CredUnprotectA function

The CredUnprotect function decrypts credentials that were previously encrypted by using the CredProtect function. The credentials must have been encrypted in the same security context in which CredUnprotect is called.

Syntax

BOOL CredUnprotectA(
  BOOL  fAsSelf,
  LPSTR pszProtectedCredentials,
  DWORD cchProtectedCredentials,
  LPSTR pszCredentials,
  DWORD *pcchMaxChars
);

Parameters

fAsSelf

Set to TRUE to specify that the credentials were encrypted in the security context of the current process. Set to FALSE to specify that credentials were encrypted in the security context of the calling thread security context.

pszProtectedCredentials

A pointer to a string that specifies the encrypted credentials.

cchProtectedCredentials

The size, in characters, of the pszProtectedCredentials buffer.

pszCredentials

A pointer to a string that, on output, receives the decrypted credentials.

pcchMaxChars

The size, in characters of the pszCredentials buffer. On output, if the pszCredentials is not of sufficient size to receive the encrypted credentials, this parameter specifies the required size, in characters, of the pszCredentials buffer.

Return Value

TRUE if the function succeeds; otherwise, FALSE.

For extended error information, call the GetLastError function. The following table shows common values for the GetLastError function.

Return code/value Description
ERROR_NOT_CAPABLE
The security context used to encrypt the credentials is different from the security context used to decrypt the credentials.
ERROR_INSUFFICIENT_BUFFER
The pszCredentials buffer was of insufficient size.

Requirements

   
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header wincred.h
Library Advapi32.lib
DLL Advapi32.dll