Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.
A version of this page is also available for
4/8/2010

This function makes an exact copy of a key and the state the key is in. Some keys have an associated state, for example, an initialization vector and/or a salt value.

Syntax

BOOL WINAPI CryptDuplicateHash( 
  HCRYPTKEY 
hKey,
  DWORD* 
pdwReserved, 
  DWORD 
dwFlags, 
  HCRYPTKEY* 
phKey
);

Parameters

hKey

[in] HCRYPTKEYhandle to the key to be duplicated.

pdwReserved

[in] Reserved for future use and must be set to NULL.

dwFlags

[in] Reserved for future use and must be set to zero.

phKey

[out] Pointer to the HCRYPTKEYhandle to the duplicated key.

Return Value

TRUE indicates success. FALSE indicates failure. To get extended error information, call the GetLastErrorfunction.

The following table describes the common values for the GetLastErrorfunction. The error values prefaced by NTE are generated by the particular cryptographic service provider (CSP) you are using.

Value Description

ERROR_CALL_NOT_IMPLEMENTED

Because this is a new function, existing CSPs may not implement it. This error is returned if the CSP does not support this function.

ERROR_INVALID_PARAMETER

One of the parameters contains an invalid value. This is most often an illegal pointer.

NTE_BAD_KEY

The handle to the original key is not valid.

Remarks

This function makes copies of keys and the exact state of the key. For example, a caller may want to encrypt two separate messages with the same key, but with different salt values. The key could be generated, a duplicate would be made with the CryptDuplicateKeyfunction, and then the appropriate salt value would be set on each key with the CryptSetKeyParamfunction.

The CryptDestroyKeyfunction must be called to destroy any keys that are created with the CryptDuplicateKeyfunction. Destroying the original key does not cause the duplicate key to be destroyed. Once a duplicate key is made, it is separate from the original key. There is no shared state between the two keys.

Example Code

Copy Code
HCRYPTPROV hProv = 0;
HCRYPTKEY hOriginalKey = 0;
HCRYPTKEY hDuplicateKey = 0;
DWORD dwErr;
// Generate a key.
if (!CryptGenKey(hProv, CALG_RC4, 0, &hOriginalKey))
 {printf("ERROR - CryptGenKey: %X\n", GetLastError());
 return;}
// Duplicate the key.
if (!CryptDuplicateKey(hOriginalKey, NULL, 0, &hDuplicateKey))
 {printf("ERROR - CryptDuplicateKey: %X\n", GetLastError());
 return;}
...
// Destroy the original key.
if (!CryptDestroyKey(hOriginalKey))
 {printf("ERROR - CryptDestroyKey: %X\n", GetLastError());
 return;}
// Destroy the duplicate key.
if (!CryptDestroyKey(hDuplicateKey))
 {printf("ERROR - CryptDestroyKey: %X\n", GetLastError());
 return;}

Requirements

Header wincrypt.h
Library coredll.lib
Windows Embedded CE Windows CE 2.10 and later
Windows Mobile Windows Mobile Version 5.0 and later

See Also