CryptGetUserKey

[New - Windows NT]

[New - Windows 95, OEM Service Release 2]

The CryptGetUserKey function retrieves a handle to a permanent user key pair, such as the user's signature key pair.

BOOL CRYPTFUNC CryptGetUserKey(

HCRYPTPROV hProv,  
DWORD dwKeySpec,  
HCRYPTKEY *phUserKey  
);  

Parameters

hProv

[in] A handle to the application's CSP. An application obtains this handle using the CryptAcquireContext function.

dwKeySpec

[in] The specification of the key to retrieve. The following keys are retrievable from almost all providers:

·AT_KEYEXCHANGE ¾ Exchange public key

·AT_SIGNATURE ¾ Signature public key

Additionally, some providers allow access to other user specific keys through this function. See the documentation on the specific provider for details.

phUserKey

[out] The address that the function copies the handle of the retrieved key to.

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To retrieve extended error information, use the GetLastError function.

The following table lists the error codes most commonly returned by the GetLastError function. The error codes prefaced by "NTE" are generated by the particular CSP you are using.

Error Description
ERROR_INVALID_HANDLE One of the parameters specifies an invalid handle.
ERROR_INVALID_PARAMETER One of the parameters contains an invalid value. This is most often an illegal pointer.
NTE_BAD_KEY The dwKeySpec parameter contains an invalid value.
NTE_BAD_UID The hProv parameter does not contain a valid context handle.
NTE_NO_KEY The key requested by the dwKeySpec parameter does not exist.

Example

#include <wincrypt.h>

HCRYPTPROV hProv = 0;

HCRYPTKEY hSignKey = 0;

HCRYPTKEY hXchgKey = 0;

// Get handle to user default provider.

if(!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0)) {

printf("Error %x during CryptAcquireContext!\n", GetLastError());

goto done;

}

// Get handle to signature key.

if(!CryptGetUserKey(hProv, AT_SIGNATURE, &hSignKey)) {

printf("Error %x during CryptGetUserKey!\n", GetLastError());

goto done;

}

// Get handle to key exchange key.

if(!CryptGetUserKey(hProv, AT_KEYEXCHANGE, &hXchgKey)) {

printf("Error %x during CryptGetUserKey!\n", GetLastError());

goto done;

}

// Do something with 'hSignKey' and 'hXchgKey'.

...

done:

// Destroy signature key handle.

if(hSignKey != 0) CryptDestroyKey(hSignKey);

// Destroy key exchange key handle.

if(hXchgKey != 0) CryptDestroyKey(hXchgKey);

// Release provider handle.

if(hProv != 0) CryptReleaseContext(hProv, 0);

See Also

CryptAcquireContext, CryptDestroyKey, CryptGenKey