Questions on reading registry keys with calls to Kernel32.dll

Giganews Newsgroups
Subject: Questions on reading registry keys with calls to Kernel32.dll
Posted by:  T (T@invalid.invalid)
Date: Sat, 28 Dec 2019

Hi All,

Questions on reading registry keys with calls to Kernel32.dll:

References:

https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regop=
enkeyexw
https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regcl=
osekey
https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regqu=
eryvalueexw

I am trying to read the value of this key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Sy=
stem]
"EnableLUA"=3Ddword:00000000
https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regop=
enkeyexw
https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regcl=
osekey
https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regqu=
eryvalueexw

Am I correct that to read a registry key, you must
1) open the key,
2) read the value,
3) close the key?

In these calls, are the pointers 32 bit or 64 bit depending on the=20
version of Windows?

To open the key, I must call
      LSTATUS RegOpenKeyExW(
        HKEY    hKey,
        LPCWSTR lpSubKey,
        DWORD  ulOptions,
        REGSAM  samDesired,
        PHKEY  phkResult
      );

1) Is hKey is the handle of the key I just opened?  And I need to keep=20
track of (save) it.

2) Is this the same hKey used in RegQueryValueExW and RegCloseKey?

LSTATUS RegQueryValueExW(
  HKEY    hKey,
  LPCWSTR lpValueName,
  LPDWORD lpReserved,
  LPDWORD lpType,
  LPBYTE  lpData,
  LPDWORD lpcbData
);
LSTATUS RegCloseKey(
  HKEY hKey
);

what is =E2=80=9ClpSubKey=E2=80=9D?

1) is =E2=80=9ClpSubKey=E2=80=9D

    \Microsoft\Windows\CurrentVersion\Policies\System
or
    \Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
or something else?

2) forward slashes or back slashes?

3) does it use a starting slash?

4) does it use an ending slash?

RegQueryValueExW

1)  what is  lpSubKey?

EnableLUA
or
\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
or something else

Many thanks,
-T

Replies