CryptDecodeMessage (Compact 2013)

3/28/2014

This function decodes, decrypts, and verifies a cryptographic message.

You can use this function when the type of cryptographic message is unknown. You can combine the dwMsgTypeFlags constants with a bitwise-OR operation so that the function will try to find one of the types. When one of the types is found, the function reports the type found and returns the data appropriate to that type.

In each pass, the function cracks only a single level of encryption or encoding. For additional cracking you must call this function or one of the other Simplified Message Functions again.

Syntax

BOOL WINAPI CryptDecodeMessage(
    __in DWORD dwMsgTypeFlags,
    __in PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara,
    __in PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara,
    __in DWORD dwSignerIndex,
    __in const BYTE *pbEncodedBlob,
    __in DWORD cbEncodedBlob,
    __in DWORD dwPrevInnerContentType,
    __out_opt DWORD *pdwMsgType,
    __out_opt DWORD *pdwInnerContentType,
    __out_opt BYTE *pbDecoded,
    __inout_opt DWORD *pcbDecoded,
    __out_opt PCCERT_CONTEXT *ppXchgCert,
    __out_opt PCCERT_CONTEXT *ppSignerCert
    );

Parameters

  • dwMsgTypeFlags
    [in] Indicates the message type. You can combine message types with the bitwise-OR operator. This parameter can be one of the following message types:

    • CMSG_DATA_FLAG
    • CMSG_SIGNED_FLAG
    • CMSG_ENVELOPED_FLAG
    • CMSG_SIGNED_AND_ENVELOPED_FLAG
    • CMSG_HASHED_FLAG

    Note

    After return, the DWORD to which pdwMsgType points is set with the type of the message.

  • dwSignerIndex
    [in] Indicates which signer, among the possible many signers of a message, is to be verified. This index can be changed in multiple calls to the function to verify additional signers. The parameter
    dwSignerIndex is set to zero for the first signer. If the function returns false, and GetLastError returns CRYPT_E_NO_SIGNER, the previous call returned the last signer of the message. This parameter is used only with messages of types CMSG_SIGNED_AND_ENVELOPED or CMSG_SIGNED. For all other message types, it should be set to zero.
  • pbEncodedBlob
    [in] Pointer to the encoded BLOB that is to be decoded.
  • cbEncodedBlob
    [in] The size, in bytes, of the encoded BLOB.
  • dwPrevInnerContentType
    [in] Only applicable when processing nested cryptographic messages. When processing an outer cryptographic message, it must be set to zero. When decoding a nested cryptographic message, it is set to the value returned at pdwInnerContentType by a previous calling of CryptDecodeMessage for the outer message. It can be any of the CMSG types listed in pdwMsgType. For backward compatibility, set dwPrevInnerContentType to zero.
  • pdwMsgType
    [out, optional] Pointer to a DWORD that specifies the message type returned. This parameter can be one of the following message types:

    • CMSG_DATA
    • CMSG_SIGNED
    • CMSG_ENVELOPED
    • CMSG_SIGNED_AND_ENVELOPED
    • CMSG_HASHED
  • pdwInnerContentType
    [out, optional] Pointer to a DWORD that specifies the type of an inner message. The message type codes used for pdwMsgType are also used with pdwInnerContentType. If there is no cryptographic nesting, CMSG_DATA is returned.
  • pbDecoded
    [out, optional] Pointer to a buffer to receive the decoded message.
    This parameter can be NULL if the decoded message is not required or to set the size of the decoded message for memory allocation purposes. A decoded message will not be returned if this parameter is NULL. For more information, see Retrieving Data of Unknown Length.
  • pcbDecoded
    [in, out, optional] Pointer to a variable that specifies the size, in bytes, of the buffer pointed to which the pbDecoded parameter points. When the function returns, this variable contains the size of the decoded message.

    Note

    When processing the data returned in the buffer, applications must use the actual size of the data returned. The actual size can be slightly smaller than the size of the buffer specified on input. (On input, buffer sizes are usually specified large enough to ensure that the largest possible output data will fit in the buffer.) On output, the variable pointed to by this parameter is updated to reflect the actual size of the data copied to the buffer.

  • ppXchgCert
    [out, optional] Pointer to a pointer to a CERT_CONTEXT structure with a certificate that corresponds to the private exchange key needed to decode the message. This parameter is set only for message types CMSG_ENVELOPED and CMSG_SIGNED_AND_ENVELOPED.
  • ppSignerCert
    [out, optional] Pointer to a pointer to a CERT_CONTEXT structure of the certificate context of the signer. This parameter is only set for message types CMSG_SIGNED and CMSG_SIGNED_AND_ENVELOPED.

Return Value

Returns true (nonzero) if the function succeeds; otherwise, false (zero). To retrieve extended error information, call GetLastError.

Note

Errors from the called functions, CryptDecryptMessage, CryptVerifyMessageSignature, or CryptVerifyMessageHash can be propagated to this function.

The following error code is most commonly returned by the GetLastError function.

Value

Description

ERROR_MORE_DATA

If the buffer specified by the pbDecoded parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code and stores the required buffer size, in bytes, in the variable to which pcbDecoded points.

Remarks

The dwMsgTypeFlags parameter specifies the set of allowable messages. For example, to decode either SIGNED or ENVELOPED messages, set dwMsgTypeFlags to CMSG_SIGNED_FLAG | CMSG_ENVELOPED_FLAG. You must specify either one or both of the pDecryptPara or pVerifyPara parameters.

For a successfully decoded or verified message, the certificate context pointers to which ppXchgCert and ppSignerCert point are updated. They must be freed by calling CertFreeCertificateContext. If the function fails, they are set to NULL.

The ppXchgCert or ppSignerCert parameters can be set to NULL before the function is called, which indicates that the caller is not interested in getting the exchange certificate or the signer certificate context.

Requirements

Header

wincrypt.h

Library

crypt32.lib

See Also

Reference

Certificates Functions