test.cpp

一个过滤层文件系统驱动的完整代码,实现了文件的加密,操作截获等

// test.cpp : Defines the entry point for the console application.
//

#include "stdafx.h"

#include <windows.h>
#include <winioctl.h>
#include <stdio.h>
#include <string.h>


#define MASK_ENCRYPT_PROTECT 0x1
#define MASK_STATIC_PROTECT  0x2
#define MASK_CHECK_PROTECT   0x4

#define IS_ENCRYPT_PROTECT(x) ((x) & MASK_ENCRYPT_PROTECT)
#define IS_STATIC_PROTECT(x)     ((x) & MASK_STATIC_PROTECT)
#define IS_CHECK_PROTECT(x)      ((x) & MASK_CHECK_PROTECT)

#define SET_ENCRYPT_PROTECT(x) ((x) | MASK_ENCRYPT_PROTECT)
#define SET_STATIC_PROTECT(x)     ((x) | MASK_STATIC_PROTECT)
#define SET_CHECK_PROTECT(x)      ((x) | MASK_CHECK_PROTECT)

#define CLEAR_ENCENCRYPT_PROTECT(x) ((x) & (~MASK_ENCRYPT_PROTECT))
#define CLEAR_STATIC_PROTECT(x)     ((x) & (~MASK_STATIC_PROTECT))
#define CLEAR_CHECK_PROTECT(x)      ((x) & (~MASK_CHECK_PROTECT))

#define HASH_LENGTH 20 // hash值的长度，以Byte为单位

typedef enum _ENCRYPTED_STATUS {
		NotChecked,		// 表示还没有进行过是否是加密文件的检查
		Encrypted,		// 表示已经进行过加密文件检查，并确认已经加过密
		NotEncrypted	// 表示已经进行过加密文件检查，并确认还没有进行加密
}ENCRYPTED_STATUS;

//
// Maximum path length of pathname. This is larger than Win32 maxpath
// because network drives have leading paths
//
#define MAXPATHLEN      256
//
// 受保护文件的结构
//
typedef struct _FILE_PROTECT_LIST_ITEM* PFILE_PROTECT_LIST_ITEM;
typedef struct _FILE_PROTECT_LIST_ITEM
{
	WCHAR					ProtectedFileName[MAXPATHLEN];
	LONG					ProtectedFlag;			// 保存一个掩码值，表示对受保护的文件采用何种保护方法
	BYTE					Hash[ HASH_LENGTH ];    // 160bits Hash值
	ENCRYPTED_STATUS		Encrypted_Check_Status;   
	LONG					FileRealLength;			// 文件经过加密后，文件长度有可能变长，故，我们得维护真实的文件长度
}FILE_PROTECT_LIST_ITEM;

// Define the various device type values.  Note that values used by Microsoft
// Corporation are in the range 0-32767, and 32768-65535 are reserved for use
// by customers.
//
#define FILE_DEVICE_FSTPM	0x00009001

//
// Version #
//
#define FSTPMVERSION    100

//
// commands that the GUI can send the device driver
// 
#define IOCTL_FSTPM_ADD_PROTECT_FILE    (ULONG) CTL_CODE( FILE_DEVICE_FSTPM, 0x00, METHOD_BUFFERED, FILE_ANY_ACCESS ) 
#define IOCTL_FSTPM_DELETE_PROTECT_FILE    (ULONG) CTL_CODE( FILE_DEVICE_FSTPM, 0x01, METHOD_BUFFERED, FILE_ANY_ACCESS ) 
#define IOCTL_FSTPM_SET_CHECK_PROTECT_STATUS    (ULONG) CTL_CODE( FILE_DEVICE_FSTPM, 0x02, METHOD_BUFFERED, FILE_ANY_ACCESS ) 
#define IOCTL_FSTPM_SET_STATIC_PROTECT_STATUS    (ULONG) CTL_CODE( FILE_DEVICE_FSTPM, 0x03, METHOD_BUFFERED, FILE_ANY_ACCESS ) 
#define IOCTL_FSTPM_SET_ENCRYPT_PROTECT    (ULONG) CTL_CODE( FILE_DEVICE_FSTPM, 0x04, METHOD_BUFFERED, FILE_ANY_ACCESS ) 
#define IOCTL_FSTPM_QUERY_PROTECT_FILE    (ULONG) CTL_CODE( FILE_DEVICE_FSTPM, 0x05, METHOD_BUFFERED, FILE_ANY_ACCESS ) 
#define IOCTL_FSTPM_QUERY_PROTECT_LIST    (ULONG) CTL_CODE( FILE_DEVICE_FSTPM, 0x06, METHOD_BUFFERED, FILE_ANY_ACCESS ) 
#define IOCTL_FSTPM_QUERY_PROTECT_FILE_COUNT    (ULONG) CTL_CODE( FILE_DEVICE_FSTPM, 0x07, METHOD_BUFFERED, FILE_ANY_ACCESS ) 
#define IOCTL_FSTPM_SET_EVENT    (ULONG) CTL_CODE( FILE_DEVICE_FSTPM, 0x08, METHOD_BUFFERED, FILE_ANY_ACCESS ) 

