CPEncrypt

The CPEncrypt function is used to encrypt data. Optionally, the application can specify that a hash of the data is to be generated at the same time.

BOOL CPEncrypt(
  HCRYPTPROV hProv,  // in
  HCRYPTKEY hKey,    // in
  HCRYPTHASH hHash,  // in
  BOOL Final,        // in
  DWORD dwFlags,     // in
  BYTE *pbData,      // in, out
  DWORD *pdwDataLen, // in, out
  DWORD dwBufLen     // in
);

Parameters

hProv
Handle to a particular key container (or "context") within the CSP. This handle is obtained via a call to CPAcquireContext.
hKey
Handle to the session key that is to used for the encryption. This key specifies the encryption algorithm that is to be used.
hHash
Handle to a hash object. This parameter is used only if a hash of the data is to be computed at the same time the data is being encrypted.

If no hash is to be done, this parameter should be zero.

Final
Boolean value that specifies whether this is the last section in a series being encrypted. This will be TRUE if this is the last (or only) block, and FALSE otherwise.
dwFlags
Flag values. No flags are currently defined.
pbData
Buffer holding the data to be encrypted. Once the encryption has been performed, the ciphertext is to be placed back in this same buffer.
pdwDataLen
Address of the data length. Upon function entry, this specifies the number of bytes of plaintext in the pbData buffer. If a block cipher is used and dwFlags is FALSE, then this value must be a multiple of the cipher block length. In other words, the CPEncrypt function is not required to buffer any data internally.

Upon exit, this parameter should indicate the number of bytes of ciphertext that the function placed in the pbData buffer.

When a block cipher is used, the size of the ciphertext generated is sometimes larger than that of the plaintext. However, it must never be larger than dwBufLen.

dwBufLen
Size (in bytes) of the pbData buffer.

Return Values

If the function succeeds, TRUE should be returned; otherwise, return FALSE. When FALSE is returned, the appropriate error code (see the following table) must be set via SetLastError.

Error Description
NTE_BAD_ALGID The hKey session key specifies an algorithm that this CSP does not support.
NTE_BAD_DATA The data to be encrypted is invalid. For example, when a block cipher is used and the Final flag FALSE, the value specified by pdwDataLen must be a multiple of the block size.
NTE_BAD_FLAGS The dwFlags parameter is non-zero.
NTE_BAD_HASH The hHash parameter contains an invalid handle.
NTE_BAD_HASH_STATE An attempt was made to add data to a hash object that is already marked "finished."
NTE_BAD_KEY The hKey parameter does not contain a valid handle to a key.
NTE_BAD_LEN The size of the output buffer is too small to hold the generated ciphertext.
NTE_BAD_UID The CSP context that was specified when the key was created cannot now be found.
NTE_DOUBLE_ENCRYPT The application attempted to encrypt the same data twice.
NTE_FAIL The function failed in some unexpected way.
NTE_NO_MEMORY The CSP ran out of memory during the operation.

See Also

CPDecrypt, CPGenKey, CryptEncrypt