CSecureChannelServer::EncryptParam (deprecated)
This is preliminary documentation and subject to change.
This topic documents a feature of the Windows Media Device Manager SDK. We recommend that you migrate your application to use the Windows Portable Devices API. For more information, see the Windows Portable Devices SDK.
The EncryptParam method uses the session key of the secure authenticated channel to encrypt the data contained in a parameter.
Syntax
HRESULT EncryptParam(
BYTE* pbData,
DWORD dwDataLen
);
Parameters
pbData
Pointer to the first byte of a data buffer containing the parameter that is to be encrypted.
dwDataLen
Pointer to a DWORD specifying the length of the buffer to which pbData points.
Return Values
The method returns an HRESULT. All the interface methods in Windows Media Device Manager can return any of the following classes of error codes:
- Standard COM error codes
- Windows error codes converted to HRESULT values
- Windows Media Device Manager error codes
For an extenstive list of possible error codes, see Error Codes.
Possible values include, but are not limited to, those in the following table.
Return code | Description |
S_OK | The method succeeded. |
E_INVALIDARG | A parameter is invalid or is a NULL pointer. |
E_FAIL | An unspecified error occurred. |
Remarks
Certain parameters, listed in the tables under Using Secure Authenticated Channels, must be included in the message authentication code (MAC) and must be encrypted before the call for data transfer in both directions. Call EncryptParam to encrypt the specified parameters. Do not encrypt any parameters that do not require it.
Example Code
The following code demonstrates a service provider's implementation of IMDSPObject::Read. This method creates the MAC key using the data to encrypt and the size of the data, and sends them both to the application.
HRESULT CMyStorage::Read(
BYTE *pData,
DWORD *pdwSize,
BYTE abMac[WMDM_MAC_LENGTH])
{
HRESULT hr;
DWORD dwToRead; // Bytes to read.
DWORD dwRead = NULL; // Bytes read.
BYTE *pTmpData = NULL; // Temporary buffer to hold data before it
// is copied out to pData.
// Use a global CSecureChannelServer member to verify that the client
// is authenticated.
if (!(g_pAppSCServer->fIsAuthenticated()))
{
return WMDM_E_NOTCERTIFIED;
}
// Verify that the handle to the file to read is valid.
if(m_hFile == INVALID_HANDLE_VALUE)
{
return E_FAIL;
}
// Create a buffer to hold the data read.
dwToRead = *pdwSize;
pTmpData = new BYTE [dwToRead] ;
if(!pTmpData)
return E_OUTOFMEMORY;
// Read data into the temporary buffer.
if(ReadFile(m_hFile,(LPVOID)pTmpData,dwToRead,&dwRead,NULL))
{
*pdwSize = dwRead;
if( dwRead )
{
// Create a MAC from all the parameters.
// CORg is a macro that goes to Error label on failure.
// MAC consists of data and size of data.
HMAC hMAC;
CORg(g_pAppSCServer->MACInit(&hMAC));
CORg(g_pAppSCServer->MACUpdate(hMAC, (BYTE*)(pTmpData), dwRead));
CORg(g_pAppSCServer->MACUpdate(hMAC, (BYTE*)(pdwSize), sizeof(DWORD)));
CORg(g_pAppSCServer->MACFinal(hMAC, abMac));
// Encrypt the data.
CORg(g_pAppSCServer->EncryptParam(pTmpData, dwRead));
// Copy the data from the temporary buffer into the out param.
memcpy(pData, pTmpData, dwRead);
}
hr = S_OK;
}
else
{
*pdwSize = 0;
hr = E_FAIL;
}
Error:
if(pTmpData)
{
delete [] pTmpData;
}
return hr;
}
Requirements
Header: Include scserver.h.
Library: mssachlp.lib
See Also