PFN_CRYPT_SIGN_AND_ENCODE_HASH_FUNC callback function (wincrypt.h)
The PFN_CRYPT_SIGN_AND_ENCODE_HASH_FUNC callback function is called to sign and encode a computed hash.
Syntax
PFN_CRYPT_SIGN_AND_ENCODE_HASH_FUNC PfnCryptSignAndEncodeHashFunc;
BOOL PfnCryptSignAndEncodeHashFunc(
[in] NCRYPT_KEY_HANDLE hKey,
[in] DWORD dwCertEncodingType,
[in] PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm,
[in] void *pvDecodedSignPara,
[in] LPCWSTR pwszCNGPubKeyAlgid,
[in] LPCWSTR pwszCNGHashAlgid,
[in] BYTE *pbComputedHash,
[in] DWORD cbComputedHash,
[out] BYTE *pbSignature,
[in, out] DWORD *pcbSignature
)
{...}
Parameters
[in] hKey
A handle to the Cryptography API: Next Generation (CNG) private key to use to sign the hash.
[in] dwCertEncodingType
Specifies the type of encoding used. It is always acceptable to specify both the certificate and message encoding types by combining them with a bitwise-OR operation as shown in the following example:
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING Currently defined encoding types are:
- X509_ASN_ENCODING
- PKCS_7_ASN_ENCODING
[in] pSignatureAlgorithm
A pointer to a CRYPT_ALGORITHM_IDENTIFIER structure that contains the signature object identifier (OID) and its optional encoded parameters.
[in] pvDecodedSignPara
An optional pointer to the decoded signature parameters data structure previously returned by the PFN_CRYPT_EXTRACT_ENCODED_SIGNATURE_PARAMETERS_FUNC function.
[in] pwszCNGPubKeyAlgid
A Unicode string that contains the CNG public key algorithm identifier that corresponds to pSignatureAlgorithm->pszObjId.
[in] pwszCNGHashAlgid
A Unicode string that contains the CNG hash algorithm identifier that corresponds to pSignatureAlgorithm->pszObjId or to a hash algorithm identifier in pvDecodedSignPara.
[in] pbComputedHash
A pointer to the computed hash bytes returned by the BCryptFinishHash function that corresponds to pwszCNGHashAlgid.
[in] cbComputedHash
A value that represents the length, in bytes, of the computed hash.
[out] pbSignature
A pointer to the encoded signature bytes.
[in, out] pcbSignature
A value that represents the length, in bytes, of the encoded signature.
Return value
If the function succeeds, the function returns nonzero (TRUE).
If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.
If this callback function does not support the signature algorithm, it must return FALSE and call SetLastError with ERROR_NOT_SUPPORTED.
Remarks
You can use OID Support Functions to deploy this callback function. Wincrypt.h defines the following constant for this purpose.
| Constant | Definition |
|---|---|
| CRYPT_OID_SIGN_AND_ENCODE_HASH_FUNC | "CryptDllSignAndEncodeHash" |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | wincrypt.h |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for