CertIsStrongHashToSign function
Determines whether the specified hash algorithm and the public key in the signing certificate can be used to perform strong signing.
Syntax
BOOL WINAPI CertIsStrongHashToSign( _In_ PCCERT_STRONG_SIGN_PARA pStrongSignPara, _In_ LPCWSTR pwszCNGHashAlgid, _In_opt_ PCCERT_CONTEXT pSigningCert );
Parameters
- pStrongSignPara [in]
-
Pointer to a CERT_STRONG_SIGN_PARA structure that contains information about supported signing and hashing algorithms.
- pwszCNGHashAlgid [in]
-
Pointer to a Unicode string that contains the name of the hashing algorithm. The following algorithms are supported:
- L"MD5" (BCRYPT_MD5_ALGORITHM)
- L"SHA1" (BCRYPT_SHA1_ALGORITHM)
- L"SHA256" (BCRYPT_SHA256_ALGORITHM)
- L"SHA256" (BCRYPT_SHA256_ALGORITHM)
- L"SHA512" (BCRYPT_SHA512_ALGORITHM)
- pSigningCert [in, optional]
-
Pointer to a CERT_CONTEXT structure that contains the signing certificate. The public key algorithm in the signing certificate is checked for strength. The public key (asymmetric) algorithm is used for signing. The following signature algorithms are supported:
- L"RSA" (BCRYPT_RSA_ALGORITHM)
- L"DSA" (BCRYPT_DSA_ALGORITHM)
- L"ECDSA" (SSL_ECDSA_ALGORITHM)
This parameter can be NULL if you want to check only whether the hashing algorithm is strong.
Return value
If the function succeeds, the function returns TRUE.
If the function fails, it returns FALSE. For extended error information, call GetLastError. This function has the following error codes.
| Return code | Description |
|---|---|
|
One or more of the input arguments is not correct. |
|
A specified algorithm is not supported. |
Requirements
|
Minimum supported client |
Windows 8 [desktop apps only] |
|---|---|
|
Minimum supported server |
Windows Server 2012 [desktop apps only] |
|
Header |
|
|
Library |
|
|
DLL |
|
See also