FILE_PROTECT_LIST_ITEM Item={0};


UINT TPMQueryProtectFileCount(HANDLE hd)
{

	ULONG count;
	ULONG re;
    ULONG bResult=DeviceIoControl(hd,
		IOCTL_FSTPM_QUERY_PROTECT_FILE_COUNT,
		0,
		0,
		&count,
		sizeof(count),
		&re,
		NULL
		);
	return count;	
}

void TPMAddItemToList(HANDLE hd, PFILE_PROTECT_LIST_ITEM pItem)
{
	ULONG re;
	ULONG bResult=DeviceIoControl(hd,
		IOCTL_FSTPM_ADD_PROTECT_FILE,
		(PVOID)pItem,
		sizeof(FILE_PROTECT_LIST_ITEM),
		0,
		0,
		&re,
		NULL
		);
	printf("Code is: %u\n",IOCTL_FSTPM_ADD_PROTECT_FILE);
}


void TPMDelItemFromList(HANDLE hd, PFILE_PROTECT_LIST_ITEM pItem)
{
	ULONG re;
	ULONG bResult=DeviceIoControl(hd,
		IOCTL_FSTPM_DELETE_PROTECT_FILE,
		(PVOID)pItem,
		sizeof(FILE_PROTECT_LIST_ITEM),
		0,
		0,
		&re,
		NULL
		);
	printf("Code is: %u\n",IOCTL_FSTPM_ADD_PROTECT_FILE);
}

void TPMSetStaticProtectStatus(HANDLE hd, BOOL b)
{
	ULONG re;
	ULONG bResult=DeviceIoControl(hd,
		IOCTL_FSTPM_SET_STATIC_PROTECT_STATUS,
		&b,
		1,
		0,
		0,
		&re,
		NULL
		);
}

void TPMSetCheckProtectStatus(HANDLE hd, BOOL b)
{
	ULONG re;
	ULONG bResult=DeviceIoControl(hd,
		IOCTL_FSTPM_SET_CHECK_PROTECT_STATUS,
		&b,
		1,
		0,
		0,
		&re,
		NULL
		);
}

void TPMSetEncyptProtectStatus(HANDLE hd, BOOL b)
{
	ULONG re;
	ULONG bResult=DeviceIoControl(hd,
		IOCTL_FSTPM_SET_ENCRYPT_PROTECT,
		&b,
		1,
		0,
		0,
		&re,
		NULL
		);
}

void TPMSetEvent(HANDLE hd , BOOL b)
{
	ULONG re;
	ULONG bResult=DeviceIoControl(hd,
		IOCTL_FSTPM_SET_EVENT,
		&b,
		1,
		0,
		0,
		&re,
		NULL
		);
	
}

int main(int argc, char* argv[])
{	
	HANDLE hEvent=OpenEvent(SYNCHRONIZE, FALSE, "tpmreq");
	
	//Item.ProtectedFlag = SET_STATIC_PROTECT(Item.ProtectedFlag);
	//Item.ProtectedFlag = SET_CHECK_PROTECT(Item.ProtectedFlag);
	Item.ProtectedFlag = SET_ENCRYPT_PROTECT(Item.ProtectedFlag);
	wcscpy(Item.ProtectedFileName,L"C:\\你好.txt");

	Item.Hash[0]=1;

	HANDLE hd=CreateFile("\\\\.\\FsTPM",GENERIC_READ | GENERIC_WRITE
						,0,
						NULL,
						OPEN_EXISTING,
						FILE_ATTRIBUTE_NORMAL,
						NULL
						);
	
	if (hd==NULL)
	{
		printf("Open File Driver Error!\n");
		return 0;
	}
		
	//TPMSetCheckProtectStatus(hd,TRUE);
	//TPMSetStaticProtectStatus(hd,TRUE);
	TPMSetEncyptProtectStatus(hd,TRUE);

	int count=-1;
	printf("File Items Count = %d\n",count = TPMQueryProtectFileCount(hd));
	TPMAddItemToList(hd, &Item);
	printf("File Items Count = %d\n",count = TPMQueryProtectFileCount(hd));
	//wcscpy(Item.ProtectedFileName,L"C:\\test.txt");
	//TPMDelItemFromList(hd,&Item);
	//printf("File Items Count = %d\n",count = TPMQueryProtectFileCount(hd));
	printf("Wait...\n");
	
	WaitForSingleObject(hEvent,100000000);

	printf("Request ... ");

	ResetEvent(hEvent);
	TPMSetEvent(hd,TRUE);
	
	printf("Say Yes\n");

	return 0;
}