As previously described, FESF encrypted files are stored using an On Disk Structure (ODS) that is proprietary to FESF and subject to change in subsequent FESF releases. Remember that the only supported mechanism for retrieving and updating the Policy DLL supplied Header Data is via documented FESF functions. It is an architectural violation for a Solution Component to bypass the supported FESF functions and instead use raw access to manually update any portion of the FESF ODS, including the Header Data. Thus, if you write code that accesses, reads, interprets or changes the stored FESF metadata or Policy DLL supplied Header Data in any way other than using the documented FESF functions, you’re doing this against our recommendations and you are on your own. We reserve the right to change the FESF On Disk Structure at any time, for any reason or for no reason, and with or without notice.
Finally, because when we talk about encrypting files we’re usually dealing with security, it’s useful to keep in mind the fact that any application that has write access to a file can change all or part of the that file’s contents. This applies equally to FESF encrypted files as it does to ordinary unencrypted files. When an application is given raw write access to an FESF encrypted file, that application could potentially overwrite or otherwise damage the file. Again, this is no different than any file on Windows that relies on a specific file format (whether that’s an executable image, a database file, or a Word document).