[chrome_elf] NTRegistry - added wow64 redirection support.

chrome_elf/nt_registry/nt_registry_unittest.cc

+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome_elf/nt_registry/nt_registry.h"
+
+#include <windows.h>
+#include <rpc.h>
+#include <stddef.h>
+
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace {
+
+//------------------------------------------------------------------------------
+// WOW64 redirection tests
+//
+// - Only HKCU will be tested on the auto (try) bots.
+//   HKLM will be kept separate (and manual) for local testing only.
+//
+// NOTE: Currently no real WOW64 context testing, as building x86 projects
+//       during x64 builds is not currently supported for performance reasons.
+// https://cs.chromium.org/chromium/src/build/toolchain/win/BUILD.gn?sq%3Dpackage:chromium&l=314
+//------------------------------------------------------------------------------
+
+// Utility function for the WOW64 redirection test suites.
+// Note: Testing redirection through ADVAPI32 here as well, to get notice if
+//       expected behaviour changes!
+// If |redirected_path| == nullptr, no redirection is expected in any case.
+void DoRedirectTest(nt::ROOT_KEY nt_root_key,
+                    const wchar_t* path,
+                    const wchar_t* redirected_path OPTIONAL) {
+  HANDLE handle = INVALID_HANDLE_VALUE;
+  HKEY key_handle = nullptr;
+  constexpr ACCESS_MASK kAccess = KEY_WRITE | DELETE;
+  const HKEY root_key =
+      (nt_root_key == nt::HKCU) ? HKEY_CURRENT_USER : HKEY_LOCAL_MACHINE;
+
+  // Make sure clean before starting.
+  nt::DeleteRegKey(nt_root_key, nt::NONE, path);
+  if (redirected_path)
+    nt::DeleteRegKey(nt_root_key, nt::NONE, redirected_path);
+
+  //----------------------------------------------------------------------------
+  // No redirection through ADVAPI32 on straight x86 or x64.
+  ASSERT_EQ(ERROR_SUCCESS,
+            RegCreateKeyExW(root_key, path, 0, nullptr, REG_OPTION_NON_VOLATILE,
+                            kAccess, nullptr, &key_handle, nullptr));
+  ASSERT_EQ(ERROR_SUCCESS, RegCloseKey(key_handle));
+  ASSERT_TRUE(nt::OpenRegKey(nt_root_key, path, kAccess, &handle, nullptr));
+  ASSERT_TRUE(nt::DeleteRegKey(handle));
+  nt::CloseRegKey(handle);
+
+#ifdef _WIN64
+  //----------------------------------------------------------------------------
+  // Try forcing WOW64 redirection on x64 through ADVAPI32.
+  ASSERT_EQ(ERROR_SUCCESS,
+            RegCreateKeyExW(root_key, path, 0, nullptr, REG_OPTION_NON_VOLATILE,
+                            kAccess | KEY_WOW64_32KEY, nullptr, &key_handle,
+                            nullptr));
+  ASSERT_EQ(ERROR_SUCCESS, RegCloseKey(key_handle));
+  // Check path:
+  if (nt::OpenRegKey(nt_root_key, path, kAccess, &handle, nullptr)) {
+    if (redirected_path)
+      ADD_FAILURE();
+    ASSERT_TRUE(nt::DeleteRegKey(handle));
+    nt::CloseRegKey(handle);
+  } else if (!redirected_path) {
+    // Should have succeeded.
+    ADD_FAILURE();
+  }
+  if (redirected_path) {
+    // Check redirected path:
+    if (nt::OpenRegKey(nt_root_key, redirected_path, kAccess, &handle,
+                       nullptr)) {
+      if (!redirected_path)
+        ADD_FAILURE();
+      ASSERT_TRUE(nt::DeleteRegKey(handle));
+      nt::CloseRegKey(handle);
+    } else {
+      // Should have succeeded.
+      ADD_FAILURE();
+    }
+  }
+
+  //----------------------------------------------------------------------------
+  // Try forcing WOW64 redirection on x64 through NTDLL.
+  ASSERT_TRUE(
+      nt::CreateRegKey(nt_root_key, path, kAccess | KEY_WOW64_32KEY, nullptr));
+  // Check path:
+  if (nt::OpenRegKey(nt_root_key, path, kAccess, &handle, nullptr)) {
+    if (redirected_path)
+      ADD_FAILURE();
+    ASSERT_TRUE(nt::DeleteRegKey(handle));
+    nt::CloseRegKey(handle);
+  } else if (!redirected_path) {
+    // Should have succeeded.
+    ADD_FAILURE();
+  }
+  if (redirected_path) {
+    // Check redirected path:
+    if (nt::OpenRegKey(nt_root_key, redirected_path, kAccess, &handle,
+                       nullptr)) {
+      if (!redirected_path)
+        ADD_FAILURE();
+      ASSERT_TRUE(nt::DeleteRegKey(handle));
+      nt::CloseRegKey(handle);
