CRYPTPROTECT flags for CryptProtectData function

Stepped into DPAPI inner functionement question...

I'm (potentially) in a context pre-logon which means no user has logged on already.

Since the CryptProtectData function uses current user credentials, how will it be acting ?

I was so wondering if there were any issue for this or if it was simply unusable in this context.

And... whatever can be the answer, does anyone knows what(/how to find out) the "key" used for the flag LOCAL_MACHINE. What kind of credentials/identifier is used to make the encryption specific to the machine ?

Answers/advises/redirections/suggestions will be greatly appreciated

Solution

In your case you should use CRYPTPROTECT_LOCAL_MACHINE flag for dwFlags parameter.

If you don't - only the SYSTEM user can decrypt protected data.

Determine the OS version, Linux and Windows from Powershell
Privilege elevation in Windows with ansible
How to check if a process is running or not in Batch Script
Windows Semicolons in Path
What is the default location for certificates created using "dotnet dev-certs https"
create .bat file to clear apache logs
How do I install pip on Windows?
Gradle: Couldn't connect to Kotlin daemon on Windows
Having trouble installing GDAL for Python on Windows
How to find and delete a file with CMD command?
Start menu folder created by Inno Setup is not showing
Cursor disappearing inside text field
How to use PGPASS file in Powershell to avoid password prompt?
Why Bazel does not find Visual C++ Build Tools?
How to change font (size/family) in PyScripter?
Running the Microsoft Winsock Client and Server Code Sample
django OSError: no library called "cairo" was found on windows
while trying to create django-admin startproject :No module name django-admin
Microsoft Detours - DetourUpdateThread?
Difference between char * and LPSTR in windows
How to detect if CMD is running as Administrator/has elevated privileges?
Why does my batch script fail to execute Java program in a loop?
Which API returns the message for NTSTATUS?
How do I pass an absolute path to the adb command via git bash for windows?
How to dynamically print exclamation mark from a variable while using Delayed Expansion and Loops in CMD?
Can't call a Powershell script through the registry properly. A positional parameter cannot be found that accepts argument '$null'
Enabling auto-completion in git bash on windows?
How can I make a file trully immutable (non-deletable and read-only)?
Console application closes immediately after opening in visual studio
JAVA 1.6 in Eclipse IDE