Platform SDK: Files and I/O

EncryptionDisable

The EncryptionDisable function disables or enables encryption of the indicated directory and the files in it. It does not affect encryption of subdirectories below the indicated directory.

BOOL EncryptionDisable(
    LPCWSTR DirPath,  // directory name
    BOOL Disable      // encryption option
);

Parameters

DirPath
[in] Pointer to a null-terminated Unicode string that specifies the name of the directory for which to enable or disable encryption.
Disable
[in] Indicates whether to disable encryption (TRUE) or enable it (FALSE).

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

Under normal circumstances, EncryptFile will not encrypt files and directories with the FILE_ATTRIBUTE_SYSTEM attribute set. It is possible to override the FILE_ATTRIBUTE_SYSTEM attribute and encrypt files. Also, if a file or directory is marked with the FILE_ATTRIBUTE_SYSTEM attribute, it will normally be invisible to the user in directory listings and Windows Explorer directory windows. EncryptionDisable disables encryption of directories and files. It does not affect the visibility of files with the FILE_ATTRIBUTE_SYSTEM attribute set.

If TRUE is passed in, EncryptionDisable will write

[Encryption]
Disable=1

to the Desktop.ini file in the directory (creating it if necessary). If the section already exists but Disable is set to 0, it will be set to 1.

Thereafter, EncryptFile will fail on the directory and the files in it, and the code that GetLastError returns will be FILE_DIR_DISALLOWED. This function does not affect encryption of subdirectories within the given directory.

The user can also manually add or edit the above lines in the Desktop.ini file and produce the same effect.

EncryptionDisable affects only FileEncryptionStatus and EncryptFile. After the directory is encrypted, any new files and new subdirectories created without the FILE_ATTRIBUTE_SYSTEM attribute will be encrypted.

If FALSE is passed in, EncryptionDisable will write

[Encryption]
Disable=0

and file encryption is permitted on the files in that directory.

If you try to use EncryptionDisable to set the directory to the state it is already in, the function succeeds but has no effect.

If you try to use EncryptionDisable to disable or enable encryption on a file, the attempt will fail.

Requirements

  Windows NT/2000: Requires Windows 2000.
  Windows 95/98: Unsupported.
  Header: Declared in Winefs.h; include Windows.h.
  Library: Use Advapi32.lib.
  Unicode: Implemented as Unicode and ANSI versions on Windows 2000.

See Also

File Systems Overview, File System Functions, DecryptFile, EncryptFile, FileEncryptionStatus, GetFileAttributes