Validates a specified package signature using a specified certificate.
HRESULT Validate( [in] IOpcDigitalSignature *signature, [in] const CERT_CONTEXT *certificate, [out, retval] OPC_SIGNATURE_VALIDATION_RESULT *validationResult );
- signature [in]
An IOpcDigitalSignature interface pointer that represents the signature to be validated.
- certificate [in]
A pointer to a CERT_CONTEXT structure that contains a certificate that is used to validate the signature.
- validationResult [out, retval]
A value that describes the result of the validation check.
The method returns an HRESULT. Possible values include, but are not limited to, those in the following table.
The method succeeded.
At least one of the signature, certificate, and validationResult parameters is NULL.
This method does not perform security checks on an X.509 Public Key Infrastructure Certificate; the caller must perform the checks for revocation, expiration, certificate chain, and all other necessary checks.
This method checks that the specified signature (signed entities and the signature markup) has not been altered since the signature was generated, but does not validate the identity of the signer.
Important The caller must validate the identity of the signer.
If there are errors in a package signature, some of these errors may not be exposed until this method is called.
Packaging objects are not thread-safe.
For more information, see the Getting Started with the Packaging API.
Minimum supported client
|Windows 7 [desktop apps only]|
Minimum supported server
|Windows Server 2008 R2 [desktop apps only]|
- Digital Certificates
- Digital Signatures Overview
- Getting Started with the Packaging API
- Packaging API Programming Guide
- Core Packaging Interfaces
- Packaging Digital Signature Interfaces
- Packaging Interfaces
- Packaging API Reference
- Packaging API Samples
Build date: 10/27/2012