Example C Program: Importing a Plaintext Key
Many of the functions in this SDK require that you identify a key by using an HCRYPTKEY handle. If your key is contained in a byte array, you can create a handle by using the CryptImportKey function as shown in the following example.
This example demonstrates the following tasks and CryptoAPI functions:
- Acquiring a handle to a cryptographic service provider by calling CryptAcquireContext.
- Importing a plaintext key into the CSP key container by calling CryptImportKey.
- Exporting a key from the key container by calling CyptExportKey.
- Printing the exported key to the console to verify that the plaintext key was indeed imported into the container.
- Releasing the memory reserved for the plaintext key.
- Releasing the CSP by calling CryptReleaseContext.
#include <stdio.h>
#include <tchar.h>
#include <windows.h>
#include <wincrypt.h>
#pragma comment(lib, "crypt32.lib")
// DesKeyBlob: A plaintext key BLOB stored in a byte array. The
// byte array must have the following format:
// BLOBHEADER hdr;
// DWORD dwKeySize;
// BYTE rgbKeyData [];
BYTE DesKeyBlob[] = {
0x08,0x02,0x00,0x00,0x01,0x66,0x00,0x00, // BLOB header
0x08,0x00,0x00,0x00, // key length, in bytes
0xf1,0x0e,0x25,0x7c,0x6b,0xce,0x0d,0x34 // DES key with parity
};
int _tmain()
{
//--------------------------------------------------------------------
// Declare variables.
//
// hProv: Cryptographic service provider (CSP). This example
// uses the Microsoft Enhanced Cryptographic
// Provider.
// hKey: Key to be used. In this example, you import the
// key as a PLAINTEXTKEYBLOB.
// dwBlobLen: Length of the plaintext key.
// pbKeyBlob: Pointer to the exported key.
HCRYPTPROV hProv = NULL;
HCRYPTKEY hKey = NULL;
DWORD dwBlobLen;
BYTE* pbKeyBlob;
//--------------------------------------------------------------------
// Acquire a handle to the CSP.
if(!CryptAcquireContext(
&hProv,
NULL,
MS_ENHANCED_PROV,
PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT))
{
// If the key container cannot be opened, try creating a new
// container by specifying a container name and setting the
// CRYPT_NEWKEYSET flag.
if(NTE_BAD_KEYSET == GetLastError())
{
if(!CryptAcquireContext(
&hProv,
L"mytestcontainer",
MS_ENHANCED_PROV,
PROV_RSA_FULL,
CRYPT_NEWKEYSET | CRYPT_VERIFYCONTEXT))
{
printf("Error in AcquireContext 0x%08x \n",
GetLastError());
return 1;
}
}
else
{
printf(" Error in AcquireContext 0x%08x \n",GetLastError());
return 1;
}
}
// Use the CryptImportKey function to import the PLAINTEXTKEYBLOB
// BYTE array into the key container. The function returns a
// pointer to an HCRYPTKEY variable that contains the handle of
// the imported key.
if (!CryptImportKey(
hProv,
DesKeyBlob,
sizeof(DesKeyBlob),
0,
CRYPT_EXPORTABLE,
&hKey ) )
{
printf("Error 0x%08x in importing the Des key \n",
GetLastError());
}
// For the purpose of this example, you can export the key and
// print it to verify that the plain text key created above is
// the key that was imported into the CSP.
// Call CryptExportKey once to determine the length of the key.
// Allocate memory for the BLOB, and call CryptExportKey again
// to retrieve the key from the CSP key container.
if(!CryptExportKey(
hKey,
NULL,
PLAINTEXTKEYBLOB,
0,
NULL,
&dwBlobLen))
{
printf("Error 0x%08x computing BLOB length.\n",
GetLastError());
return 1;
}
if(pbKeyBlob = (BYTE*)malloc(dwBlobLen))
{
printf("Memory has been allocated for the BLOB. \n");
}
else
{
printf("Out of memory. \n");
return 1;
}
if(!CryptExportKey(
hKey,
NULL,
PLAINTEXTKEYBLOB,
0,
pbKeyBlob,
&dwBlobLen))
{
printf("Error 0x%08x exporting key.\n", GetLastError());
return 1;
}
DWORD count = 0;
printf("Printing Key BLOB for verification \n");
for(count=0; count < dwBlobLen;)
{
printf("%02x",pbKeyBlob[count]);
count ++;
}
// Free resources.
if(pbKeyBlob)
{
free(pbKeyBlob);
}
if(hProv)
{
CryptReleaseContext(hProv, 0);
}
return 0;
}