Microsoft KB Archive/329096

= FIX: Encryption Keys Are Not Stored in the System Registry =

Article ID: 329096

Article Last Modified on 5/27/2005

-

APPLIES TO


 * Microsoft Windows CE .NET 4.0

-



This article was previously published under Q329096



SYMPTOMS
Encrypted information, such as passwords to network shares and Remote Desktop connections, is not retained through a system suspend and resume or a warm reset on operating systems that do not retain the contents of RAM through such events.



CAUSE
Windows CE .NET stores the encryption key information in files in the Windows folder instead of in the system registry. When an operating system (OS) design implements a registry persistence, such as with registry hive, WriteRegistryToOEM support, or RegCopyFile, the encryption keys are not saved. After you perform a system restart where the contents of the RAM file system is not retained, you cannot decrypt some registry data.



RESOLUTION
A supported software update is now available from Microsoft as Windows CE 4.0 Core OS QFE 329096. To resolve this problem immediately, click the following article number for information about obtaining Windows CE Platform Builder and core operating system software updates:

837392 How to locate core operating system fixes for Microsoft Windows CE Platform Builder products

The English version of this package should have the following file attributes or later:   Date         Time   Version     Size     File name ---  06-Dec-2002  00:49  4.0.2.1205  715,360  021205_armv4i_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  703,072  021205_armv4t_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  715,360  021205_armv4_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  666,208  021205_mips16_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  744,032  021205_mipsii_fp_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  744,032  021205_mipsii_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  760,416  021205_mipsiv_fp_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  760,416  021205_mipsiv_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  686,688  021205_sh3_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  686,688  021205_sh4_wce40-q329096.exe 06-Dec-2002 00:49  4.0.2.1205  621,152  021205_x86_wce40-q329096.exe The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.   Date         Time                     Size     File name --  Path: Public\Common\Oak\Lib\Armv4\Debug 20-Nov-2002 18:15                    129,602  Fsprofile.lib 20-Nov-2002 18:15                     86,016  Fsprofile.pdb 20-Nov-2002 18:15                    310,414  Fsreg.lib 20-Nov-2002 18:15                     69,632  Fsreg.pdb 20-Nov-2002 18:15                    362,494  Fsreghive.lib 20-Nov-2002 18:15                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4\Retail 20-Nov-2002 18:14                    108,414  Fsprofile.lib 20-Nov-2002 18:14                     86,016  Fsprofile.pdb 20-Nov-2002 18:14                    213,404  Fsreg.lib 20-Nov-2002 18:14                     69,632  Fsreg.pdb 20-Nov-2002 18:14                    244,568  Fsreghive.lib 20-Nov-2002 18:14                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4i\Debug 20-Nov-2002 18:17                    129,736  Fsprofile.lib 20-Nov-2002 18:17                     86,016  Fsprofile.pdb 20-Nov-2002 18:17                    310,760  Fsreg.lib 20-Nov-2002 18:17                     69,632  Fsreg.pdb 20-Nov-2002 18:17                    362,862  Fsreghive.lib 20-Nov-2002 18:17                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4i\Retail 20-Nov-2002 18:17                    108,548  Fsprofile.lib 20-Nov-2002 18:17                     86,016  Fsprofile.pdb 20-Nov-2002 18:17                    213,714  Fsreg.lib 20-Nov-2002 18:17                     69,632  Fsreg.pdb 20-Nov-2002 18:17                    244,930  Fsreghive.lib 20-Nov-2002 18:17                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4t\Debug 20-Nov-2002 18:16                    124,418  Fsprofile.lib 20-Nov-2002 18:16                     86,016  Fsprofile.pdb 20-Nov-2002 18:16                    294,280  Fsreg.lib 20-Nov-2002 18:16                     69,632  Fsreg.pdb 20-Nov-2002 18:16                    344,806  Fsreghive.lib 20-Nov-2002 18:16                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4t\Retail 20-Nov-2002 18:15                    106,364  Fsprofile.lib 20-Nov-2002 18:15                     86,016  Fsprofile.pdb 20-Nov-2002 18:16                    209,622  Fsreg.lib 20-Nov-2002 18:16                     69,632  Fsreg.pdb 20-Nov-2002 18:15                    240,186  Fsreghive.lib 20-Nov-2002 18:15                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mips16\Debug 20-Nov-2002 18:20                    117,998  Fsprofile.lib 20-Nov-2002 18:20                     86,016  Fsprofile.pdb 20-Nov-2002 18:20                    272,864  Fsreg.lib 20-Nov-2002 18:20                     69,632  Fsreg.pdb 20-Nov-2002 18:20                    320,300  Fsreghive.lib 20-Nov-2002 18:20                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mips16\Retail 20-Nov-2002 18:20                     94,746  Fsprofile.lib 20-Nov-2002 18:20                     86,016  Fsprofile.pdb 20-Nov-2002 18:20                    178,370  Fsreg.lib 20-Nov-2002 18:20                     69,632  Fsreg.pdb 20-Nov-2002 18:20                    208,156  Fsreghive.lib 20-Nov-2002 18:20                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsii\Debug 20-Nov-2002 18:18                    132,088  Fsprofile.lib 20-Nov-2002 18:18                     86,016  Fsprofile.pdb 20-Nov-2002 18:18                    324,378  Fsreg.lib 20-Nov-2002 18:18                     69,632  Fsreg.pdb 20-Nov-2002 18:18                    376,382  Fsreghive.lib 20-Nov-2002 18:18                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsii\Retail 20-Nov-2002 18:18                    