| 1 | Unknown |
Unknown |
| 2 | Local Mode |
Local Mode |
| 3 | Secure Hosting Service Mode |
Secure Hosting Service Mode |
| 14 | 1.0 |
1.0 |
| 15 | Configuration of the Host Guardian Service Client. |
Configuration of the Host Guardian Service Client. |
| 33 | The path to the file to write an XML representation of the guardian. |
The path to the file to write an XML representation of the guardian. |
| 34 | The Guardian object that will be exported to the file. |
The Guardian object that will be exported to the file. |
| 37 | The principal to whom key rights can be assigned. |
The principal to whom key rights can be assigned. |
| 49 | A secure wrapping of a key that delegates rights to unwrap and use that key to one or more guardians. |
A secure wrapping of a key that delegates rights to unwrap and use that key to one or more guardians. |
| 51 | The key protector containing the desired transport key. |
The key protector containing the desired transport key. |
| 55 | Creates a new key protector. |
Creates a new key protector. |
| 57 | The key protector desired for the data. |
The key protector desired for the data. |
| 58 | The data to be encrypted. |
The data to be encrypted. |
| 59 | The Key Protector derived from the BaseKeyProtector describing the key used to encrypt the data. |
The Key Protector derived from the BaseKeyProtector describing the key used to encrypt the data. |
| 64 | The encrypted data. |
The encrypted data. |
| 65 | The decrypted data. |
The decrypted data. |
| 72 | Retrieves the local Host Guardian Service Client configuration. |
Retrieves the local Host Guardian Service Client configuration. |
| 73 | The configuration of the Host Guardian Service client. |
The configuration of the Host Guardian Service client. |
| 74 | Modifies the configuration of the Host Guardian Service Client. |
Modifies the configuration of the Host Guardian Service Client. |
| 78 | URL of the Key Protection Server to be used by the Host Guardian Service Client in Secure Hosting Service mode. |
URL of the Key Protection Server to be used by the Host Guardian Service Client in Secure Hosting Service mode. |
| 79 | URL of the Attestation Server to be used by the Host Guardian Service Client in Secure Hosting Service mode. |
URL of the Attestation Server to be used by the Host Guardian Service Client in Secure Hosting Service mode. |
| 81 | A name to associate with this guardian when it is persisted to the Guardian store. |
A name to associate with this guardian when it is persisted to the Guardian store. |
| 86 | A Guardian object constructed from the XML data. |
A Guardian object constructed from the XML data. |
| 88 | Removes a Guardian from the Guardian store. |
Removes a Guardian from the Guardian store. |
| 91 | The new Key Protector object. |
The new Key Protector object. |
| 92 | The Guardian who is considered the owner of this Key Protector. |
The Guardian who is considered the owner of this Key Protector. |
| 93 | One or more Guardians who are granted access to the key protected by this Key Protector. |
One or more Guardians who are granted access to the key protected by this Key Protector. |
| 94 | Grant access to a Key Protector to a provided Guardian. |
Grant access to a Key Protector to a provided Guardian. |
| 95 | The Key Protector on which to grant access. |
The Key Protector on which to grant access. |
| 96 | The Guardian to whom access is being granted. |
The Guardian to whom access is being granted. |
| 97 | The updated Key Protector with access granted to the provided Guardian. |
The updated Key Protector with access granted to the provided Guardian. |
| 98 | Revokes access to a Guardian on an existing Key Protector. |
Revokes access to a Guardian on an existing Key Protector. |
| 99 | The Key Protector from which access for the provided Guardian will be revoked. |
The Key Protector from which access for the provided Guardian will be revoked. |
| 100 | The Guardian whose key access will be revoked. |
The Guardian whose key access will be revoked. |
| 101 | The updated Key Protector object. |
The updated Key Protector object. |
| 102 | Changes the Mode of Host Guardian Service client from 'Host Guardian Service' to 'Local' mode. |
Changes the Mode of Host Guardian Service client from 'Host Guardian Service' to 'Local' mode. |
| 107 | When specified allows new guardian creation with certificates that are expired. |
When specified allows new guardian creation with certificates that are expired. |
| 108 | When specified allows new guardian to be created using self-signed certificates. |
When specified allows new guardian to be created using self-signed certificates. |
| 109 | Generates self-signed Signing & Encryption certificates, for the Guardian, containing the public & private keys. |
Generates self-signed Signing & Encryption certificates, for the Guardian, containing the public & private keys. |
| 111 | When specified allows new Key Protector creation with one or more guardian using expired certificates. |
When specified allows new Key Protector creation with one or more guardian using expired certificates. |
| 112 | When specified allows new Key Protector creation with one or more guardian using self-signed certificates. |
When specified allows new Key Protector creation with one or more guardian using self-signed certificates. |
