DokanCloudFS is a virtual filesystem for various publicly accessible cloud storage services on the Microsoft Windows platform.

Branch	Build status	Code coverage
master
develop

DokanCloudFS implements a virtual filesystem that allows direct mounting of various publicly accessible cloud storage services on the Microsoft Windows platform.

Mounted cloud storage drives appear as ordinary removable drives in Windows Explorer (albeit very slow ones) and can be used just about like any local drive or file share.

All content written through DokanCloudFS is transparently AES-encrypted with a user-specified key before handing it off to the cloud storage backend.

Some limitations apply concerning transfer speed, maximum file size, permissions, and alternate streams depending on parameters of the cloud storage service used as a backend.

• Mounting of cloud storage volumes as removable drives into Windows Explorer
  • number of mounted volumes only limited by available drive letters
  • mounting of multiple accounts of the same cloud storage service in parallel
• Full support for interactive file manipulation in Winows Explorer including but not limited to
  • copying and moving of multiple files and folders between DokanCloudFS drives and other drives
  • opening of files in default application via Mouse double click
  • right-click-menu on drive, files, and folders with access to menu commands and drive/file properties
  • thumbnails display for media files
• transparent client-side encryption and decryption of all file content via AESCrypt
  • encryption key configurable per drive

DokanCloudFS requires a gateway assembly for any cloud storage service to be used as a backend.

The expected gateway interface types and a set of prefabricated gateways are provided in a separate GitHub repository for the CloudFS project.
The associated NuGet packages CloudFS and CloudFS-Signed include preconfigured API keys for the included cloud storage services and are ready to use. Unless marked otherwise, CloudFS NuGet packages should be used in a version matching the DokanCloudFS version.

• Platform
  • .NET 4.6
• Drivers
  • Dokany driver 1.0.0-RC3 or greater installed
• Operating system
  • tested on Windows 8.1 x64 and Windows Server 2012 R2 (until version 1.0.0-alpha) /
    Windows 10 x64 (from version 1.0.1-alpha)
  • expected to run on Windows 7/8/8.1/10 and Windows Server 2008(R2)/2012(R2)

• Compile the CloudFS solution
  Note: You'll need to retrieve your own cloud app authentication keys and apply them in the respective Secrets.cs files for the affected cloud services.
• Copy all assemblies from the Gateways directory in the build output of CloudFS.GatewayTests to the Library directory of DokanCloudFS.
• Compile the DokanCloudFS solution.

• Configure the desired mount points in DokanCloudFS.Mounter's configuration file IgorSoft.DokanCloudFS.Mounter.exe.config.
  See below for a sample configuration.
• Ensure the presence of all required cloud service gateway assemblies and their dependencies - either from a downloaded CloudFS NuGet Package or a local compile - in the path specified by the libPath attribute in the <mount>-tag in the config file (defaults to the solution's .\Library directory).
• Run IgorSoft.DokanCloudFS.Mounter.exe from the command line.

  <mount libPath="..\..\..\Library" threads="5">
    <drives>
      <drive schema="box" userName="BoxUser" root="P:" encryptionKey="MyBoxSecret&amp;I" timeout="300" />
      <!--<drive schema="file" root="R:" encryptionKey="MyFileSecret&amp;I" parameters="root=..\..\..\TestData" />-->
      <drive schema="gdrive" userName="GDriveUser" root="S:" encryptionKey="MyGDriveSecret&amp;I" timeout="300" />
      <drive schema="hubic" userName="hubiCUser" root="T:" encryptionKey="MyhubiCSecret&amp;I" parameters="container=default" timeout="300" />
      <drive schema="mediafire" userName="MediaFireUser" root="U:" encryptionKey="MyMediaFireSecret&amp;I" timeout="300" />
      <drive schema="mega" userName="MegaUser" root="V:" encryptionKey="MyMegaSecret&amp;I" timeout="300" />
      <drive schema="onedrive" userName="OneDriveUser" root="W:" encryptionKey="MyOneDriveSecret&amp;I" timeout="300" />
      <drive schema="pcloud" userName="pCloudUser" root="X:" encryptionKey="MypCloudSecret&amp;I" timeout="300" />
      <drive schema="yandex" userName="YandexUser" root="Y:" encryptionKey="MyYandexSecret&amp;I" timeout="300" />
    </drives>
  </mount>

Configuration options:

• Global
  • libPath: Path to search for gateway plugin assemblies (relative to the location of IgorSoft.DokanCloudFS.Mounter.exe).
    All plugin dependencies not covered directly by DokanCloudFS should be placed in this path as well.
  • threads: Number of concurrent threads used for each drive by the Dokan driver.
    Defaults to 5.
• Per drive
  • schema: Selects the cloud storage service gateway to be used.
    Must correspond to one of the CloudFS gateways installed in the libPath subdirectory. Presently supports the following values:
    • box, gdrive, hubic, mediafire, mega, onedrive, pcloud, yandex
    • file (mounting of local folders only)
  • userName: User account to be displayed in the mounted drive label.
  • root: The drive letter to be used as mount point for the cloud drive.
    Choose a free drive letter such as L:.
  • encryptionKey: An arbitrary symmetric key for the transparent client-side AES encryption.
    Leave this empty only if you really want to store content without encryption.
  • parameters: Custom parameters as required by the specific cloud storage service gateway. Multiple parameters are separated by a pipe-character |.
    • file gateway - requires a root-parameter specifying the target directory (e.g. parameters="root=X:\Encrypted")
    • hubic gateway - requires a container-parameter specifiying the desired target container (e.g. parameters="container=default")
    • other gateways - no custom parameters supported so far
  • timeout: The timeout value for file operations on this drive measured in seconds.
    A value of 300 should suffice for all but the slowest connections.

The Copy cloud storage service was retired after May 1^st 2016 in response to this announcement.

Certain privacy-sensitive information will be stored on your local filesystem in the clear by DokanCloudFS, specifically:

• The file %UserProfile%\AppData\Local\IgorSoft\IgorSoft.DokanCloudFS.<RandomizedName>\1.0.0.0\user.config contains data required for automatic re-authentication with the configured cloud storage services such as
  • account names you entered in the browser or login window when authenticating to the various cloud storage services,
  • potentially long-lived authentication/refresh tokens, or in some cases e-mail accounts and hashed login passwords, as provided by the specific cloud storage service for re-login.
• The file <DokanCloudFS binary path>\IgorSoft.DokanCloudFS.Mounter.exe.config contains the symmetric AES encryption keys used for client-side encryption of cloud content.

If you are concerned about protecting this information from unauthorized parties you should use appropriate tools to encrypt the files mentioned above at operating system level or possibly encrypt your system drive.

DokanCloudFS does not store your authentication password for any cloud storage service (which would be impossible in the first place for all services employing the OAuth authentication scheme).

• DokanCloudFS only supports mounting of a cloud storage volume's root directory.
• The maximum supported file size varies between different cloud storage services. Moreover, the precise limits are not always disclosed.
  Exceeding the size limit in a file writing operation will result in either a timout or a service error.
• The files in a DokanCloudFS drive do not allow true random access, instead they are read or written sequentially as a whole.
  Depending on the target application it may be possible to edit a file directly in the DokanCloudFS drive, otherwise it must be copied to a conventional drive for processing.
• DokanCloudFS keeps an internal cache of directory metadata for increased performance. Changes made to the cloud storage volume outside of DokanCloudFS will not be automatically synchronized with this cache, therefore any form of concurrent write access may lead to unexpected results or errors.
• The only encrypted file format supported by DokanCloudFS is the AESCrypt file format.
• DokanCloudFS distinguishes encryption keys on a per-drive scale only. It is not possible to assign encryption keys to specific subdirectories or to individual files.
  Although you could, in theory, mount several copies of the same cloud service volume in parallel, these copies will not synchronize their cached directory structures in any way (see above).
  A future version of DokanCloudFS will support read-only access to unencrypted content on the cloud storage volume.

• Several gateways
  • Writing of large (>> 10 Mb) files to cloud storage is unstable on the following platforms: Box, OneDrive, pCloud
• Mediafire gateway
  • The API library used to access MediaFire does not presently support long-term authentication tokens. Expect to re-authenticate via the login popup every 10 minutes or so.

Due to the nature of the Dokan kernel-mode drivers involved, any severe errors inside DokanCloudFS can result in Windows Blue Screens.

Don't install this project on production environments.

You have been warned.

• improve stability
• improve performance
• allow alternate encryption schemes
• allow mounting and unmounting of individual drives without restarting the mounter process
• protect locally stored authentication information through encryption

DokanCloudFS would not have been possible without the expertise and great effort devoted by their respective creators to the following projects:

• Dokany - The User mode file system library for windows (see Dokan for the entire Dokany ecosystem, Dokany for the specific driver)
• Dokan.NET - The Dokan DotNET wrapper (see Dokan.NET Binding)
• SharpAESCrypt - A C# implementation of the AESCrypt file format (see SharpAESCrypt)
• Moq - The most popular and friendly mocking framework for .NET (see Moq)
• SemanticTypes - Support for implementing semantic types (see SemanticTypes)