No Salt Value

Both Providers can now use the CRYPT_NO_SALT flag, where a user can specify that no salt value gets allocated for a 40-bit symmetric key. The functions that accept this flag are CryptGenKey, CryptDeriveKey, and CryptImportKey. The default for these functions for the 40-bit symmetric key case provides backward compatibility by continuing the use of the 11-byte-long zero-value salt.

The example below shows the importation of a key without a salt value:

// Example showing key importation without a salt value.
//  [...] Assume an acquired context.

    // Import a key without salt.
    if (!CryptImportKey(
                hDefProv,    
                pbKey,    
                cbKey,    
                NULL,
                CRYPT_NO_SALT,    
                &hKey))
        goto Ret;

    // [...] Use key.

//  [...] Assume a destroyed key.
//  [...] Assume a released context.