CredUnprotect function
The CredUnprotect function decrypts credentials that were previously encrypted by using the CredProtect function. The credentials must have been encrypted in the same security context in which CredUnprotect is called.
Syntax
BOOL WINAPI CredUnprotect( _In_ BOOL fAsSelf, _In_ LPTSTR pszProtectedCredentials, _In_ DWORD cchCredentials, _Out_ LPTSTR pszCredentials, _Inout_ DWORD *pcchMaxChars );
Parameters
- fAsSelf [in]
-
Set to TRUE to specify that the credentials were encrypted in the security context of the current process. Set to FALSE to specify that credentials were encrypted in the security context of the calling thread security context.
- pszProtectedCredentials [in]
-
A pointer to a string that specifies the encrypted credentials.
- cchCredentials [in]
-
The size, in characters, of the pszProtectedCredentials buffer.
- pszCredentials [out]
-
A pointer to a string that, on output, receives the decrypted credentials.
- pcchMaxChars [in, out]
-
The size, in characters of the pszCredentials buffer. On output, if the pszCredentials is not of sufficient size to receive the encrypted credentials, this parameter specifies the required size, in characters, of the pszCredentials buffer.
Return value
TRUE if the function succeeds; otherwise, FALSE.
For extended error information, call the GetLastError function. The following table shows common values for the GetLastError function.
| Return code/value | Description |
|---|---|
|
The security context used to encrypt the credentials is different from the security context used to decrypt the credentials. |
|
The pszCredentials buffer was of insufficient size. |
Requirements
|
Minimum supported client |
Windows Vista [desktop apps only] |
|---|---|
|
Minimum supported server |
Windows Server 2008 [desktop apps only] |
|
Header |
|
|
Library |
|
|
DLL |
|
|
Unicode and ANSI names |
CredUnprotectW (Unicode) and CredUnprotectA (ANSI) |