Enhanced Storage Portable Device Commands
The following Windows Portable Devices Enhanced Storage authentication, certificate, and password silo commands are passed via the IEnhancedStorageSilo::SendCommand method. For details regarding the properties utilized by these commands, see Enhanced Storage Properties.
Authentication Silo Commands
| ENHANCED_STORAGE_COMMAND_SILO_IS_AUTHENTICATION_SILO |
|---|
| This command will return whether or not the silo is an authentication silo. |
| Access: Read/Write |
| Parameters: None |
Results:
ENHANCED_STORAGE_PROPERTY_IS_AUTHENTICATION_SILO [VT_BOOLEAN] |
| ENHANCED_STORAGE_COMMAND_SILO_GET_AUTHENTICATION_STATE |
|---|
| This command will return the authentication state for the silo. |
| Access: Read/Write |
| Parameters: None |
Results:
ENHANCED_STORAGE_PROPERTY_AUTHENTICATION_STATE [VT_UI4]
NO_AUTHENTICATION_REQUIRED: The silo has not been provisioned. NOT_AUTHENTICATED: The silo is not authenticated. AUTHENTICATED: The silo is authenticated. AUTHENTICATION_DENIED: Authentication was denied. DEVICE_ERROR: The silo timed out or a device error occurred. |
| ENHANCED_STORAGE_COMMAND_START_AUTHENTICATION |
|---|
| This command will begin authentication for the silo. An application is required to register for callbacks in order to receive callbacks associated with authorization state changes. |
| Access: Read/Write |
| Parameters: None |
Results:
|
| ENHANCED_STORAGE_COMMAND_START_UNAUTHENTICATION |
|---|
| This command will begin deauthentication for the silo. An application is required to register for callbacks in order to receive callbacks associated with authorization state changes. |
| Access: Read/Write |
| Parameters: None |
Results:
|
| ENHANCED_STORAGE_COMMAND_SILO_ENUMERATE_SILOS |
|---|
| Access: Read/Write |
Parameters:
PDO_TYPE_THIS: Retrieve silo information for the silo handling this request. |
Results:
ENHANCED_STORAGE_PROPERTY_QUERY_SILO_RESULTS [VT_VECTOR | VT_U1] |
Certificate Silo Commands
| ENHANCED_STORAGE_COMMAND_CERT_HOST_CERTIFICATE_AUTHENTICATION |
|---|
| This command will attempt to initiate a host authentication based on an HCh (or XCh) from the silo. If an index or certificate is specified, it will be used. The default behavior is to attempt authentication of all HCh or XCh certificates present on the silo. |
| Access: Read |
Parameters:
[Optional] ENHANCED_STORAGE_PROPERTY_CERTIFICATE [VT_VECTOR | VT_UI1] |
Results:
|
| ENHANCED_STORAGE_COMMAND_CERT_DEVICE_CERIFICATE_AUTHENTICATION |
|---|
| This command will attempt to initiate a device authentication. If an index or certificate is specified, it will be used. The certificate must be a ASCm or ASCh. The default behavior is to attempt authentication using the ASCm or all ASCh certificates present on the silo. |
| Access: Read |
Parameters:
|
Results:
|
| ENHANCED_STORAGE_COMMAND_CERT_ADMIN_CERTIFICATE_AUTHENTICATION |
| This command will attempt to initiate an administrative authentication based on the PCp or XCp certificate on the silo. |
| Access: Read/Write |
| Parameters: None |
Results:
|
| ENHANCED_STORAGE_COMMAND_CERT_INITIALIZE_TO_MANUFACTURER_STATE |
|---|
| This command will attempt to initialize the silo to the manufacturer state. This command requires a successful administrative authentication. If an administrative authentication has not yet been accomplished, the command will initiate an administrative authentication operation before initializing the silo to the manufacturer state. |