| 113 | When specified allows access to the specified Key Protector for one or more guardian using expired certificates. |
When specified allows access to the specified Key Protector for one or more guardian using expired certificates. |
| 114 | When specified allows access to the specified Key Protector creation with one or more guardian using self-signed certificates. |
When specified allows access to the specified Key Protector creation with one or more guardian using self-signed certificates. |
| 115 | Converts a byte array of an existing key protector to a HGS Key Protector object. |
Converts a byte array of an existing key protector to a HGS Key Protector object. |
| 116 | A byte array of an existing key protector from which to generate a HGS Key Protector object. |
A byte array of an existing key protector from which to generate a HGS Key Protector object. |
| 117 | The new Key Protector. |
The new Key Protector. |
| 118 | The current operational mode of the Host Guardian Service Client. |
The current operational mode of the Host Guardian Service Client. |
| 119 | Flag indicating whether the host passed attestaion from the attestation server. |
Flag indicating whether the host passed attestaion from the attestation server. |
| 120 | The URL to the Key Protection Service. |
The URL to the Key Protection Service. |
| 121 | The URL to the Attestation Service. |
The URL to the Attestation Service. |
| 122 | The current Attestation operational node of the Host Guardian Service Client. |
The current Attestation operational node of the Host Guardian Service Client. |
| 123 | The Attestation status of the Host Guardian Service Client. |
The Attestation status of the Host Guardian Service Client. |
| 124 | The Attestation substatus of the Host Guardian Service Client. |
The Attestation substatus of the Host Guardian Service Client. |
| 125 | The unique name of the Guardian. |
The unique name of the Guardian. |
| 126 | Signing Certificate of the Guardian. |
Signing Certificate of the Guardian. |
| 127 | Encryption Certificate of the Guardian. |
Encryption Certificate of the Guardian. |
| 128 | Signature of the Encryption Certificate of the Guardian. |
Signature of the Encryption Certificate of the Guardian. |
| 129 | Signature algorithm of the Encryption Certificate of the Guardian. |
Signature algorithm of the Encryption Certificate of the Guardian. |
| 130 | Determines if this Guardian can be used as an Owner for a Key Protector. |
Determines if this Guardian can be used as an Owner for a Key Protector. |
| 131 | Creates a new Guardian by using the specified certificates. |
Creates a new Guardian by using the specified certificates. |
| 132 | Password protected encryption certificate PFX file, for the Guardian, containing the public & private keys. |
Password protected encryption certificate PFX file, for the Guardian, containing the public & private keys. |
| 133 | Password protected signing certificate PFX file, for the Guardian, containing the public & private keys. |
Password protected signing certificate PFX file, for the Guardian, containing the public & private keys. |
| 134 | Password to decrypt the signing certificate PFX file. |
Password to decrypt the signing certificate PFX file. |
| 135 | Password to decrypt the encryption certificate PFX file. |
Password to decrypt the encryption certificate PFX file. |
| 136 | The new Guardian object. |
The new Guardian object. |
| 137 | Creates a Guardian by generating new self-signed certificates. |
Creates a Guardian by generating new self-signed certificates. |
| 138 | Imports a Guardian from an XML file. |
Imports a Guardian from an XML file. |
| 139 | A path to an XML file containing the Guardian information. |
A path to an XML file containing the Guardian information. |
| 140 | A name to associate with this Guardian when it is persisted to the local Guardian store. |
A name to associate with this Guardian when it is persisted to the local Guardian store. |
| 141 | Exports a guardian containing public keys to an XML file. |
Exports a guardian containing public keys to an XML file. |
| 142 | The name of the guardian to remove. |
The name of the guardian to remove. |
| 143 | Owner who created the Key Protector. |
Owner who created the Key Protector. |
| 144 | Guardians granted access to the key contained in the Key Protector. |
Guardians granted access to the key contained in the Key Protector. |
| 145 | Raw bytes of the Key Protector. |
Raw bytes of the Key Protector. |
| 146 | Create a new key protector. |
Create a new key protector. |
| 147 | Unwraps an existing key protector returning the ingress key along with a new egress key and egress Key Protector. |
Unwraps an existing key protector returning the ingress key along with a new egress key and egress Key Protector. |
| 148 | The key contained with the Key Protector combined with a new export key contained in the egress Key Protector. |
The key contained with the Key Protector combined with a new export key contained in the egress Key Protector. |
| 149 | The new egress Key Protector describing the egress key. |
The new egress Key Protector describing the egress key. |
| 150 | The key contained with the KP combined with a new export key contained in the egress Key Protector. |
