PFND3D11_1DDI_ENCRYPTIONBLT callback function

Reads encrypted data from a protected surface.



VOID APIENTRY* EncryptionBlt(
  _In_       D3D10DDI_HDEVICE          hDevice,
  _In_       D3D11_1DDI_HCRYPTOSESSION hCryptoSession,
  _In_       D3D10DDI_HRESOURCE        hSrcResource,
  _In_       D3D10DDI_HRESOURCE        hDstResource,
  _In_       UINT                      IVSize,
  _In_ const VOID                      *pIV
{ ... }


hDevice [in]

A handle to the display device (graphics context).

hCryptoSession [in]

A handle to the driver's private data for the cryptographic session. This handle was created by the Direct3D runtime and passed to the driver in the call to the CreateCryptoSession function.

hSrcResource [in]

A handle to the resource that contains the source data.

hDstResource [in]

A pointer to the resource where the encrypted data is to be written.

IVSize [in]

The size, in bytes, of the initialization vector (IV).

pIV [in]

A pointer to a block of memory that contains the initialization vector that is required to encrypt the bitblt data. For more information, see the Remarks section.


If pIV is NULL, the graphics adapter does not require a separate initialization vector to encrypt the data. That is, the session key is used to encrypt the data.


Return value

This callback function does not return a value.


This function has the following limitations:

  • The function cannot read back subrectangles or partially encrypted surfaces.

  • The function cannot read back partially encrypted buffers. Many hardware-based encryption solutions will not allow nonencrypted reads from protected memory.

  • The protected surface must be either an off-screen plain surface or a render target.

  • The destination surface must be a system-memory surface that was created by using the proper alignment, as described earlier.

  • The protected surface cannot be multisampled.

  • The function does not support stretching or color space conversion.

For 128-bit AES-CTR encryption, the pIV parameter points to a D3D11_1DDI_AES_CTR_IV structure that is allocated by the application. However, the actual contents of this structure are filled in by the driver or graphics adapter. When the first IV is generated, the driver or adapter initializes the IV member of this structure to a random number. For each subsequent IV, the caller increments the IV member, ensuring that the value always increases. This procedure enables the application to validate that the same IV is never used more than once with the same key pair.

For other encryption types, a different structure might be used, or the encryption might not use an IV.

Note  This function does not honor a Direct3D version 11 predicate that may have been set.


Minimum supported client

Windows 8

Minimum supported server

Windows Server 2012

Target platform



D3d10umddi.h (include D3d10umddi.h)

See also




Send comments about this topic to Microsoft