Il contenuto non è disponibile nella lingua di destinazione, ma solo in inglese.

CryptDecryptAndVerifyMessageSignature function

The CryptDecryptAndVerifyMessageSignature function decrypts a message and verifies its signature.


BOOL WINAPI CryptDecryptAndVerifyMessageSignature(
  _In_              PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara,
  _In_              PCRYPT_VERIFY_MESSAGE_PARA  pVerifyPara,
  _In_              DWORD                       dwSignerIndex,
  _In_        const BYTE                        *pbEncryptedBlob,
  _In_              DWORD                       cbEncryptedBlob,
  _Out_opt_         BYTE                        *pbDecrypted,
  _Inout_opt_       DWORD                       *pcbDecrypted,
  _Out_opt_         PCCERT_CONTEXT              *ppXchgCert,
  _Out_opt_         PCCERT_CONTEXT              *ppSignerCert


pDecryptPara [in]

A pointer to a CRYPT_DECRYPT_MESSAGE_PARA structure that contains decryption parameters.

pVerifyPara [in]

A pointer to a CRYPT_VERIFY_MESSAGE_PARA structure that contains verification parameters.

dwSignerIndex [in]

Identifies a particular signer of the message. A message can be signed by more than one signer and this function can be called multiple times changing this parameter to check for several signers. It is set to zero for the first signer. If the function returns FALSE, and GetLastError returns CRYPT_E_NO_SIGNER, the previous call received the last signer of the message.

pbEncryptedBlob [in]

A pointer to the signed, encoded, and encrypted message to be decrypted and verified.

cbEncryptedBlob [in]

The size, in bytes, of the encrypted message.

pbDecrypted [out, optional]

A pointer to a buffer to receive the decrypted message.

This parameter can be NULL if the decrypted message is not required or to set the size of the decrypted message for memory allocation purposes. A decrypted message will not be returned if this parameter is NULL. For more information, see Retrieving Data of Unknown Length.

pcbDecrypted [in, out, optional]

A pointer to a DWORD that specifies the size, in bytes, of the buffer pointed to by the pbDecrypted parameter. When the function returns, it contains the size of the decrypted message copied to pbDecrypted.

Note  When processing the data returned in the pbDecrypted buffer, applications must use the actual size of the data returned. The actual size can be slightly smaller than the size of the buffer specified in pcbDecrypted on input. On output, the variable pointed to by this parameter is set to reflect the actual size of the data copied to the buffer.
ppXchgCert [out, optional]

A pointer to a CERT_CONTEXT structure of the certificate that corresponds to the private exchange key needed to decrypt the message.

ppSignerCert [out, optional]

A pointer to a CERT_CONTEXT structure of the certificate of the signer.

Return value

If the function succeeds, the function returns nonzero (TRUE).

If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.

Note  Errors from the called functions CryptDecryptMessage and CryptVerifyMessageSignature might be propagated to this function.

The GetLastError function returns the following error code most often.

Return codeDescription

If the buffer specified by the pbDecrypted parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code, and stores the required buffer size, in bytes, in the variable pointed to by pcbDecrypted.



For a successfully decrypted and verified message, the certificate context pointers pointed to by ppXchgCert and ppSignerCert are updated. They must be freed by calling CertFreeCertificateContext. If the function fails, they are set to NULL.

To indicate that the caller is not interested in the exchange certificate or the signer certificate context, set the ppXchgCert and ppSignerCert parameters to NULL.


For an example that uses this function, see Example C Program: Sending and Receiving a Signed and Encrypted Message.


Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]







See also

Simplified Message Functions