EldoS | Feel safer!

Software components for data protection, secure storage and transfer

PreCreate callback

Posted: 01/08/2016 09:58:02
by vandernyt (Basic support level)
Joined: 09/16/2015
Posts: 10


I have a problem which I described before:
In a few words with a little update:
1. I want to show my dialog with question: "Do you want to encrypt the file?".
2. If result is "Yes" - proceed copy operation with encryption. Else - proceed usual copy operation.

I noticed that cbfs filter has PreCreate and PostCreate callbacks.
Can I do this:

void CbFltCreateFileC(/*parameters*/)
    WCHAR text[MAX_PATH * 2];
    if (0 == (*FileAttributes & FILE_ATTRIBUTE_DIRECTORY)) {
       wsprintfW(text, L"CreateFileC %s", FileName);

    int res = MessageBox(0, "Title", "Do you want to encrypt the file?", MB_YESNO)
    if (res == IDYES) {
         // Set flag for the context encryption.

    *RequestAccepted = TRUE;

So first of all I want to show only my dialog with question. After I get a result from the MessageBox, the copy operation (copy with encryption in case res == IDYES) will proceed automatically and the copying dialog will apper on the screen.

Is it possible to do with cbfs filter?
I'm asking this question, since we do not have a key for cbfs filter. And we will move to this filter, if an answer is positive.

Thanks for help again!
Posted: 01/08/2016 10:12:08
by Eugene Mayevski (Team)

You will have two obstacles here:

1) You can not provide different file contents to different applications, because some of file information might already reside in the cache. While it might be possible to flush the cache, if two processes request the same file to be opened, you won't be able to deliver different file contents to those processes. So it won't be possible to make one process read encrypted data (without decryption) and let other process read decrypted data. Moreover, if encrypted and decrypted data have different length, how would you report this information to the OS when the directory is enumerated? So far I don't see any workarounds to this obstacle.

2) the file open request can't wait forever, because the whole filesystem might be blocked waiting for the file to be opened. This means that your dialog should have some expiration after which the operation should be denied. This is doable, but special attention needs to be paid.

Sincerely yours
Eugene Mayevski



Topic viewed 4873 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!