CryptExportPublicKeyInfo function (wincrypt.h)

The CryptExportPublicKeyInfo function exports the public key information associated with the corresponding private key of the provider. For an updated version of this function, see CryptExportPublicKeyInfoEx.


BOOL CryptExportPublicKeyInfo(
  [in]      HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProvOrNCryptKey,
  [in]      DWORD                           dwKeySpec,
  [in]      DWORD                           dwCertEncodingType,
  [out]     PCERT_PUBLIC_KEY_INFO           pInfo,
  [in, out] DWORD                           *pcbInfo


[in] hCryptProvOrNCryptKey

Handle of the cryptographic service provider (CSP) to use when exporting the public key information. This handle must be an HCRYPTPROV handle that has been created by using the CryptAcquireContext function or an NCRYPT_KEY_HANDLE handle that has been created by using the NCryptOpenKey function. New applications should always pass in the NCRYPT_KEY_HANDLE handle of a CNG CSP.

[in] dwKeySpec

Identifies the private key to use from the container of the provider. It can be AT_KEYEXCHANGE or AT_SIGNATURE. This parameter is ignored if an NCRYPT_KEY_HANDLE is used in the hCryptProvOrNCryptKey parameter.

[in] dwCertEncodingType

Specifies the encoding type used. It is always acceptable to specify both the certificate and message encoding types by combining them with a bitwise-OR operation as shown in the following example:


Currently defined encoding types are:


[out] pInfo

A pointer to a CERT_PUBLIC_KEY_INFO structure to receive the public key information to be exported.

To set the size of this information for memory allocation purposes, this parameter can be NULL. For more information, see Retrieving Data of Unknown Length.

[in, out] pcbInfo

A pointer to a DWORD that contains the size, in bytes, of the buffer pointed to by the pInfo parameter. When the function returns, the DWORD contains the number of bytes needed for the return buffer.

Note  When processing the data returned in the buffer, applications need to use the actual size of the data returned. The actual size can be slightly smaller than the size of the buffer specified on input. (On input, buffer sizes are usually specified large enough to ensure that the largest possible output data will fit in the buffer.) On output, the variable pointed to by this parameter is updated to reflect the actual size of the data copied to the buffer.

Return value

If the function succeeds, the function returns nonzero (TRUE).

If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.

Note  Errors from the called functions CryptGetUserKey and CryptExportKey might be propagated to this function.
This function has the following error codes.
Return code Description
If the buffer specified by the pInfo parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code, and stores the required buffer size, in bytes, into the variable pointed to by pcbInfo.
Invalid certificate encoding type. Currently only X509_ASN_ENCODING is supported.

If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information about these errors, see ASN.1 Encoding/Decoding Return Values.


Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Crypt32.lib
DLL Crypt32.dll

See also


Data Management Functions