109,374  Fsprofile.lib 20-Nov-2002 18:18                     86,016  Fsprofile.pdb 20-Nov-2002 18:18                    215,732  Fsreg.lib 20-Nov-2002 18:18                     69,632  Fsreg.pdb 20-Nov-2002 18:18                    249,004  Fsreghive.lib 20-Nov-2002 18:18                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\MipsII_fp\Debug 20-Nov-2002 18:21                    132,128  Fsprofile.lib 20-Nov-2002 18:21                     86,016  Fsprofile.pdb 20-Nov-2002 18:21                    324,438  Fsreg.lib 20-Nov-2002 18:21                     69,632  Fsreg.pdb 20-Nov-2002 18:21                    376,450  Fsreghive.lib 20-Nov-2002 18:21                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\MipsII_fp\Retail 20-Nov-2002 18:21                    109,416  Fsprofile.lib 20-Nov-2002 18:21                     86,016  Fsprofile.pdb 20-Nov-2002 18:21                    215,794  Fsreg.lib 20-Nov-2002 18:21                     69,632  Fsreg.pdb 20-Nov-2002 18:21                    249,078  Fsreghive.lib 20-Nov-2002 18:21                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsiv\Debug 20-Nov-2002 18:19                    134,098  Fsprofile.lib 20-Nov-2002 18:19                     86,016  Fsprofile.pdb 20-Nov-2002 18:19                    333,164  Fsreg.lib 20-Nov-2002 18:19                     69,632  Fsreg.pdb 20-Nov-2002 18:19                    386,104  Fsreghive.lib 20-Nov-2002 18:19                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsiv\Retail 20-Nov-2002 18:19                    111,614  Fsprofile.lib 20-Nov-2002 18:19                     86,016  Fsprofile.pdb 20-Nov-2002 18:19                    224,060  Fsreg.lib 20-Nov-2002 18:19                     69,632  Fsreg.pdb 20-Nov-2002 18:19                    258,110  Fsreghive.lib 20-Nov-2002 18:19                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsiv_fp\Debug 20-Nov-2002 18:22                    134,138  Fsprofile.lib 20-Nov-2002 18:22                     86,016  Fsprofile.pdb 20-Nov-2002 18:22                    333,224  Fsreg.lib 20-Nov-2002 18:22                     69,632  Fsreg.pdb 20-Nov-2002 18:22                    386,172  Fsreghive.lib 20-Nov-2002 18:22                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsiv_fp\Retail 20-Nov-2002 18:22                    111,652  Fsprofile.lib 20-Nov-2002 18:22                     86,016  Fsprofile.pdb 20-Nov-2002 18:22                    224,118  Fsreg.lib 20-Nov-2002 18:22                     69,632  Fsreg.pdb 20-Nov-2002 18:22                    258,180  Fsreghive.lib 20-Nov-2002 18:22                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Sh3\Debug 20-Nov-2002 18:13                    118,490  Fsprofile.lib 20-Nov-2002 18:13                     86,016  Fsprofile.pdb 20-Nov-2002 18:13                    273,250  Fsreg.lib 20-Nov-2002 18:13                     69,632  Fsreg.pdb 20-Nov-2002 18:13                    322,080  Fsreghive.lib 20-Nov-2002 18:13                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Sh3\Retail 20-Nov-2002 18:12                    101,240  Fsprofile.lib 20-Nov-2002 18:12                     86,016  Fsprofile.pdb 20-Nov-2002 18:12                    193,886  Fsreg.lib 20-Nov-2002 18:12                     69,632  Fsreg.pdb 20-Nov-2002 18:12                    224,546  Fsreghive.lib 20-Nov-2002 18:12                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Sh4\Debug 20-Nov-2002 18:14                    118,466  Fsprofile.lib 20-Nov-2002 18:14                     86,016  Fsprofile.pdb 20-Nov-2002 18:14                    273,174  Fsreg.lib 20-Nov-2002 18:14                     69,632  Fsreg.pdb 20-Nov-2002 18:14                    321,984  Fsreghive.lib 20-Nov-2002 18:14                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Sh4\Retail 20-Nov-2002 18:13                    101,178  Fsprofile.lib 20-Nov-2002 18:13                     86,016  Fsprofile.pdb 20-Nov-2002 18:13                    193,696  Fsreg.lib 20-Nov-2002 18:13                     69,632  Fsreg.pdb 20-Nov-2002 18:13                    224,386  Fsreghive.lib 20-Nov-2002 18:13                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\X86\Debug 20-Nov-2002 18:12                    114,254  Fsprofile.lib 20-Nov-2002 18:12                     86,016  Fsprofile.pdb 20-Nov-2002 18:12                    263,794  Fsreg.lib 20-Nov-2002 18:12                     69,632  Fsreg.pdb 20-Nov-2002 18:12                    308,516  Fsreghive.lib 20-Nov-2002 18:12                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\X86\Retail 20-Nov-2002 18:11                     88,136  Fsprofile.lib 20-Nov-2002 18:11                     86,016  Fsprofile.pdb 20-Nov-2002 18:11                    166,848  Fsreg.lib 20-Nov-2002 18:11                     69,632  Fsreg.pdb 20-Nov-2002 18:11                    190,922  Fsreghive.lib 20-Nov-2002 18:11                     69,632  Fsreghive.pdb



MORE INFORMATION
This fix makes a change that adds the option to store the encryption keys in the system registry so that the persistent registry implementation will retain the encryption keys. To activate storage of encryption keys in the registry instead of as a file in the Windows folder, you must include the following registry value in the OS:

If you do not set this key, or if you set this key to 0, the encryption keys are stored in a file as before.

Important
 * On some operating systems, if you have the CryptProtectData keys in the registry, an unauthorized user may gain access to them more easily.
 * If the operating system uses the OS SetPassword/CheckPassword API, and protects the system keys by using this password, you cannot use the keys after you restore the registry because the OS device password is not persisted unless you use the hive-based registry.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

Keywords: kbbug kbfix KB329096

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.