Welcome Sign in
Skip Navigation Links
Microsoft Developer Network
Click to Rate and Give Feedback
MSDN
MSDN Library
Security
Cryptography
 CryptDuplicateKey Function
CryptDuplicateKey Function

The CryptDuplicateKey function makes an exact copy of a key and the state of the key.

Syntax

BOOL WINAPI CryptDuplicateKey(
  __in   HCRYPTKEY hKey,
  __in   DWORD *pdwReserved,
  __in   DWORD dwFlags,
  __out  HCRYPTKEY *phKey
);

Parameters

hKey [in]

A handle to the key to be duplicated.

pdwReserved [in]

Reserved for future use and must be NULL.

dwFlags [in]

Reserved for future use and must be zero.

phKey [out]

Address of the handle to the duplicated key. When you have finished using the key, release the handle by calling the CryptDestroyKey function.

Return Value

If the function succeeds, the return value is nonzero (TRUE).

If the function fails, the return value is zero (FALSE). For extended error information, call GetLastError.

The error code prefaced by "NTE" is generated by the particular CSP being used. Some possible error codes are listed in the following table.

Return code Description

ERROR_CALL_NOT_IMPLEMENTED

Because this is a new function, existing CSPs might not implement it. This error is returned if the CSP does not support this function.

ERROR_INVALID_PARAMETER

One of the parameters contains a value that is not valid. This is most often a pointer that is not valid.

NTE_BAD_KEY

A handle to the original key is not valid.

Remarks

CryptDuplicateKey makes a copy of a key and the exact state of the key. One scenario when this function can be used is when an application needs to encrypt two separate messages with the same key but with different salt values. The original key is generated and then a duplicate key is made by using the CryptDuplicateKey function. The different salt values are then set on the original and duplicate keys with separate calls to the CryptSetKeyParam function.

CryptDestroyKey must be called to destroy any keys that are created by using CryptDuplicateKey. Destroying the original key does not cause the duplicate key to be destroyed. After a duplicate key is made, it is separate from the original key. There is no shared state between the two keys.

Example Code [C++]

The following example shows the creation of a session key that is a duplicate of an existing session key. For an example that includes the complete context for this example, see Example C Program: Duplicating a Session Key.

 //--------------------------------------------------------------------
// Declare and initialize variables.

HCRYPTKEY    hDuplicateKey;

// Duplicate the key. hOriginalKey is a previously 
// assigned HCRYPTKEY variable.

if (CryptDuplicateKey(
     hOriginalKey, 
     NULL, 
     0, 
     &hDuplicateKey))
{
   printf("The session key has been duplicated. \n");
}
else
{
   printf("Error using CryptDuplicateKey.\n");
   exit(1);
}

// Insert code that uses the duplicate key here.

// When you have finished using the key, the handle must be released.

if (CryptDestroyKey(hDuplicateKey))
{
  printf("The handle has been released.\n");
}
else
{
  printf("The handle could not be released.\n");
}

Requirements

Client Requires Windows Vista, Windows XP, or Windows 2000 Professional.
Server Requires Windows Server 2008, Windows Server 2003, or Windows 2000 Server.
Header

Declared in Wincrypt.h.
Library

Use Advapi32.lib.
DLL

Requires Advapi32.dll.

See Also

Key Generation and Exchange Functions
CryptDestroyKey
CryptSetKeyParam


Send comments about this topic to Microsoft

Build date: 7/24/2008

Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
Processing
© 2008 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
Page view tracker