CryptDestroyKey

This function releases the handle referenced by the hKey parameter. Once a key handle has been released, it becomes invalid and cannot be used again.

If the handle refers to a session key, or to a public key that has been imported into the cryptographic service provider (CSP) through CryptImportKey, the CryptDestroyKey function destroys the key and frees the memory that the key occupied. Many CSPs scrub the memory where the key was held before freeing it.

On the other hand, if the handle refers to a public/private key pair obtained from CryptGetUserKey, the underlying key pair is not destroyed by the CryptDestroyKey function. Only the handle is destroyed.

At a Glance

Header file: Wincrypt.h
Windows CE versions: 2.10 and later

Syntax

BOOL CRYPTFUNC CryptDestroyKey( HCRYPTKEY hKey );

Parameters

hKey

[in] Handle to the key to be destroyed.

Return Values

TRUE indicates success. FALSE indicates failure. To get extended error information, call GetLastError. Common values for GetLastError are described in the following table. The error values prefaced by "NTE" are generated by the particular CSP you are using.

Value Description
ERROR_INVALID_HANDLE The hKey parameter specifies an invalid handle.
ERROR_INVALID_PARAMETER The hKey parameter contains an invalid value.
NTE_BAD_KEY The hKey parameter does not contain a valid handle to a key.
NTE_BAD_UID The CSP context that was specified when the key was created cannot be found.

Remarks

Keys take up memory in both the operating system's memory space and the CSP's memory space. Some CSPs will be implemented in hardware with very limited memory resources. For this reason, it is important that applications destroy all keys with the CryptDestroyKey function when they are finished with them.

Example

See CryptHashSessionKey.

See Also

CryptDeriveKey, CryptGenKey, CryptGetUserKey, CryptImportKey