CryptCreateHash
[New
- Windows NT]
[New
- Windows 95, OEM Service Release 2]
The CryptCreateHash
function is used to initiate the hashing of a stream of data. It returns to the
caller a handle to a CSP hash object. This handle can also be used in
subsequent calls to CryptHashData and CryptHashSessionKey in order to hash streams
of data and session keys.
BOOL CRYPTFUNC CryptCreateHash(
|
HCRYPTPROV hProv, |
|
|
ALG_ID Algid, |
|
|
HCRYPTKEY hKey, |
|
|
DWORD dwFlags, |
|
|
HCRYPTHASH *phHash |
|
|
); |
|
Parameters
hProv
[in] A handle
to the CSP to use. An application obtains this handle using the CryptAcquireContext function.
Algid
[in] An
algorithm identifier of the hash algorithm to use.
The valid
values for this parameter will vary, depending on the CSP that is used. See the
Remarks section for the list of default algorithms.
hKey
[in] If the
type of hash algorithm is a keyed hash, such as a MAC algorithm, the key for
the hash should be passed in this parameter. For nonkeyed algorithms, this
parameter should be set to zero.
The key must
be to a block cipher, such as RC2, with a cipher mode of CBC.
dwFlags
[in] The flag
values. This parameter is reserved for future use and should always be zero.
phHash
[out] The
address to which the function copies a handle to the new hash object.
Remarks
The Microsoft
RSA Base Provider defines the following hashing algorithms:
|
Constant |
Description |
|
CALG_MAC |
Message
Authentication Code |
|
CALG_MD2 |
MD2 |
|
CALG_MD5 |
MD5 |
|
CALG_SHA |
US DSA
Secure Hash Algorithm |
The
computation of the actual hash is done with the CryptHashData and CryptHashSessionKey functions. These require a
handle to the hash object. Once all the data has been added to the hash object,
exactly one of the following operations can be performed:
The hash value can be retrieved
using CryptGetHashParam.
A session key can be derived
using CryptDeriveKey.
The hash can be signed using CryptSignHash.
A signature can be verified
using CryptVerifySignature.
Once one of
the functions from this list has been called, the only hashing function that
can be used with the same hash handle is CryptDestroyHash.
Return Values
If the
function succeeds, the return value is nonzero.
If the
function fails, the return value is zero. To retrieve extended error
information, use the GetLastError function.
The following
table lists the error codes most commonly returned by the GetLastError
function. The error codes prefaced by NTE are generated by the particular CSP
you are using.
|
Error |
Description |
|
ERROR_INVALID_HANDLE |
One of the
parameters specifies an invalid handle. |
|
ERROR_INVALID_PARAMETER |
One of the
parameters contains an invalid value. This is most often an illegal pointer. |
|
ERROR_NOT_ENOUGH_MEMORY |
The
operating system ran out of memory during the operation. |
|
NTE_BAD_ALGID |
The Algid
parameter specifies an algorithm that this CSP does not support. |
|
NTE_BAD_FLAGS |
The dwFlags
parameter is nonzero. |
|
NTE_BAD_KEY |
A keyed
hash algorithm (such as CALG_MAC) is specified by Algid and the hKey
parameter is either zero or it specifies an invalid key handle. This error
code will also be returned if the key is to a stream cipher, or if the cipher
mode is anything other than CBC. |
|
NTE_NO_MEMORY |
The CSP ran
out of memory during the operation. |
Example
See the
Example section in the CryptSignHash function.
See Also