Figuring out how to get FESF to support encrypting and decrypting files with a given Cloud Storage product isn’t necessarily simple. It will typically involve analyzing the details of how the Cloud Storage product works, and then crafting a Solution policy that will result in FESF (and your Solution) doing what you want it to do in terms of encrypting or decrypting files. OSR will always provide you guidance by telling you how we were able to achieve a given level of interoperability in our testing. However, determining how your Solution can best support a given Cloud Storage product is ultimately up to you.
For example, a recent version of OneDrive (as of Windows 1809) recalls files from the cloud into a temporary location named “OneDriveTemp” and a subdirectory named by a GUID. When the file has been fully recalled, OneDrive renames it to the ultimate target directory. There are different policies and strategies that your Solution could potentially use if your goal is to cause locally stored files to be encrypted. One might involve causing all files written into the temporary directory to be encrypted. This will result in the file being encrypted when it is recalled. When the rename from the temporary directory to the ultimate target directory takes place, the file will remain encrypted. One could, however, also envision a Solution that utilizes a more sophisticated policy in which the file is first encrypted in the temporary directory with a unique key, and then when the file is renamed, that rename is intercepted and the file is re-encrypted using the ultimate end-user’s key. This more advanced policy would probably be sufficiently challenging to implement that its complexity would outweigh its potential benefits. Still, the point is that such options are possible, and whether it’s “worth it” is up to you.
Thus, ultimately it is up to you to analyze the behavior of a given Cloud Storage product and to devise the “best” policy and strategy for your Solution to support that product. And, don’t forget, it’s not unusual for different versions of a given Cloud Storage product to be implemented differently and for those different versions to be “in the wild” at the same time. We’ve seen this with OneDrive. There’s nothing FESF can do to make this easier. It is simply incumbent on your Solution to be ready to handle these variances.