+    } else {
+      // Should have succeeded.
+      ADD_FAILURE();
+    }
+  }
+#endif  // _WIN64
+}
+
+// These test reg paths match |kClassesSubtree| in nt_registry.cc.
+constexpr const wchar_t* kClassesRedirects[] = {
+    L"SOFTWARE\\Classes\\CLSID\\chrome_testing",
+    L"SOFTWARE\\Classes\\WOW6432Node\\CLSID\\chrome_testing",
+    L"SOFTWARE\\Classes\\DirectShow\\chrome_testing",
+    L"SOFTWARE\\Classes\\WOW6432Node\\DirectShow\\chrome_testing",
+    L"SOFTWARE\\Classes\\Interface\\chrome_testing",
+    L"SOFTWARE\\Classes\\WOW6432Node\\Interface\\chrome_testing",
+    L"SOFTWARE\\Classes\\Media Type\\chrome_testing",
+    L"SOFTWARE\\Classes\\WOW6432Node\\Media Type\\chrome_testing",
+    L"SOFTWARE\\Classes\\MediaFoundation\\chrome_testing",
+    L"SOFTWARE\\Classes\\WOW6432Node\\MediaFoundation\\chrome_testing"};
+
+static_assert((_countof(kClassesRedirects) & 0x01) == 0,
+              "Must have an even number of kClassesRedirects.");
+
+// This test does NOT use NtRegistryTest class.  It requires Windows WOW64
+// redirection to take place, which would not happen with a testing redirection
+// layer.
+TEST(NtRegistryTestRedirection, Wow64RedirectionHKCU) {
+  // Using two elements for each loop.
+  for (size_t index = 0; index < _countof(kClassesRedirects); index += 2) {
+    DoRedirectTest(nt::HKCU, kClassesRedirects[index],
+                   kClassesRedirects[index + 1]);
+  }
+}
+
+// These test reg paths match |kHklmSoftwareSubtree| in nt_registry.cc.
+constexpr const wchar_t* kHKLMNoRedirects[] = {
+    L"SOFTWARE\\Classes\\chrome_testing", L"SOFTWARE\\Clients\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\COM3\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Cryptography\\Calais\\Current\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Cryptography\\Calais\\Readers\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Cryptography\\Services\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\CTF\\SystemShared\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\CTF\\TIP\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\DFS\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Driver Signing\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\EnterpriseCertificates\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\EventSystem\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\MSMQ\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Non-Driver Signing\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Notepad\\DefaultFonts\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\OLE\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\RAS\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\RPC\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\SOFTWARE\\Microsoft\\Shared "
+    L"Tools\\MSInfo\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\SystemCertificates\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\TermServLicensing\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Transaction Server\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\App "
+    L"Paths\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Control "
+    L"Panel\\Cursors\\Schemes\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\AutoplayHandlers"
+    L"\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\DriveIcons"
+    L"\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\KindMap"
+    L"\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Group "
+    L"Policy\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\PreviewHandlers"
+    L"\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Telephony\\Locations"
+    L"\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows "
+    L"NT\\CurrentVersion\\Console\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows "
+    L"NT\\CurrentVersion\\FontDpi\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows "
+    L"NT\\CurrentVersion\\FontLink\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows "
+    L"NT\\CurrentVersion\\FontMapper\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Fonts\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows "
