CryptVerifyDetachedMessageSignature function (wincrypt.h)

The CryptVerifyDetachedMessageSignature function verifies a signed message containing a detached signature or signatures.

Syntax

BOOL CryptVerifyDetachedMessageSignature(
  [in]            PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara,
  [in]            DWORD                      dwSignerIndex,
  [in]            const BYTE                 *pbDetachedSignBlob,
  [in]            DWORD                      cbDetachedSignBlob,
  [in]            DWORD                      cToBeSigned,
  [in]            const BYTE * []            rgpbToBeSigned,
  [in]            DWORD []                   rgcbToBeSigned,
  [out, optional] PCCERT_CONTEXT             *ppSignerCert
);

Parameters

[in] pVerifyPara

A pointer to a CRYPT_VERIFY_MESSAGE_PARA structure containing the verification parameters.

[in] dwSignerIndex

Index of the signature to be verified. A message might have several signers and this function can be called repeatedly, changing dwSignerIndex to verify other signatures. If the function returns FALSE, and GetLastError returns CRYPT_E_NO_SIGNER, the previous call received the last signer of the message.

[in] pbDetachedSignBlob

A pointer to a BLOB containing the encoded message signatures.

[in] cbDetachedSignBlob

The size, in bytes, of the detached signature.

[in] cToBeSigned

Number of array elements in rgpbToBeSigned and rgcbToBeSigned.

[in] rgpbToBeSigned

Array of pointers to buffers containing the contents to be hashed.

[in] rgcbToBeSigned

Array of sizes, in bytes, for the content buffers pointed to in rgpbToBeSigned.

[out, optional] ppSignerCert

A pointer to a pointer to a CERT_CONTEXT structure of a signer certificate. When you have finished using the certificate context, free it by calling the CertFreeCertificateContext function. A pointer to a CERT_CONTEXT structure will not be returned if this parameter is NULL.

Return value

If the function succeeds, the return value is nonzero (TRUE).

If the function fails, the return value is zero (FALSE).

For extended error information, call GetLastError.

The following lists the error codes most commonly returned by the GetLastError function.

Return code Description
E_INVALIDARG
Invalid message and certificate encoding types. Currently only PKCS_7_ASN_ENCODING and X509_ASN_ENCODING_TYPE are supported. Invalid cbSize in *pVerifyPara.
CRYPT_E_UNEXPECTED_MSG_TYPE
Not a signed cryptographic message.
CRYPT_E_NO_SIGNER
The message does not have any signers or a signer for the specified dwSignerIndex.
NTE_BAD_ALGID
The message was hashed and signed by using an unknown or unsupported algorithm.
NTE_BAD_SIGNATURE
The message's signature was not verified.
 
Note  Errors from the called functions CryptCreateHash, CryptHashData, CryptVerifySignature, and CryptImportKey might be propagated to this function.

If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information about these errors, see ASN.1 Encoding/Decoding Return Values.

 

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Crypt32.lib
DLL Crypt32.dll

See also

CryptVerifyMessageSignature

Simplified Message Functions