CryptCreateHash

The CryptCreateHash function is used to initiate the hashing of a stream of data. It returns to the caller a handle to a CSP hash object. This handle can also be used in subsequent calls to CryptHashData and CryptHashSessionKey in order to hash streams of data and session keys.

#include <wincrypt.h>
BOOL WINAPI CryptCreateHash(
  HCRYPTPROV hProv,    // in
  ALG_ID Algid,        // in
  HCRYPTKEY hKey,      // in
  DWORD dwFlags,       // in
  HCRYPTHASH *phHash   // out
);

Parameters

hProv
Handle to the CSP to use. An application obtains this handle by using the CryptAcquireContext function.
Algid
Algorithm identifier of the hash algorithm to use.

The valid values for this parameter will vary, depending on the CSP that is used. See the "Remarks" section for the list of default algorithms.

hKey
If the type of hash algorithm is a keyed hash, such as the HMAC or MAC algorithm, the key for the hash should be passed in this parameter. For nonkeyed algorithms, this parameter should be set to zero.

For keyed algorithms, the key must be to a block cipher, such as RC2, that has a cipher mode of CBC.

dwFlags
Flag values. This parameter is reserved for future use and should always be zero.
phHash
Address to which the function copies a handle to the new hash object.

Return Values

If the function succeeds, the return value is TRUE. If it fails, the return value is FALSE. To retrieve extended error information, use the GetLastError function.

The following table lists the error codes most commonly returned by the GetLastError function. The error codes prefaced by "NTE" are generated by the particular CSP you are using.

Error code Description
ERROR_INVALID_HANDLE One of the parameters specifies an invalid handle.
ERROR_INVALID_PARAMETER One of the parameters contains an invalid value. This is most often an illegal pointer.
ERROR_NOT_ENOUGH_MEMORY The operating system ran out of memory during the operation.
NTE_BAD_ALGID The Algid parameter specifies an algorithm that this CSP does not support.
NTE_BAD_FLAGS The dwFlags parameter is nonzero.
NTE_BAD_KEY A keyed hash algorithm (such as CALG_MAC) is specified by Algid and the hKey parameter is either zero or it specifies an invalid key handle. This error code will also be returned if the key is to a stream cipher, or if the cipher mode is anything other than CBC.
NTE_NO_MEMORY The CSP ran out of memory during the operation.

Remarks

The Microsoft Base Cryptographic Provider defines the following hashing algorithms.

Constant Description
CALG_HMAC HMAC, a keyed hash algorithm
CALG_MAC Message Authentication Code
CALG_MD2 MD2
CALG_MD5 MD5
CALG_SHA US DSA Secure Hash Algorithm
CALG_SHA1 Same as CALG_SHA
CALG_SSL3_SHAMD5 SSL3 client authentication

More information on hashing algorithms can be found under Hashing and Signature Algorithms and in the pages subsequent to it.

The computation of the actual hash is done with the CryptHashData and CryptHashSessionKey functions. These require a handle to the hash object. After all the data has been added to the hash object, any of the following operations can be performed:

After one of the functions from this list has been called, CryptHashData and CryptHashSessionKey may not be called.

Example

See CryptHashSessionKey

QuickInfo

  Windows NT: Requires version 4.0 or later.
  Windows: Requires Windows 95 OSR2 or later (or Windows 95 with IE 3.02 or later).
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use advapi32.lib.

See Also

CryptAcquireContext, CryptDeriveKey, CryptDestroyHash, CryptGetHashParam, CryptHashData, CryptHashSessionKey, CryptSetHashParam, CryptSignHash, CryptVerifySignature, Hashing and Signature Algorithms