Home Library Learn Samples Downloads Support Community Forums
This topic has not yet been rated - Rate this topic

CNG DPAPI Constants

The following constants are used by the CNG Data Protection API.

NCRYPT_DESCR_DELIMITER_AND
L" AND "

Can be used to test a protection descriptor string for an AND delimiter.

NCRYPT_DESCR_EQUAL
L"="

Can be used to test a protection descriptor string for an equals sign.

NCRYPT_DESCR_DELIMITER_OR
L" OR "

Can be used to test a protection descriptor string for an OR delimiter.

NCRYPT_KEY_PROTECTION_ALGORITHM_LOCAL
"LOCAL"

The LOCAL protection descriptor protects content to the logon session, the current user, or the local machine as identified by the following constants:

  • NCRYPT_KEY_PROTECTION_LOCAL_LOGON
  • NCRYPT_KEY_PROTECTION_LOCAL_USER
  • NCRYPT_KEY_PROTECTION_LOCAL_MACHINE
NCRYPT_KEY_PROTECTION_ALGORITHM_SDDL
"SDDL"

Protects content to an SDDL (Security Descriptor Definition Language) string that contains security descriptor information.

NCRYPT_KEY_PROTECTION_ALGORITHM_SID
"SID"

The SID protection descriptor contains a group or principal identity.

NCRYPT_KEY_PROTECTION_ALGORITHM_WEBCREDENTIALS
"WEBCREDENTIALS"

Protects to a user's web account credentials.

NCRYPT_KEY_PROTECTION_LOCAL_LOGON
"logon"

Protects content to the current logon session. Users will not be able to decrypt the protected content after logoff or reboot.

NCRYPT_KEY_PROTECTION_LOCAL_MACHINE
"machine"

Protects content to the local computer. All users on the local computer can decrypt the protected content.

NCRYPT_KEY_PROTECTION_LOCAL_USER
"user"

Protects content to the current user session. Only this user on the local computer will be able to decrypt the protected content.

MS_KEY_PROTECTION_PROVIDER
"Microsoft Key Protection Provider"

Represents the Microsoft key protection provider which supports formats represented by the following constants:

  • NCRYPT_KEY_PROTECTION_ALGORITHM_SID
  • NCRYPT_KEY_PROTECTION_ALGORITHM_LOCAL
  • NCRYPT_KEY_PROTECTION_ALGORITHM_SDDL
WINDOWS_CLIENT_KEY_PROTECTION_PROVIDER
"Windows Client Key Protection Provider"

Represents the Microsoft key protection provider that is available only on the client and which supports formats represented by the following constants:

  • NCRYPT_KEY_PROTECTION_ALGORITHM_WEBCREDENTIALS

Requirements

Minimum supported client

Windows 8 [desktop apps only]

Minimum supported server

Windows Server 2012 [desktop apps only]

Header
NCryptprotect.h

 

 

Send comments about this topic to Microsoft

Build date: 11/14/2012

Did you find this helpful?
(1500 characters remaining)

Community Additions

ADD
© 2013 Microsoft. All rights reserved.