CryptGetUserKey function

The CryptGetUserKey function retrieves a handle of one of a user's two public/private key pairs. This function is used only by the owner of the public/private key pairs and only when the handle of a cryptographic service provider (CSP) and its associated key container is available. If the CSP handle is not available and the user's certificate is, use CryptAcquireCertificatePrivateKey.

Syntax

C++
Copy 

BOOL WINAPI CryptGetUserKey(
  _In_  HCRYPTPROV hProv,
  _In_  DWORD      dwKeySpec,
  _Out_ HCRYPTKEY  *phUserKey
);

Parameters

hProv [in]

HCRYPTPROV handle of a cryptographic service provider (CSP) created by a call to CryptAcquireContext.

dwKeySpec [in]

Identifies the private key to use from the key container. It can be AT_KEYEXCHANGE or AT_SIGNATURE.

Additionally, some providers allow access to other user-specific keys through this function. For details, see the documentation on the specific provider.

phUserKey [out]

A pointer to the HCRYPTKEY handle of the retrieved keys. When you have finished using the key, delete the handle by calling the CryptDestroyKey function.

Return value

If the function succeeds, the return value is nonzero (TRUE).

If the function fails, the return value is zero (FALSE). For extended error information, call GetLastError.

The error codes prefaced by "NTE" are generated by the particular CSP being used. Some possible error codes follow.

Return codeDescription
ERROR_INVALID_HANDLE

One of the parameters specifies a handle that is not valid.

ERROR_INVALID_PARAMETER

One of the parameters contains a value that is not valid. This is most often a pointer that is not valid.

NTE_BAD_KEY

The dwKeySpec parameter contains a value that is not valid.

NTE_BAD_UID

The hProv parameter does not contain a valid context handle.

NTE_NO_KEY

The key requested by the dwKeySpec parameter does not exist.

 

Examples

For examples that use this function, see Example C Program: Signing a Hash and Verifying the Hash Signature and Example C Program: Exporting a Session Key.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header
Wincrypt.h

Library
Advapi32.lib

DLL
Advapi32.dll

See also

Key Generation and Exchange Functions
CryptAcquireContext
CryptDestroyKey
CryptGenKey

 

 

Show: