CNG DPAPI Constants
The following constants are used by the CNG Data Protection API.
-
NCRYPT_DESCR_DELIMITER_AND
-
-
L" AND "
-
Can be used to test a protection descriptor string for an AND delimiter.
-
-
NCRYPT_DESCR_EQUAL
-
-
L"="
-
Can be used to test a protection descriptor string for an equals sign.
-
-
NCRYPT_DESCR_DELIMITER_OR
-
-
L" OR "
-
Can be used to test a protection descriptor string for an OR delimiter.
-
-
NCRYPT_KEY_PROTECTION_ALGORITHM_LOCAL
-
-
"LOCAL"
-
The LOCAL protection descriptor protects content to the logon session, the current user, or the local machine as identified by the following constants:
- NCRYPT_KEY_PROTECTION_LOCAL_LOGON
- NCRYPT_KEY_PROTECTION_LOCAL_USER
- NCRYPT_KEY_PROTECTION_LOCAL_MACHINE
-
-
NCRYPT_KEY_PROTECTION_ALGORITHM_SDDL
-
-
"SDDL"
-
Protects content to an SDDL (Security Descriptor Definition Language) string that contains security descriptor information.
-
-
NCRYPT_KEY_PROTECTION_ALGORITHM_SID
-
-
"SID"
-
The SID protection descriptor contains a group or principal identity.
-
-
NCRYPT_KEY_PROTECTION_ALGORITHM_WEBCREDENTIALS
-
-
"WEBCREDENTIALS"
-
Protects to a user's web account credentials.
-
-
NCRYPT_KEY_PROTECTION_LOCAL_LOGON
-
-
"logon"
-
Protects content to the current logon session. Users will not be able to decrypt the protected content after logoff or reboot.
-
-
NCRYPT_KEY_PROTECTION_LOCAL_MACHINE
-
-
"machine"
-
Protects content to the local computer. All users on the local computer can decrypt the protected content.
-
-
NCRYPT_KEY_PROTECTION_LOCAL_USER
-
-
"user"
-
Protects content to the current user session. Only this user on the local computer will be able to decrypt the protected content.
-
-
MS_KEY_PROTECTION_PROVIDER
-
-
"Microsoft Key Protection Provider"
-
Represents the Microsoft key protection provider which supports formats represented by the following constants:
- NCRYPT_KEY_PROTECTION_ALGORITHM_SID
- NCRYPT_KEY_PROTECTION_ALGORITHM_LOCAL
- NCRYPT_KEY_PROTECTION_ALGORITHM_SDDL
-
-
WINDOWS_CLIENT_KEY_PROTECTION_PROVIDER
-
-
"Windows Client Key Protection Provider"
-
Represents the Microsoft key protection provider that is available only on the client and which supports formats represented by the following constants:
- NCRYPT_KEY_PROTECTION_ALGORITHM_WEBCREDENTIALS
-
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client |
Windows 8 [desktop apps only] |
| Minimum supported server |
Windows Server 2012 [desktop apps only] |
| Header |
|
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for