CryptFindCertificateKeyProvInfo

[This is preliminary documentation and subject to change.]

The CryptFindCertificateKeyProvInfo function enumerates the cryptographic providers and their containers to find the private key corresponding to the certificate's public key.

#include <wincrypt.h>
BOOL WINAPI CryptFindCertificateKeyProvInfo(
  PCCERT_CONTEXT pCert,        // in
  DWORD dwFlags,               // in
  void *pvReserved             // in
);

Parameters

pCert
Specifies the certificate to use when exporting public key information.
dwFlags
The flag values.
Flag name Value Description
CRYPT_FIND_USER_

KEYSET_FLAG

 0x1 Restricts the search to the user container.
CRYPT_FIND_MACHINE_

KEYSET_FLAG

0x2 Restricts the search to the machine container.

If no flag value is specified, both the user and the machine containers are searched.

pvReserved
This parameter is reserved for future use and must be NULL.

Note  This function enumerates the cryptographic provider and its containers to find the private key corresponding to the certificate's public key. For a match, the function updates the certificate's CERT_KEY_PROV_INFO_PROP_ID property. If the CERT_KEY_PROV_INFO_PROP_ID is already set, then it is checked to see if it matches the provider's public key. For a match, the function skips the previously mentioned enumeration.

Return Values

TRUE if the function finds a private key corresponding to the certificate's public key within a searched container, FALSE if the function fails to find a container or a private key within a container.

Call GetLastError to see the reason for any failures.

Error code Description
NTE_NO_KEY No container found.

Example

// EXAMPLE CODE FOR USING CryptFindCertificateKeyProvInfo().
// Assume that a pointer (pCert) to a certificate has
// already been defined.
// Set up the variables.
PCCERT_CONTEXT pCert;    // Pointer to certificate
DWORD dwFlags;           // Flags value
DWORD *pvReserved;       // Pointer - reserved, set to NULL
BOOL fResult;            // Return TRUE if a private key
                         //   corresponds to a public key
                         //   FALSE if not found

// Function call to CryptFindCertificateKeyProvInfo.
fResult= CryptFindCertificateKeyProvInfo(
       pCert,            // in - A pointer to a certificate
                         //    defined elsewhere
       CRYPT_FIND_MACHINE_KEYSET_FLAG,
                         // in - search only machine key
                         //   containers
       NULL);            // in - Reserved paramater, set to
                         //   NULL

cout<< "CryptFindCertificateKeyProvInfo;"<< endl
    << "fResult = "<< fResult<< endl<< endl;
if (fResult) {           // TRUE- a corresponding set of
                         //   keys found
  cout<< "private key corresponding to the"<< endl
      << "certificate's public key has been located "
      << endl<< endl;
}
else {                   // FALSE- no corresponding set of keys found
  cout<< "no private key corresponding to the"<< endl
      << "certificate's public key has been located "<< endl
      << "error = "<< GetLastError()<< endl;
                         // LastError should be set to
                         //   NTE_NO_KEY
}

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
  Windows: Unsupported.
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.