Check the docs - CryptSetKeyParam and CryptGetKeyParam
When you are using KP_PERMISSIONS
, the valid set of flags are
CRYPT_ARCHIVE
CRYPT_DECRYPT
CRYPT_ENCRYPT
CRYPT_EXPORT
CRYPT_EXPORT_KEY
CRYPT_IMPORT_KEY
CRYPT_MAC
CRYPT_READ
CRYPT_WRITE
CRYPT_EXPORTABLE
is not in this list.
If you check the docs for CryptGenKey, CRYPT_EXPORTABLE
is a flag which you use while creating the key, so that it can be exported later. It's not required for CryptSetKeyParam
.