🟣KeyProtection
Specifies a value that indicates how a private key is protected before use.
These values are only used for Microsoft's certreq command.
XCN_NCRYPT_UI_NO_PROTECTION_FLAG
0
The protection level is not specified.
XCN_NCRYPT_UI_PROTECT_KEY_FLAG
1
A user interface is displayed to indicate that a process is attempting to use the key. The exact behavior is specified by the KSP or CSP being used. Some Microsoft legacy CSPs allow the client to decide whether a password is required to use the key or whether the user must only acknowledge a prompt.
XCN_NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG
2
Specifies strong key protection. The user is typically prompted to enter a password when the key is created and whenever the key is used. The exact behavior is specified by the KSP being used. This value is not supported by the Certificate Enrollment API for legacy CSPs.
XCN_NCRYPT_UI_FINGERPRINT_PROTECTION_FLAG
4
Uses fingerprint protection (not compatible with Yubikey).
XCN_NCRYPT_UI_APPCONTAINER_ACCESS_MEDIUM_FLAG
8
Unknown
Last updated