CRYPT_SIGN_MESSAGE_PARA structure (wincrypt.h)
The CRYPT_SIGN_MESSAGE_PARA structure contains information for signing messages using a specified signing certificate context.
Syntax
typedef struct _CRYPT_SIGN_MESSAGE_PARA {
DWORD cbSize;
DWORD dwMsgEncodingType;
PCCERT_CONTEXT pSigningCert;
CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
void *pvHashAuxInfo;
DWORD cMsgCert;
PCCERT_CONTEXT *rgpMsgCert;
DWORD cMsgCrl;
PCCRL_CONTEXT *rgpMsgCrl;
DWORD cAuthAttr;
PCRYPT_ATTRIBUTE rgAuthAttr;
DWORD cUnauthAttr;
PCRYPT_ATTRIBUTE rgUnauthAttr;
DWORD dwFlags;
DWORD dwInnerContentType;
CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
void *pvHashEncryptionAuxInfo;
} CRYPT_SIGN_MESSAGE_PARA, *PCRYPT_SIGN_MESSAGE_PARA;
Members
cbSize
Size of this structure in bytes.
dwMsgEncodingType
Type of encoding used. It is always acceptable to specify both the certificate and message encoding types by combining them with a bitwise-OR operation as shown in the following example:
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING
Currently defined encoding types are:
- X509_ASN_ENCODING
- PKCS_7_ASN_ENCODING
pSigningCert
A pointer to the CERT_CONTEXT to be used in the signing.
Either the CERT_KEY_PROV_INFO_PROP_ID, or CERT_KEY_CONTEXT_PROP_ID property must be set for the context to provide access to the private signature key.
HashAlgorithm
CRYPT_ALGORITHM_IDENTIFIER containing the hashing algorithm used to hash the data to be signed.
pvHashAuxInfo
Not currently used, and must be set to NULL.
cMsgCert
Number of elements in the rgpMsgCert array of CERT_CONTEXT structures. If set to zero no certificates are included in the signed message.
rgpMsgCert
Array of pointers to CERT_CONTEXT structures to be included in the signed message. If the pSigningCert is to be included, a pointer to it must be in the rgpMsgCert array.
cMsgCrl
Number of elements in the rgpMsgCrl array of pointers to CRL_CONTEXT structures. If set to zero, no CRL_CONTEXT structures are included in the signed message.
rgpMsgCrl
Array of pointers to CRL_CONTEXT structures to be included in the signed message.
cAuthAttr
Number of elements in the rgAuthAttr array. If no authenticated attributes are present in rgAuthAttr, this member is set to zero.
rgAuthAttr
Array of pointers to CRYPT_ATTRIBUTE structures, each holding authenticated attribute information. If there are authenticated attributes present, the PKCS #9 standard dictates that there must be at least two attributes present, the content type object identifier (OID), and the hash of the message itself. These attributes are automatically added by the system.
cUnauthAttr
Number of elements in the rgUnauthAttr array. If no unauthenticated attributes are present in rgUnauthAttr, this member is zero.
rgUnauthAttr
Array of pointers to CRYPT_ATTRIBUTE structures each holding an unauthenticated attribute information. Unauthenticated attributes can be used to contain countersignatures, among other uses.
dwFlags
Normally zero. If the encoded output is to be a CMSG_SIGNED inner content of an outer cryptographic message such as a CMSG_ENVELOPED message, the CRYPT_MESSAGE_BARE_CONTENT_OUT_FLAG must be set. If it is not set, the message will be encoded as an inner content type of CMSG_DATA.
CRYPT_MESSAGE_ENCAPSULATED_CONTENT_OUT_FLAG can be set to encapsulate non-data inner content into an OCTET STRING. CRYPT_MESSAGE_KEYID_SIGNER_FLAG can be set to identify signers by their Key Identifier and not their Issuer and Serial Number.
CRYPT_MESSAGE_SILENT_KEYSET_FLAG can be set to suppress any UI by the CSP. For more information about the CRYPT_SILENT flag, see CryptAcquireContext.
dwInnerContentType
Normally zero. Set to the encoding type of the input message if that input to be signed is the encoded output of another cryptographic message.
HashEncryptionAlgorithm
A CRYPT_ALGORITHM_IDENTIFIER. If present and not NULL, it is used instead of the signer's certificate PublicKeyInfo.Algorithm member. Note that for RSA, the hash encryption algorithm is normally the same as the public key algorithm. For DSA, the hash encryption algorithm is normally a DSS signature algorithm. This member can only be used if CRYPT_SIGN_MESSAGE_PARA_HAS_CMS_FIELDS is defined.
pvHashEncryptionAuxInfo
Currently not used and must be set to NULL. This member can only be used if CRYPT_SIGN_MESSAGE_PARA_HAS_CMS_FIELDS is defined.
Remarks
The HashEncryptionAlgorithm and pvHashEncryptionAuxInfo members can only be used if CRYPT_SIGN_MESSAGE_PARA_HAS_CMS_FIELDS is defined.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows XP [desktop apps only] |
Minimum supported server | Windows Server 2003 [desktop apps only] |
Header | wincrypt.h |