Microsoft KB Archive/329102

= FIX: Encryption Keys Are Not Stored in the System Registry =

Article ID: 329102

Article Last Modified on 5/27/2005

-

APPLIES TO


 * Microsoft Windows CE .NET 4.1

-



This article was previously published under Q329102



SYMPTOMS
Encrypted information, such as passwords to network shares and Remote Desktop connections, is not retained through a system suspend and resume or a warm reset on operating systems that do not retain the contents of RAM through such events.



CAUSE
Windows CE .NET stores the encryption key information in files in the Windows folder instead of in the system registry. When an operating system (OS) design implements a registry persistence, such as with registry hive, WriteRegistryToOEM support, or RegCopyFile, the encryption keys are not saved. After you perform a system restart where the contents of the RAM file system is not retained, you cannot decrypt some registry data.



RESOLUTION
A supported software update is now available from Microsoft as Windows CE 4.1 Core OS QFE 329102. To resolve this problem immediately, click the following article number for information about obtaining Windows CE Platform Builder and core operating system software updates:

837392 How to locate core operating system fixes for Microsoft Windows CE Platform Builder products

The English version of this package should have the following file attributes or later:   Date         Time   Version     Size     File name ---  08-Nov-2002  18:21  4.1.2.1028  731,744  021028_armv4i_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  711,264  021028_armv4t_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  731,744  021028_armv4_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  678,496  021028_mips16_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  760,416  021028_mipsii_fp_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  760,416  021028_mipsii_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  776,800  021028_mipsiv_fp_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  776,800  021028_mipsiv_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  694,880  021028_sh3_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  694,880  021028_sh4_wce41-q329102.exe 08-Nov-2002 18:21  4.1.2.1028  629,344  021028_x86_wce41-q329102.exe The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.   Date         Time                     Size     File name --  Path: Public\Common\Oak\Lib\Armv4\Debug 18-Oct-2002 21:09                    131,750  Fsprofile.lib 18-Oct-2002 21:09                     86,016  Fsprofile.pdb 18-Oct-2002 21:09                    317,520  Fsreg.lib 18-Oct-2002 21:09                     69,632  Fsreg.pdb 18-Oct-2002 21:09                    376,218  Fsreghive.lib 18-Oct-2002 21:09                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4\Retail 18-Oct-2002 21:09                    105,348  Fsprofile.lib 18-Oct-2002 21:09                     86,016  Fsprofile.pdb 18-Oct-2002 21:09                    209,802  Fsreg.lib 18-Oct-2002 21:09                     69,632  Fsreg.pdb 18-Oct-2002 21:09                    244,510  Fsreghive.lib 18-Oct-2002 21:09                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4i\Debug 18-Oct-2002 21:08                    131,886  Fsprofile.lib 18-Oct-2002 21:08                     86,016  Fsprofile.pdb 18-Oct-2002 21:08                    317,856  Fsreg.lib 18-Oct-2002 21:08                     69,632  Fsreg.pdb 18-Oct-2002 21:08                    376,582  Fsreghive.lib 18-Oct-2002 21:08                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4i\Retail 18-Oct-2002 21:08                    105,506  Fsprofile.lib 18-Oct-2002 21:08                     86,016  Fsprofile.pdb 18-Oct-2002 21:08                    209,990  Fsreg.lib 18-Oct-2002 21:08                     69,632  Fsreg.pdb 18-Oct-2002 21:08                    244,838  Fsreghive.lib 18-Oct-2002 21:08                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4t\Debug 