+    L"NT\\CurrentVersion\\FontSubstitutes\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows "
+    L"NT\\CurrentVersion\\Gre_initialize\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution "
+    L"Options\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows "
+    L"NT\\CurrentVersion\\LanguagePack\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\NetworkCards"
+    L"\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows "
+    L"NT\\CurrentVersion\\Perflib\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Ports\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Print\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList"
+    L"\\chrome_testing",
+    L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Time "
+    L"Zones\\chrome_testing",
+    L"SOFTWARE\\Policies\\chrome_testing",
+    L"SOFTWARE\\RegisteredApplications\\chrome_testing"};
+
+// Run from administrator command prompt!
+// Note: Disabled for automated testing (HKLM protection).  Local testing
+// only.
+//
+// This test does NOT use NtRegistryTest class.  It requires Windows WOW64
+// redirection to take place, which would not happen with a testing redirection
+// layer.
+TEST(NtRegistryTestRedirection, DISABLED_Wow64RedirectionHKLM) {
+  // 1) SOFTWARE is redirected.
+  DoRedirectTest(nt::HKLM, L"SOFTWARE\\chrome_testing",
+                 L"SOFTWARE\\WOW6432Node\\chrome_testing");
+
+  // 2) Except some subkeys are not.
+  for (size_t index = 0; index < _countof(kHKLMNoRedirects); ++index) {
+    DoRedirectTest(nt::HKLM, kHKLMNoRedirects[index], nullptr);
+  }
+
+  // 3) But then some Classes subkeys are redirected.
+  // Using two elements for each loop.
+  for (size_t index = 0; index < _countof(kClassesRedirects); index += 2) {
+    DoRedirectTest(nt::HKLM, kClassesRedirects[index],
+                   kClassesRedirects[index + 1]);
+  }
+
+  // 4) And just make sure other Classes subkeys are shared.
+  DoRedirectTest(nt::HKLM, L"SOFTWARE\\Classes\\chrome_testing", nullptr);
+}
+
+//------------------------------------------------------------------------------
+// NtRegistryTest class
+//
+// Only use this class for tests that need testing registry redirection.
+//------------------------------------------------------------------------------
+
+constexpr wchar_t kTempTestKeys[] = L"SOFTWARE\\Chromium\\NtRegistryTestKeys\\";
+
+class NtRegistryTest : public testing::Test {
+ protected:
+  static void SetUpTestCase() { NtRegDeleteStaleTestKeys(); }
+
+  NtRegistryTest() {
+    NtRegTestingRedirect(nt::HKCU);
+    NtRegTestingRedirect(nt::HKLM);
+  }
+
+  ~NtRegistryTest() override {
+    CancelNtRegTestingRedirect(nt::HKCU);
+    CancelNtRegTestingRedirect(nt::HKLM);
+  }
+
+ private:
+  static void NtRegDeleteStaleTestKeys() {
+    HKEY key = nullptr;
+
+    // Only open the key if it already exists.
+    if (RegOpenKeyExW(HKEY_CURRENT_USER, kTempTestKeys, 0, KEY_ALL_ACCESS,
+                      &key) != ERROR_SUCCESS)
+      return;
+
+    std::vector<std::wstring> to_delete;
+    DWORD index = 0;
+    DWORD name_size = 0;
+    wchar_t key_name[nt::g_kRegMaxPathLen + 1] = {};
+    FILETIME last_write_time = {};
+    LONG status = ERROR_GEN_FAILURE;
+    // Get the current system time.
+    FILETIME current = {};
+    GetSystemTimeAsFileTime(&current);
+    ULONGLONG current_ticks =
+        (static_cast<ULONGLONG>(current.dwHighDateTime) << 32) +
+        current.dwLowDateTime;
+
+    // Collect the names of all subkeys that have not been modified in at least
+    // 12 hours.  Delete them after enumeration is done.
+    do {
+      // RegEnumKeyExW wants the size of the buffer in chars, including null.
+      name_size = _countof(key_name);
+      status = RegEnumKeyExW(key, index, key_name, &name_size, nullptr, nullptr,
+                             nullptr, &last_write_time);
+      if (status == ERROR_SUCCESS) {
+        ULONGLONG key_ticks =
+            (static_cast<ULONGLONG>(last_write_time.dwHighDateTime) << 32) +
+            last_write_time.dwLowDateTime;
+        ULONGLONG diffInSecs = ((current_ticks - key_ticks) / 10000) / 1000;
+        if (diffInSecs > (60 * 60 * 12))
+          to_delete.emplace_back(key_name);

