3.1.4.2.13 Receiving an EfsRpcDuplicateEncryptionInfoFile Message (Opnum 13)
The EfsRpcDuplicateEncryptionInfoFile method is used to duplicate the EFSRPC Metadata of one encrypted object and attach it to another encrypted object. This is typically done when copying objects to maintain the same set of keys and users for the copy as for the original.
-
DWORD EfsRpcDuplicateEncryptionInfoFile( [in] handle_t binding_h, [in, string] wchar_t* SrcFileName, [in, string] wchar_t* DestFileName, [in] DWORD dwCreationDisposition, [in] DWORD dwAttributes, [in, unique] EFS_RPC_BLOB* RelativeSD, [in] BOOL bInheritHandle );
binding_h: This is an RPC binding handle parameter, as specified in [C706] and [MS-RPCE] section 2.
SrcFileName: An EFSRPC identifier, as specified in section 2.2.1.
DestFileName: An EFSRPC identifier, as specified in section 2.2.1.
dwCreationDisposition: This parameter specifies what action the server is advised to take if the object referred to by DestFileName does not already exist. It MUST be one of the following values.
-
Value
Meaning
CREATE_NEW
0x00000001
Do not overwrite the data object referred to by DestFileName if it already exists.
CREATE_ALWAYS
0x00000002
Overwrite the data object referred to by DestFileName if it already exists.
dwAttributes: Desired attributes for the target object. Clients SHOULD set this parameter to the bitwise OR of zero or more of the following values. Servers SHOULD support all of these values. These values can be interpreted by the underlying server data store, and they do not affect protocol behavior.
-
Value
Meaning
FILE_ATTRIBUTE_HIDDEN
0x00000002
The file is hidden (not displayed in normal folder listings).
FILE_ATTRIBUTE_ARCHIVE
0x00000020
This attribute is used by applications to mark files for backup or removal.
FILE_ATTRIBUTE_TEMPORARY
0x00000100
The file is being used for temporary storage.
FILE_ATTRIBUTE_NOT_CONTENT_INDEXED
0x00002000
The file's contents are not to be indexed by the content indexing service.
FILE_ATTRIBUTE_NORMAL
0x00000080
No other attributes are to be set.
RelativeSD: Relative security descriptor for the target object. The format of this is implementation-dependent.<49>
bInheritHandle: This parameter SHOULD be set to FALSE by the client and SHOULD be ignored by the server.
Return Values: The server MUST return 0 if it successfully processes the message received from the client. The server MUST return a nonzero value if processing fails.<50>
-
If no object exists on the server with the name specified in the SrcFileName parameter, or if it exists and is not encrypted, the server MUST return a nonzero value.
-
If an encrypted object exists with the name specified in the SrcFileName and dwCreationDisposition parameters is equal to CREATE_NEW, then:
If an object exists with the name specified in the DestFileName parameter, the server MUST return a nonzero value.
If no object exists with the name specified in the DestFileName parameter, the server MUST create a new object with this name and duplicate the EFSRPC Metadata from the SrcFileName parameter into it. If the object specified in SrcFileName is a container for other objects, the server MUST create the object as a container for objects, and it MUST encrypt any objects that are subsequently placed in the container after this message has been processed. Otherwise, the server MUST create the object as a non-container encrypted data object.
If an encrypted object exists with the name specified in the SrcFileName and dwCreationDisposition parameters is not equal to CREATE_NEW, then:
If an object already exists with the name specified in the DestFileName parameter, the server MUST check whether the object referred to by SrcFileName is of the same type (either simple object or container for other objects); if the object is not of the same type, the server MUST return a nonzero value. In addition, if the object referred to by DestFileName is a container for other objects, and it is not already encrypted, the server MUST return a nonzero value. Otherwise, the server SHOULD overwrite the object, clear its existing attributes, create a new object in its place with the attributes specified, and duplicate the EFSRPC Metadata from the SrcFileName parameter into it.
If no object exists with the name specified in the DestFileName parameter, the server MUST create a new object with this name and duplicate the EFSRPC Metadata from the SrcFileName parameter into it. If the object specified in SrcFileName is a container for other objects, the server MUST create the object as a container for objects, and it MUST encrypt any objects that are subsequently placed in the container after this message has been processed. Otherwise, the server MUST create the object as a non-container encrypted data object.
In duplicating the EFSRPC Metadata from the SrcFileName parameter to the DestFileName parameter, the server MAY<51> change the metadata. However, upon successful completion, the set of users and DRAs with access to the DestFileName parameter MUST be the same set of users who had access to the SrcFileName parameter at the outset.