The key contained with the KP combined with a new export key contained in the egress Key Protector. |
| 151 | Encrypts data returning the encrypted data along with an egress Key Protector based on the provided Key Protector. |
Encrypts data returning the encrypted data along with an egress Key Protector based on the provided Key Protector. |
| 152 | The Key Protector desired for the data. |
The Key Protector desired for the data. |
| 153 | Determines if BaseKeyProtector is rolled to a new egress Key Protector. |
Determines if BaseKeyProtector is rolled to a new egress Key Protector. |
| 154 | The data encrypted using the key described in EgressKeyProtector. |
The data encrypted using the key described in EgressKeyProtector. |
| 155 | Decrypts data returning the encrypted data along with an egress key protector based on the provided key protector. |
Decrypts data returning the encrypted data along with an egress key protector based on the provided key protector. |
| 156 | Interface to perform different operations on Key Protectors. |
Interface to perform different operations on Key Protectors. |
| 157 | The transfer key encrypted to the caller. |
The transfer key encrypted to the caller. |
| 158 | The wrapping key encrypted using the transfer key and the caller's trustlet information. |
The wrapping key encrypted using the transfer key and the caller's trustlet information. |
| 160 | The Thumbprint of the Signing certificate, for the Guardian, containing the public & private keys. |
The Thumbprint of the Signing certificate, for the Guardian, containing the public & private keys. |
| 161 | The Thumbprint of the Encryption certificate, for the Guardian, containing the public & private keys. |
The Thumbprint of the Encryption certificate, for the Guardian, containing the public & private keys. |
| 163 | Creates a new Guardian by using the certificates identified by the specified thumbprints. |
Creates a new Guardian by using the certificates identified by the specified thumbprints. |
| 164 | A unique encryption Identifier that is used only once per key, usually based upon the message type. |
A unique encryption Identifier that is used only once per key, usually based upon the message type. |
| 165 | Version of the Guardian metadata. |
Version of the Guardian metadata. |
| 166 | The URL to fallback Key Protection Services. |
The URL to fallback Key Protection Services. |
| 167 | The URL to fallback Attestation Services. |
The URL to fallback Attestation Services. |
| 168 | The URL to the Key Protection Service used to satisfy a request. |
The URL to the Key Protection Service used to satisfy a request. |
| 169 | The URL to the Attestation Service used to satisfy a request. |
The URL to the Attestation Service used to satisfy a request. |
| 172 | URL of the Attestation Server. |
URL of the Attestation Server. |
| 175 | Tests if the host is trusted by attestation using the provided service URL's. |
Tests if the host is trusted by attestation using the provided service URL's. |
| 176 | URL of the fallback Key Protection Server to be used by the Host Guardian Service Client in Secure Hosting Service mode. Setting this value to null will leave fallback settings unmodified, while setting this value to an empty array will cause the fallback settings to be cleared entirely. |
URL of the fallback Key Protection Server to be used by the Host Guardian Service Client in Secure Hosting Service mode. Setting this value to null will leave fallback settings unmodified, while setting this value to an empty array will cause the fallback settings to be cleared entirely. |
| 177 | URL of the fallback Attestation Server to be used by the Host Guardian Service Client in Secure Hosting Service mode. Setting this value to null will leave fallback settings unmodified, while setting this value to an empty array will cause the fallback settings to be cleared entirely. |
URL of the fallback Attestation Server to be used by the Host Guardian Service Client in Secure Hosting Service mode. Setting this value to null will leave fallback settings unmodified, while setting this value to an empty array will cause the fallback settings to be cleared entirely. |
| 10024 | Shielded VM Local Certificates |
Shielded VM Local Certificates |
| 10025 | Trusted TPM Root Certificate Authority |
Trusted TPM Root Certificate Authority |
| 10026 | Trusted TPM Intermediate Certificate Authority |
Trusted TPM Intermediate Certificate Authority |
| 0x2001 | Unable to open thread token and impersonating with the process token failed: %1!d!. |
Unable to open thread token and impersonating with the process token failed: %1!d!. |
| 0x2002 | Loading the localized string with ID %1!d! failed: %2!d!. |
Loading the localized string with ID %1!d! failed: %2!d!. |
| 0x2003 | The requested operation is not supported in the current mode. Some operations are only supported in Local mode, check the current operational mode of HGS client by inspecting the MSFT_HgsClientConfiguration object. |
The requested operation is not supported in the current mode. Some operations are only supported in Local mode, check the current operational mode of HGS client by inspecting the MSFT_HgsClientConfiguration object. |
| 0x2004 | Failed to post the Guardian %1!s!, check WMI repository. |
Failed to post the Guardian %1!s!, check WMI repository. |