[grt (UTC plus 2), 2016/09/30 09:32:17]

(key_name, name_size)? this avoids an extra strlen

+      }
+      ++index;
+    } while (status != ERROR_NO_MORE_ITEMS);
+
+    // Best effort.  If any tree deletion fails, just keep going.
+    for (const auto& subkey_name : to_delete)
+      RegDeleteTreeW(key, subkey_name.c_str());
+
+    RegCloseKey(key);
+  }
+
+  void NtRegTestingRedirect(nt::ROOT_KEY key) {
+    ASSERT_TRUE(key != nt::AUTO);

[grt (UTC plus 2), 2016/09/30 09:32:17]

ASSERT_NE

+
+    UUID uuid = {};
+    RPC_STATUS status = UuidCreateSequential(&uuid);
+    if (status != RPC_S_OK && status != RPC_S_UUID_NO_ADDRESS)
+      return;
+    RPC_WSTR guid = nullptr;
+    if (UuidToStringW(&uuid, &guid) != RPC_S_OK)
+      return;
+
+    std::wstring temp_path = kTempTestKeys;
+    temp_path.append(reinterpret_cast<wchar_t*>(guid));
+    RpcStringFreeW(&guid);
+
+    if (key == nt::HKCU) {
+      ASSERT_TRUE(nt::SetTestingOverride(key, temp_path));
+      override_key_hkcu_ = temp_path;
+    } else if (key == nt::HKLM) {
+      ASSERT_TRUE(nt::SetTestingOverride(key, temp_path));
+      override_key_hklm_ = temp_path;
+    }
+  }
+
+  void CancelNtRegTestingRedirect(nt::ROOT_KEY key) {
+    ASSERT_TRUE(key != nt::AUTO);

[grt (UTC plus 2), 2016/09/30 09:32:17]

