CryptGenRandom to generate asp.net session id

does anyone have working example of CryptGenrRandom class to generate session id (need to use in my iis module).

HCRYPTPROV   hCryptProv;    
BYTE         pbData[16];

if(CryptAcquireContext( &hCryptProv,  NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) 
{       
    if(CryptGenRandom(hCryptProv, 8, pbData)) 
    {
        std::string s(( const char *) pbData);  
        printf(s.c_str());
    }
    else
    {
        MyHandleError("Error during CryptGenRandom.");
    }
}
else
{
    MyHandleError("Error during CryptAcquireContext!\n");
}   

i开发者_StackOverflow中文版 tried this code but, its not working quite well (i get it from msdn) and this example don't work for me ( http://www.codeproject.com/KB/security/plaintextsessionkey.aspx )

so if anyone know how to generate sessionid using this class plz let me know

tnx anyway!

You don't say what the failure is - but i'll take a stab at it - we've had problems with CryptAcquireContext in the past returing NTE_BAD_KEYSET -- if it does you need to specify CRYPT_NEWKEYSET or'd into the flags (CRYPT_VERIFYCONTEXT|CRYPT_NEWKEYSET) and call CryptAcquireContext a second time in response to the failure.

Something like:

BOOL bResult = CryptAcquireContext(&m_hProv, pszContainer, pszProvider, dwProviderType, dwFlags);
if (!bResult) 
{
    hr = GetLastError(); //already returns an HRESULT

    if (NTE_BAD_KEYSET != hr) return(hr);

    dwFlags |= CRYPT_NEWKEYSET;
    bResult = CryptAcquireContext(&m_hProv, pszContainer, pszProvider, dwProviderType, dwFlags);
    if (!bResult) return(GetLastError());
}