Type a page name and press Enter. You'll jump to the page if it exists, or you can create it if it doesn't.
To create a page in a module other than crypt32, prefix the name with the module name and a period.
Only a user with logon credentials matching those of the encrypter can decrypt the data. In addition, decryption usually can only be done on the computer where the data was encrypted.
Warning If the logon credentials are lost or forgotten, the data is usually unrecoverable. However, if the dwFlags parameter in the CryptProtectData function is set to CRYPTPROTECT_LOCAL_MACHINE with or without additional entropy specified in the pOptionalEntropy parameter, any user on the same computer where the data was encrypted can recover the data.
The function creates a session key to perform the encryption. The session key is derived again when the data is to be decrypted.
The function also adds a message authentication code (MAC), which is a keyed integrity check, to the encrypted data to guard against data tampering.
Under some circumstances, Microsoft cryptographic service providers (CSPs) may not allow encryption when used in France, in which case this function fails with the error code NTE_PERM.
You can store the encryption or master keys used by CryptProtectData in a file in the Windows folder or in the system registry so that certain persistent registry implementations will retain the encryption keys after losing and regaining power. See Master Key Storage for more information.
Tips & Tricks:
Please add some!
Change the DATA_BLOB and CRYPTPROTECT_PROMPTSTRUT from structures to classes. This way you don't have to pass the value types by ref. Both the pOptionalEntropy and the pPromptStruct can be null. If you use structs you have to new empty structs instead of just passing null if you use classes.
The CryptProtectData function performs encryption on the data in a DATA_BLOB structure. Typically, only a user with the same logon credential as the encrypter can decrypt the data. In addition, the encryption and decryption usually must be done on the same computer.
3/16/2007 7:39:46 AM - ed@sharplogic.com-71.121.130.50
Used to pass data to and from CryptProtectData, CryptUnprotectData
3/16/2007 8:15:44 AM - c.durkin-208.186.175.2
The CRYPTPROTECT_PROMPTSTRUCT structure provides the text of a prompt and information about when and where that prompt is to be displayed when using the CryptProtectData and CryptUnprotectData functions.
3/16/2007 8:15:33 AM - jachymko-213.199.128.147
CryptProtectData and CryptUnprotectData dwFlags
3/16/2007 7:41:45 AM - jachymko-213.199.128.147
The CryptUnprotectData function decrypts and does an integrity check of the data in a DATA_BLOB structure. Usually, only a user with the same logon credentials as the encrypter can decrypt the data. In addition, the encryption and decryption must be done on the same computer.
9/6/2012 12:36:21 AM - -203.166.19.130
The CryptProtectData function performs encryption on the data in a DATA_BLOB structure. Typically, only a user with the same logon credential as the encrypter can decrypt the data. In addition, the encryption and decryption usually must be done on the same computer.
3/16/2007 7:39:46 AM - ed@sharplogic.com-71.121.130.50
The CryptProtectData function performs encryption on the data in a DATA_BLOB structure. Typically, only a user with the same logon credential as the encrypter can decrypt the data. In addition, the encryption and decryption usually must be done on the same computer.
3/16/2007 7:39:46 AM - ed@sharplogic.com-71.121.130.50
Please edit this page!
Do you have...
helpful tips or sample code to share for using this API in managed code?
corrections to the existing content?
variations of the signature you want to share?
additional languages you want to include?
Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).