Export (0) Print
Expand All

DrtCreateDerivedKey function

The DrtCreateDerivedKey function creates a key that can be utilized by DrtRegisterKey when the DRT is using a derived key security provider.

Syntax


HRESULT WINAPI DrtCreateDerivedKey(
  _In_   PCCERT_CONTEXT pRootCert,
  _In_   PCCERT_CONTEXT pLocalCert,
  _Out_  DRT_DATA *pKey
);

Parameters

pRootCert [in]

Pointer to the certificate that is the "root" portion of the chain. The local cert must be signed by a chain of certificates including the root cert. This root cert will be used to verify certificates presented by other members of the mesh.

pLocalCert [in]

Pointer to the certificate that is the "local" portion of the chain. The root of this chain must match the root specified by pRootCert in DrtCreateDerivedKeySecurityProvider. This certificate is used to generate a key that is used to register and prove "key ownership" with the DRT.

pKey [out]

Pointer to the created key.

Return value

This function returns S_OK on success. Other possible values include:

Return codeDescription
E_INVALIDARG
  • pLocalCert is NULL.
  • pKey is NULL.
  • The pb member in the DRT_DATA structure is NULL.
  • The cb member in the DRT_DATA structure is not equal to 32 bytes.
DRT_E_CAPABILITY_MISMATCH
  • The requested security algorithms are not available ( ie. BCRYPT_SHA256_ALGORITHM or BCRYPT_AES_ALGORITHM).
  • The BCryptOpenAlgorithmProvider operation failed.
  • The dwProvType parameter indicates that the certificate provider is not AES capable.

 

Requirements

Minimum supported client

Windows 7 Professional [desktop apps only]

Minimum supported server

Windows Server 2008 R2 [desktop apps only]

Header

Drt.h

Library

Drtprov.lib

DLL

Drt.dll

See also

DrtRegisterKey
DrtCreateDerivedKeySecurityProvider
DrtDeleteDerivedKeySecurityProvider

 

 

Community Additions

ADD
Show:
© 2014 Microsoft