Share via

3.1.4.6.10 LsarQuerySecret2 (Opnum 139)

  • Article

The LsarQuerySecret2 method is invoked to retrieve the current and old (or previous) value of the secret object.<91>

 NTSTATUS LsarQuerySecret2(
   [in] LSAPR_HANDLE SecretHandle,
   [in, out, unique] PLSAPR_AES_CIPHER_VALUE *EncryptedCurrentValue,
   [in, out, unique] PLARGE_INTEGER CurrentValueSetTime,
   [in, out, unique] PLSAPR_AES_CIPHER_VALUE *EncryptedOldValue,
   [in, out, unique] PLARGE_INTEGER OldValueSetTime
 );

SecretHandle: A handle to an open secret object.

EncryptedCurrentValue: Used to return the current value of the secret object encrypted to specification per AES Cipher Usage (section 5.1.5). It is valid for this parameter to be NULL, in which case no value is returned.

CurrentValueSetTime: Used to return the time when the current value was set. It is valid for this parameter to be NULL, in which case no value is returned.

EncryptedOldValue: Used to return the old value of the secret object encrypted to specification per AES Cipher Usage (section 5.1.5). It is valid for this parameter to be NULL, in which case no value is returned.

OldValueSetTime: The time corresponding to the instant that the old value was last changed. It is valid for this parameter to be NULL, in which case no value is returned.

Return Values: The return values are the same as specified for LsarQuerySecret (section 3.1.4.6.4).

Processing:

The processing is the same as LsarQuerySecret with the exception that, when non-NULL, the encrypted EncryptedCurrentValue and EncryptedOldValue is encrypted to specification per AES Cipher Usage (section 5.1.5).