SslGenerateMasterKey function

The SslGenerateMasterKey function computes the Secure Sockets Layer protocol (SSL) master secret key.

Syntax


SECURITY_STATUS WINAPI SslGenerateMasterKey(
  _In_   NCRYPT_PROV_HANDLE hSslProvider,
  _In_   NCRYPT_KEY_HANDLE hPrivateKey,
  _In_   NCRYPT_KEY_HANDLE hPublicKey,
  _Out_  NCRYPT_KEY_HANDLE *phMasterKey,
  _In_   DWORD dwProtocol,
  _In_   DWORD dwCipherSuite,
  _In_   PNCryptBufferDesc pParameterList,
  _Out_  PBYTE pbOutput,
  _In_   DWORD cbOutput,
  _Out_  DWORD *pcbResult,
  _In_   DWORD dwFlags
);

Parameters

hSslProvider [in]

The handle to the SSL protocol provider instance.

hPrivateKey [in]

The handle to the private key used in the exchange.

hPublicKey [in]

The handle to the public key used in the exchange.

phMasterKey [out]

A pointer to the handle to the generated master key.

dwProtocol [in]

One of the CNG SSL Provider Protocol Identifier values.

dwCipherSuite [in]

One of the CNG SSL Provider Cipher Suite Identifier values.

pParameterList [in]

A pointer to an array of NCryptBuffer buffers that contain information used as part of the key exchange operation. The precise set of buffers is dependent on the protocol and cipher suite that is used. At the minimum, the list will contain buffers that contain the client and server supplied random values.

pbOutput [out]

The address of a buffer that receives the premaster secret encrypted with the public key of the server. The cbOutput parameter contains the size of this buffer. If this parameter is NULL, this function returns the required size, in bytes, in the DWORD pointed to by the pcbResult parameter.

Note  This buffer is used when performing a RSA key exchange.

cbOutput [in]

The size, in bytes, of the pbOutput buffer.

pcbResult [out]

A pointer to a DWORD value in which to place number of bytes written to the pbOutput buffer.

dwFlags [in]

Specifies whether this function is being used for client-side or server-side key exchange.

ValueMeaning
NCRYPT_SSL_CLIENT_FLAG
0x00000001

Specifies a client-side key exchange.

NCRYPT_SSL_SERVER_FLAG
0x00000002

Specifies a server-side key exchange.

 

Return value

If the function succeeds, it returns zero.

If the function fails, it returns a nonzero error value.

Possible return codes include, but are not limited to, the following.

Return code/valueDescription
NTE_NO_MEMORY
0x8009000EL

Not enough memory is available to allocate necessary buffers.

NTE_INVALID_HANDLE
0x80090026L

One of the provided handles is not valid.

NTE_INVALID_PARAMETER
0x80090027L

The phMasterKey or hPublicKey parameter is not valid.

 

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

Sslprovider.h

DLL

Ncrypt.dll

 

 

Community Additions

ADD
Show:
© 2014 Microsoft