MSDN Library


Windows Mobile 6.5
A version of this page is also available for

This function adds contents to a cryptographic message. The use of this function allows messages to be constructed piece by piece through repetitive calls of CryptMsgUpdate. The added message content is either encoded or decoded depending on whether the message was opened with CryptMsgOpenToEncode or CryptMsgOpenToDecode.

BOOL WINAPI CryptMsgUpdate(
  HCRYPTMSG hCryptMsg,
  const BYTE* pbData,
  DWORD cbData,
  BOOL fFinal


[in] Cryptographic message handle of the message to be updated.


[in] Pointer to the buffer holding the data to be encoded or decoded.


[in] Number of bytes of data in the pbData buffer.


[in] Indicates that the last block of data for encoding or decoding is being processed. Correct usage of this flag is dependent upon whether the message that is being processed has detached data. The inclusion of detached data in a message is indicated by setting dwFlags to CMSG_DETACHED_FLAG in the call to the function that opened the message.

If CMSG_DETACHED_FLAG was not set and the message was opened using either CryptMsgOpenToDecode or CryptMsgOpenToEncode, fFinal is set to TRUE, and CryptMsgUpdate is only called once.

If the CMSG_DETACHED_FLAG flag was set and a message is opened using CryptMsgOpenToEncode, fFinal is set to TRUE only on the last call to CryptMsgUpdate.

If the CMSG_DETACHED_FLAG flag was set and a message is opened using CryptMsgOpenToDecode, fFinal is set to TRUE when the header is processed by a single call to CryptMsgUpdate. It is set to FALSE while processing the detached data in subsequent calls to CryptMsgUpdate until the last detached data block is to be processed. On the last call to CryptMsgUpdate, it is set to TRUE.

When detached data is decoded, the header and the content of a message are contained in different BLOBs. Each BLOB requires that fFinal be set to TRUE when the last call to the function is made for that BLOB.

If the function succeeds, the return value is non-zero (TRUE).

If the function fails, the return value is zero (FALSE). For extended error information, call GetLastError.

Errors encountered in the application defined callback function specified by pStreamInfo in CryptMsgOpenToDecode and CryptMsgOpenToEncode might be propagated to CryptMsgUpdate if streaming is used. If this happens, SetLastError is not called by CryptMsgUpdate after the callback returns This preserves any errors encountered under the control of the application. It is the responsibility of the callback function (or one of the APIs that it calls) to call SetLastError if an error occurs while the application is processing the streamed data.

The following table shows the error codes most commonly returned by the GetLastError function.

Return Code Description


The message type is invalid.


An error was encountered doing a cryptographic operation.


The object identifier is badly formatted.


The message is not encoded as expected.


The cryptographic algorithm is unknown.


One or more arguments are invalid.


Ran out of memory.

Propagated errors might be encountered from any of the following functions:

If the function fails, GetLastError returns an ASN.1 encoding/decoding error.

Windows Embedded CEWindows CE 5.0 and later
Windows MobileWindows Mobile Version 5.0 and later

Community Additions

© 2016 Microsoft