DrtCreateDerivedKeySecurityProvider function (drt.h)

The DrtCreateDerivedKeySecurityProvider function creates the derived key security provider for a Distributed Routing Table.

Syntax

HRESULT DrtCreateDerivedKeySecurityProvider(
  [in]  PCCERT_CONTEXT        pRootCert,
  [out] PCCERT_CONTEXT        pLocalCert,
        DRT_SECURITY_PROVIDER **ppSecurityProvider
);

Parameters

[in] pRootCert

Pointer to the certificate that is the "root" portion of the chain. This is used to ensure that keys derived from the same chain can be verified.

[out] pLocalCert

Pointer to the DRT_SECURITY_PROVIDER module to be included in the DRT_SETTINGS structure.

ppSecurityProvider

Receives a pointer to the created security provider.

Return value

This function returns S_OK on success. Other possible values include:

Return code Description
E_INVALIDARG
pRootCert is NULL.
E_OUTOFMEMORY
The system could not allocate memory for the security provider.
DRT_E_CAPABILITY_MISMATCH
  • The requested security algorithms are not available ( ie. BCRYPT_SHA256_ALGORITHM or BCRYPT_AES_ALGORITHM).
  • The BCryptOpenAlgorithmProvider operation failed.
  • The dwProvType parameter indicates that the certificate provider is not AES capable.
DRT_E_INVALID_CERT_CHAIN
No certificate store attached or there is an error in the certificate chain.

Remarks

The security provider created by this function is specific to the DRT it was created for. It cannot be shared by multiple DRT instances.

Requirements

   
Minimum supported client Windows 7 Professional [desktop apps only]
Minimum supported server Windows Server 2008 R2 [desktop apps only]
Target Platform Windows
Header drt.h
Library Drtprov.lib
DLL Drt.dll

See also

DRT_REGISTRATION

DRT_SETTINGS

DrtCreateDerivedKey

DrtDeleteDerivedKeySecurityProvider