Helpful hint: Don't reuse the same code file names in projects that will be loaded simultaneously. WinDbg becomes confused and will attempt to step through the wrong file.
October 13 2017
I was able to create the shell of the driver in about two hours by copying from the Driver2 project.
I committed the project under the CryptIFS branch, which is derived from the Daily branch. I must remember to merge back into Daily before merging into Work.
Another hour to add the driver interface between CryptDisk.exe and CryptIFS.sys.
Helpful hint: Don't reuse the same code file names in projects that will be loaded simultaneously. WinDbg becomes confused and will attempt to step through the wrong file.
A half hour more and I am now able to load and unload CryptIFS.sys.
After about six hours I am to the point where I ready to migrate the IFS code from NetMon to CryptIFS, which shouldn't be more than 200 lines or so. It is time to take a break and return home before the sun sets.
I spent most of the next day migrating the IFS code from NetMon to CryptIFS. CryptIFS is organized around a common DeviceExt C++ base class, inherited from CryptDisk, that I want to carry forward. This code is cleaner, easier to read, and easier to reuse than the C structs used by NetMon. This was more involved than just copy/paste and took most of the day. I then spent about 90 minutes debugging, and was pleasantly surprised at how few bugs I encountered. CryptIFS is now printing to the debugger the name of every file opened. This slows the system to a crawl but proves that CryptIFS is working (and not crashing). I can even remove the IFS hooks and unload the driver without problems. The first version of CryptIFS went from concept to working in just a bit over 2 days.