black-box implementation of CryptProtectData/CryptUnprotectData

Kees Cook kees at outflux.net
Sun Apr 3 23:44:13 CDT 2005


On Sun, Apr 03, 2005 at 11:04:53PM -0500, James Hawkins wrote:
> On Apr 3, 2005 10:12 PM, Kees Cook <kees at outflux.net> wrote:
> > To store the triplets, these functions use the registry:
> > 
> > Registry Layout:
> >     HKEY_CURRENT_USER\Software\Wine\Crypt\ProtectData\Map\[index]
> >         Cipher:          HEX string
> >         Entropy:         HEX string
> >         DataDescription: WCHAR
> >         Plain:           HEX string
> > 
> 
> I'll have to be honest that I haven't looked over the code yet, but I
> do have a concern.  Do these values have to be stored under
> Software\Wine?  That location is for wine-specific configuration
> options and not api use, unless I'm mistaken.  Do we know if this data
> is stored in the registry in windows, and if so where is it stored?
> (because I know it's not Software\Wine ;-)

Windows doesn't store the results anywhere: it's just a symmetric crypto 
function.  Since we don't know the function, we have to store the 
original data somewhere so we can return it later.  Since this is 
entirely a Wine-only implementation of the "encryption", I wanted to put 
it somewhere in the registry totally separate from all the other keys.  
Within the Wine tree seemed like the best place.

-- 
Kees Cook                                            @outflux.net



More information about the wine-devel mailing list