PFND3D11_1DDI_ENCRYPTIONBLT callback function

Reads encrypted data from a protected surface.


PFND3D11_1DDI_ENCRYPTIONBLT Pfnd3d111DdiEncryptionblt;

void Pfnd3d111DdiEncryptionblt(
  D3D10DDI_HDEVICE hDevice,
  D3D11_1DDI_HCRYPTOSESSION hCryptoSession,
  D3D10DDI_HRESOURCE hSrcResource,
  D3D10DDI_HRESOURCE hDstResource,
  UINT IVSize,



A handle to the display device (graphics context).


A handle to the driver's private data for the cryptographic session. This handle was created by the Direct3D runtime and passed to the driver in the call to the CreateCryptoSession function.


A handle to the resource that contains the source data.


A pointer to the resource where the encrypted data is to be written.


The size, in bytes, of the initialization vector (IV).


A pointer to a block of memory that contains the initialization vector that is required to encrypt the bitblt data. For more information, see the Remarks section.


If pIV is NULL, the graphics adapter does not require a separate initialization vector to encrypt the data. That is, the session key is used to encrypt the data.

Return Value

This callback function does not return a value.


This function has the following limitations:

  • The function cannot read back subrectangles or partially encrypted surfaces.

  • The function cannot read back partially encrypted buffers. Many hardware-based encryption solutions will not allow nonencrypted reads from protected memory.

  • The protected surface must be either an off-screen plain surface or a render target.

  • The destination surface must be a system-memory surface that was created by using the proper alignment, as described earlier.

  • The protected surface cannot be multisampled.

  • The function does not support stretching or color space conversion.

For 128-bit AES-CTR encryption, the pIV parameter points to a D3D11_1DDI_AES_CTR_IV structure that is allocated by the application. However, the actual contents of this structure are filled in by the driver or graphics adapter. When the first IV is generated, the driver or adapter initializes the IV member of this structure to a random number. For each subsequent IV, the caller increments the IV member, ensuring that the value always increases. This procedure enables the application to validate that the same IV is never used more than once with the same key pair.

For other encryption types, a different structure might be used, or the encryption might not use an IV.

Note This function does not honor a Direct3D version 11 predicate that may have been set.


Windows version Windows 8 Windows Server 2012
Target Platform Desktop
Header d3d10umddi.h (include D3d10umddi.h)

See Also