Compartilhar via


CryptDecryptAndVerifyMessageSignature (Compact 2013)

3/28/2014

This function decrypts a message and verifies its signature.

Syntax

BOOL WINAPI CryptDecryptAndVerifyMessageSignature(
      __in PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara,
     __in PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara,
      __in DWORD dwSignerIndex,
      __in const BYTE* pbEncryptedBlob,
      __in DWORD cbEncryptedBlob,
      __out_opt BYTE* pbDecrypted,
     __inout_opt DWORD* pcbDecrypted,
      __out_opt PCCERT_CONTEXT* ppXchgCert,
      __out_opt PCCERT_CONTEXT* ppSignerCert
);

Parameters

  • dwSignerIndex
    [in] Identifies a particular signer of the message. A message can be signed by more than one signer and this function can be called multiple times, changing this parameter to check for a different signer with each function call. It is set to zero for the first signer. If the function returns false, and GetLastError returns CRYPT_E_NO_SIGNER, the previous call received the last signer of the message.
  • pbEncryptedBlob
    [in] Pointer to the signed, encoded, and encrypted message to be decrypted and verified.
  • cbEncryptedBlob
    [in] The size, in bytes, of the encrypted message.
  • pbDecrypted
    [out, optional] Pointer to a buffer to receive the decrypted message.
    This parameter can be NULL if the decrypted message is not required or to set the size of the decrypted message for memory allocation purposes. A decrypted message will not be returned if this parameter is NULL. For more information, seeRetrieving Data of Unknown Length.
  • pcbDecrypted
    [in, out, optional] Pointer to a DWORD that specifies the size, in bytes, of the buffer to which the pbDecrypted parameter points. When the function returns, it contains the size of the decrypted message copied to pbDecrypted.

    Note

    When processing the data returned in the pbDecrypted buffer, applications must use the actual size of the data returned. The actual size can be slightly smaller than the size of the buffer specified in pcbDecrypted on input. On output, the variable to which this parameter points is set to reflect the actual size of the data copied to the buffer.

  • ppXchgCert
    [out, optional] Pointer to a CERT_CONTEXT structure of the certificate that corresponds to the private exchange key needed to decrypt the message.
  • ppSignerCert
    [out, optional] Pointer to a CERT_CONTEXT structure of the certificate of the signer.

Return Value

Returns true if function succeeds; otherwise, false. To retrieve extended error information, call GetLastError.

Note

Errors from the called functions CryptDecryptMessage and CryptVerifyMessageSignature might be propagated to this function.

The following error code is most commonly returned by the GetLastError function.

Value

Description

ERROR_MORE_DATA

If the buffer specified by the pbDecrypted parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code, and stores the required buffer size, in bytes, in the variable to which pcbDecrypted points.

Remarks

For a successfully decrypted and verified message, the certificate context pointers to which ppXchgCert and ppSignerCert point are updated. They must be freed by calling CertFreeCertificateContext. If the function fails, they are set to NULL.

To indicate that the caller is not interested in the exchange certificate or the signer certificate context, set the ppXchgCert and ppSignerCert parameters to NULL.

Requirements

Header

wincrypt.h

Library

crypt32.lib

See Also

Reference

Certificates Functions