black-box implementation of CryptProtectData/CryptUnprotectData

[James Hawkins]

On Apr 3, 2005 11:44 PM, Kees Cook <kees at outflux.net> wrote:
> Windows doesn't store the results anywhere: it's just a symmetric crypto
> function.  Since we don't know the function, we have to store the
> original data somewhere so we can return it later.  Since this is
> entirely a Wine-only implementation of the "encryption", I wanted to put
> it somewhere in the registry totally separate from all the other keys.
> Within the Wine tree seemed like the best place.

I understand your logic behind the decision, but while it is true that
the details of wine's implementation of the 'encryption' is different
from that of windows', these details aren't a trait of wine itself. 
Wine is an implementation of the Windows api, but the details of how
we do it should be encapsulated.  What I'm getting at is that just
because this implementation is wine-specific doesn't mean some of the
implementation data should go in Software\Wine.  Software\Wine is
where the configurations of the wine program itself, not its
implementation, are contained.  See what I mean?  btw it's great that
you wrote this code and submitted it.  Sending the code in is the big
first step.  I just think we should get a community opinion on this
matter (ya never know, everyone may disagree with me!).  Keep up the
good coding.

-- 
James Hawkins