MSDN Library


Windows CE 3.0

This function is used to make an exact copy of a key and the state the key is in. Some keys have an associated state, for example, an initialization vector and/or a salt value.

BOOL WINAPI CryptDuplicateHash ( 
DWORD *pdwReserved, 
DWORD dwFlags, 


[in] Handle to the key to be duplicated.
[in] Reserved for future use; set to NULL.
[in] Specifies a bitmask of flags. This parameter is reserved for future use and should always be zero.
[out] Pointer to the handle to the duplicated key.

Return Values

TRUE indicates success. FALSE indicates failure. To get extended error information, call GetLastError. Common values for GetLastError are described in the following table. The error values prefaced by "NTE" are generated by the particular CSP you are using.

Value Description
ERROR_CALL_NOT_IMPLEMENTED Since this is a new function, existing CSPs may not implement it. This error is returned if the CSP does not support this function.
ERROR_INVALID_PARAMETER One of the parameters contains an invalid value. This is most often an illegal pointer.
NTE_BAD_KEY The handle to the original key is not valid.


CryptDuplicateKey is used to make copies of keys and the exact state of the key. An example of how this function might be used is that a caller may want to encrypt two separate messages with the same key, but with different salt values. The key could be generated, a duplicate would be made with the CryptDuplicateKey function, and then the appropriate salt value would be set on each key with the CryptSetKeyParam function.

CryptDestroyKey must be called to destroy any keys that are created with CryptDuplicateKey. Destroying the original key does not cause the duplicate key to be destroyed. Once a duplicate key is made, it is separate from the original key. There is no shared state between the two keys.


HCRYPTKEY hOriginalKey = 0;
HCRYPTKEY hDuplicateKey = 0;
DWORD dwErr;

// Generate a key.
if (!CryptGenKey(hProv, CALG_RC4, 0, &hOriginalKey))
 {printf("ERROR - CryptGenKey: %X\n", GetLastError());

// Duplicate the key.
if (!CryptDuplicateKey(hOriginalKey, NULL, 0, &hDuplicateKey))
 {printf("ERROR - CryptDuplicateKey: %X\n", GetLastError());


// Destroy the original key.
if (!CryptDestroyKey(hOriginalKey))
 {printf("ERROR - CryptDestroyKey: %X\n", GetLastError());

// Destroy the duplicate key.
if (!CryptDestroyKey(hDuplicateKey))
 {printf("ERROR - CryptDestroyKey: %X\n", GetLastError());


Runs On Versions Defined in Include Link to
Windows CE OS 2.10 and later Wincrypt.h   Cryptapi.lib
Note   This API is part of the complete Windows CE OS package as provided by Microsoft. The functionality of a particular platform is determined by the original equipment manufacturer (OEM) and some devices may not support this API.

See Also


 Last updated on Tuesday, July 13, 2004

© 1992-2000 Microsoft Corporation. All rights reserved.

© 2016 Microsoft