CryptGenKey The CryptGenKey function generates random cryptographic keys for use with the CSP module. A handle to the key is returned in phKey. This handle can then be used as needed with any of the other CryptoAPI functions requiring key handles.
VB4-32,5,6
Declare Function CryptGenKey Lib "advapi32.dll" (ByVal hProv As Long, ByVal Algid As Long, ByVal dwFlags As Long, phKey As Long) As Long |
VB.NET
System.Security.Cryptography.* |
Operating Systems Supported |
Windows NT 4.0 or later; Windows 95 OSR2 or later (or Windows 95 with Internet Explorer 3.02 or later) |
- hProv
[in] A handle to the application’s CSP. An application obtains this handle using the CryptAcquireContext function.
- Algid
[in] The identifier for the algorithm for which the key is to be generated.
The valid values for this parameter will vary, depending on the CSP that is used. See the “Remarks” section for a list of possible algorithm identifiers.
- dwFlags
[in] The flags specifying the type of key generated. This parameter can be zero, or you can specify one or more of the following flags, using the binary OR operator to combine them.
CRYPT_EXPORTABLE
If this flag is set, then the key can be transferred out of the CSP into a key blob using the CryptExportKey function. Because session keys generally must be exportable, this flag should usually be set when they are created.
If this flag is not set, then the key will not be exportable. For a session key, this means that the key will only be available within the current session and only the application that created it will be able to use it. For a public/private key pair, this means that the private key cannot be transported or backed up.
This flag only applies to session key and private key blobs. It does not apply to public keys, which are always exportable.
CRYPT_CREATE_SALT
If this flag is set, then the key will be assigned a random salt value automatically. You can retrieve this salt value using the CryptGetKeyParam function with the dwParam parameter set to KP_SALT.
If this flag is not set, then the key will be given a salt value of zero.
When keys with non-zero salt values are exported (through CryptExportKey), then the salt value must also be obtained and kept with the key blob.
CRYPT_USER_PROTECTED
If this flag is set, then the user will be notified through a dialog box or another method when certain actions are attempted using this key. The precise behavior is specified by the CSP being used.
The Microsoft RSA Base Provider ignores this flag.
- phKey
[out] The address that the function copies the handle of the newly generated key to.
Remarks:
The Microsoft Base Cryptographic Provider defines the following hashing algorithms.
CALG_HMAC HMAC: a keyed hash algorithm
CALG_MAC: Message Authentication Code
CALG_MD2: MD2
CALG_MD5: MD5
CALG_SHA: US DSA Secure Hash Algorithm
CALG_SHA1: Same as CALG_SHA
CALG_SSL3_SHAMD5: SSL3 client authentication |
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To retrieve extended error information, use the GetLastError function.
The following table lists the error codes most commonly returned by the GetLastError function. The error codes prefaced by “NTE” are generated by the particular CSP you are using.
ERROR_INVALID_HANDLE
One of the parameters specifies an invalid handle.
ERROR_INVALID_PARAMETER
One of the parameters contains an invalid value. This is most often an illegal pointer.
NTE_BAD_ALGID
The Algid parameter specifies an algorithm that this CSP does not support.
NTE_BAD_FLAGS
The dwFlags parameter contains an invalid value.
NTE_BAD_UID
The hProv parameter does not contain a valid context handle.
NTE_FAIL
The function failed in some unexpected way. |
|