PFN_CRYPT_VERIFY_ENCODED_SIGNATURE_FUNC callback function (wincrypt.h)
The PFN_CRYPT_VERIFY_ENCODED_SIGNATURE_FUNC callback function is called to decrypt an encoded signature and compare it to a computed hash.
Syntax
PFN_CRYPT_VERIFY_ENCODED_SIGNATURE_FUNC PfnCryptVerifyEncodedSignatureFunc;
BOOL PfnCryptVerifyEncodedSignatureFunc(
[in] DWORD dwCertEncodingType,
[in] PCERT_PUBLIC_KEY_INFO pPubKeyInfo,
[in] PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm,
[in, optional] void *pvDecodedSignPara,
[in] LPCWSTR pwszCNGPubKeyAlgid,
[in] LPCWSTR pwszCNGHashAlgid,
[in] BYTE *pbComputedHash,
[in] DWORD cbComputedHash,
[in] BYTE *pbSignature,
[in] DWORD cbSignature
)
{...}
Parameters
[in] dwCertEncodingType
Specifies the type of encoding used. It is always acceptable to specify both the certificate and message encoding types by combining them with a bitwise-OR operation as shown in the following example:
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING Currently defined encoding types are:
- X509_ASN_ENCODING
- PKCS_7_ASN_ENCODING
[in] pPubKeyInfo
The address of a CERT_PUBLIC_KEY_INFO structure that contains the public key to use to verify the signature. You can use this with CryptImportPublicKeyInfoEx2 to get a BCRYPT_KEY_HANDLE.
[in] pSignatureAlgorithm
A pointer to a CRYPT_ALGORITHM_IDENTIFIER structure that contains the signature object identifier (OID) and its optional encoded parameters.
[in, optional] pvDecodedSignPara
An optional pointer to the decoded signature parameters data structure previously returned by the PFN_CRYPT_EXTRACT_ENCODED_SIGNATURE_PARAMETERS_FUNC function.
[in] pwszCNGPubKeyAlgid
A Unicode string that contains the Cryptography API: Next Generation (CNG) public key algorithm identifier that corresponds to pSignatureAlgorithm->pszObjId.
[in] pwszCNGHashAlgid
A Unicode string that contains the CNG hashing algorithm identifier that corresponds to pSignatureAlgorithm->pszObjId or to a hash algorithm identifier in pvDecodedSignPara.
[in] pbComputedHash
A pointer to the computed hash bytes returned by the BCryptFinishHash function that corresponds to pwszCNGHashAlgid.
[in] cbComputedHash
A value that represents the length, in bytes, of the computed hash.
[in] pbSignature
A pointer to the encoded signature bytes.
[in] cbSignature
A value that represents the length, in bytes, of the encoded signature.
Return value
If the function succeeds, the function returns nonzero (TRUE).
If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.
If this callback function does not support the signature algorithm, it must return FALSE and call SetLastError with ERROR_NOT_SUPPORTED.
Remarks
You can use OID Support Functions to deploy this callback function. Wincrypt.h defines the following constant for this purpose.
| Constant | Definition |
|---|---|
| CRYPT_OID_VERIFY_ENCODED_SIGNATURE_FUNC | "CryptDllVerifyEncodedSignature" |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | wincrypt.h |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for