CryptXmlSign Function (Windows)

CryptXmlSign Function

The CryptXmlSign function creates a cryptographic signature of a <SignedInfo> element.

Syntax

C++

HRESULT WINAPI CryptXmlSign(
  __in      HCRYPTXML hSignature,
  __in_opt  HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hKey,
            DWORD dwKeySpec,
            DWORD dwFlags,
            CRYPT_XML_KEYINFO_SPEC dwKeyInfoSpec,
  __in_opt  const void pvKeyInfoSpec,
  __in      const CRYPT_XML_ALGORITHM pSignatureMethod,
  __in      const CRYPT_XML_ALGORITHM pCanonicalization
);

Parameters

hSignature [in]

The handle to a CRYPT_XML_SIGNATURE structure.

hKey [in, optional]

The handle of a private key used to sign the <SignedInfo> element. This parameter must be NULL for HMAC-based signature algorithms.

dwKeySpec

A DWORD value that specifies the key type. This parameter can be one of the following values.

Value	Meaning
AT_KEYEXCHANGE 1	The key pair is a key exchange pair.
AT_SIGNATURE 2	The key pair is a signature pair.
CERT_NCRYPT_KEY_SPEC 0xFFFFFFFF	The key is a Cryptography API: Next Generation (CNG) key.

dwFlags

A DWORD value that controls how the data is signed. This parameter can be one of the following values.

Value	Meaning
CRYPT_XML_SIGN_ADD_KEYVALUE 0x00000001	Populate the <KeyValue> element from the handle specified in the hKey parameter. Important The CRYPT_XML_SIGN_ADD_KEYVALUE flag cannot be used when the dwKeyInfoSpec parameter is set to CRYPT_XML_KEYINFO_SPEC_ENCODED.
CRYPT_XML_FLAG_DISABLE_EXTENSIONS 0x10000000	Only default implementations for the signature and digest are used. When this flag is set, no other registered extensions are loaded.

Value

Meaning

CRYPT_XML_SIGN_ADD_KEYVALUE
0x00000001

Populate the <KeyValue> element from the handle specified in the hKey parameter.

Important The CRYPT_XML_SIGN_ADD_KEYVALUE flag cannot be used when the dwKeyInfoSpec parameter is set to CRYPT_XML_KEYINFO_SPEC_ENCODED.

CRYPT_XML_FLAG_DISABLE_EXTENSIONS
0x10000000

Only default implementations for the signature and digest are used. When this flag is set, no other registered extensions are loaded.

dwKeyInfoSpec

The type of data structure pointed to by the pvKeyInfoSpec parameter. Here are some possible combinations.

dwKeyInfec	pvKeyInfoSpec
CRYPT_XML_KEYINFO_SPEC_NONE	Is set to NULL
CRYPT_XML_KEYINFO_SPEC_ENCODED	Points to a CRYPT_XML_BLOB structure
CRYPT_XML_KEYINFO_SPEC_PARAM	Points to a CRYPT_XML_KEYINFO_PARAM structure

pvKeyInfoSpec [in, optional]

A pointer to a structure, the type of which is determined by the value of the dwKeyInfoSpec parameter.

pSignatureMethod [in]

A pointer to a CRYPT_XML_ALGORITHM structure that specifies the signature method.

pCanonicalization [in]

A pointer to a CRYPT_XML_ALGORITHM structure that specifies the canonicalization method.

Return Value

If the function succeeds, the function returns zero.

If the function fails, it returns an HRESULT value that indicates the error.

Requirements

Minimum supported client	Windows 7
Minimum supported server	Windows Server 2008 R2
Header	Cryptxml.h
Library	Cryptxml.lib
DLL	Cryptxml.dll

Send comments about this topic to Microsoft

Build date: 10/2/2009