Repository files navigation

DokanCloudFS is a virtual filesystem for various publicly accessible cloud storage services on the Microsoft Windows platform.

Branch	Build status	Code coverage	Code analysis
master
develop

DokanCloudFS implements a virtual filesystem that allows direct mounting of various publicly accessible cloud storage services on the Microsoft Windows platform.

Mounted cloud storage drives appear as ordinary removable drives in Windows Explorer (albeit very slow ones) and can be used just about like any local drive or file share.

All content written through DokanCloudFS is transparently AES-encrypted with a user-specified key before handing it off to the cloud storage backend.

Some limitations apply concerning transfer speed, maximum file size, permissions, and alternate streams depending on parameters of the cloud storage service used as a backend.

• Mounting of cloud storage volumes as removable drives into Windows Explorer
  • number of mounted volumes only limited by available drive letters
  • mounting of multiple accounts of the same cloud storage service in parallel
  • automatic re-authentication to cloud storage services after first login (optional AES encryption of persisted account credentials and authentication tokens)
• Full support for interactive file manipulation in Winows Explorer including but not limited to
  • copying and moving of multiple files and folders between DokanCloudFS drives and other drives
  • opening of files in default application via Mouse double click
  • right-click-menu on drive, files, and folders with access to menu commands and drive/file properties
  • thumbnails display for media files
• Transparent client-side encryption and decryption of all file content via AESCrypt
  • encryption key configurable per drive
  • unencrypted files may be read and will be encrypted on modification

DokanCloudFS requires a gateway assembly for any cloud storage service to be used as a backend.

The expected gateway interface types and a set of prefabricated gateways are provided in a separate GitHub repository for theCloudFS project.
The associated NuGet packagesCloudFS andCloudFS-Signed include preconfigured API keys for the included cloud storage services and are ready to use. Unless marked otherwise, CloudFS NuGet packages should be used in a version matching the DokanCloudFS version.

• Platform
  • .NET 4.6
• Drivers
  • Dokany driver version 1.0.3 or greater installed
• Operating system
  • tested on Windows 8.1 x64 and Windows Server 2012 R2 (until version 1.0.0-alpha) /
    Windows 10 x64 (from version 1.0.1-alpha)
  • expected to run on Windows 7/8/8.1/10 and Windows Server 2008(R2)/2012(R2)/2016

• Download and compile theDokanCloudFS solution using any of the following build configurations:
  • Debug (NuGet) /Release (NuGet) - non-optimized and optimized build, respectively, using gateway assemblies from the unsigned NuGet package
  • Debug (NuGet-Signed) /Release (NuGet-Signed) - non-optimized and optimized build, respectively, using gateway assemblies from the signed NuGet package
• During the build process, an appropriateCloudFS NuGet package will be downloaded and the assemblies and .config files required byDokanCloudFS will be copied to theLibrary directory.

• Prepare theCloudFS solution
  • Download theCloudFS sources in a version matching the DokanCloudFS version
  • Retrieve your own cloud API authentication keys from the URLs cited inLocal Compilation and apply them in the respectiveSecrets.cs files for the affected cloud services.
  • Compile theCloudFS solution
• Download and compile theDokanCloudFS solution using any of the following build configurations:
  • Debug - non-optimized build
  • Release - optimized build
• Copy allIgorSoft.CloudFS.Gateways.*.dll assemblies and the associatedIgorSoft.CloudFS.Gateways.*.dll.config files from theGateways directory in the build output ofCloudFS.GatewayTests to theLibrary directory of DokanCloudFS.

• Configure the desired mount points inDokanCloudFS.Mounter's configuration fileIgorSoft.DokanCloudFS.Mounter.exe.config.
  See below for a sample configuration.
• Ensure the presence of all required cloud service gateway assemblies and their dependencies - either from a downloadedCloudFS NuGet Package or a local compile - in the path specified by thelibPath attribute in the<mount>-tag in the config file (defaults to the solution's.\Library directory).
• RunIgorSoft.DokanCloudFS.Mounter.exe from the command line. Depending on your account configuration youmay have to use an administrative command line. The following command line arguments are supported:

  IgorSoft.DokanCloudFS.Mounter 1.0.11Usage: Mounter [options] [command]Options:  -?|-h|--help  Show help informationCommands:  mount  resetUsage: Mounter mount [arguments] [options]Arguments:  <userNames>  If specified, mount the drives associated with the specified users; otherwise, mount all configured drives.Options:  -p|--passPhrase  The pass phrase used to encrypt persisted user credentials and access tokens  -?|-h|--help     Show help informationUsage: Mounter reset [arguments] [options]Arguments:  <userNames>  If specified, purge the persisted settings of the drives associated with the specified users; otherwise, purge the persisted settings of all configured drives.Options:  -?|-h|--help  Show help information

  • Themount command will mount the drives configured inIgorSoft.DokanCloudFS.Mounter.exe.config, optionally filtered by the specified user names.
    • If you use the-p|--passPhrase option for the first time, previously unencrypted persisted settingsof the drives mounted at this time - and all newly acquired authentication credentials - will be encrypted with the specified pass phrase. Persisted settings of drives not mounted at this time will remain as they are.
  • Thereset command will purge all persisted settings and require you to explicitely login on the next start ofIgorSoft.DokanCloudFS.Mounter.exe.

  <mountlibPath="..\..\..\Library"threads="5">    <drives>      <driveschema="box"userName="BoxUser"root="P:"encryptionKey="MyBoxSecret&amp;I"timeout="300" /><!--<drive schema="file" root="Q:" encryptionKey="MyFileSecret&amp;I" parameters="root=..\..\..\TestData" />-->      <driveschema="gcs"userName="GoogleCloudStorageUser"root="R:"encryptionKey="MyGoogleCloudStorageSecret&amp;I"parameters="bucket=-- Insert bucket ID here --"timeout="300"apiKey="-- Insert Google Cloud Storage Credentials here --" />      <driveschema="gdrive"userName="GDriveUser"root="S:"encryptionKey="MyGDriveSecret&amp;I"timeout="300" />      <driveschema="hubic"userName="hubiCUser"root="T:"encryptionKey="MyhubiCSecret&amp;I"parameters="container=default"timeout="300" />      <driveschema="mediafire"userName="MediaFireUser"root="U:"encryptionKey="MyMediaFireSecret&amp;I"timeout="300" />      <driveschema="mega"userName="MegaUser"root="V:"encryptionKey="MyMegaSecret&amp;I"timeout="300" />      <driveschema="onedrive"userName="OneDriveUser"root="W:"encryptionKey="MyOneDriveSecret&amp;I"timeout="300" />      <driveschema="pcloud"userName="pCloudUser"root="X:"encryptionKey="MypCloudSecret&amp;I"timeout="300" />      <driveschema="webdav"userName="webDavUser"root="Y:"parameters="baseAddress=https://webdav.magentacloud.de"encryptionKey="MyWebDavSecred&amp;I"timeout="300" />      <driveschema="yandex"userName="YandexUser"root="Z:"encryptionKey="MyYandexSecret&amp;I"timeout="300" />    </drives>  </mount>

Configuration options:

• Global
  • libPath: Path to search for gateway plugin assemblies (relative to the location ofIgorSoft.DokanCloudFS.Mounter.exe).
    All plugin dependencies not covered directly by DokanCloudFS should be placed in this path as well.
  • threads: Number of concurrent threads used for each drive by the Dokan driver.
    Defaults to 5.
• Per drive
  • schema: Selects the cloud storage service gateway to be used.
    Must correspond to one of theCloudFS gateways installed in thelibPath subdirectory. Presently supports the following values:
    • box,gcs,gdrive,hubic,mediafire,mega,onedrive,pcloud,yandex
    • file (mounting of local folders only)
  • userName: User account to be displayed in the mounted drive label.
  • root: The drive letter to be used as mount point for the cloud drive.
    Choose a free drive letter such asL:.
  • apiKey: Persistable credentials to be used for authentication with the cloud storage service in place of an interactive user login.
    • gcs gateway - The Google Cloud Service gateway presently requires that the Google credentials be specified in the API key configuration
  • encryptionKey: An arbitrary symmetric key for the transparent client-side AES encryption.
    Leave this empty only if youreally want to store content without encryption.
  • parameters: Custom parameters as required by the specific cloud storage service gateway. Multiple parameters are separated by a pipe-character|.
    • file gateway - requires aroot-parameter specifying the target directory (e.g.parameters="root=X:\Encrypted")
    • gcs gateway - requires abucket-parameter specifying the Google Cloud Storage bucket to be mounted (e.g.parameters="bucket=xczabc-12345-test-bucket")
    • hubic gateway - requires acontainer-parameter specifiying the desired target container (e.g.parameters="container=default")
    • webdav gateway - requires abaseAddress-parameter specifying the desired WebDAV hoster's access URL (e.g.parameters="baseAddress=https://webdav.magentacloud.de")
    • other gateways - no custom parameters supported so far
  • timeout: The timeout value for file operations on this drive measured in seconds.
    A value of300 should suffice for all but the slowest connections.

