Juan Lang : crypt32: Describe CryptProtectData data format more accurately.

Alexandre Julliard julliard at winehq.org
Thu Nov 8 07:07:30 CST 2007 

Module: wine
Branch: master
Commit: 0d9a5adb0b49f2a3f01b7e22ded6fd22b483ebb1
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=0d9a5adb0b49f2a3f01b7e22ded6fd22b483ebb1

Author: Juan Lang <juan.lang at gmail.com>
Date:   Wed Nov  7 08:09:42 2007 -0800

crypt32: Describe CryptProtectData data format more accurately.

---

 dlls/crypt32/protectdata.c |   21 +++++++++++----------
 1 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/dlls/crypt32/protectdata.c b/dlls/crypt32/protectdata.c
index 3ecd35b..07a5e16 100644
--- a/dlls/crypt32/protectdata.c
+++ b/dlls/crypt32/protectdata.c
@@ -61,21 +61,22 @@ static const BYTE crypt32_protectdata_secret[] = {
  * to be something like this:
 
  DWORD  count0;         - how many "info0_*[16]" blocks follow (was always 1)
- BYTE   info0_0[16];    - unknown information
- ...
+ BYTE   info0_0[16];    - unknown information - persistent across invocations,
+ ...                      reboots, password changes, and users
  DWORD  count1;         - how many "info1_*[16]" blocks follow (was always 1)
- BYTE   info1_0[16];    - unknown information
- ...
+ BYTE   info1_0[16];    - unknown information - unique to each user, but
+ ...                      persistent across reboots and password changes
  DWORD  null0;          - NULL "end of records"?
- DWORD  str_len;        - length of WCHAR string including term
- WCHAR  str[str_len];   - The "dataDescription" value
- DWORD  unknown0;       - unknown value (seems large, but only WORD large)
- DWORD  unknown1;       - unknown value (seems small, less than a BYTE)
+ DWORD  str_len;        - byte length of WCHAR string including term
+ BYTE   str[str_len];   - The "dataDescription" value as a NULL-terminated
+                          little-endian WCHAR string
+ ALG_ID cipher_alg;     - cipher algo - was CALG_3DES
+ DWORD  cipher_key_len; - cipher key bit length - was 0xa8==168
  DWORD  data_len;       - length of data (was 16 in samples)
  BYTE   data[data_len]; - unknown data (fingerprint?)
  DWORD  null1;          - NULL ?
- DWORD  unknown2;       - unknown value (seems large, but only WORD large)
- DWORD  unknown3;       - unknown value (seems small, less than a BYTE)
+ ALG_ID hash_alg;       - hash algo - was CALG_SHA1
+ DWORD  hash_len;       - bit length of hash - was 0xa0==160
  DWORD  salt_len;       - length of salt(?) data
  BYTE   salt[salt_len]; - salt(?) for symmetric encryption
  DWORD  cipher_len;     - length of cipher(?) data - was close to plain len

More information about the wine-cvs mailing list