This function releases the handle referenced by the hKey parameter. Once a key handle has been released, it becomes invalid and cannot be used again.
If the handle refers to a session key, or to a public key that has been imported into the cryptographic service provider (CSP) through CryptImportKey, the CryptDestroyKey function destroys the key and frees the memory that the key occupied. Many CSPs scrub the memory where the key was held before freeing it.
On the other hand, if the handle refers to a public/private key pair obtained from CryptGetUserKey, the underlying key pair is not destroyed by the CryptDestroyKey function. Only the handle is destroyed.
At a Glance
| Header file: | Wincrypt.h |
| Windows CE versions: | 2.10 and later |
Syntax
BOOL CRYPTFUNC CryptDestroyKey( HCRYPTKEY hKey );
Parameters
hKey
[in] Handle to the key to be destroyed.
Return Values
TRUE indicates success. FALSE indicates failure. To get extended error information, call GetLastError. Common values for GetLastError are described in the following table. The error values prefaced by "NTE" are generated by the particular CSP you are using.
| Value | Description |
| ERROR_INVALID_HANDLE | The hKey parameter specifies an invalid handle. |
| ERROR_INVALID_PARAMETER | The hKey parameter contains an invalid value. |
| NTE_BAD_KEY | The hKey parameter does not contain a valid handle to a key. |
| NTE_BAD_UID | The CSP context that was specified when the key was created cannot be found. |
Remarks
Keys take up memory in both the operating system's memory space and the CSP's memory space. Some CSPs will be implemented in hardware with very limited memory resources. For this reason, it is important that applications destroy all keys with the CryptDestroyKey function when they are finished with them.
Example
See CryptHashSessionKey.
See Also
CryptDeriveKey, CryptGenKey, CryptGetUserKey, CryptImportKey