Only a user with logon credentials matching those of the encrypter can decrypt the data. In addition, decryption usually can only be done on the computer where the data was encrypted.
Warning If the logon credentials are lost or forgotten, the data is usually unrecoverable. However, if the dwFlags parameter in the CryptProtectData function is set to CRYPTPROTECT_LOCAL_MACHINE with or without additional entropy specified in the pOptionalEntropy parameter, any user on the same computer where the data was encrypted can recover the data.
The function creates a session key to perform the encryption. The session key is derived again when the data is to be decrypted.
The function also adds a message authentication code (MAC), which is a keyed integrity check, to the encrypted data to guard against data tampering.
Under some circumstances, Microsoft cryptographic service providers (CSPs) may not allow encryption when used in France, in which case this function fails with the error code NTE_PERM.
You can store the encryption or master keys used by CryptProtectData in a file in the Windows folder or in the system registry so that certain persistent registry implementations will retain the encryption keys after losing and regaining power. See Master Key Storage for more information.
The CryptProtectData function performs encryption on the data in a DATA_BLOB structure. Typically, only a user with the same logon credential as the encrypter can decrypt the data. In addition, the encryption and decryption usually must be done on the same computer.
3/16/2007 7:39:46 AM - ed@sharplogic.com-71.121.130.50
Used to pass data to and from CryptProtectData, CryptUnprotectData
3/16/2007 8:15:44 AM - c.durkin-208.186.175.2
The CRYPTPROTECT_PROMPTSTRUCT structure provides the text of a prompt and information about when and where that prompt is to be displayed when using the CryptProtectData and CryptUnprotectData functions.
3/16/2007 8:15:33 AM - jachymko-213.199.128.147
CryptProtectData and CryptUnprotectData dwFlags
3/16/2007 7:41:45 AM - jachymko-213.199.128.147
The CryptUnprotectData function decrypts and does an integrity check of the data in a DATA_BLOB structure. Usually, only a user with the same logon credentials as the encrypter can decrypt the data. In addition, the encryption and decryption must be done on the same computer.
9/6/2012 12:36:21 AM - -203.166.19.130
The CryptProtectData function performs encryption on the data in a DATA_BLOB structure. Typically, only a user with the same logon credential as the encrypter can decrypt the data. In addition, the encryption and decryption usually must be done on the same computer.
3/16/2007 7:39:46 AM - ed@sharplogic.com-71.121.130.50
The CryptProtectData function performs encryption on the data in a DATA_BLOB structure. Typically, only a user with the same logon credential as the encrypter can decrypt the data. In addition, the encryption and decryption usually must be done on the same computer.
3/16/2007 7:39:46 AM - ed@sharplogic.com-71.121.130.50