Share via

3.1.4.6.4 LsarQuerySecret (Opnum 30)

  • Article

The LsarQuerySecret method is invoked to retrieve the current and old (or previous) value of the secret object.

 NTSTATUS LsarQuerySecret(
   [in] LSAPR_HANDLE SecretHandle,
   [in, out, unique] PLSAPR_CR_CIPHER_VALUE* EncryptedCurrentValue,
   [in, out, unique] PLARGE_INTEGER CurrentValueSetTime,
   [in, out, unique] PLSAPR_CR_CIPHER_VALUE* EncryptedOldValue,
   [in, out, unique] PLARGE_INTEGER OldValueSetTime
 );

SecretHandle: An open secret object handle.

EncryptedCurrentValue: Used to return the encrypted current value of the secret object.

CurrentValueSetTime: Used to return the time when the current value was set.

EncryptedOldValue: A BLOB representing the encrypted old value. It is valid for this parameter to be NULL, in which case the current value in the policy database is copied.

OldValueSetTime: The time corresponding to the instant that the old value was last changed.

Return Values: The following is a summary of the return values that an implementation MUST return, as specified by the message processing that follows.

Return value/code

Description

0x00000000

STATUS_SUCCESS

The request was successfully completed.

0xC0000022

STATUS_ACCESS_DENIED

The caller does not have the permissions to perform this operation.

0xC0000008

STATUS_INVALID_HANDLE

SecretHandle is not a valid handle.

Processing:

This message takes five arguments:

SecretHandle: An open handle to a secret object. If the handle is not a valid context handle to a secret object or SecretHandle.HandleType does not equal "Secret", the server MUST return STATUS_INVALID_HANDLE. The server MUST verify that SecretHandle grants access as specified in section 3.1.4.2.2 with RequiredAccess set to SECRET_QUERY_VALUE.<84>

EncryptedCurrentValue: Used to return the current value of the secret, encrypted as specified in section 5.1.2. This parameter can be NULL if the caller is not interested in this information.<85>

CurrentValueSetTime:  The time corresponding to the instant that the current value was last changed. This parameter can be NULL if the caller is not interested in this information.

EncryptedOldValue: Used to return the old value of the secret, encrypted as specified in section 5.1.2. This parameter can be NULL if the caller is not interested in this information.<86>

OldValueSetTime: The time corresponding to the instance that the old value was last changed. This parameter can be NULL if the caller is not interested in this information.