The Copy cloud storage service was retired after May 1^st 2016 in response to thisannouncement.

Certain privacy-sensitive information will be stored on your local filesystem by DokanCloudFS, specifically:

• The file%UserProfile%\AppData\Local\IgorSoft\IgorSoft.DokanCloudFS.<RandomizedName>\1.0.0.0\user.config contains data required for automatic re-authentication with the configured cloud storage services such as
  • account names you entered in the browser or login window when authenticating to the various cloud storage services,
  • potentially long-lived authentication/refresh tokens, or in some casese-mail accounts and hashed login passwords or evenuser name and clear text password, as provided by the specific cloud storage service for re-login.
• The above information will be transparentlyAES-encrypted in the.config file if the command line option (-p|--passPhrase, see above in sectionUsage) is used onIgorSoft.DokanCloudFS.Mounter.exe. Failing to specify a pass phrase will result in re-authentication data being stored in the clear.
• The file<DokanCloudFS binary path>\IgorSoft.DokanCloudFS.Mounter.exe.config contains the symmetric AES encryption keys used for client-side encryption of cloud content.
  If you are concerned about protecting this information from unauthorized parties you should use appropriate tools to encrypt the files mentioned above at operating system level or possibly encrypt your system drive.

DokanCloudFSdoes not store your authentication password for any cloud storage service (which would be impossible in the first place for all services employing the OAuth authentication scheme).
Itdoes, however, store user name and password for WebDAV accounts because there is no separate authorization token concept in WebDAV.

• DokanCloudFS only supports mounting of a cloud storage volume's root directory.
• The maximum supported file size varies between different cloud storage services. Moreover, the precise limits are not always disclosed.
  Exceeding the size limit in a file write operation will result in either a timout or a service error.
• The files in a DokanCloudFS drive do not allow true random access, instead they are read or written sequentially as a whole. Furthermore, there is no support for file attributes (read-only,hidden,archived) or permissions.
  Depending on the target application, editing a file directly in the DokanCloudFS drivemay work to a varying extent, otherwise the file must be copied to a conventional drive for processing and subsequently re-uploaded.
  Example: Microsoft Word can open and save .docx files from a DokancloudFS drive, but cannot update a file in place.
• DokanCloudFS keeps an internal cache of directory metadata for increased performance. Changes made to the cloud storage volume outside of DokanCloudFS will not be automatically synchronized with this cache, therefore any form of concurrent write access may lead to unexpected results or errors.
• The only encrypted file format supported by DokanCloudFS is theAESCrypt file format.
• DokanCloudFS distinguishes content encryption keys on a per-drive scale only. It is not possible to assign content encryption keys to specific subdirectories or to individual files.
  Although you could, in theory, mount several copies of the same cloud service volume in parallel, these copies will not synchronize their cached directory structures in any way (see above).

• Several gateways
  • Writing of large (>> 10 Mb) files to cloud storage is unstable on the following platforms:Box,pCloud
• Mediafire gateway
  • The Mediafire token management scheme depends on error-free operation when using long-term authentication tokens. Expect to re-authenticate via the login popup after network errors or if the DokanCloudFS process is aborted.

Due to the nature of the Dokan kernel-mode drivers involved, any severe errors inside DokanCloudFS can result inWindows Blue Screens.

Don't install this project on production environments.

You have been warned.

• improve stability
• improve performance
• allow alternate encryption schemes
• allow mounting and unmounting of individual drives without restarting the mounter process

DokanCloudFS would not have been possible without the expertise and great effort devoted by their respective creators to the following projects:

• Dokany - The User mode file system library for windows (seeDokan for the entire Dokany ecosystem,Dokany for the specific driver)
• Dokan.NET - The Dokan DotNET wrapper (seeDokan.NET Binding)
• SharpAESCrypt - A C# implementation of the AESCrypt file format (seeSharpAESCrypt)
• Moq - The most popular and friendly mocking framework for .NET (seeMoq)
• SemanticTypes - Support for implementing semantic types (seeSemanticTypes)