RtlDecryptMemory function (ntsecapi.h)
[The RtlDecryptMemory function is available for use in the operating systems specified in the Requirements section. It may be altered or unavailable in subsequent versions. Instead, use the CryptUnprotectMemory function.]
The RtlDecryptMemory function decrypts memory contents previously encrypted by the RtlEncryptMemory function.
Syntax
NTSTATUS RtlDecryptMemory(
[in, out] PVOID Memory,
[in] ULONG MemorySize,
[in] ULONG OptionFlags
);
Parameters
[in, out] Memory
A pointer to the memory to encrypt. The size of the memory must be a multiple of the RTL_ENCRYPT_MEMORY_SIZE constant.
[in] MemorySize
Number of bytes to which Memory points. The number of bytes must be a multiple of the RTL_ENCRYPT_MEMORY_SIZE constant.
[in] OptionFlags
Value that specifies how the encryption works over process boundaries and impersonation. This parameter can be one of the following values. The values are mutually exclusive. You must specify the same flag when encrypting and decrypting the memory.
Return value
If the function is successful, the return value is STATUS_SUCCESS.
If the function fails, the return value is an NTSTATUS code that indicates the error.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows XP, Windows XP [desktop apps only] |
Minimum supported server | Windows Server 2003, Windows Server 2003 [desktop apps only] |
Target Platform | Windows |
Header | ntsecapi.h |
DLL | Advapi32.dll |