The SslComputeFinishedHash function computes the hash sent in the finished message of the Secure Sockets Layer protocol (SSL) handshake. For more information about the SSL handshake sequence, see Description of the Secure Sockets Layer (SSL) Handshake.
SECURITY_STATUS WINAPI SslComputeFinishedHash( _In_ NCRYPT_PROV_HANDLE hSslProvider, _In_ NCRYPT_KEY_HANDLE hMasterKey, _In_ NCRYPT_HASH_HANDLE hHandshakeHash, _Out_ PBYTE pbOutput, _In_ DWORD cbOutput, _In_ DWORD dwFlags );
- hSslProvider [in]
The handle of the SSL protocol provider instance.
- hMasterKey [in]
The handle of the master key object.
- hHandshakeHash [in]
The handle of the hash of the handshake messages.
- pbOutput [out]
A pointer to a buffer that receives the hash for the finish message.
- cbOutput [in]
The length, in bytes, of the pbOutput buffer.
- dwFlags [in]
One of the following constants.
Specifies that this is a client call.
Specifies that this is a server call.
If the function succeeds, it returns zero.
If the function fails, it returns a nonzero error value.
One of the supplied handles is not valid.
The SslComputeFinishedHash function is one of three functions used to generate a hash to use during the SSL handshake.
- The SslCreateHandshakeHash function is called to obtain a hash handle.
- The SslHashHandshake function is called any number of times with the hash handle to add data to the hash.
- The SslComputeFinishedHash function is called with the hash handle to obtain the digest of the hashed data.
The hash value is computed by hashing the master secret with a hash of all previous handshake messages sent or received.
The value of cbOutput determines the length of the hash data. When the Transport Layer Security protocol (TLS) 1.0 protocol is used, this should always be 12 (bytes). For more information, see The TLS Protocol Version 1.0.
Minimum supported client
|Windows Vista [desktop apps only]|
Minimum supported server
|Windows Server 2008 [desktop apps only]|