简体繁体 English

创建一个只能由我的程序使用的文件。我如何区别于其他程序的文件？

[英]Creating a file that can be only used by my program. How do I differ it from other programs' files?

原文 2014-11-08 12:21:22 1 2 c#/ file/ file-io

I create my file using File.WriteAllBytes() . 我使用File.WriteAllBytes()创建我的文件。 Byte[] that is passed to File.WriteAllBytes() is encrypted by algorithm of my own. 传递给File.WriteAllBytes() Byte []由我自己的算法加密。 You need password that was used when file was encrypted (user of the program knows the password) to decrypt it. 您需要在加密文件（程序用户知道密码）时使用的密码来解密它。 But when some file is opened by my program using File.ReadAllBytes() there are 3 situations: 但是当我的程序使用File.ReadAllBytes()打开某个文件时，有3种情况：

File that is being opened is my program's file and user knows the password to open it. 正在打开的文件是我程序的文件，用户知道打开它的密码。
File that is being opened is my program's file but user doesn't know the password to open it. 正在打开的文件是我程序的文件，但是用户不知道打开它的密码。
File that is being opened is not my program's file. 正在打开的文件不是我程序的文件。

First one is easy to handle. 第一个很容易处理。 2nd and 3rd are same for my program because my program doesn't know the difference between encrypted byte[] and byte[] of some random file. 第二个和第三个对我的程序是相同的，因为我的程序不知道某个随机文件的加密byte []和byte []之间的区别。

How do I differ these situations? 我如何区分这些情况？ I was thinking of adding some sequence of bytes to the end or beginning of byte[] before passing it to File.WriteAllBytes() . 我想在将一些字节序列添加到byte []的结尾或开始之前将其传递给File.WriteAllBytes() 。 Is that safe? 这样安全吗？ How do modern programs differ their files from other files? 现代程序如何将文件与其他文件区分开来？

2 个解决方案

You can give your file some structure before encryption, and check that the structure is there after decryption. 您可以在加密前为文件提供一些结构，并在解密后检查结构是否存在。 If the structure is not there, it's not your file. 如果结构不存在，则不是您的文件。

For example, you could compute a check sum, and store it in the first few bytes prior to the "payload" block of data. 例如，您可以计算校验和，并将其存储在“有效负载”数据块之前的前几个字节中。 Encrypt the check sum along with the rest of the file. 加密校验和以及文件的其余部分。

When you decrypt, take the payload content, and compute its check sum again. 解密时，请获取有效内容，然后再次计算其校验和。 Compare the stored result to the computed result to see if the two match. 将存储的结果与计算结果进行比较，以查看两者是否匹配。 If they don't match, it's not your file. 如果它们不匹配，则不是您的文件。 If they do match, very good chances are that it is your file. 如果他们匹配，很有可能是它是你的文件。

This is not the only approach - the structure could be anything you wish, from placing a special sequence of bytes at a specific place to using a specific strict format (eg an XML) for your content, and then validating this format after the decryption. 这不是唯一的方法 - 结构可以是您想要的任何东西，从在特定位置放置特殊字节序列到为您的内容使用特定严格格式（例如XML），然后在解密后验证此格式。

[the file is] encrypted by algorithm of my own. [该文件]由我自己的算法加密。

Be very careful with security through obscurity: coming up with an algorithm that is cryptographically secure is an extremely hard task. 通过默默无闻的安全性非常小心：提出一种加密安全的算法是一项非常艰巨的任务。

Many many file format use "Magic numbers" in front of the file to determine their types. 许多文件格式使用文件前面的“幻数”来确定它们的类型。 Use the first ... 4 bytes, write a custom sequence it it then read it when you load the file. 使用前... 4个字节，编写自定义序列，然后在加载文件时读取它。