| -api-id | -api-type |
|---|---|
M:Windows.Security.Cryptography.DataProtection.DataProtectionProvider.#ctor(System.String) |
winrt method |
Constructor used for encryption operations. Use this constructor before calling the ProtectAsync or ProtectStreamAsync methods.
Contains the protection descriptor that determines the entity to which the data will be encrypted. For more information, see Remarks.
Do not use this constructor before starting a decryption operation. You must use the DataProtectionProvider() constructor instead.
For security descriptors and SDDL strings, you must set the enterprise authentication capability in the manifest. The enterprise authentication capability is restricted to apps built with company accounts, and is subject to additional onboarding validation. You should avoid the enterprise authentication capability unless it is absolutely necessary. For example, the following SID and SDDL providers require the enterprise authentication capability:
- "SID=S-1-5-21-4392301 AND SID=S-1-5-21-3101812"
- "SDDL=O:S-1-5-5-0-290724G:SYD:(A;;CCDC;;;S-1-5-5-0-290724)(A;;DC;;;WD)"
These providers do not require the enterprise authentication capability on either platform:
- "LOCAL=user"
- "LOCAL=machine"
These providers do not require the enterprise authentication capability on Windows:
- "WEBCREDENTIALS=MyPasswordName"
- "WEBCREDENTIALS=MyPasswordName,myweb.com"