To query the Registry, a STREAMS stack can use the following functions:
·StrmOpenRegKey
·StrmGetRegValue
StrmOpenRegKey
The function StrmOpenRegKey uses a registry key name to open the registry key.
NTSTATUS
StrmOpenRegKey(
OUT PHANDLE HandlePtr,
IN PUCHAR Keyname
);
Parameters
HandlePtr
Points to a calling routine location into which StrmOpenRegKey writes a handle for the registry key.
Keyname
Points to the name of the key to be opened.
StrmGetRegValue
The function StrmGetRegValue uses a registry key handle and item name to obtain a keyed value from the Registry.
NTSTATUS
StrmGetRegValue(
IN HANDLE KeyHandle,
IN PUCHAR ValueName,
OUT PUCHAR ValueData,
OUT ULONG ValueLength,
OUT PULONG ValueType
);
Parameters
KeyHandle
Specifies the registry key handle returned from a previous call to StrmOpenRegKey.
ValueName
Points to the name of the registry key value to be retrieved.
ValueData
Points to a calling routine character array into which StrmGetRegValue writes the retrieved value.
ValueLength
Indicates the length in bytes of the retrieved value.
ValueType
Points to a calling routine location into which StrmGetRegValue writes the type of the retrieved value. The type can be any valid registry type, such as: REG_SZ, REG_MULTI_SZ, REG_DWORD, REG_EXPAND_S2.