Edit

CryptXmlSign function (cryptxml.h)

  • Article

The CryptXmlSign function creates a cryptographic signature of a SignedInfo element.

Syntax

HRESULT CryptXmlSign(
  [in]           HCRYPTXML                       hSignature,
  [in, optional] HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hKey,
                 DWORD                           dwKeySpec,
                 DWORD                           dwFlags,
                 CRYPT_XML_KEYINFO_SPEC          dwKeyInfoSpec,
  [in, optional] const void                      *pvKeyInfoSpec,
  [in]           const CRYPT_XML_ALGORITHM       *pSignatureMethod,
  [in]           const CRYPT_XML_ALGORITHM       *pCanonicalization
);

Parameters

[in] hSignature

The handle to a CRYPT_XML_SIGNATURE structure.

[in, optional] hKey

The handle of a private key used to sign the SignedInfo element. This parameter must be NULL for HMAC-based signature algorithms.

dwKeySpec

A DWORD value that specifies the key type. This parameter can be one of the following values.

Value Meaning
AT_KEYEXCHANGE
1
 The key pair is a key exchange pair.
AT_SIGNATURE
2
 The key pair is a signature pair.
CERT_NCRYPT_KEY_SPEC
0xFFFFFFFF
 The key is a Cryptography API: Next Generation (CNG) key.

dwFlags

A DWORD value that controls how the data is signed. This parameter can be one of the following values.

Value Meaning
CRYPT_XML_SIGN_ADD_KEYVALUE
0x00000001
 Populate the KeyValue element from the handle specified in the hKey parameter.
Important  The CRYPT_XML_SIGN_ADD_KEYVALUE flag cannot be used when the dwKeyInfoSpec parameter is set to CRYPT_XML_KEYINFO_SPEC_ENCODED.
 
CRYPT_XML_FLAG_DISABLE_EXTENSIONS
0x10000000
 Only default implementations for the signature and digest are used. When this flag is set, no other registered extensions are loaded.

dwKeyInfoSpec

The type of data structure pointed to by the pvKeyInfoSpec parameter. Here are some possible combinations.

dwKeyInfec pvKeyInfoSpec
CRYPT_XML_KEYINFO_SPEC_NONE Is set to NULL
CRYPT_XML_KEYINFO_SPEC_ENCODED Points to a CRYPT_XML_BLOB structure
CRYPT_XML_KEYINFO_SPEC_PARAM Points to a CRYPT_XML_KEYINFO_PARAM structure

[in, optional] pvKeyInfoSpec

A pointer to a structure, the type of which is determined by the value of the dwKeyInfoSpec parameter.

[in] pSignatureMethod

A pointer to a CRYPT_XML_ALGORITHM structure that specifies the signature method.

[in] pCanonicalization

A pointer to a CRYPT_XML_ALGORITHM structure that specifies the canonicalization method.

Return value

If the function succeeds, the function returns zero.

If the function fails, it returns an HRESULT value that indicates the error.

Remarks

If a certificate cannot be found CryptXmlSign will create a UI for certificate selection. If this window is generated from a process running in session 0, the application may unexpectedly terminate.

Requirements

Requirement Value
Minimum supported client Windows 7 [desktop apps only]
Minimum supported server Windows Server 2008 R2 [desktop apps only]
Target Platform Windows
Header cryptxml.h
Library Cryptxml.lib
DLL Cryptxml.dll