Encryption

These functions enable the encryption, decryption, querying, and modification of encrypted data volumes.

Functions

HSDCError HSDCAPI HSDCEncryptedVolumeGetStatus (const wchar_t *path, char **pJstr)

Retrieves information, including the encrypted volume identifier, of an encrypted volume.

HSDCError HSDCAPI HSDCEncryptedVolumeEncrypt (const wchar_t *path, const char *jstr)

Starts a volume encryption. This is an asynchronous operation, and feedback is delivered through the callback registered with HSDCRegisterNotificationProcessor.

HSDCError HSDCAPI HSDCEncryptedVolumeUpgrade (const wchar_t *path, const char *jstr)

Starts an encrypted volume upgrade. This is an asynchronous operation, and feedback is delivered through the callback registered with HSDCRegisterNotificationProcessor.

HSDCError HSDCAPI HSDCEncryptedVolumeChangePassword (const wchar_t *path, const char *jstr)

Changes the password of an encrypted volume.

HSDCError HSDCAPI HSDCEncryptedVolumeDecrypt (const wchar_t *path, const char *jstr)

Decrypts a volume previously encrypted by Device Control.

HSDCError HSDCAPI HSDCEncryptedVolumeImport (const wchar_t *path, const char *jstr)

Unlocks an encrypted volume.

HSDCError HSDCAPI HSDCEncryptedVolumeExport (const wchar_t *path, const char *jstr, const wchar_t *folder)

Exports encrypted volume access into either the metadata area of the volume or a password protected file.

Function Documentation

HSDCEncryptedVolumeGetStatus()

HSDCError HSDCAPI HSDCEncryptedVolumeGetStatus HSDCError HSDCAPI HSDCEncryptedVolumeGetStatus

Retrieves information, including the encrypted volume identifier, of an encrypted volume.

Parameters

path

Unicode string identifying the volume.

pJstr

[out] Returns a JSON string containing the following information:

Copy 
{
    "filesystem": "FAT32",
    "identifier": {
        "blocklength": "512",
        "cipher": "1",
        "cipheralgorithm": "AES256-CTR",
        "cipherkeylength": "32",
        "datafilefirstsector": "57350",
        "datafilelastsector": "4188156",
        "devirationalgorithm": "SHA256",
        "id": "{F935F105-16A8-4021-AF26-7EE92FB0C8BF}",
        "keycipher": "3C0895BD6CEBD4EBB67E1A96DF24A5722C34E1DF2B11E8F64D0BE5F1C5FCB8B0",
        "keyfilefirstsector": "36870",
        "keyfilelastsector": "57348",
        "keyhash": "D4608C0768F4E14CB48F0E7BE2BC62027BFDBB5D849DA453147F9CBEF3703335",
        "options": "62",
        "passwordcomplexity": "0",
        "passwordminimumlength": "6",
        "unsuccessfulattempts": "0",
        "version": "2"
    },
    "label": "",
    "size": {
        "free": "2058059776",
        "max": "2144337920",
        "maxencrypted": "2144337920"
    },
    "status": "portable",
    "unlocked": true
}

HSDCEncryptedVolumeEncrypt()

HSDCError HSDCAPI HSDCEncryptedVolumeEncrypt ( const wchar_t * path, const char * jstr )

Starts a volume encryption. This is an asynchronous operation, and feedback is delivered through the callback registered with HSDCRegisterNotificationProcessor.

Parameters

path

Unicode string identifying the volume.

jstr

Copy 
{
    "password": "TrustN@1",
    "label": "Encrypted",
    "portable": true,
    "quick": true,
    "wipe": false,
    "retain": false,
    "certificates": [
        {
            "sid": "S-1-5-21-3625654630-1601317915-4002985851-1008",
            "thumbprints": [
                "840ed05412c88ab71116c78c22522f4e7236d19a"
            ]
        }
    ]
}

HSDCEncryptedVolumeUpgrade()

HSDCError HSDCAPI HSDCEncryptedVolumeUpgrade ( const wchar_t * path, const char * jstr )

Starts an encrypted volume upgrade. This is an asynchronous operation, and feedback is delivered through the callback registered with HSDCRegisterNotificationProcessor.

Parameters

path

Unicode string identifying the volume.

jstr

JSON string containing the input information.

Copy 
{
    "password": "TrustM3!",
    "oldpassword": "TrustN@1",
    "certificates": [
        {
            "sid": "S-1-5-21-3625654630-1601317915-4002985851-1008",
            "thumbprints": [
                "840ed05412c88ab71116c78c22522f4e7236d19a"
            ]
        }
    ]
}

HSDCEncryptedVolumeChangePassword()

HSDCError HSDCAPI HSDCEncryptedVolumeChangePassword ( const wchar_t * path, const char * jstr )

Changes the password of an encrypted volume.

Parameters

path

Unicode string identifying the volume.

jstr

JSON string containing the input information.

Copy 
{
    "password": "TrustM3!",
    "oldpassword": "TrustN@1"
}

HSDCEncryptedVolumeDecrypt()

HSDCError HSDCAPI HSDCEncryptedVolumeDecrypt ( const wchar_t * path, const char * jstr )

Decrypts a volume previously encrypted by Device Control.

Parameters

path

Unicode string identifying the volume.

jstr

JSON string containing the input information. Not used, but may not be nullptr

Copy 
{ }

HSDCEncryptedVolumeImport()

HSDCError HSDCAPI HSDCEncryptedVolumeImport ( const wchar_t * path, const char * jstr )

Unlocks an encrypted volume.

Parameters

path

Unicode string identifying the volume.

jstr

JSON string containing the input information. An optional folder can be provided if the export has been done in a file, local can be set to true to restrict local access checks (that is, not trying central encryption policies).

Copy 
{
  "password": "TrustM3!",
  "folder": "C:\RecoveryFolder",
  "local": false
}

HSDCEncryptedVolumeExport()

HSDCError HSDCAPI HSDCEncryptedVolumeExport ( const wchar_t * path, const char * jstr, const wchar_t * folder )

Exports encrypted volume access into either the metadata area of the volume or a password protected file.

Parameters

path

Unicode string identifying the volume.

jstr

Copy 
{
    "password": "TrustN@1",
    "certificates": [
        {
            "sid": "S-1-5-21-3625654630-1601317915-4002985851-1008",
            "thumbprints": [
                "840ed05412c88ab71116c78c22522f4e7236d19a"
            ]
        }
    ]
}

folder

(Optional) Unicode string containing an export folder. The filename is dictated by the encrypted volume id.