Opening a Windows Registry Key with C

The registry is a database for system and application configuration information. We access registry values through registry keys, which in turn can contain other keys, or else key/value pairs.

Information stored in the registry includes the Windows version number, information about the computer’s hardware, user-specific information, security information, installed services, and more.

Several predefined keys function as entry points into the registry. The HKEY_LOCAL_MACHINE key stores physical information about the system, along with information about installed software. The HKEY_USERS key stores user configuration information. The HKEY_CURRENT_USER key stores user-specific information, including environment variables and application preferences. The HKEY_CURRENT_CONFIG key defines current settings, such as display resolution and fonts.

We can access and manage the registry through a number of registry API functions. Registry management functions empower us to query and modify the key/value pairs that make up the registry, as well as create new subkeys and key/value pairs.

The RegOpenKeyEx() function can be used to open a named subkey. The function takes five parameters. The first parameter can be an HKEY handle, or else one of eight predefined keys.

#include "stdafx.h"
#include <Windows.h>

int main()
{
 printf("HKEY_CLASSES_ROOT (%x) - used by shell and COM applications.\n", HKEY_CLASSES_ROOT);
 printf("HKEY_CURRENT_USER (%p) - defines the preferences of the current user.\n", HKEY_CURRENT_USER);
 printf("HKEY_LOCAL_MACHINE (%p) - defines the physical state of the computer, including plug and play informaton.\n", HKEY_LOCAL_MACHINE);
 printf("HKEY_USERS (%p) - defines the default configuration for new users and the configuration for the current user.\n", HKEY_USERS);
 printf("HKEY_CURRENT_CONFIG (%p) - contains information about the current hardware profile of the local system.\n", HKEY_CURRENT_CONFIG);

 return 0;
}

The second parameter is the name of the subkey we wish to open. The subkey can be a path, or we can specify NULL here; this causes a new, duplicate key to be opened. The third parameter is reserved; we must specify 0 here. The fourth parameter is an access mask that describes the security level for the new key.

#include "stdafx.h"
#include <Windows.h>

int main()
{
 printf("KEY_ALL_ACCESS (%p)\n", KEY_ALL_ACCESS);
 printf("KEY_WRITE (%p)\n", KEY_WRITE);
 printf("KEY_QUERY_VALUE (%p)\n", KEY_QUERY_VALUE);
 printf("KEY_ENUMERATE_SUB_KEYS (%p)\n", KEY_ENUMERATE_SUB_KEYS);

 return 0;
}

Note that the function fails if the specified key’s security descriptor does not permit the requested level of access. Upon success, the function returns ERROR_SUCCESS.

 #include "stdafx.h"
#include <Windows.h>

int main()
{
 HKEY hTheKey;
 long long int llRValue;
 
 llRValue = RegOpenKeyEx(
 HKEY_CURRENT_USER, //use predefined key
 NULL, //just open a copy of above
 0, //don't mess with this one
 KEY_QUERY_VALUE, //just asking questions
 &hTheKey //pointer to HKEY variable
 );

 //check the return value
 if (llRValue == ERROR_SUCCESS) {
 printf("Duplicate registry key created!\n");
 }
 else {
 printf("Duplicate registry key not created!\n");
 }

 return 0;
}

We should close an open key handle with the RegCloseKey() function.

#include "stdafx.h"
#include <Windows.h>

int main()
{
 HKEY hOurKey;
 long long llReturn;
 WCHAR wszRegistryKeyName[] = L"SOFTWARE\\Microsoft";


 llReturn = RegOpenKeyEx(
 HKEY_LOCAL_MACHINE,
 wszRegistryKeyName,
 0,
 KEY_READ,
 &hOurKey
 );

 if (llReturn == ERROR_SUCCESS) {
 printf("Key acquired!\n");
 }
 else {
 printf("Key not acquired!\n");
 exit(EXIT_FAILURE);
 }

 //clean up!!!
 RegCloseKey(hOurKey);

 return 0;
}

Note that registry keys are not case sensitive.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s