18-Oct-2002 21:07                    126,404  Fsprofile.lib 18-Oct-2002 21:07                     86,016  Fsprofile.pdb 18-Oct-2002 21:08                    300,156  Fsreg.lib 18-Oct-2002 21:08                     69,632  Fsreg.pdb 18-Oct-2002 21:08                    356,948  Fsreghive.lib 18-Oct-2002 21:08                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Armv4t\Retail 18-Oct-2002 21:07                    103,496  Fsprofile.lib 18-Oct-2002 21:07                     86,016  Fsprofile.pdb 18-Oct-2002 21:07                    206,580  Fsreg.lib 18-Oct-2002 21:07                     69,632  Fsreg.pdb 18-Oct-2002 21:07                    241,364  Fsreghive.lib 18-Oct-2002 21:07                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mips16\Debug 18-Oct-2002 21:11                    119,618  Fsprofile.lib 18-Oct-2002 21:11                     86,016  Fsprofile.pdb 18-Oct-2002 21:11                    276,000  Fsreg.lib 18-Oct-2002 21:11                     69,632  Fsreg.pdb 18-Oct-2002 21:11                    328,148  Fsreghive.lib 18-Oct-2002 21:11                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mips16\Retail 18-Oct-2002 21:10                     94,968  Fsprofile.lib 18-Oct-2002 21:10                     86,016  Fsprofile.pdb 18-Oct-2002 21:10                    179,442  Fsreg.lib 18-Oct-2002 21:10                     69,632  Fsreg.pdb 18-Oct-2002 21:10                    212,110  Fsreghive.lib 18-Oct-2002 21:10                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsii\Debug 18-Oct-2002 21:10                    133,940  Fsprofile.lib 18-Oct-2002 21:10                     86,016  Fsprofile.pdb 18-Oct-2002 21:10                    334,028  Fsreg.lib 18-Oct-2002 21:10                     69,632  Fsreg.pdb 18-Oct-2002 21:10                    392,440  Fsreghive.lib 18-Oct-2002 21:10                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsii\Retail 18-Oct-2002 21:09                    110,288  Fsprofile.lib 18-Oct-2002 21:09                     86,016  Fsprofile.pdb 18-Oct-2002 21:10                    218,802  Fsreg.lib 18-Oct-2002 21:10                     69,632  Fsreg.pdb 18-Oct-2002 21:09                    255,654  Fsreghive.lib 18-Oct-2002 21:09                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsii_fp\Debug 18-Oct-2002 21:11                    133,982  Fsprofile.lib 18-Oct-2002 21:11                     86,016  Fsprofile.pdb 18-Oct-2002 21:11                    334,088  Fsreg.lib 18-Oct-2002 21:11                     69,632  Fsreg.pdb 18-Oct-2002 21:11                    392,508  Fsreghive.lib 18-Oct-2002 21:11                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsii_fp\Retail 18-Oct-2002 21:11                    110,314  Fsprofile.lib 18-Oct-2002 21:11                     86,016  Fsprofile.pdb 18-Oct-2002 21:11                    218,842  Fsreg.lib 18-Oct-2002 21:11                     69,632  Fsreg.pdb 18-Oct-2002 21:11                    255,700  Fsreghive.lib 18-Oct-2002 21:11                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsiv\Debug 18-Oct-2002 21:15                    137,194  Fsprofile.lib 18-Oct-2002 21:15                     86,016  Fsprofile.pdb 18-Oct-2002 21:15                    340,154  Fsreg.lib 18-Oct-2002 21:15                     69,632  Fsreg.pdb 18-Oct-2002 21:15                    398,662  Fsreghive.lib 18-Oct-2002 21:15                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsiv\Retail 18-Oct-2002 21:14                    112,198  Fsprofile.lib 18-Oct-2002 21:14                     86,016  Fsprofile.pdb 18-Oct-2002 21:14                    221,870  Fsreg.lib 18-Oct-2002 21:14                     69,632  Fsreg.pdb 18-Oct-2002 21:14                    258,596  Fsreghive.lib 18-Oct-2002 21:14                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsiv_fp\Debug 18-Oct-2002 21:13                    137,236  Fsprofile.lib 18-Oct-2002 21:13                     