Welcome  |  Sign in
Skip Navigation Links
Microsoft Developer Network
Click to Rate and Give Feedback
MSDN
MSDN Library
Security
Cryptography
 CryptGetUserKey Function
CryptGetUserKey Function

The CryptGetUserKey function retrieves a handle of one of a user's two public/private key pairs. This function is used only by the owner of the public/private key pairs and only when the handle of a cryptographic service provider (CSP) and its associated key container is available. If the CSP handle is not available and the user's certificate is, use CryptAcquireCertificatePrivateKey.

Syntax

BOOL WINAPI CryptGetUserKey(
  __in   HCRYPTPROV hProv,
  __in   DWORD dwKeySpec,
  __out  HCRYPTKEY *phUserKey
);

Parameters

hProv [in]

HCRYPTPROV handle of a cryptographic service provider (CSP) created by a call to CryptAcquireContext.

dwKeySpec [in]

Identifies the private key to use from the key container. It can be AT_KEYEXCHANGE or AT_SIGNATURE.

Additionally, some providers allow access to other user-specific keys through this function. For details, see the documentation on the specific provider.

phUserKey [out]

A pointer to the HCRYPTKEY handle of the retrieved keys. When you have finished using the key, delete the handle by calling the CryptDestroyKey function.

Return Value

If the function succeeds, the return value is nonzero (TRUE).

If the function fails, the return value is zero (FALSE). For extended error information, call GetLastError.

The error codes prefaced by "NTE" are generated by the particular CSP being used. Some possible error codes follow.

Return code Description

ERROR_INVALID_HANDLE

One of the parameters specifies a handle that is not valid.

ERROR_INVALID_PARAMETER

One of the parameters contains a value that is not valid. This is most often a pointer that is not valid.

NTE_BAD_KEY

The dwKeySpec parameter contains a value that is not valid.

NTE_BAD_UID

The hProv parameter does not contain a valid context handle.

NTE_NO_KEY

The key requested by the dwKeySpec parameter does not exist.

Example Code

For examples that use this function, see Example C Program: Signing a Hash and Verifying the Hash Signature and Example C Program: Exporting a Session Key.

Requirements

Client Requires Windows Vista, Windows XP, or Windows 2000 Professional.
Server Requires Windows Server 2008, Windows Server 2003, or Windows 2000 Server.
Header

Declared in Wincrypt.h.
Library

Use Advapi32.lib.
DLL

Requires Advapi32.dll.

See Also

Key Generation and Exchange Functions
CryptAcquireContext
CryptDestroyKey
CryptGenKey


Send comments about this topic to Microsoft

Build date: 7/24/2008

Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
Processing
© 2008 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
Page view tracker