MSFT_HgsKeyProtector class

A secure wrapping of a key that delegates rights to unwrap and use that key to one or more guardians.

The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties.

Syntax

[dynamic, provider("HgsClientWmi"), ClassVersion("1.0"), AMENDMENT]
class MSFT_HgsKeyProtector
{
  MSFT_HgsGuardian Owner;
  MSFT_HgsGuardian Guardians[];
  uint8            RawData[];
};

Members

The MSFT_HgsKeyProtector class has these types of members:

Methods

The MSFT_HgsKeyProtector class has these methods.

Method Description
ConvertToByRawBytes Converts a byte array of an existing key protector to a HGS Key Protector object.
Grant Grants access to a key protected by a key protector to a given guardian. This operation requires access to the owner signing private key, to prove ownership.
NewByGuardians Creates a new key protector.
Revoke Revokes key access for a given guardian. This operation requires access to the owner signing private key.

Properties

The MSFT_HgsKeyProtector class has these properties.

Guardians

Data type: MSFT_HgsGuardian array

Access type: Read-only

Qualifiers: EmbeddedInstance ("MSFT_HgsGuardian")

Gets an array of embedded instances of MSFT_HgsGuardian classes that represents the guardians granted access to the key contained in the key protector.

Owner

Data type: MSFT_HgsGuardian

Access type: Read-only

Qualifiers: EmbeddedInstance ("MSFT_HgsGuardian")

Gets an embedded instance of a MSFT_HgsGuardian class that represents the owner who created the key protector.

RawData

Data type: uint8 array

Access type: Read-only

Qualifiers: Octetstring

Gets the raw bytes of the Key Protector.

Requirements

Minimum supported client
Windows 10 [desktop apps only]
Minimum supported server
Windows Server 2016
Namespace
Root\Microsoft\Windows\Hgs
MOF
HgsClientWmi.mof
DLL
HgsClientWmi.dll

See also

Host Guardian Service WMI Provider

MSFT_HgsGuardian