Export (0) Print
Expand All

BCryptVerifySignature function

The BCryptVerifySignature function verifies that the specified signature matches the specified hash.

Syntax


NTSTATUS WINAPI BCryptVerifySignature(
  _In_      BCRYPT_KEY_HANDLE hKey,
  _In_opt_  VOID *pPaddingInfo,
  _In_      PUCHAR pbHash,
  _In_      ULONG cbHash,
  _In_      PUCHAR pbSignature,
  _In_      ULONG cbSignature,
  _In_      ULONG dwFlags
);

Parameters

hKey [in]

The handle of the key to use to decrypt the signature. This must be an identical key or the public key portion of the key pair used to sign the data with the BCryptSignHash function.

pPaddingInfo [in, optional]

A pointer to a structure that contains padding information. The actual type of structure this parameter points to depends on the value of the dwFlags parameter. This parameter is only used with asymmetric keys and must be NULL otherwise.

pbHash [in]

The address of a buffer that contains the hash of the data. The cbHash parameter contains the size of this buffer.

cbHash [in]

The size, in bytes, of the pbHash buffer.

pbSignature [in]

The address of a buffer that contains the signed hash of the data. The BCryptSignHash function is used to create the signature. The cbSignature parameter contains the size of this buffer.

cbSignature [in]

The size, in bytes, of the pbSignature buffer. The BCryptSignHash function is used to create the signature.

dwFlags [in]

A set of flags that modify the behavior of this function. The allowed set of flags depends on the type of key specified by the hKey parameter.

If the key is a symmetric key, this parameter is not used and should be zero.

If the key is an asymmetric key, this can be one of the following values.

ValueMeaning
BCRYPT_PAD_PKCS1

The PKCS1 padding scheme was used when the signature was created. The pPaddingInfo parameter is a pointer to a BCRYPT_PKCS1_PADDING_INFO structure.

BCRYPT_PAD_PSS

The Probabilistic Signature Scheme (PSS) padding scheme was used when the signature was created. The pPaddingInfo parameter is a pointer to a BCRYPT_PSS_PADDING_INFO structure.

 

Return value

Returns a status code that indicates the success or failure of the function.

Possible return codes include, but are not limited to, the following.

Return codeDescription
STATUS_SUCCESS

The function was successful.

STATUS_INVALID_SIGNATURE

The signature was not verified.

NTE_NO_MEMORY

A memory allocation failure occurred.

STATUS_INVALID_HANDLE

The key handle specified by the hKey parameter is not valid.

STATUS_NOT_SUPPORTED

The algorithm provider used to create the key handle specified by the hKey parameter is not a signing algorithm.

 

Remarks

This function decrypts the signature with the provided key and then compares the decrypted value to the specified hash value.

To use this function, you must hash the data by using the same hashing algorithm that was used to create the hash value that was signed. If applicable, you must also specify the same padding scheme that was specified when the signature was created.

Depending on what processor modes a provider supports, BCryptVerifySignature can be called either from user mode or kernel mode. Kernel mode callers can execute either at PASSIVE_LEVEL IRQL or DISPATCH_LEVEL IRQL. If the current IRQL level is DISPATCH_LEVEL, the handle provided in the hKey parameter must be derived from an algorithm handle returned by a provider that was opened by using the BCRYPT_PROV_DISPATCH flag, and any pointers passed to the BCryptVerifySignature function must refer to nonpaged (or locked) memory.

To call this function in kernel mode, use Cng.lib, which is part of the Driver Development Kit (DDK). For more information, see WDK and Developer Tools.

Windows Server 2008 and Windows Vista:  To call this function in kernel mode, use Ksecdd.lib.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

Bcrypt.h

Library

Bcrypt.lib

DLL

Bcrypt.dll

See also

BCryptSignHash

 

 

Community Additions

ADD
Show:
© 2014 Microsoft