Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 817
  • Last Modified:

Lsa secrets

I am storing a password as a LSA secret using LsaStorePrivateData using a hardcoded key string. I am able to get the password using LsaRetrievePrivateData. The point is I have a feature in my app that can be optionally password protected. So if the user removes the password protection I want to delete the password from the LSA database. The next time when I query the LSA database with the same key string I will get an error and I know it is not password protected. I can store another secret to check whether it is password protected but it is a kludge.

P.S. My app has admin privileges. It is a COM server launched under Administrator identity
0
vbk_bgm
Asked:
vbk_bgm
1 Solution
 
jhanceCommented:
Did you read the SDK docs?

Under the PARAMETERS section for LasStorePrivateData see:

PrivateData
Pointer to an LSA_UNICODE_STRING structure containing the private data to store. The function encrypts this data before storing it.
If this parameter is NULL, the function deletes any private data stored under the key and deletes the key. Subsequent attempts to retrieve data from the key will return the STATUS_OBJECT_NAME_NOT_FOUND error code.


As it says, to DELETE the data (as I think you are asking... your question is somewhat unclear) you store it with a NULL in the PrivateData parameter.
0
 
vbk_bgmAuthor Commented:
Yeah that works! I will read the SDK docs carefully hereon.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now