SECURITY_STATUS WINAPI SslExportKey( _In_ NCRYPT_PROV_HANDLE hSslProvider, _In_ NCRYPT_KEY_HANDLE hKey, _In_ LPCWSTR pszBlobType, _Out_opt_ PBYTE pbOutput, _In_ DWORD cbOutput, _Out_ DWORD *pcbResult, _In_ DWORD dwFlags );
- hSslProvider [in]
The handle of the SSL protocol provider instance.
- hKey [in]
The handle of the key to export.
When you are not specifying a key, set this parameter to NULL.Note A hKey handle is obtained by calling the SslOpenPrivateKey function. Handles obtained from the NCryptOpenKey function are not supported.
- pszBlobType [in]
A null-terminated Unicode string that contains an identifier that specifies the type of BLOB to export. This can be one of the following values.
Export a symmetric key in a format that is specific to a single cryptographic service provider (CSP). Opaque BLOBs are not transferable and must be imported by using the same cryptographic service provider (CSP) that generated the BLOB.
Export an RSA public key. The pbOutput buffer receives a BCRYPT_RSAKEY_BLOB structure immediately followed by the key data.
- pbOutput [out, optional]
The address of a buffer that receives the key BLOB. The cbOutput parameter contains the size of this buffer. If this parameter is NULL, this function will place the required size, in bytes, in the DWORD pointed to by the pcbResult parameter.
- cbOutput [in]
The size, in bytes, of the pbOutput buffer.
- pcbResult [out]
The address of a DWORD variable that receives the number of bytes copied to the pbOutput buffer. If the pbOutput parameter is set to NULL when the function is called, the required size for the pbOutput buffer, in bytes, is returned in the DWORD pointed to by this parameter.
- dwFlags [in]
Reserved for future use.
If the function succeeds, it returns zero.
If the function fails, it returns a nonzero error value.
Possible return codes include, but are not limited to, the following.
One of the provided handles is not valid.
The SslExportKey function facilitates transporting session keys from one process to another as well as exporting the public portion an ephemeral key.
When exporting session keys, the BLOB type is opaque, meaning that the format of the BLOB is irrelevant as long as both the SslExportKey and SslImportKey functions can interpret it.
When exporting the public portion of an ephemeral key the BLOB type must be the appropriate type, such as NCRYPT_DH_PUBLIC_BLOB or NCRYPT_ECCPUBLIC_BLOB.
Minimum supported client
|Windows Vista [desktop apps only]|
Minimum supported server
|Windows Server 2008 [desktop apps only]|