CryptProtectDataHex protects the data with a user or machine key and returns hex-encoded value of the data.
- Parameters:
-
| CRYPTPROTECT_DATA | Data to protect. |
| CRYPTPROTECT_ENTROPY | Optional entropy. |
| CRYPTPROTECT_FLAGS | Flags to pass to CryptProtectData.
- CRYPTPROTECT_LOCAL_MACHINE When this flag is set, it associates the data encrypted with the current computer instead of with an individual user. Any user on the computer on which CryptProtectData is called can use CryptUnprotectData to decrypt the data.
- CRYPTPROTECT_UI_FORBIDDEN This flag is used for remote situations where presenting a user interface (UI) is not an option. When this flag is set and a UI is specified for either the protect or unprotect operation, the operation fails.
- CRYPTPROTECT_AUDIT This flag generates an audit on protect and unprotect operations.
- CRYPTPROTECT_VERIFY_PROTECTION This flag verifies the protection of a protected BLOB.
|
| CRYPTPROTECT_DESCRIPTION | Optional description of protect data (stored in clear). |
- Returns:
- CRYPTPROTECT_RESULT Hex-encoded protected data.
- Example:
<Binary Id="Cryptography" SourceFile="relative path to Cryptography.dll"/>
<Property Id="CRYPTPROTECT_DATA" Hidden="yes" />
<Property Id="CRYPTPROTECT_FLAGS" Value="CRYPTPROTECT_LOCAL_MACHINE|CRYPTPROTECT_UI_FORBIDDEN" />
<CustomAction Id="EncryptPassword" BinaryKey="Cryptography" DllEntry="CryptProtectDataHex"Execute="immediate" />
<CustomAction Id="SetDBUSERsPASSWORDForEncryption"Property="CRYPTPROTECT_DATA" Value="[PASSWORD]" />
<InstallExecuteSequence>
<Custom Action="SetDBUSERsPASSWORDForEncryption" After="InstallInitialize" />
<Custom Action="EncryptPassword" After="SetDBUSERsPASSWORDForEncryption" />
</InstallExecuteSequence>
- Todo:
- Support PromptStruct.