crypt32: CryptProtectData/CryptUnprotectData

[Alexandre Julliard]

Michael Jung <mjung at iss.tu-darmstadt.de> writes:

> In my opinion, the Crypt(Un)ProtectData APIs should basically be implemented 
> as no-ops at the moment (IMHO XOR-ing with some magic value is senseless in 
> an open source project. I think it's not a good idea, since it gives the 
> impression of security, where there is none). As far as I understand, passing 
> back the input DATA_BLOB just as it was given by the caller should work just 
> fine. A FIXME on the command line telling the user that his data is not 
> actually protected would be appropriate. 

The idea of using a XOR is not to provide any security, it's just to
make sure the code goes through the proper motions so that plugging in
real encryption later on is easier. If you simply pass the data
through you are not really exercising the functionality.  Of course it
would be even better to do true encryption with a hardcoded key; it
still doesn't provide any security, but it's much closer to the
desired end result, which makes it more likely that someone will be
able to plug in the missing step.

-- 
Alexandre Julliard
julliard at winehq.org