3.6 Example 6: Decrypting an Encrypted File

  • Article

This example demonstrates decrypting an encrypted file as described in section 2.5.4.3.

Prerequisites

  • The Storage Services protocols meet all the preconditions as described in section 2.4.

  • The EFS service, as described in [MS-EFSR], is enabled on both the client and server.

  • The communication channel between the Admin Client and the EFS service of the Storage Services protocols has been established, as described in [MS-EFSR] section 2.1, and the Admin Client receives a success return code from the EfsRpcFileKeyInfo message, as described in [MS-EFSR] section 3.1.4.2.12.

  • The file owner user identified the encrypted file that needs to be decrypted.

  • The file owner user has the required EFS certificates.

Initial System State

The file is encrypted.

Final System State

The encrypted file is decrypted.

Sequence of Events

Decrypting an encrypted file

Figure 13: Decrypting an encrypted file

The following steps describe this sequence:

  1. The Admin Client contacts the EFS service to query information about the keys that are used to decrypt the file by using the EfsRpcFileKeyInfo method, as described in [MS-EFSR] section 3.1.4.2.12.

  2. The EFS service responds with the required keys information, as described in [MS-EFSR] section 3.1.4.2.12.

  3. The Admin Client contacts the EFS service to decrypt the file by using the EfsRpcDecryptFileSrv method, as described in [MS-EFSR] section 3.1.4.2.6.

  4. The EFS service decrypts the required file and returns zero on success.