CISO, Compact ISO
Compact ISO (CISO) is a CD/DVD image container format that
allows efficient distribution and storage of CD/DVD images
and file sets.
- File splitting/spanning
- Password based strong encryption
- Digital signing for software distribution
- Executable stub support
Compression indexing, choice of ZIP or LZMA compression
algorithms, and configurable compression frame size, allow
efficient random access to contents of the image.
CISO files can be signed using the same Authenticode
certificates and signing tools used for Windows executables
and CAB files. The signature on signed CISO files can be
verified by existing versions of Windows Explorer and many
Strong standardized encryption algorithms are used with
password protected CISO files, including: PKCS5V2 password
based key generation, AES encryption in an XTS chaining
mode, and SHA256 hashing. Encrypted images do not leak side
data, such as number of contained files, files sizes, or
Executable stub support allows the creation of self extracting
and self mounting images.
CISO joins a long list of image container formats including:
- and more
Of these formats, few include compression, encryption, and
spanning, and none of those are open and documented formats.
None of the existing formats support digital signing, or
CISO is an open format. It is available for use in free or
commercial applications without charge. Free and commercial
implementations of the needed compression and encryption
algorithms are readily available. To our knowledge, no parts
of the format are covered by patents.
The documentation for CISO currently consists of a C/C++
language header file and included developer notes.
ciso.h - Compact ISO definition
and developer notes.
Source code for ptiso, a CISO reader/writer, is available on
the download page. The ptiso source code can be used as a
CISO reference implementation.
Developers wishing to implement CISO support in other
applications are encouraged to contact Pismo Technic Inc. for
support or to provide feedback.