CredProtect function
The CredProtect function encrypts the specified credentials so that only the current security context can decrypt them.
Syntax
BOOL WINAPI CredProtect( _In_ BOOL fAsSelf, _In_ LPTSTR pszCredentials, _In_ DWORD cchCredentials, _Out_ LPTSTR pszProtectedCredentials, _Inout_ DWORD *pcchMaxChars, _Out_ CRED_PROTECTION_TYPE *ProtectionType );
Parameters
- fAsSelf [in]
-
Set to TRUE to specify that the credentials are encrypted in the security context of the current process. Set to FALSE to specify that credentials are encrypted in the security context of the calling thread security context.
- pszCredentials [in]
-
A pointer to a string that specifies the credentials to encrypt. The function encrypts the number of characters provided in the cchCredentials parameter.
- cchCredentials [in]
-
The size, in characters, of the pszCredentials buffer.
- pszProtectedCredentials [out]
-
A pointer to a string that, on output, receives the encrypted credentials.
- pcchMaxChars [in, out]
-
The size, in characters of the pszProtectedCredentials buffer. On output, if the pszProtectedCredentials is not of sufficient size to receive the encrypted credentials, this parameter specifies the required size, in characters, of the pszProtectedCredentials buffer.
- ProtectionType [out]
-
A pointer to a CRED_PROTECTION_TYPE enumeration type that, on output, specifies the type of protection provided.
Return value
TRUE if the function succeeds; otherwise, FALSE.
For extended error information, call the GetLastError function.
Remarks
Note that the output of the CredProtect function is not integrity protected, so if the output is modified, the CredUnprotect function is not updated and may produce incorrect results.
Requirements
|
Minimum supported client |
Windows Vista [desktop apps only] |
|---|---|
|
Minimum supported server |
Windows Server 2008 [desktop apps only] |
|
Header |
|
|
Library |
|
|
DLL |
|
|
Unicode and ANSI names |
CredProtectW (Unicode) and CredProtectA (ANSI) |