crypt32: CryptProtectData/CryptUnprotectData
Kees Cook
kees at outflux.net
Wed Apr 13 10:51:31 CDT 2005
On Wed, Apr 13, 2005 at 12:16:44PM +0200, Alexandre Julliard wrote:
> I don't understand while you come up with such an elaborate scheme of
> storing things in the registry when it's clearly not the way this
> thing is supposed to work. If you can't figure out what Windows does,
> then just xoring the data with 0xdeadbeef or something like this would
> be at least as secure as your solution, and would actually be much
> closer to the proper behavior.
Mostly I did this because there is some optional data (description,
entropy). I didn't want to have to invent a data format to store all of
that in, so I used the registry to do it instead.
Another reason I did it this way was so that it was easily to examine
and change the information getting passed back from the Crypt*Data
functions. But I suppose, I can just use FIXME's for this.
I don't like the ssh-agent idea because not everyone uses ssh-agent. If
inventing a data format and XORing stuff is prefered, I can write it
that way.
What direction should I take this?
--
Kees Cook @outflux.net
More information about the wine-devel
mailing list