NegotiateAuthenticatedChannelKeyExchange function

Establishes a session key for an authenticated channel.


HRESULT APIENTRY* NegotiateAuthenticatedChannelKeyExchange(
  _In_ D3D10DDI_HDEVICE        hDevice,
  _In_ D3D11_1DDI_HAUTHCHANNEL hCAuthChannel,
  _In_ UINT                    DataSize,
  _In_ VOID                    *pData


hDevice [in]

A handle to the display device (graphics context).

hCAuthChannel [in]

A handle to an authenticated channel object that was created through a call to the CreateAuthenticatedChannel(D3D11_1) function.

DataSize [in]

The size, in bytes, of the data in the pData array.

pData [in]

A pointer to a byte array that contains the encrypted session key.

Return value

NegotiateAuthenticatedChannelKeyExchange returns one of the following values:

Return codeDescription

The session key for the authenticated channel was negotiated successfully.


Parameters were validated and determined to be incorrect.


Memory was not available to complete the operation.



The pData parameter references a buffer that contains a session key for the authenticated channel. This key buffer must contain 256 bytes of data and must be encrypted by using the RSA Encryption Scheme - Optimal Asymmetric Encryption Padding (RSAES-OAEP) algorithm with the public key from the authenticated channel certificate.

The key exchange for an authenticated channel is identical to the key exchange for the Output Protection Manager (OPM) interface. However, the OPM key buffer contains additional data besides the session key.

Note  The same certificate can be used for the authenticated channel and OPM session key.


Minimum supported client

Windows 8

Minimum supported server

Windows Server 2012

Target platform


D3d10umddi.h (include D3d10umddi.h)

See also




Send comments about this topic to Microsoft