BAND_SECURITY_INFO - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
// ehstorbandmgmt.h
typedef struct _BAND_SECURITY_INFO {
ULONG StructSize;
LOCKSTATE ReadLock;
LOCKSTATE WriteLock;
ALGOIDTYPE CryptoAlgoIdType;
union {
struct {
ULONG Offset;
ULONG Length;
} CryptoAlgoOidString;
ULONG CryptoAlgoNumericId;
};
BYTE Metadata[32];
} BAND_SECURITY_INFO, *PBAND_SECURITY_INFO;
View the official Windows Driver Kit DDI referenceNo description available.
The BAND_SECURITY_INFO structure specifies the security information for a band table entry query.
StructSizeThe size of the structure in bytes. Set to sizeof(BAND_SECURITY_INFO).
ReadLockWhether the band is accessible for reading and how a read lock is affected by a power reset.
WriteLockWhether the band is accessible for writing and how a write lock is affected by a power reset.
CryptoAlgoIdTypeThe type of encryption algorithm identifier used. This must be set to AlgoIdTypeOidString.
CryptoAlgoOidStringThe encryption algorithm used to protect the data in the band.
CryptoAlgoOidString.OffsetThe offset from the beginning of this structure where the encryption algorithm OID string begins.
CryptoAlgoOidString.LengthThe length of the OID string identifying the encryption algorithm. This is a byte-length value including a NULL terminator for the OID string.
CryptoAlgoNumericIdReserved.
MetadataA metadata field available for use by a key manager.
Both Readlock and Writelock are LOCKSTATE values and indicate locking state and lock persistence. Their values are one of the following.
| Lock State | Description |
|---|---|
| INVALID_LOCK_STATE | The lock state is not valid. |
| PERSISTENT_UNLOCK | The device is unlocked and remains unlocked during power reset. |
| NONPERSISTENT_UNLOCK | The device is unlocked but becomes locked during power reset. |
| PERSISTENT_LOCK | The device is locked and remains locked during power reset. |
CryptoAlgoOidString specifies the data encryption algorithm only if ENUMBANDS_REPORT_CRYPTO_ALGO is set in the Flags member of ENUMERATE_BANDS_PARAMETERS in an IOCTL_EHSTOR_BANDMGMT_ENUMERATE_BANDS request. Otherwise, both CryptoAlgoOidString.Offset and CryptoAlgoOidString.Length are set to 0. The following are possible encryption algorithm OID strings returned for CryptoAlgoOidString.
| Algorithm | OID |
|---|---|
| IAES128-ECB | 2.16.840.1.101.3.4.1.1 |
| AES128-CBC | 2.16.840.1.101.3.4.1.2. |
| AES128-OFB | 2.16.840.1.101.3.4.1.3 |
| AES128-CFB | 2.16.840.1.101.3.4.1.4 |
| AES128-XTS | 1.3.111.2.1619.0.1.1 |
| AES256-ECB | 2.16.840.1.101.3.4.1.41 |
| AES256-CBC | 2.16.840.1.101.3.4.1.42 |
| AES256-OFB | 2.16.840.1.101.3.4.1.43 |
| AES256-CFB | 2.16.840.1.101.3.4.1.44 |
| AES256-XTS | 1.3.111.2.1619.0.1.2 |
When BAND_SECURITY_INFO is used in an input parameter set, CryptoAlgoIdType and CryptoAlgoOidString are not used and must be set to 0.
IOCTL_EHSTOR_BANDMGMT_CREATE_BAND
IOCTL_EHSTOR_BANDMGMT_ENUMERATE_BANDS