CryptAcquireContext fails with NTE_BAD_KEYSET

Hi all,

When we try to access a key container, CryptAcquireContext may return NTE_BAD_KEYSET (or error # 0x80090016 or -2146893802 or "Keyset does not exist") for the following two reasons:

1) key container doesn't exist. You may repeat the call to CryptAcquireContext, but this time using CRYPT_NEWKEYSET flag to create a new key container.

2) user doesn't have permission to open the key container. If you need to find out where the key container is in order to set additional permissions, this post may help: Key Containers: Basics.

Let's imagine for a sec that we are already calling CryptAcquireContext with CRYPT_NEWKEYSET flag after the first call to CryptAcquireContext fails with error NTE_BAD_KEYSET, and this second call fails with error NTE_EXISTS (or error # 0x8009000F or -2146893809 or "Object already exists"). First we try to open the container and we fail, then we try to create it and it already exists. NTE_BAD_KEYSET means in this case that the user doesn't have permissions to open the key container, and not that it doesn't exist.

I hope this helps.

Cheers,

 

Alex (Alejandro Campos Magencio)