SslImportMasterKey function
The SslImportMasterKey function performs a server-side Secure Sockets Layer protocol (SSL) key exchange operation.
Syntax
SECURITY_STATUS WINAPI SslImportMasterKey(
_In_ NCRYPT_PROV_HANDLE hSslProvider,
_In_ NCRYPT_KEY_HANDLE hPrivateKey,
_Out_ NCRYPT_KEY_HANDLE *phMasterKey,
_In_ DWORD dwProtocol,
_In_ DWORD dwCipherSuite,
_In_ PNCryptBufferDesc pParameterList,
_In_ PBYTE pbEncryptedKey,
_In_ DWORD cbEncryptedKey,
_In_ DWORD dwFlags
);
Parameters
-
hSslProvider [in]
-
The handle to the SSL protocol provider instance.
-
hPrivateKey [in]
-
The handle to the private key used in the exchange.
-
phMasterKey [out]
-
A pointer to the handle to receive the master key.
-
dwProtocol [in]
-
One of the CNG SSL Provider Protocol Identifier values.
-
dwCipherSuite [in]
-
One of the CNG SSL Provider Cipher Suite Identifiers values.
-
pParameterList [in]
-
A pointer to an array of NCryptBuffer buffers that contain information used as part of the key exchange operation. The precise set of buffers is dependent on the protocol and cipher suite that is used. At the minimum, the list will contain buffers that contain the client and server supplied random values.
-
pbEncryptedKey [in]
-
A pointer to a buffer that contains the encrypted premaster secret key encrypted with the public key of the server.
-
cbEncryptedKey [in]
-
The size, in bytes, of the pbEncryptedKey buffer.
-
dwFlags [in]
-
Set this parameter to NCRYPT_SSL_SERVER_FLAG to indicate that this is a server call.
Return value
If the function succeeds, it returns zero.
If the function fails, it returns a nonzero error value.
Possible return codes include, but are not limited to, the following.
| Return code/value | Description |
|---|---|
|
Not enough memory is available to allocate necessary buffers. |
|
One of the provided handles is not valid. |
|
The phMasterKey parameter is NULL. |
Remarks
This function decrypts the premaster secret, computes the SSL master secret, and returns a handle to this object to the caller. This master key can then be used to derive the SSL session key and finish the SSL handshake.
Note
This function is used when the RSA key exchange algorithm is being used. When DH is used, then the server code calls SslGenerateMasterKey instead.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client |
Windows Vista [desktop apps only] |
| Minimum supported server |
Windows Server 2008 [desktop apps only] |
| Header |
|
| DLL |
|
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for