ASSERT_NE

+
+    std::wstring temp_path = L"";
+    nt::GetTestingOverride(nt::HKCU, &temp_path);
+
+    if (key == nt::HKCU) {
+      ASSERT_TRUE(nt::SetTestingOverride(key, temp_path));
+      RegDeleteTreeW(HKEY_CURRENT_USER, override_key_hkcu_.c_str());
+      override_key_hkcu_.clear();
+    } else if (key == nt::HKLM) {
+      ASSERT_TRUE(nt::SetTestingOverride(key, temp_path));
+      RegDeleteTreeW(HKEY_CURRENT_USER, override_key_hklm_.c_str());
+      override_key_hklm_.clear();
+    }
+  }
+
+  std::wstring override_key_hkcu_;
+  std::wstring override_key_hklm_;
+};
+
+//------------------------------------------------------------------------------
+// NT registry API tests
+//------------------------------------------------------------------------------
+
+TEST_F(NtRegistryTest, API_DWORD) {
+  HANDLE key_handle;
+  const wchar_t* dword_val_name = L"DwordTestValue";
+  DWORD dword_val = 1234;
+
+  // Create a subkey to play under.
+  ASSERT_TRUE(nt::CreateRegKey(nt::HKCU, L"NTRegistry\\dword", KEY_ALL_ACCESS,
+                               &key_handle));
+  ASSERT_NE(key_handle, INVALID_HANDLE_VALUE);
+  ASSERT_NE(key_handle, nullptr);
+
+  DWORD get_dword = 0;
+  EXPECT_FALSE(nt::QueryRegValueDWORD(key_handle, dword_val_name, &get_dword));
+
+  // Set
+  EXPECT_TRUE(nt::SetRegValueDWORD(key_handle, dword_val_name, dword_val));
+
+  // Get
+  EXPECT_TRUE(nt::QueryRegValueDWORD(key_handle, dword_val_name, &get_dword));
+  EXPECT_TRUE(get_dword == dword_val);
+
+  // Clean up
+  EXPECT_TRUE(nt::DeleteRegKey(key_handle));
+  nt::CloseRegKey(key_handle);
+}
+
+TEST_F(NtRegistryTest, API_SZ) {
+  HANDLE key_handle;
+  const wchar_t* sz_val_name = L"SzTestValue";
+  std::wstring sz_val = L"blah de blah de blahhhhh.";
+  const wchar_t* sz_val_name2 = L"SzTestValueEmpty";
+  std::wstring sz_val2 = L"";
+
+  // Create a subkey to play under.
+  ASSERT_TRUE(nt::CreateRegKey(nt::HKCU, L"NTRegistry\\sz", KEY_ALL_ACCESS,
+                               &key_handle));
+  ASSERT_NE(key_handle, INVALID_HANDLE_VALUE);
+  ASSERT_NE(key_handle, nullptr);
+
+  std::wstring get_sz;
+  EXPECT_FALSE(nt::QueryRegValueSZ(key_handle, sz_val_name, &get_sz));
+
+  // Set
+  EXPECT_TRUE(nt::SetRegValueSZ(key_handle, sz_val_name, sz_val));
+  EXPECT_TRUE(nt::SetRegValueSZ(key_handle, sz_val_name2, sz_val2));
+
+  // Get
+  EXPECT_TRUE(nt::QueryRegValueSZ(key_handle, sz_val_name, &get_sz));
+  EXPECT_TRUE(get_sz.compare(sz_val) == 0);
+  EXPECT_TRUE(nt::QueryRegValueSZ(key_handle, sz_val_name2, &get_sz));
+  EXPECT_TRUE(get_sz.compare(sz_val2) == 0);
+
+  // Clean up
+  EXPECT_TRUE(nt::DeleteRegKey(key_handle));
+  nt::CloseRegKey(key_handle);
+}
+
+TEST_F(NtRegistryTest, API_MULTISZ) {
+  HANDLE key_handle;
+  const wchar_t* multisz_val_name = L"SzmultiTestValue";
+  std::vector<std::wstring> multisz_val;
+  std::wstring multi1 = L"one";
+  std::wstring multi2 = L"two";
+  std::wstring multi3 = L"three";
