CryptDestroyKey

Article
06/17/2014

This function releases the handle referenced by the hKey parameter. Once a key handle has been released, it becomes invalid and cannot be used again.

If the handle refers to a session key, or to a public key that has been imported into the cryptographic service provider (CSP) through CryptImportKey, the CryptDestroyKey function destroys the key and frees the memory that the key occupied. Many CSPs scrub the memory where the key was held before freeing it.

On the other hand, if the handle refers to a public/private key pair obtained from the CryptGetUserKey function, the underlying key pair is not destroyed by the CryptDestroyKey function. Only the handle is destroyed.

BOOL CRYPTFUNC CryptDestroyKey( HCRYPTKEY hKey);

Parameters

hKey
[in] HCRYPTKEY handle to the key to be destroyed.

Return Values

TRUE indicates success. FALSE indicates failure. To get extended error information, call the GetLastError function.

The following table describes the common values for the GetLastError function. The error values prefaced by NTE are generated by the particular CSP you are using.

Value	Description
ERROR_INVALID_HANDLE	The hKey parameter specifies an invalid handle.
ERROR_INVALID_PARAMETER	The hKey parameter contains an invalid value.
NTE_BAD_KEY	The hKey parameter does not contain a valid handle to a key.
NTE_BAD_UID	The CSP context that was specified when the key was created cannot be found.

Remarks

Keys take up memory in both the operating system's memory space and the CSP's memory space. Some CSPs will be implemented in hardware with very limited memory resources. For this reason, it is important that an application destroys keys with the CryptDestroyKey function when the application finishes with the keys.

Example

See CryptHashSessionKey.

Requirements

OS Versions: Windows CE 2.10 and later.
Header: Wincrypt.h.
Link Library: Coredll.lib.