CryptDestroyKey function (wincrypt.h)

Important  This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
The CryptDestroyKey function releases the handle referenced by the hKey parameter. After a key handle has been released, it is no longer valid and cannot be used again.

If the handle refers to a session key, or to a public key that has been imported into the cryptographic service provider (CSP) through CryptImportKey, this function destroys the key and frees the memory that the key used. Many CSPs overwrite the memory where the key was held before freeing it. However, the underlying public/private key pair is not destroyed by this function. Only the handle is destroyed.


BOOL CryptDestroyKey(
  [in] HCRYPTKEY hKey


[in] hKey

The handle of the key to be destroyed.

Return value

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. For extended error information, call GetLastError.

The error codes prefaced by "NTE" are generated by the particular CSP being used. Some possible error codes are listed in the following table.

Return code Description
The key object specified by hKey is currently being used and cannot be destroyed.
The hKey parameter specifies a handle that is not valid.
The hKey parameter contains a value that is not valid.
The hKey parameter does not contain a valid handle to a key.
The CSP context that was specified when the key was created cannot be found.


Keys take up both operating system's memory space and the CSP's memory space. Some CSPs are implemented in hardware with limited memory resources. Applications must destroy all keys with the CryptDestroyKey function when they are finished with them.

All key handles that have been created or imported by using a specific CSP must be destroyed before that CSP handle is released with the CryptReleaseContext function.


For an example that uses the CryptDestroyKey function, see Example C Program: Creating and Hashing a Session Key.


Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Advapi32.lib
DLL Advapi32.dll

See also





Key Generation and Exchange Functions