Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Many of the functions in this SDK require that you identify a key by using an HCRYPTKEY handle. If your key is contained in a byte array, you can create a handle by using the CryptImportKey function as shown in the following example.
This example demonstrates the following tasks and CryptoAPI functions:
- Acquiring a handle to a cryptographic service provider by calling CryptAcquireContext.
- Importing a plaintext key into the CSP key container by calling CryptImportKey.
- Exporting a key from the key container by calling CyptExportKey.
- Printing the exported key to the console to verify that the plaintext key was indeed imported into the container.
- Releasing the memory reserved for the plaintext key.
- Releasing the CSP by calling CryptReleaseContext.
#include <stdio.h>
#include <tchar.h>
#include <windows.h>
#include <wincrypt.h>
#pragma comment(lib, "crypt32.lib")
// DesKeyBlob: A plaintext key BLOB stored in a byte array. The
// byte array must have the following format:
// BLOBHEADER hdr;
// DWORD dwKeySize;
// BYTE rgbKeyData [];
BYTE DesKeyBlob[] = {
0x08,0x02,0x00,0x00,0x01,0x66,0x00,0x00, // BLOB header
0x08,0x00,0x00,0x00, // key length, in bytes
0xf1,0x0e,0x25,0x7c,0x6b,0xce,0x0d,0x34 // DES key with parity
};
int _tmain()
{
//--------------------------------------------------------------------
// Declare variables.
//
// hProv: Cryptographic service provider (CSP). This example
// uses the Microsoft Enhanced Cryptographic
// Provider.
// hKey: Key to be used. In this example, you import the
// key as a PLAINTEXTKEYBLOB.
// dwBlobLen: Length of the plaintext key.
// pbKeyBlob: Pointer to the exported key.
HCRYPTPROV hProv = NULL;
HCRYPTKEY hKey = NULL;
DWORD dwBlobLen;
BYTE* pbKeyBlob;
//--------------------------------------------------------------------
// Acquire a handle to the CSP.
if(!CryptAcquireContext(
&hProv,
NULL,
MS_ENHANCED_PROV,
PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT))
{
// If the key container cannot be opened, try creating a new
// container by specifying a container name and setting the
// CRYPT_NEWKEYSET flag.
if(NTE_BAD_KEYSET == GetLastError())
{
if(!CryptAcquireContext(
&hProv,
L"mytestcontainer",
MS_ENHANCED_PROV,
PROV_RSA_FULL,
CRYPT_NEWKEYSET | CRYPT_VERIFYCONTEXT))
{
printf("Error in AcquireContext 0x%08x \n",
GetLastError());
return 1;
}
}
else
{
printf(" Error in AcquireContext 0x%08x \n",GetLastError());
return 1;
}
}
// Use the CryptImportKey function to import the PLAINTEXTKEYBLOB
// BYTE array into the key container. The function returns a
// pointer to an HCRYPTKEY variable that contains the handle of
// the imported key.
if (!CryptImportKey(
hProv,
DesKeyBlob,
sizeof(DesKeyBlob),
0,
CRYPT_EXPORTABLE,
&hKey ) )
{
printf("Error 0x%08x in importing the Des key \n",
GetLastError());
}
// For the purpose of this example, you can export the key and
// print it to verify that the plain text key created above is
// the key that was imported into the CSP.
// Call CryptExportKey once to determine the length of the key.
// Allocate memory for the BLOB, and call CryptExportKey again
// to retrieve the key from the CSP key container.
if(!CryptExportKey(
hKey,
NULL,
PLAINTEXTKEYBLOB,
0,
NULL,
&dwBlobLen))
{
printf("Error 0x%08x computing BLOB length.\n",
GetLastError());
return 1;
}
if(pbKeyBlob = (BYTE*)malloc(dwBlobLen))
{
printf("Memory has been allocated for the BLOB. \n");
}
else
{
printf("Out of memory. \n");
return 1;
}
if(!CryptExportKey(
hKey,
NULL,
PLAINTEXTKEYBLOB,
0,
pbKeyBlob,
&dwBlobLen))
{
printf("Error 0x%08x exporting key.\n", GetLastError());
return 1;
}
DWORD count = 0;
printf("Printing Key BLOB for verification \n");
for(count=0; count < dwBlobLen;)
{
printf("%02x",pbKeyBlob[count]);
count ++;
}
// Free resources.
if(pbKeyBlob)
{
free(pbKeyBlob);
}
if(hProv)
{
CryptReleaseContext(hProv, 0);
}
return 0;
}