+  const wchar_t* multisz_val_name2 = L"SzmultiTestValueBad";
+  std::wstring multi_empty = L"";
+
+  // Create a subkey to play under.
+  ASSERT_TRUE(nt::CreateRegKey(nt::HKCU, L"NTRegistry\\multisz", KEY_ALL_ACCESS,
+                               &key_handle));
+  ASSERT_NE(key_handle, INVALID_HANDLE_VALUE);
+  ASSERT_NE(key_handle, nullptr);
+
+  multisz_val.push_back(multi1);
+  multisz_val.push_back(multi2);
+  multisz_val.push_back(multi3);
+  // Set
+  EXPECT_TRUE(
+      nt::SetRegValueMULTISZ(key_handle, multisz_val_name, multisz_val));
+  multisz_val.clear();
+  multisz_val.push_back(multi_empty);
+  // Set
+  EXPECT_TRUE(
+      nt::SetRegValueMULTISZ(key_handle, multisz_val_name2, multisz_val));
+  multisz_val.clear();
+
+  // Get
+  EXPECT_TRUE(
+      nt::QueryRegValueMULTISZ(key_handle, multisz_val_name, &multisz_val));
+  if (multisz_val.size() == 3) {
+    EXPECT_TRUE(multi1.compare(multisz_val.at(0)) == 0);
+    EXPECT_TRUE(multi2.compare(multisz_val.at(1)) == 0);
+    EXPECT_TRUE(multi3.compare(multisz_val.at(2)) == 0);
+  } else {
+    EXPECT_TRUE(false);
+  }
+  multisz_val.clear();
+
+  // Get
+  EXPECT_TRUE(
+      nt::QueryRegValueMULTISZ(key_handle, multisz_val_name2, &multisz_val));
+  if (multisz_val.size() == 1) {
+    EXPECT_TRUE(multi_empty.compare(multisz_val.at(0)) == 0);
+  } else {
+    EXPECT_TRUE(false);
+  }
+  multisz_val.clear();
+
+  // Clean up
+  EXPECT_TRUE(nt::DeleteRegKey(key_handle));
+  nt::CloseRegKey(key_handle);
+}
+
+TEST_F(NtRegistryTest, CreateRegKeyRecursion) {
+  HANDLE key_handle;
+  const wchar_t* sz_new_key_1 = L"test1\\new\\subkey";
+  const wchar_t* sz_new_key_2 = L"test2\\new\\subkey\\blah\\";
+  const wchar_t* sz_new_key_3 = L"\\test3\\new\\subkey\\\\blah2";
+
+  // Tests for CreateRegKey recursion.
+  ASSERT_TRUE(
+      nt::CreateRegKey(nt::HKCU, sz_new_key_1, KEY_ALL_ACCESS, nullptr));
+  EXPECT_TRUE(nt::OpenRegKey(nt::HKCU, sz_new_key_1, KEY_ALL_ACCESS,
+                             &key_handle, nullptr));
+  EXPECT_TRUE(nt::DeleteRegKey(key_handle));
+  nt::CloseRegKey(key_handle);
+
+  ASSERT_TRUE(
+      nt::CreateRegKey(nt::HKCU, sz_new_key_2, KEY_ALL_ACCESS, nullptr));
+  EXPECT_TRUE(nt::OpenRegKey(nt::HKCU, sz_new_key_2, KEY_ALL_ACCESS,
+                             &key_handle, nullptr));
+  EXPECT_TRUE(nt::DeleteRegKey(key_handle));
+  nt::CloseRegKey(key_handle);
+
+  ASSERT_TRUE(
+      nt::CreateRegKey(nt::HKCU, sz_new_key_3, KEY_ALL_ACCESS, nullptr));
+  EXPECT_TRUE(nt::OpenRegKey(nt::HKCU, L"test3\\new\\subkey\\blah2",
+                             KEY_ALL_ACCESS, &key_handle, nullptr));
+  EXPECT_TRUE(nt::DeleteRegKey(key_handle));
+  nt::CloseRegKey(key_handle);
+
+  // Subkey path can be null.
+  ASSERT_TRUE(nt::CreateRegKey(nt::HKCU, nullptr, KEY_ALL_ACCESS, &key_handle));
+  ASSERT_NE(key_handle, INVALID_HANDLE_VALUE);
+  ASSERT_NE(key_handle, nullptr);
+  nt::CloseRegKey(key_handle);
+}
+
+}  // namespace