| Access: Read/Write |
| Parameters: None |
Results:
|
| ENHANCED_STORAGE_COMMAND_CERT_GET_CERTIFICATE_COUNT |
|---|
| This command will retrieve the number of certificate slots as well as the number of certificates stored in the silo. |
| Access: Read |
| Parameters: None |
Results:
ENHANCED_STORAGE_PROPERTY_MAX_CERTIFICATE_COUNT [VT_UINT] ENHANCED_STORAGE_PROPERTY_STORED_CERTIFICATE_COUNT [VT_UINT] |
| ENHANCED_STORAGE_COMMAND_CERT_GET_CERTIFICATE |
|---|
| This command will return the certificate stored at the certificate index location. Index '0' is a special location that returns the ASCm chain in the PKCS7 format. |
| Access: Read |
Parameters:
|
Results:
ENHANCED_STORAGE_PROPERTY_CERTIFICATE_TYPE [VT_UI4] ENHANCED_STORAGE_PROPERTY_VALIDATION_POLICY [VT_UI4] ENHANCED_STORAGE_PROPERTY_SIGNER_CERTIFICATE_INDEX [VT_UI4] ENHANCED_STORAGE_PROPERTY_NEXT_CERTIFICATE_INDEX [VT_UI4] ENHANCED_STORAGE_PROPERTY_NEXT_CERTIFICATE_OF_TYPE_INDEX [VT_UI4] ENHANCED_STORAGE_PROPERTY_CERTIFICATE_LENGTH [VT_UI4] ENHANCED_STORAGE_PROPERTY_CERTIFICATE [VT_UINT | VT_UI1] |
| ENHANCED_STORAGE_COMMAND_CERT_SET_CERTIFICATE |
|---|
| This command will set a certificate to the certificate index location. This command requires administrative authentication. |
| Access: Read/Write |
Parameters:
[Required] ENHANCED_STORAGE_PROPERTY_CERTIFICATE_TYPE [VT_UI4] [Required] ENHANCED_STORAGE_PROPERTY_VALIDATION_POLICY [VT_UI4] [Required] ENHANCED_STORAGE_PROPERTY_SIGNER_CERTIFICATE_INDEX [VT_UI4] [Required] ENHANCED_STORAGE_PROPERTY_CERTIFICATE [VT_UINT | VTUI1] [!Note] |
Results:
|
| ENHANCED_STORAGE_COMMAND_CERT_CREATE_CERTIFICATE_REQUEST |
|---|
| This command retrieves a certificate request from the silo. The returned certificate request can then be used to generate an ASCh certificate |
| Access: Read/Write |
| Parameters: None |
Results:
ENHANCED_STORAGE_PROPERTY_CERTIFICATE_REQUEST [VT_VECTOR | VT_UI1] |
| ENHANCED_STORAGE_COMMAND_CERT_UNAUTHENTICATION |
|---|
| This command will reset the authentication state of the cert silo to the 'Initialized' state. |
| Access: Read/Write |
| Parameters: None |
Results:
|
| ENHANCED_STORAGE_COMMAND_CERT_GET_SILO_CAPABILITY |
|---|
| This command retrieves a capability from the silo. Data returned is in the format native to the silo. |
| Access: Read |
Parameters:
|
Results:
ENHANCED_STORAGE_PROPERTY_CERTIFICATE_SILO_CAPABILITY [VT_VECTOR | VT_UI1] |
| ENHANCED_STORAGE_COMMAND_CERT_GET_SILO_CAPABILITIES |
|---|
| This command retrieves all capabilities from a silo as a collection. |
| Access: Read |
| Parameters:None |
Results:
ENHANCED_STORAGE_PROPERTY_CERTIFICATE_SILO_CAPABILITIES [VT_UNKNOWN]
ENHANCED_STORAGE_CAPABILITY_ASYMMETRIC_KEY_CRYPTOGRAPHY [VT_LPWSTR] ENHANCED_STORAGE_CAPABILITY_SIGNING_AGLS [VT_LPWSTR] ENHANCED_STORAGE_CAPABILITY_RENDER_USER_DATA_UNUSABLE [VT_BOOL] ENHANCED_STORAGE_CAPABILITY_CERTIFICATE_EXTENSION_PARSING [VT_BOOL] |
| ENHANCED_STORAGE_COMMAND_CERT_GET_ACT_FRIENDLY_NAME |
|---|
| This command retrieves the friendly name of the ACT containing the silo. |
| Access: Read |
| Parameters:None |
Results:
[Optional] ENHANCED_STORAGE_PROPERTY_CERTIFICATE_ACT_FRIENDLY_NAME [VT_LPWSTR] |