86,016  Fsprofile.pdb 18-Oct-2002 21:13                    340,214  Fsreg.lib 18-Oct-2002 21:13                     69,632  Fsreg.pdb 18-Oct-2002 21:13                    398,730  Fsreghive.lib 18-Oct-2002 21:13                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Mipsiv_fp\Retail 18-Oct-2002 21:13                    112,224  Fsprofile.lib 18-Oct-2002 21:13                     86,016  Fsprofile.pdb 18-Oct-2002 21:13                    221,910  Fsreg.lib 18-Oct-2002 21:13                     69,632  Fsreg.pdb 18-Oct-2002 21:13                    258,642  Fsreghive.lib 18-Oct-2002 21:13                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Sh3\Debug 18-Oct-2002 21:12                    120,884  Fsprofile.lib 18-Oct-2002 21:12                     86,016  Fsprofile.pdb 18-Oct-2002 21:12                    278,504  Fsreg.lib 18-Oct-2002 21:12                     69,632  Fsreg.pdb 18-Oct-2002 21:12                    331,708  Fsreghive.lib 18-Oct-2002 21:12                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Sh3\Retail 18-Oct-2002 21:12                    101,314  Fsprofile.lib 18-Oct-2002 21:12                     86,016  Fsprofile.pdb 18-Oct-2002 21:12                    194,644  Fsreg.lib 18-Oct-2002 21:12                     69,632  Fsreg.pdb 18-Oct-2002 21:12                    228,164  Fsreghive.lib 18-Oct-2002 21:12                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Sh4\Debug 18-Oct-2002 21:14                    120,858  Fsprofile.lib 18-Oct-2002 21:14                     86,016  Fsprofile.pdb 18-Oct-2002 21:14                    278,426  Fsreg.lib 18-Oct-2002 21:14                     69,632  Fsreg.pdb 18-Oct-2002 21:14                    331,606  Fsreghive.lib 18-Oct-2002 21:14                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\Sh4\Retail 18-Oct-2002 21:13                    101,252  Fsprofile.lib 18-Oct-2002 21:13                     86,016  Fsprofile.pdb 18-Oct-2002 21:13                    194,470  Fsreg.lib 18-Oct-2002 21:13                     69,632  Fsreg.pdb 18-Oct-2002 21:13                    227,984  Fsreghive.lib 18-Oct-2002 21:13                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\X86\Debug 18-Oct-2002 21:07                    115,864  Fsprofile.lib 18-Oct-2002 21:07                     86,016  Fsprofile.pdb 18-Oct-2002 21:07                    270,766  Fsreg.lib 18-Oct-2002 21:07                     69,632  Fsreg.pdb 18-Oct-2002 21:07                    320,366  Fsreghive.lib 18-Oct-2002 21:07                     69,632  Fsreghive.pdb

Path: Public\Common\Oak\Lib\X86\Retail 18-Oct-2002 21:06                     88,258  Fsprofile.lib 18-Oct-2002 21:06                     86,016  Fsprofile.pdb 18-Oct-2002 21:06                    167,898  Fsreg.lib 18-Oct-2002 21:06                     69,632  Fsreg.pdb 18-Oct-2002 21:06                    194,526  Fsreghive.lib 18-Oct-2002 21:06                     69,632  Fsreghive.pdb



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.



MORE INFORMATION
This fix makes a change that adds the option to store the encryption keys in the system registry so that the persistent registry implementation will retain the encryption keys. To activate storage of encryption keys in the registry instead of as a file in the Windows folder, you must include the following registry value in the OS:

If you do not set this key, or if you set this key to 0, the encryption keys are stored in a file as before.

Important
 * On some operating systems, if you have the CryptProtectData keys in the registry, an unauthorized user may gain access to them more easily.
 * If the operating system uses the OS SetPassword/CheckPassword API, and protects the system keys by using this password, you cannot use the keys after you restore the registry because the OS device password is not persisted unless you use the hive-based registry.

Keywords: kbbug kbfix KB329102

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.