Secrets are stored encrypted in a secure area of the registry. ---------------------------------------------------------------------------- #include #include "ntsecapi.h" // from the DDK #include int main(void) { LSA_HANDLE LsaHandle; //////////////////// // Open Policy LSA_OBJECT_ATTRIBUTES loa; ACCESS_MASK DesiredAccess; NTSTATUS status; SECURITY_QUALITY_OF_SERVICE sqof; memset(&sqof,0,sizeof(sqof)); memset(&loa,0,sizeof(loa)); sqof.Length =sizeof(sqof); sqof.ImpersonationLevel =SecurityImpersonation; sqof.ContextTrackingMode=SECURITY_DYNAMIC_TRACKING; sqof.EffectiveOnly =FALSE; DesiredAccess=GENERIC_WRITE; loa.Length =sizeof(loa); loa.RootDirectory =NULL; loa.ObjectName =NULL; loa.Attributes =0; loa.SecurityDescriptor =NULL; loa.SecurityQualityOfService=&sqof; status=LsaOpenPolicy(NULL, // local machine &loa, DesiredAccess, &LsaHandle); if(status!=0) { printf("LsaOpenPolicy failed and returned %lx\n",status); return(1); } // Open Policy //////////////////// //////////////////// // Store Data LSA_UNICODE_STRING KeyName; // Name of secret LSA_UNICODE_STRING PrivateData; // secret data KeyName.Buffer =L"JonsKey"; // all LSA stuff is UniCode KeyName.Length =wcslen(KeyName.Buffer)*2; // buffer length in bytes. KeyName.MaximumLength =KeyName.Length+2; PrivateData.Buffer =L"The answer is 42"; //hardly secret but nevermind eh. PrivateData.Length =wcslen(PrivateData.Buffer)*2+2; // need the NULL this time PrivateData.MaximumLength =PrivateData.Length; status=LsaStorePrivateData(LsaHandle, &KeyName, &PrivateData); if(status!=0) { printf("LsaStorePrivateData failed and returned %lx\n",status); } // Store Data //////////////////// //////////////////// // Retrieve Data PLSA_UNICODE_STRING data; KeyName.Buffer =L"JonsKey"; //Secret to read KeyName.Length =wcslen(KeyName.Buffer)*2; KeyName.MaximumLength =KeyName.Length+2; status=LsaRetrievePrivateData(LsaHandle, &KeyName, &data); // read into this string if(status!=0) { printf("LsaRetrievePrivateData failed and returned %lx\n",status); } else { wprintf(L"Data is \"%s\"\n",data->Buffer); LsaFreeMemory(data); // free the memory allocated in retrieve } // Retrieve Data //////////////////// LsaClose(LsaHandle); return(0); } ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- Last updated 25th August '96 Personal jon@brilig.demon.co.uk Work jedwards@drsolomon.com