NtOpenKey - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
#ifndef _NTREGAPI_H
/**
* Opens an existing registry key.
*
* \param[out] KeyHandle A pointer to a handle that receives the key handle.
* \param[in] DesiredAccess The access mask that specifies the desired access rights.
* \param[in] ObjectAttributes A pointer to an OBJECT_ATTRIBUTES structure that specifies the object attributes.
* \return NTSTATUS Successful or errant status.
* \remarks NtOpenKey ignores the security information in the ObjectAttributes structure.
*/
NTSYSCALLAPI
NTSTATUS
NTAPI
NtOpenKey(
_Out_ PHANDLE KeyHandle,
_In_ ACCESS_MASK DesiredAccess,
_In_ POBJECT_ATTRIBUTES ObjectAttributes
);
View code on GitHub#ifndef _NTZWAPI_H
NTSYSCALLAPI
NTSTATUS
NTAPI
ZwOpenKey(
_Out_ PHANDLE KeyHandle,
_In_ ACCESS_MASK DesiredAccess,
_In_ POBJECT_ATTRIBUTES ObjectAttributes
);
View code on GitHub// wdm.h
NTSYSAPI NTSTATUS ZwOpenKey(
[out] PHANDLE KeyHandle,
[in] ACCESS_MASK DesiredAccess,
[in] POBJECT_ATTRIBUTES ObjectAttributes
);
View the official Windows Driver Kit DDI referenceNo description available.
The ZwOpenKey routine opens an existing registry key.
KeyHandle [out]Pointer to the HANDLE variable that receives the handle to the key.
DesiredAccess [in]Specifies an ACCESS_MASK value that determines the requested access to the object. For more information, see the DesiredAccess parameter of ZwCreateKey.
ObjectAttributes [in]Pointer to an OBJECT_ATTRIBUTES structure that specifies the object name and other attributes. Use InitializeObjectAttributes to initialize this structure. If the caller is not running in a system thread context, it must set the OBJ_KERNEL_HANDLE attribute when it calls InitializeObjectAttributes.
ZwOpenKey returns STATUS_SUCCESS if the given key was opened. Otherwise, it can return an error status, including the following:
STATUS_INVALID_HANDLE
STATUS_ACCESS_DENIED
ZwOpenKey supplies a handle that the caller can use to manipulate a registry key. The routine provides a subset of the functionality of ZwCreateKey. For more information, see Using the Registry in a Driver.
If the specified key does not exist, ZwOpenKey returns an error status and does not return a key handle.
Once the handle pointed to by KeyHandle is no longer in use, the driver must call ZwClose to close it.
ZwOpenKey ignores the security information in the structure that the ObjectAttributes parameter points to.
If the caller is not running in a system thread context, it must ensure that any handles it creates are private handles. Otherwise, the handle can be accessed by the process in whose context the driver is running. For more information, see Object Handles.
For more information about working with registry keys, see Using the Registry in a Driver.
If the call to this function occurs in user mode, you should use the name "NtOpenKey" instead of "ZwOpenKey".
This function is documented in Windows Driver Kit.
See ZwOpenKey in NT DDK or 2000 DDK for detailed description.