Ken,
Both of these FSCTLs are private to the encryption engine and there is no documentation available for them. In fact all of the data in the input/output buffers is encrypted except for the EncryptionOperation field in the FSCTL_SET_ENCRYPTION fsctl. This is so you can see if the file is being encrypted or decrypted.
Even thought the original design would allow for some streams of a file to be encrypted and some not, today this is not supported. Today either all streams of a file or encrypted or no streams are encrypted (that is what the FILE_SET_ENCRYPTION and FILE_CLEAR_ENCRYPTION operations mean). You should never see the STREAM_SET_ENCRYPTION or STREAM_CLEAR_ENCRYPTION operations used.
Neal Christiansen
Microsoft File System Filter Group
?
This posting is provided “AS IS” with no warranties, and confers no rights.
-----Original Message-----
From: Ken Galipeau [mailto:xxxxx@legato.com]
Sent: Tuesday, May 07, 2002 11:33 AM
To: File Systems Developers
Subject: [ntfsd] Encryption Controls
Where can I find information on how these FSCTL’s are used.
?
FSCTL_ENCRYPTION_FSCTL_IO has no information other then its definition. There is no indication of the structure that it uses.
?
FSCTL_SET_ENCRYPTION is used to set and clear encryption, however I don’t understand how the stream subcommands works. Won’t it just operate on the file associated with the file object. Are they all?streams changed? Does the FILE_SET_ENCRYPTION only work on main data stream or all streams?
?
Thanks,
Ken
?
You are currently subscribed to ntfsd as: xxxxx@Windows.Microsoft.com
To unsubscribe send a blank email to %%email.unsub%%