CryptHashToBeSigned function (wincrypt.h)

Important  This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.
 
The CryptHashToBeSigned function computes the hash of the encoded content from a signed and encoded certificate. The hash is performed on only the "to be signed" encoded content and its signature.

Syntax

BOOL CryptHashToBeSigned(
  [in]      HCRYPTPROV_LEGACY hCryptProv,
  [in]      DWORD             dwCertEncodingType,
  [in]      const BYTE        *pbEncoded,
  [in]      DWORD             cbEncoded,
  [out]     BYTE              *pbComputedHash,
  [in, out] DWORD             *pcbComputedHash
);

Parameters

[in] hCryptProv

This parameter is not used and should be set to NULL.

Windows Server 2003 and Windows XP:  A handle of the cryptographic service provider (CSP) to use to compute the hash.This parameter's data type is HCRYPTPROV.

Unless there is a strong reason for passing in a specific cryptographic provider in hCryptProv, zero is passed in. Passing in zero causes the default RSA or Digital Signature Standard (DSS) provider to be acquired before doing hash, signature verification, or recipient encryption operations.

[in] dwCertEncodingType

Specifies the encoding type used. It is always acceptable to specify both the certificate and message encoding types by combining them with a bitwise-OR operation as shown in the following example:

X509_ASN_ENCODING | PKCS_7_ASN_ENCODING

Currently defined encoding types are:

  • X509_ASN_ENCODING
  • PKCS_7_ASN_ENCODING

[in] pbEncoded

Address of a buffer that contains the content to be hashed. This is the encoded form of a CERT_SIGNED_CONTENT_INFO.

[in] cbEncoded

The size, in bytes, of the buffer.

[out] pbComputedHash

A pointer to a buffer to receive the computed hash.

This parameter can be NULL to set the size of this information for memory allocation purposes. For more information, see Retrieving Data of Unknown Length.

[in, out] pcbComputedHash

A pointer to a DWORD that contains the size, in bytes, of the buffer pointed to by the pbComputedHash parameter. When the function returns, the DWORD contains the number of bytes stored in the buffer.

Note  When processing the data returned in the buffer, applications need to use the actual size of the data returned. The actual size can be slightly smaller than the size of the buffer specified on input. On input, buffer sizes are usually specified large enough to ensure that the largest possible output data will fit in the buffer. On output, the variable pointed to by this parameter is updated to reflect the actual size of the data copied to the buffer.
 

Return value

If the function succeeds, the function returns nonzero (TRUE).

If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.

Note  Errors from the called functions CryptCreateHash, CryptGetHashParam, and CryptHashData might be propagated to this function. This function has the following error codes.
 
Return code Description
ERROR_MORE_DATA
If the buffer specified by the pbComputedHash parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code, and stores the required buffer size, in bytes, into the variable pointed to by pcbComputedHash.
ERROR_FILE_NOT_FOUND
Invalid certificate encoding type. Currently only X509_ASN_ENCODING is supported.
NTE_BAD_ALGID
The object identifier (OID) of the signature algorithm does not map to a known or supported hash algorithm.
 

If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information about these errors, see ASN.1 Encoding/Decoding Return Values.

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Crypt32.lib
DLL Crypt32.dll

See also

CryptHashCertificate

CryptHashPublicKeyInfo

Data Management Functions