Registry Operations using Win32
The basic functions you will need to manipulate registry are :
1.RegOpenKeyEx()- Used to open a registry key.
The definition of the function according to Win32 API reference is like this:
LONG RegOpenKeyEx( HKEY hKey, // handle of open key LPCTSTR lpSubKey, // address of name of subkey to open DWORD ulOptions, // reserved REGSAM samDesired, // security access mask PHKEY phkResult // address of handle of open key );Okay, the syntax is really self explanatory but let me explain if you have any doubts.
First parameter is HKEY hkey. We give the name of the hive which we want to access.
ie , if I want to access HKEY_LOCAL_MACHINE, I would write that.
Second is name of Subkey. For eg, just consider that I need to access the subkey
Then I would write "Software\\Microsoft\\Windows"
Third parameter is ulOptions which is set 0 .
Fourth parameter is samDesired. This describes security access for the key.
Some parameters you can use are KEY_ALL_ACCESS (for complete access),
KEY_EXECUTE (For read access) , KEY_CREATE_SUB_KEY (permission to create sub key) and so on...
For a list of complete values, please refer to MSDN library.
The fifth parameter is PHKEY , which is a pointer to the handle which receives the result of the
The function returns ERROR_SUCCESS if there was no error.
Say, I wanted to access the key
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunI would write the code :
HKEY hKey; LONG res; res=RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_ALL_ACCESS,hKey); if(res!=ERROR_SUCCESS) MessageBox(0,"Error Opening Registry Key","Error",0);The above example is very simple. a variable res checks the return value of RegOpenKeyEx() function and checks
sees if it's ERROR_SUCCESS. If it was ok, then we have handle to the key in handle named hKey .
2.RegCreateKeyEx()- Used to create a new subkey or open an already existing registry key.
The Win32 API reference definition of the function is
LONG RegCreateKeyEx( HKEY hKey, // handle of an open key LPCTSTR lpSubKey, // address of subkey name DWORD Reserved, // reserved LPTSTR lpClass, // address of class string DWORD dwOptions, // special options flag REGSAM samDesired, // desired security access LPSECURITY_ATTRIBUTES lpSecurityAttributes, // address of key security structure PHKEY phkResult, // address of buffer for opened handle LPDWORD lpdwDisposition // address of disposition value buffer );There are 5 new arguments here that you have not seen.
The third argument Reserved is always set as 0.
The fourth argument lpClass points to a null-terminated string that specifies the class (object type) of this key. Thisparameter is ignored if the key already exists. This can be ignored and set as NULL.
The dwOptions flag can be for the time being set as 0 which gives it a default value of REG_OPTION_NON_VOLATILE.
The seventh option pSecurityAttributes can be set as NULL as we are just starting. This is actually a pointer to a
The lpdwDisposition parameter is a pointer to a DWORD value. It accepts values which can be checked to see it the
function has succeeded.
Eg. If I wanted to create or open a subkey
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunThe code would be.
DWORD dwDisposition; HKEY hKey; RegCreateKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, NULL, 0, 0, NULL, &hKey, &dwDisposition); if (dwDisposition != REG_CREATED_NEW_KEY && dwDisposition != REG_OPENED_EXISTING_KEY) MessageBox(0,"The function failed","Error",0);
3. RegQueryValueEx() - Retrieves the type and data for the specified registry value.
The definition is :
LONG RegQueryValueEx( HKEY hKey, // handle of key to query LPTSTR lpValueName, // address of name of value to query LPDWORD lpReserved, // reserved LPDWORD lpType, // address of buffer for value type LPBYTE lpData, // address of data buffer LPDWORD lpcbData // address of data buffer size );The first parameter is the handle to opened key .
The second parameter is the pointer to name of value to be queried.
The third parameter is lpReserved and is set as NULL
The fourth parameter is lpType, which is pointer to variable which recevies the key's value type.
The fifth one is lpData, which is pointer to variable that receives data of the value queried.
The last one os lpcbData. This is a pointer to the variable that specifies the size, in bytes, of lpData.
When the function returns, this variable contains the size of the data copied to lpData.
Eg. Consider that I have opened the subkey
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Runand its handle is hKey.
I have to query the value named "abcd"
The code would be:
DWORD res; DWORD type =REG_DWORD; DWORD cbData =1024; DWORD val; res=RegQueryValueEx(hKey,"abcd", NULL, &type, (LPBYTE)&val, &cbData); if(res!=ERROR_SUCCESS0 MessageBox(0,"Error reading value","Error",0);If the function succeeds, the data will be stored in variable named val .
That is all for today! Will continue the rest later!