Compact ISO (CISO) is a CD/DVD image container format that allows efficient distribution and storage of CD/DVD images and file sets.
- File splitting/spanning
- Password based strong encryption
- Digital signing for software distribution
- Executable stub support
Compression indexing, choice of ZIP or LZMA compression algorithms, and configurable compression frame size, allow efficient random access to contents of the image.
CISO files can be signed using the same Authenticode certificates and signing tools used for Windows executables and CAB files. The signature on signed CISO files can be verified by existing versions of Windows Explorer and many web browsers.
Strong standardized encryption algorithms are used with password protected CISO files, including: PKCS5V2 password based key generation, AES encryption in an XTS chaining mode, and SHA256 hashing. Encrypted images do not leak side data, such as number of contained files, files sizes, or compression efficiency.
Executable stub support allows the creation of self extracting and self mounting images.
CISO joins a long list of image container formats including:
- and more
Of these formats, few include compression, encryption, and spanning, and none of those are open and documented formats. None of the existing formats support digital signing, or stub executables.
CISO is an open format. It is available for use in free or commercial applications without charge. Free and commercial implementations of the needed compression and encryption algorithms are readily available. To our knowledge, no parts of the format are covered by patents.
The documentation for CISO currently consists of a C/C++ language header file and included developer notes.
Source code for ptiso, a CISO reader/writer, is available on the download page. The ptiso source code can be used as a CISO reference implementation.
Developers wishing to implement CISO support in other applications are encouraged to contact Pismo Technic Inc. for support or to provide feedback.