CryptEnumKeyIdentifierProperties function

Important  This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.

The CryptEnumKeyIdentifierProperties function enumerates key identifiers and their properties. This function is not called in a loop. Rather, it loops internally until the last key identifier property is enumerated or the callback function returns FALSE. If dwPropId is zero or if the properties of the key identifier match the dwPropId, the callback function is called.


BOOL WINAPI CryptEnumKeyIdentifierProperties(
  _In_opt_ const CRYPT_HASH_BLOB           *pKeyIdentifier,
  _In_           DWORD                     dwPropId,
  _In_           DWORD                     dwFlags,
  _In_opt_       LPCWSTR                   pwszComputerName,
  _In_           void                      *pvReserved,
  _In_opt_       void                      *pvArg,
  _In_           PFN_CRYPT_ENUM_KEYID_PROP pfnEnum


pKeyIdentifier [in, optional]

A pointer to a CRYPT_HASH_BLOB structure that contains the key identifier.

If pKeyIdentifier is NULL, the function enumerates all key identifiers.

If pKeyIdentifier is not NULL, the callback function pfnEnum is only called for the specified key identifier.

dwPropId [in]

Indicates the property identifier to be listed.

If dwPropId is set to zero, this function calls the callback function with all the properties.

If dwPropId is not zero and pKeyIdentifier is NULL, the callback function is called only for those key identifiers that have the specified property (sets the cProp parameter of pfnEnum to one). All key identifiers that do not have the property are skipped.

Any certificate property identifier can be used.

dwFlags [in]

By default, the list of key identifiers for the CurrentUser is searched. If CRYPT_KEYID_MACHINE_FLAG is set, the list of key identifiers of the LocalMachine (if pwszComputerName is NULL) or of a remote computer (if pwszComputerName is not NULL) is searched. For more information, see pwszComputerName.

pwszComputerName [in, optional]

A pointer to the name of a remote computer to be searched. If CRYPT_KEYID_MACHINE_FLAG is set in dwFlags, the remote computer is searched for a list of key identifiers. If the local computer is to be searched and not a remote computer, pwszComputerName is set to NULL.

pvReserved [in]

Reserved for future use and must be NULL.

pvArg [in, optional]

A pointer to data to be passed to the callback function. The type is a void that allows the application to declare, define, and initialize a structure or argument to hold any information.

pfnEnum [in]

A pointer to an application-defined callback function that is executed for each key identifier entry that matches the input parameters. For details about the callback functions parameters, see CRYPT_ENUM_KEYID_PROP.

Return value

The CryptEnumKeyIdentifierProperties function repeatedly calls the CRYPT_ENUM_KEYID_PROP callback function until the last key identifier is enumerated or the callback function returns FALSE.

If the main function succeeds, the function returns nonzero (TRUE).

If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.

To continue enumeration, the function returns TRUE.

To stop enumeration, the function returns FALSE and sets the last error code.


A key identifier can have the same properties as a certificate context.


For an example that uses this function, see Example C Program: Working with Key Identifiers.


Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]







See also

Base Cryptography Functions