The steps necessary for this are shown in the following procedure.
To generate the key by generating all new values:
Call CryptGenKey passing either CALG_DH_SF (store and forward) or CALG_DH_EPHEM (ephemeral) in the Algid parameter. The key will be generated, using new, random values for G and P, a newly calculated value for X, and its handle will be returned in the phKey parameter.
The new key is now ready for use. Note that the values of G and P must be sent along with the key (or sent by some other method), when doing a key exchange.
To generate the key by using predefined values for G and P:
If all the function calls succeeded, the D-H public key is ready for use.
If CALG_DH_SF was specified in the previous procedures, the key values are persisted to storage with each call to CryptSetKeyParam. The G and P values can then be retrieved using CryptGetKeyParam. Some CSPs may have hard-coded G and P values. In this case a NTE_FIXEDPARAMETERS error will be returned if CryptSetKeyParam is called with KP_G or KP_P specified in the dwParam parameter. If CryptDestroyKey is called, the handle to the key is destroyed, but the key values are retained in the CSP. However, if CALG_DH_EPHEM was specified, the handle to the key is destroyed and all values are purged from the CSP.