CertIsStrongHashToSign function (wincrypt.h)
Determines whether the specified hash algorithm and the public key in the signing certificate can be used to perform strong signing.
Syntax
BOOL CertIsStrongHashToSign(
[in] PCCERT_STRONG_SIGN_PARA pStrongSignPara,
[in] LPCWSTR pwszCNGHashAlgid,
[in, optional] PCCERT_CONTEXT pSigningCert
);
Parameters
[in] pStrongSignPara
Pointer to a CERT_STRONG_SIGN_PARA structure that contains information about supported signing and hashing algorithms.
[in] pwszCNGHashAlgid
Pointer to a Unicode string that contains the name of the hashing algorithm. The following algorithms are supported:
- L"MD5" (BCRYPT_MD5_ALGORITHM)
- L"SHA1" (BCRYPT_SHA1_ALGORITHM)
- L"SHA256" (BCRYPT_SHA256_ALGORITHM)
- L"SHA256" (BCRYPT_SHA256_ALGORITHM)
- L"SHA512" (BCRYPT_SHA512_ALGORITHM)
[in, optional] pSigningCert
Pointer to a CERT_CONTEXT structure that contains the signing certificate. The public key algorithm in the signing certificate is checked for strength. The public key (asymmetric) algorithm is used for signing. The following signature algorithms are supported:
- L"RSA" (BCRYPT_RSA_ALGORITHM)
- L"DSA" (BCRYPT_DSA_ALGORITHM)
- L"ECDSA" (SSL_ECDSA_ALGORITHM)
Return value
If the function succeeds, the function returns TRUE.
If the function fails, it returns FALSE. For extended error information, call GetLastError. This function has the following error codes.
| Return code | Description |
|---|---|
|
One or more of the input arguments is not correct. |
|
A specified algorithm is not supported. |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 8 [desktop apps only] |
| Minimum supported server | Windows Server 2012 [desktop apps only] |
| Target Platform | Windows |
| Header | wincrypt.h |
| Library | Crypt32.lib |
| DLL | Crypt32.dll |