Many of the functions in this SDK require that you identify a key by using an HCRYPTKEY handle. If your key is contained in a byte array, you can create a handle by using the CryptImportKey function as shown in the following example.
This example demonstrates the following tasks and CryptoAPI functions:
- Acquiring a handle to a cryptographic service provider by calling CryptAcquireContext.
- Importing a plaintext key into the CSP key container by calling CryptImportKey.
- Exporting a key from the key container by calling CyptExportKey.
- Printing the exported key to the console to verify that the plaintext key was indeed imported into the container.
- Releasing the memory reserved for the plaintext key.
- Releasing the CSP by calling CryptReleaseContext.
#include <stdio.h> #include <tchar.h> #include <windows.h> #include <wincrypt.h> #pragma comment(lib, "crypt32.lib") // DesKeyBlob: A plaintext key BLOB stored in a byte array. The // byte array must have the following format: // BLOBHEADER hdr; // DWORD dwKeySize; // BYTE rgbKeyData []; BYTE DesKeyBlob[] = { 0x08,0x02,0x00,0x00,0x01,0x66,0x00,0x00, // BLOB header 0x08,0x00,0x00,0x00, // key length, in bytes 0xf1,0x0e,0x25,0x7c,0x6b,0xce,0x0d,0x34 // DES key with parity }; int _tmain() { //-------------------------------------------------------------------- // Declare variables. // // hProv: Cryptographic service provider (CSP). This example // uses the Microsoft Enhanced Cryptographic // Provider. // hKey: Key to be used. In this example, you import the // key as a PLAINTEXTKEYBLOB. // dwBlobLen: Length of the plaintext key. // pbKeyBlob: Pointer to the exported key. HCRYPTPROV hProv = NULL; HCRYPTKEY hKey = NULL; DWORD dwBlobLen; BYTE* pbKeyBlob; //-------------------------------------------------------------------- // Acquire a handle to the CSP. if(!CryptAcquireContext( &hProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { // If the key container cannot be opened, try creating a new // container by specifying a container name and setting the // CRYPT_NEWKEYSET flag. if(NTE_BAD_KEYSET == GetLastError()) { if(!CryptAcquireContext( &hProv, L"mytestcontainer", MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET | CRYPT_VERIFYCONTEXT)) { printf("Error in AcquireContext 0x%08x \n", GetLastError()); return 1; } } else { printf(" Error in AcquireContext 0x%08x \n",GetLastError()); return 1; } } // Use the CryptImportKey function to import the PLAINTEXTKEYBLOB // BYTE array into the key container. The function returns a // pointer to an HCRYPTKEY variable that contains the handle of // the imported key. if (!CryptImportKey( hProv, DesKeyBlob, sizeof(DesKeyBlob), 0, CRYPT_EXPORTABLE, &hKey ) ) { printf("Error 0x%08x in importing the Des key \n", GetLastError()); } // For the purpose of this example, you can export the key and // print it to verify that the plain text key created above is // the key that was imported into the CSP. // Call CryptExportKey once to determine the length of the key. // Allocate memory for the BLOB, and call CryptExportKey again // to retrieve the key from the CSP key container. if(!CryptExportKey( hKey, NULL, PLAINTEXTKEYBLOB, 0, NULL, &dwBlobLen)) { printf("Error 0x%08x computing BLOB length.\n", GetLastError()); return 1; } if(pbKeyBlob = (BYTE*)malloc(dwBlobLen)) { printf("Memory has been allocated for the BLOB. \n"); } else { printf("Out of memory. \n"); return 1; } if(!CryptExportKey( hKey, NULL, PLAINTEXTKEYBLOB, 0, pbKeyBlob, &dwBlobLen)) { printf("Error 0x%08x exporting key.\n", GetLastError()); return 1; } DWORD count = 0; printf("Printing Key BLOB for verification \n"); for(count=0; count < dwBlobLen;) { printf("%02x",pbKeyBlob[count]); count ++; } // Free resources. if(pbKeyBlob) { free(pbKeyBlob); } if(hProv) { CryptReleaseContext(hProv, 0); } return 0; }
Send comments about this topic to Microsoft
Build date: 5/5/2012
