Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
CNG DPAPI Constants

CNG DPAPI Constants

The following constants are used by the CNG Data Protection API.

NCRYPT_DESCR_DELIMITER_AND
L" AND "

Can be used to test a protection descriptor string for an AND delimiter.

NCRYPT_DESCR_EQUAL
L"="

Can be used to test a protection descriptor string for an equals sign.

NCRYPT_DESCR_DELIMITER_OR
L" OR "

Can be used to test a protection descriptor string for an OR delimiter.

NCRYPT_KEY_PROTECTION_ALGORITHM_LOCAL
"LOCAL"

The LOCAL protection descriptor protects content to the logon session, the current user, or the local machine as identified by the following constants:

  • NCRYPT_KEY_PROTECTION_LOCAL_LOGON
  • NCRYPT_KEY_PROTECTION_LOCAL_USER
  • NCRYPT_KEY_PROTECTION_LOCAL_MACHINE
NCRYPT_KEY_PROTECTION_ALGORITHM_SDDL
"SDDL"

Protects content to an SDDL (Security Descriptor Definition Language) string that contains security descriptor information.

NCRYPT_KEY_PROTECTION_ALGORITHM_SID
"SID"

The SID protection descriptor contains a group or principal identity.

NCRYPT_KEY_PROTECTION_ALGORITHM_WEBCREDENTIALS
"WEBCREDENTIALS"

Protects to a user's web account credentials.

NCRYPT_KEY_PROTECTION_LOCAL_LOGON
"logon"

Protects content to the current logon session. Users will not be able to decrypt the protected content after logoff or reboot.

NCRYPT_KEY_PROTECTION_LOCAL_MACHINE
"machine"

Protects content to the local computer. All users on the local computer can decrypt the protected content.

NCRYPT_KEY_PROTECTION_LOCAL_USER
"user"

Protects content to the current user session. Only this user on the local computer will be able to decrypt the protected content.

MS_KEY_PROTECTION_PROVIDER
"Microsoft Key Protection Provider"

Represents the Microsoft key protection provider which supports formats represented by the following constants:

  • NCRYPT_KEY_PROTECTION_ALGORITHM_SID
  • NCRYPT_KEY_PROTECTION_ALGORITHM_LOCAL
  • NCRYPT_KEY_PROTECTION_ALGORITHM_SDDL
WINDOWS_CLIENT_KEY_PROTECTION_PROVIDER
"Windows Client Key Protection Provider"

Represents the Microsoft key protection provider that is available only on the client and which supports formats represented by the following constants:

  • NCRYPT_KEY_PROTECTION_ALGORITHM_WEBCREDENTIALS

Requirements

Minimum supported client

Windows 8 [desktop apps only]

Minimum supported server

Windows Server 2012 [desktop apps only]

Header

NCryptprotect.h

 

 

Community Additions

ADD
Show:
© 2015 Microsoft