| ENHANCED_STORAGE_COMMAND_CERT_GET_SILO_GUID |
|---|
| This command will retrieve the GUID associated with the silo. |
| Access: Read |
| Parameters:None |
Results:
ENHANCED_STORAGE_PROPERTY_CERTIFICATE_SILO_GUID [VT_LPWSTR] |
Password Silo Commands
| ENHANCED_STORAGE_COMMAND_PASSWORD_AUTHORIZE_ACT_ACCESS |
|---|
| This command attempts to authenticate to the silo for access to the data in the ACT. |
| Access: Read/Write |
Parameters:
[Required] ENHANCED_STORAGE_PROPERTY_PASSWORD_INDICATOR [VT_UI4] |
Results:
|
| ENHANCED_STORAGE_COMMAND_PASSWORD_UNAUTHORIZE_ACT_ACCESS |
|---|
| This command attempts to deauthenticate to the silo for access to the data in the ACT. |
| Access: Read/Write |
Parameters:
[Optional] ENHANCED_STORAGE_PROPERTY_PASSWORD_INDICATOR [VT_UI4] |
Results:
|
| ENHANCED_STORAGE_COMMAND_PASSWORD_QUERY_INFORMATION |
|---|
| This command queries the current silo password information. |
| Access: Read |
| Parameters: None |
Results:
ENHANCED_STORAGE_PROPERTY_AUTHENTICATION_STATE [VT_UI4] ENHANCED_STORAGE_PROPERTY_PASSWORD_SILO_INFO [VT_VECTOR | VT_U1] ENHANCED_STORAGE_PROPERTY_ADMIN_HINT [VT_LPWSTR] ENHANCED_STORAGE_PROPERTY_USER_HINT [VT_LPWSTR] ENHANCED_STORAGE_PROPERTY_USER_NAME [VT_LPWSTR] ENHANCED_STORAGE_PROPERTY_SILO_NAME [VT_LPWSTR] |
| ENHANCED_STORAGE_COMMAND_PASSWORD_CONFIG_ADMINISTRATOR |
|---|
| This command configures the administrator account. |
| Access: Read/Write |
Parameters:
[Optional] ENHANCED_STORAGE_PROPERTY_MAX_AUTH_FAILURES [VT_UI4] [Optional] ENHANCED_STORAGE_PROPERTY_FRIENDLYNAME_SPECIFIED [VT_UI4] [Optional] ENHANCED_STORAGE_PROPERTY_SILO_NAME [VT_LPWSTR] |
Results:
|
| ENHANCED_STORAGE_COMMAND_PASSWORD_CREATE_USER |
|---|
| This command creates a user account. |
| Access: Read/Write |
Parameters:
[Required] ENHANCED_STORAGE_PROPERTY_NEW_PASSWORD [VT_VECTOR | VT_U1] [Required] ENHANCED_STORAGE_PROPERTY_USER_HINT [VT_LPWSTR] [Required] ENHANCED_STORAGE_PROPERTY_USER_NAME [VT_LPWSTR] [Optional] ENHANCED_STORAGE_PROPERTY_MAX_AUTH_FAILURES [VT_UI4] |
Results:
|
| ENHANCED_STORAGE_COMMAND_PASSWORD_DELETE_USER |
|---|
| This command deletes a user account. |
| Access: Read/Write |
Parameters:
|
Results:
|
| ENHANCED_STORAGE_COMMAND_PASSWORD_CHANGE_PASSWORD |
|---|
| This command changes the password for an administrator or user account. |
| Access: Read/Write |
Parameters:
[Required] ENHANCED_STORAGE_PROPERTY_PASSWORD [VT_VECTOR | VT_U1] [Required] ENHANCED_STORAGE_PROPERTY_NEW_PASSWORD [VT_VECTOR | VT_U1] [Required] ENHANCED_STORAGE_PROPERTY_NEW_PASSWORD_INDICATOR [VT_UI4] [Required] ENHANCED_STORAGE_PROPERTY_ADMIN_HINT [VT_LPWSTR] [Required] ENHANCED_STORAGE_PROPERTY_USER_HINT [VT_LPWSTR] [Optional] ENHANCED_STORAGE_PROPERTY_SECURITY_IDENTIFIER [VT_VECTOR | VT_U1] [!Note] |
Results:
|
| ENHANCED_STORAGE_COMMAND_PASSWORD_INITIALIZE_USER_PASSWORD |
|---|
| This command initializes an existing user password. |
| Access: Read/Write |
Parameters:
[Required] ENHANCED_STORAGE_PROPERTY_NEW_PASSWORD [VT_VECTOR | VT_U1] [Required] ENHANCED_STORAGE_PROPERTY_NEW_HINT [VT_LPWSTR] |
Results:
|
| ENHANCED_STORAGE_COMMAND_PASSWORD_START_INITIALIZE_TO_MANUFACTURER_STATE |
|---|
| This command starts the initialization of the silo to the manufacturer state. |
| Access: Read/Write |
Parameters:
[!Note] |
Results:
|