CryptHashCertificate function

Important  This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.

The CryptHashCertificate function hashes the entire encoded content of a certificate including its signature.


BOOL WINAPI CryptHashCertificate(
  _In_          HCRYPTPROV_LEGACY hCryptProv,
  _In_          ALG_ID            Algid,
  _In_          DWORD             dwFlags,
  _In_    const BYTE              *pbEncoded,
  _In_          DWORD             cbEncoded,
  _Out_         BYTE              *pbComputedHash,
  _Inout_       DWORD             *pcbComputedHash


hCryptProv [in]

This parameter is not used and should be set to NULL.

Windows Server 2003 and Windows XP:  A handle of the cryptographic service provider (CSP) to use to compute the hash.

This parameter's data type is HCRYPTPROV.

Unless there is a strong reason for passing in a specific CSP in hCryptProv, zero is passed in. Passing in zero causes the default RSA or Digital Signature Standard (DSS) provider to be acquired before doing hash, signature verification, or recipient encryption operations.

Algid [in]

An ALG_ID structure that specifies the hash algorithm to use. If Algid is zero, the default hash algorithm, SHA1, is used.

dwFlags [in]

Value to be passed to the hash API. For details, see CryptCreateHash.

pbEncoded [in]

Address of the encoded content to be hashed.

cbEncoded [in]

The size, in bytes, of the encoded content.

pbComputedHash [out]

A pointer to a buffer to receive the computed hash.

To set the size of this information for memory allocation purposes, this parameter can be NULL. For more information, see Retrieving Data of Unknown Length.

pcbComputedHash [in, out]

A pointer to a DWORD that contains the size, in bytes, of the buffer pointed to by the pbComputedHash parameter. When the function returns, the DWORD contains the number of bytes stored in the buffer.

Note  When processing the data returned in the buffer, applications need to use the actual size of the data returned. The actual size can be slightly smaller than the size of the buffer specified on input. On input, buffer sizes are usually specified large enough to ensure that the largest possible output data will fit in the buffer. On output, the variable pointed to by this parameter is updated to reflect the actual size of the data copied to the buffer.

Return value

If the function succeeds, the function returns nonzero (TRUE).

If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.

Note  Errors from the called functions CryptCreateHash, CryptGetHashParam and CryptHashData might be propagated to this function.


Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]







See also

Data Management Functions