CSecureChannelClient::DecryptParam

banner art

The DecryptParam method uses the session key of the secure authenticated channel to decrypt the data contained in a parameter.

Syntax

HRESULT DecryptParam(
  BYTE*  pbData,
  DWORD  dwDataLen
);

Parameters

  pbData

Pointer to the first byte of a data buffer containing the encrypted parameter that is to be decrypted.

  dwDataLen

Pointer to a DWORD specifying the length of the buffer to which pbData points.

Return Values

The method returns an HRESULT. All the interface methods in Windows Media Device Manager and service provider can return any of the following classes of error codes:

  • Standard COM error codes
  • Windows error codes converted to HRESULT values
  • Windows Media Device Manager error codes

For a complete list of possible error codes, see Error Codes.

Possible values include, but are not limited to, those in the following table.

Return code Description
S_OK The method succeeded.
E_INVALIDARG A parameter is invalid or is a NULL pointer.
E_FAIL An unspecified error occurred.

Remarks

Before calling the DecryptParam method, components should copy the data to a temporary buffer and then use DecryptParam to decrypt the temporary buffer.

Specific parameters must be included in the message authentication code (MAC). The parameters must be encrypted before the call for data transfer in both directions, and decrypted when received. See Secure Authenticated Channel Interface for a table of methods that must use the message authentication code algorithm and encrypted parameters.

Example Code

// Decrypt the pData Parameter.
HRESULT hr;
DWORD dwBytes ;
BYTE *pTempData = NULL;
DWORD dwBytesWritten;
CSecureChannelClient *pSPClient = NULL;
dwBytesWritten = WMDM_TRANSFER_BUFFER_SIZE;
while ((WMDM_TRANSFER_BUFFER_SIZE == dwBytesWritten))
{
    dwBytes = WMDM_TRANSFER_BUFFER_SIZE;
    hr = pObject->Read(pData, &dwBytes, abMAC);
    if (FAILED(hr))
    {
        goto exit;
    }
    hr = pSPClient->DecryptParam(pData, dwBytes);
    if (FAILED(hr))
    {
        goto exit;
    }
// The three MAC members must be called after the DecryptParam
// member. Verify the MAC returned by the service provider.
    hr = pSPClient->MACInit(&hMAC);
    if (FAILED(hr))
    {
        goto exit;
    }
    hr = pSPClient->MACUpdate(hMAC, (BYTE*)(pData), dwBytes);
    if (FAILED(hr))
    {
        goto exit;
    }
    hr = pSPClient->MACUpdate(hMAC, (BYTE*)(&dwBytes),
                            sizeof(dwBytes));
    if (FAILED(hr))
    {
        goto exit;
    }
    hr = pSPClient->MACFinal(hMAC, abMACVerify);
    if (FAILED(hr))
    {
        goto exit;
    }
    if (memcmp(abMACVerify, abMAC, WMDM_MAC_LENGTH) != 0)
    {
        hr = WMDM_E_MAC_CHECK_FAILED;
        goto exit;
    }
    fRetVal = WriteFile(hFile, pData, dwBytes, 
                       &dwBytesWritten, NULL);
    if (!fRetVal)
    {
        hr = E_FAIL;
        goto exit;
    }
    dwTotalBytes+=dwBytesWritten;
    if (pProgress)
    {
        hr = pProgress->Progress(dwTotalBytes);
        if (FAILED(hr))
        {
            goto exit;
        }
    }
}
CloseHandle(hFile);

Requirements

Header: Include scclient.h.

Library: mssachlp.lib

See Also