CryptHashSessionKey

The CryptHashSessionKey function is used to compute the cryptographic hash on a key object. This function can be called multiple times with the same hash handle to compute the hash on multiple keys. Calls to CryptHashSessionKey can be interspersed with calls to CryptHashData.

Before calling this function the CryptCreateHash function must be called to get a handle to a hash object.

#include <wincrypt.h>
BOOL WINAPI CryptHashSessionKey(
  HCRYPTHASH hHash,  // in
  HCRYPTKEY hKey,    // in
  DWORD dwFlags      // in
);
 

Parameters

hHash
A handle to the hash object. An application obtains this handle by using the CryptCreateHash function.
hKey
A handle to the key object to be hashed.
dwFlags
The flag values. This parameter is reserved for future use and should always be zero.

Return Values

If the function succeeds, the return value is TRUE. If it fails, the return value is FALSE. To retrieve extended error information, use the GetLastError function.

The following table lists the error codes most commonly returned by the GetLastError function. The error codes prefaced by "NTE" are generated by the particular CSP you are using.

Error code Description
ERROR_INVALID_HANDLE One of the parameters specifies an invalid handle.
ERROR_INVALID_PARAMETER One of the parameters contains an invalid value. This is most often an illegal pointer.
NTE_BAD_ALGID The hHash handle specifies an algorithm that this CSP does not support.
NTE_BAD_FLAGS The dwFlags parameter is nonzero.
NTE_BAD_HASH The hash object specified by the hHash parameter is invalid.
NTE_BAD_HASH_STATE An attempt was made to add data to a hash object that is already marked "finished."
NTE_BAD_KEY A keyed hash algorithm is being used, but the session key is no longer valid. This error will be generated if the session key is destroyed before the hashing operation is complete.
NTE_BAD_UID The CSP context that was specified when the hash object was created cannot be found.
NTE_FAIL The function failed in some unexpected way.

Example

#include <wincrypt.h>

HCRYPTPROV hProv = 0;
HCRYPTHASH hHash = 0;
HCRYPTKEY hKey   = 0;

// Get a handle to the default provider.
if(!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0)) {
    printf("Error %x during CryptAcquireContext!\n", GetLastError());
    goto done;
}

// Create a hash object.
if(!CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) {
    printf("Error %x during CryptBeginHash!\n", GetLastError());
    goto done;
}

// Create a random session key.
if(!CryptGenKey(hProv, CALG_RC2, CRYPT_EXPORTABLE, &hKey)) {
    printf("Error %x during CryptGenKey!\n", GetLastError());
    goto done;
}

// Compute the cryptographic hash on the key object.
if(!CryptHashSessionKey(hHash, hKey, 0)) {
    printf("Error %x during CryptHashSessionKey!\n", GetLastError());
    goto done;
}

// Use the hash of the key object. For instance, additional 
// data could be hashed and sent in a message to several recipients. 
// The recipients will be able to verify who the message originator 
// is if the key used is also exported to them..
...

done:

// Destroy the hash object.
if(hHash) CryptDestroyHash(hHash);

// Destroy the session key.
if(hKey) CryptDestroyKey(hKey);

// Release the CSP handle.
if(hProv) CryptReleaseContext(hProv,0);
 

Another example is located in Sender Code Example.

QuickInfo

  Windows NT: Requires version 4.0 or later.
  Windows: Requires Windows 95 OSR2 or later (or Windows 95 with IE 3.02 or later).
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use advapi32.lib.

See Also

CryptCreateHash, CryptGenKey, CryptHashData