3.2.4.4 R_SetData (Opnum 9)

  • Article

The data value referenced by the pbMDData field of the METADATA_RECORD MUST be encrypted if the METADATA_SECURE attribute is set.

  • Check whether the dwMDAttributes member of the METADATA_RECORD structure has a METADATA_SECURE flag set.

  • If the METADATA_SECURE secure flag is set:

    • Negotiate the secure session (see section 3.1.4.1.1) if it was not negotiated yet.

    • Encrypt the data value based on the procedure described in section 3.1.4.1.2. The encrypted data blob will be stored in the IIS_CRYPTO_BLOB message format with the BlobSignature field set to ENCRYPTED_DATA_BLOB_SIGNATURE.

    • Set the pbMDData and dwMDDataLen fields in the METADATA_RECORD message (referenced by pmdrMDData). The pbMDData field MUST be updated to point to the IIS_CRYPTO_BLOB message built in the previous step. The dwMDDataLen field MUST be set to the total length in bytes of the IIS_CRYPTO_BLOB message built in the previous step.

  • If the METADATA_SECURE flag is not set, the cleartext data value will be referenced by the pbMDData field of the METADATA_RECORD message, and the dwMDDataLen field will be set to the length of that cleartext data.