3.1.4.2.6 Receiving an EfsRpcDecryptFileSrv Message (Opnum 5)

The EfsRpcDecryptFileSrv method is used to convert an existing encrypted object to the unencrypted state in the server's data store.

 long EfsRpcDecryptFileSrv(
   [in] handle_t binding_h,
   [in, string] wchar_t* FileName,
   [in] unsigned long OpenFlag
 );

binding_h: This is an RPC binding handle parameter, as specified in [C706] and [MS-RPCE] section 2.

FileName: An EFSRPC identifier as specified in section 2.2.1.

OpenFlag: This parameter is unused and MUST be ignored by the server. It MUST be set to zero by the client.

Return Values: The server MUST return zero if it successfully processes the message received from the client. The server MUST return a nonzero value if processing fails.

If no object exists on the server with the specified name, the server MUST return a nonzero value. If the object exists and is not encrypted, the server MUST return success.

Otherwise, the server performs the following actions to convert the object in its data store to an unencrypted state:

• If the data object referred to by FileName is a container for other objects, the server MUST clear the attribute on the container that instructs the data store to encrypt any new objects created in that container. The server MAY decrypt encrypted objects that were already in the container before this message was received.

• Otherwise, the server SHOULD:

  • Check that the calling user has access to a private key that will decrypt the file; if the user does not have access, return a nonzero value.

  • Decrypt the object and discard its EFSRPC Metadata.

• Return 0 to indicate success.