BOOL CryptCreateHash( HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey, DWORD dwFlags, HCRYPTHASH *phHash );
A handle to a CSP created by a call to CryptAcquireContext.
An ALG_ID value that identifies the hash algorithm to use.
Valid values for this parameter vary, depending on the CSP that is used. For a list of default algorithms, see Remarks.
If the type of hash algorithm is a keyed hash, such as the Hash-Based Message Authentication Code (HMAC) or Message Authentication Code (MAC) algorithm, the key for the hash is passed in this parameter. For nonkeyed algorithms, this parameter must be set to zero.
The following flag value is defined.
||This flag is not used.|
The address to which the function copies a handle to the new hash object. When you have finished using the hash object, release the handle by calling the CryptDestroyHash function.
If the function succeeds, the function returns TRUE.
If the function fails, it returns FALSE. For extended error information, call GetLastError.
The error codes prefaced by NTE are generated by the particular CSP you are using. The following table shows some of the possible error codes.
||One of the parameters specifies a handle that is not valid.|
||One of the parameters contains a value that is not valid. This is most often a pointer that is not valid.|
||The operating system ran out of memory during the operation.|
||The Algid parameter specifies an algorithm that this CSP does not support.|
||The dwFlags parameter is nonzero.|
||A keyed hash algorithm, such as CALG_MAC, is specified by Algid, and the hKey parameter is either zero or it specifies a key handle that is not valid. This error code is also returned if the key is to a stream cipher or if the cipher mode is anything other than CBC.|
||The CSP ran out of memory during the operation.|
For a list of Microsoft service providers and the algorithms they implement, see Microsoft Cryptographic Service Providers.
The computation of the actual hash is done with the CryptHashData and CryptHashSessionKey functions. These require a handle to the hash object. After all the data has been added to the hash object, any of the following operations can be performed:
- The hash value can be retrieved by using CryptGetHashParam.
- A session key can be derived by using CryptDeriveKey.
- The hash can be signed by using CryptSignHash.
- A signature can be verified by using CryptVerifySignature.
The following example shows initiating the hashing of a stream of data. It creates and returns to the calling application a handle to a hash object. This handle is used in subsequent calls to CryptHashData and CryptHashSessionKey to hash any stream of data. For an example that includes the complete context for this example, see Example C Program: Creating and Hashing a Session Key. For another example that uses this function, see Example C Program: Signing a Hash and Verifying the Hash Signature.
//-------------------------------------------------------------------- // Declare variables.
|Minimum supported client||Windows XP [desktop apps only]|
|Minimum supported server||Windows Server 2003 [desktop apps only]|