SslComputeClientAuthHash function
The SslComputeClientAuthHash function computes a hash to use during certificate authentication.
Syntax
SECURITY_STATUS WINAPI SslComputeClientAuthHash(
_In_ NCRYPT_PROV_HANDLE hSslProvider,
_In_ NCRYPT_KEY_HANDLE hMasterKey,
_In_ NCRYPT_HASH_HANDLE hHandshakeHash,
_In_ LPCWSTR pszAlgId,
_Out_ PBYTE pbOutput,
_In_ DWORD cbOutput,
_Out_ DWORD *pcbResult,
_In_ DWORD dwFlags
);
Parameters
-
hSslProvider [in]
-
The handle of the Secure Sockets Layer protocol (SSL) protocol provider instance.
-
hMasterKey [in]
-
The handle of the master key object.
-
hHandshakeHash [in]
-
The handle of the hash of the handshake computed so far.
-
pszAlgId [in]
-
A pointer to a null-terminated Unicode string that identifies the requested cryptographic algorithm. This can be one of the standard CNG Algorithm Identifiers or the identifier for another registered algorithm.
-
pbOutput [out]
-
The address of a buffer that receives the key BLOB. The cbOutput parameter contains the size of this buffer. If this parameter is NULL, this function will place the required size, in bytes, in the DWORD pointed to by the pcbResult parameter.
-
cbOutput [in]
-
The length, in bytes, of the pbOutput buffer.
-
pcbResult [out]
-
A pointer to a DWORD value that specifies the length, in bytes, of the hash written to the pbOutput buffer.
-
dwFlags [in]
-
This parameter is reserved for future use.
Return value
If the function succeeds, it returns zero.
If the function fails, it returns a nonzero error value.
Possible return codes include, but are not limited to, the following.
| Return code/value | Description |
|---|---|
|
One of the supplied handles is not valid. |
Remarks
The SslComputeClientAuthHash function computes the hash that is sent in the certificate verification message of the SSL handshake. The hash value is computed by creating a hash that contains the master secret with a hash of all previous handshake messages sent or received.
The manner in which the hash is computed depends on the protocol and cipher suite used. In addition, the hash depends on the type of client authentication key used; the pszAlgId parameter indicates the type of key used for client authentication.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client |
Windows Vista [desktop apps only] |
| Minimum supported server |
Windows Server 2008 [desktop apps only] |
| Header |
|
| DLL |
|
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for