Question about implementing a test for BCryptGetFipsAlgorithmMode

Vincent Povirk madewokherd at
Fri Sep 19 13:01:08 CDT 2014

> To properly test the function, I'd have to write to a registry key in
> HKLM\System\CurrentControlSet\Control\Lsa. Is it safe to assume that the
> test has write access to this key?

If you need to do something that requires admin privileges, you should
try to do it and check for an access denied error. If it fails with
access denied, you should skip the test. (Ideally, you should try
running your test with a limited account on Windows.)

I would be more worried about the fact that it's changing a global
user preference. Maybe you should just read the key and verify that
the API matches the value there.

> Additionally, I noticed I put a small bug in the code, returning false for
> all registry values which are multiples of 256, which is a result of simply
> casting a registry DWORD value to a BOOLEAN. To my surprise, the original
> function - tested with WinXP and Win7 - has the same bug, so I wouldn't fix
> my implementation before sending in the patch if no one votes against it.

This is probably more depth than you should be putting into
investigating native's behavior. If it's supposed to be a boolean, and
the expected values are 1 and 0, you can assume it's one of those and
not worry about what happens if it's 256 (unless you know a real
application that sets that value).

More information about the wine-devel mailing list