CryptCreateHash
This function is used to initiate the hashing of a stream of data. It returns to the caller a handle to a cryptographic service provider (CSP) hash object. This handle can also be used in subsequent calls to CryptHashData and CryptHashSessionKey in order to hash streams of data and session keys.
BOOL CRYPTFUNC CryptCreateHash (
HCRYPTPROV hProv,
ALG_ID Algid,
HCRYPTKEY hKey,
DWORD dwFlags,
HCRYPTHASH *phHash);
Parameters
hProv
[in] Handle to the CSP to use. An application obtains this handle by using the CryptAcquireContext function.Algid
[in] Identifier of the hash algorithm to use.The valid values for this parameter will vary, depending on the CSP that is used. See the Remarks section for the list of default algorithms.
hKey
[in] If the type of hash algorithm is a keyed hash, such as the HMAC or MAC algorithm, the key for the hash should be passed in this parameter. For nonkeyed algorithms, this parameter should be set to zero.For keyed algorithms, the key must be to a block cipher, such as RC2, that has a cipher mode of CBC.
dwFlags
[in] Specifies a bitmask of flags. This parameter is reserved for future use and should always be zero.phHash
[out] Address to which the function copies a handle to the new hash object.
Return Values
TRUE indicates success. FALSE indicates failure. To get extended error information, call GetLastError. Common values for GetLastError are described in the following table. The error values prefaced by "NTE" are generated by the particular CSP you are using.
| Value | Description |
|---|---|
| ERROR_INVALID_HANDLE | One of the parameters specifies an invalid handle. |
| ERROR_INVALID_PARAMETER | One of the parameters contains an invalid value. This is most often an illegal pointer. |
| ERROR_NOT_ENOUGH_MEMORY | The operating system ran out of memory during the operation. |
| NTE_BAD_ALGID | The Algid parameter specifies an algorithm that this CSP does not support. |
| NTE_BAD_FLAGS | The dwFlags parameter is nonzero. |
| NTE_BAD_KEY | A keyed hash algorithm (such as CALG_MAC) is specified by Algid and the hKey parameter is either zero or it specifies an invalid key handle. This error code will also be returned if the key is to a stream cipher, or if the cipher mode is anything other than CBC. |
| NTE_NO_MEMORY | The CSP ran out of memory during the operation. |
Remarks
The Microsoft Base Cryptographic Provider defines the following hashing algorithms.
| Constant | Description |
|---|---|
| CALG_HMAC | HMAC, a keyed hash algorithm |
| CALG_MAC | Message Authentication Code |
| CALG_MD2 | MD2 |
| CALG_MD5 | MD5 |
| CALG_SHA | US DSA Secure Hash Algorithm |
| CALG_SHA1 | Same as CALG_SHA |
| CALG_SSL3_SHAMD5 | SSL3 client authentication |
The computation of the actual hash is done with the CryptHashData and CryptHashSessionKey functions. These require a handle to the hash object. After all the data has been added to the hash object, any of the following operations can be performed:
- The hash value can be retrieved by using CryptGetHashParam.
- A session key can be derived by using CryptDeriveKey.
- The hash can be signed by using CryptSignHash.
- A signature can be verified by using CryptVerifySignature.
After one of the functions from this list has been called, CryptHashData and CryptHashSessionKey may not be called.
Example
Requirements
| Runs On | Versions | Defined in | Include | Link to |
|---|---|---|---|---|
| Windows CE OS | 2.10 and later | Wincrypt.h | Cryptapi.lib |
Note This API is part of the complete Windows CE OS package as provided by Microsoft. The functionality of a particular platform is determined by the original equipment manufacturer (OEM) and some devices may not support this API.
See Also
CryptAcquireContext, CryptDeriveKey, CryptDestroyHash, CryptGetHashParam, CryptHashData, CryptHashSessionKey, CryptSignHash, CryptVerifySignature
Last updated on Tuesday, July 13, 2004
© 1992-2000 Microsoft Corporation. All rights reserved.