  • I'd suggest starting with the CNG APis http://msdn.microsoft.com/en-us/library/windows/desktop/aa376210(v=vs.85).aspx

    Hope this helps. 


    Dusty Harper [MSFT]
    Microsoft Corporation
    ------------------------------------------------------------
    This posting is provided "AS IS", with NO warranties and confers NO rights
    ------------------------------------------------------------

    Sunday, June 3, 2012 6:06 PM
    Moderator