The possible callback functions that a Policy DLL can support are:
•PolicyDllInit – This is the only entry point that is called by name, and it must be named PolicyDllInit. This callback function is called by FESF immediately after the Policy DLL has been loaded to allow the Policy DLL to perform initialization processing. This processing must include initializing a FE_POLICY_CONFIG structure and filling it in with pointers to the other callback functions supported by the Policy DLL. The FE_POLICY_CONFIG must then be passed to FESF by the Policy DLL calling FePolSetConfiguration during its PolicyDllInit callback function processing. This callback function is required and must be implemented by every Policy DLL.
•PolApproveCreateLink – Called when a hard link is being created on a supported file system. The Policy DLL can choose to allow or disallow the operation for security purposes. This callback function is optional.
•PolApproveRename – Called when a file on a supported file system is being renamed. The Policy DLL can choose to allow or disallow the operation for security purposes. This callback function is optional.
•PolApproveTransactedOpen – Called when a relevant transactional open is encountered. All transactional opens are treated by FESF as raw. This call gives the Solution the option of disallowing the open completely. A Solution might choose to do this if allowing the open could lead to secure data leakage. This callback function is optional.
•PolAttachVolume – Called when a new volume is discovered by FESF (for example, when a thumb drive is inserted or a disk is formatted). This gives the policy DLL the option to encrypt files on the volume or to totally ignore it. This callback function is optional.
•PolFreeHeader– Called by FESF to return the storage for Policy DLL Header Data that was previously allocated by the Policy DLL. This callback function is required and must be implemented by every Policy DLL.
•PolFreeKey – Called by FESF to return the storage for the Key Data that was previously allocated by the Policy DLL. This callback function is required and must be implemented by every Policy DLL.
•PolGetKeyFromHeader – Called when an existing FESF encrypted file is being opened, and the Policy DLL has previously determined that the opening handle will receive transparent encrypted/decrypted access. Given the Thread ID of the thread performing the access and the Policy DLL Header Data that FESF stored with the file, the Policy DLL returns the Key Data and Algorithm ID to be used for encryption and decryption operations. This callback function is required and must be implemented by every Policy DLL.
•PolGetKeyNewFile – Called when a new file is being created in FESF encrypted format to get the Key Data and Algorithm ID to be used to encrypt data for the file, and the Policy DLL Header Data that will be stored with the file. This callback function is required and must be implemented by every Policy DLL.
•PolGetLockRounding – Called to find the “lock rounding” which should be associated with all accessors to that file prior to the locking request being sent to the remote server.
•PolGetPolicyDirectoryListing – Called when a directory is opened to determine whether the sizes returned in a directory listing will reflect what is consumed on disk (allowing for the Solution Header) or just the size of the data in the file.
•PolGetPolicyExistingFile – Called when an existing FESF encrypted file is being opened to determine if encrypted data read from the file should be decrypted before it's returned and whether data written to the file should be encrypted before it's written. This callback function is required and must be implemented by every Policy DLL.
•PolGetPolicyNewFile – Called when a new file is being created with write access requested on a supported file system, to determine if the file should be created in FESF encrypted format. This callback function is required and must be implemented by every Policy DLL. Note that for the purposes of FESF, a "new file being created" includes an existing zero-length file being opened or the destructive create of any existing file. See the reference pages for PolGetPolicyNewFile for the details.
•PolReportFileInconsistent– Called when FESF discovers a file that is in FESF format, but that has an internal inconsistency or format error. This callback function is optional.
•PolReportLastHandleClosed – Called when the last handle to a file in FESF encrypted format is being closed. This callback function is optional.
•PolUninit – Called during shutdown to allow the Policy DLL to perform any cleanup operations it requires.
Aside from the required functions, a Policy DLL only needs to implement those functions that are relevant to the Client product.