CryptSignCertificate
This function signs the "to be signed" information in the encoded signed content.
BOOL WINAPI CryptSignCertificate(
HCRYPTPROV hCryptProv,
DWORD dwKeySpec,
DWORD dwCertEncodingType,
const BYTE *pbEncodedToBeSigned,
DWORD cbEncodedToBeSigned,
PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm,
const void *pvHashAuxInfo,
BYTE *pbSignature,
DWORD *pcbSignature
);
Parameters
hCryptProv
[in] Handle of the CSP that does the signature. This handle must have already been created using the CryptAcquireContext function.dwKeySpec
[in] Identifies the private key to be used from the provider's container. It can be AT_KEYEXCHANGE or AT_SIGNATURE.dwCertEncodingType
[in] Specifies the encoding type used. Currently, only X509_ASN_ENCODING is used; however, additional encoding types may be added in the future.pbEncodedToBeSigned
[in] Pointer to the encoded content to be signed.cbEncodedToBeSigned
[in] Size, in bytes, of the encoded content, pbEncodedToBeSigned.pSignatureAlgorithm
[in] Pointer to a CRYPT_ALGORITHM_IDENTIFIER structure with a pszObjId member set to one of the following:szOID_RSA_MD5RSA
szOID_RSA_SHA1RSA
szOID_X957_SHA1DSA
pvHashAuxInfo
[in] Not currently used. Must be NULL.pbSignature
[out] Pointer to a buffer to receive the signed hash of the content. This parameter can be NULL to set the size of this information for memory allocation purposes.pcbSignature
[in/out] Pointer to a DWORD that contains the size, in bytes, of the buffer pointed to by the pbSignature parameter. When the function returns, the DWORD contains the number of bytes stored or to be stored in the buffer.Note When processing the data returned in the buffer, applications need to use the actual size of the data returned. The actual size can be slightly smaller than the size of the buffer specified on input. (On input, buffer sizes are usually specified large enough to ensure that the largest possible output data will fit in the buffer.) On output, the variable pointed to by this parameter is updated to reflect the actual size of the data copied to the buffer.
Return Values
If the function succeeds, the return value is nonzero (TRUE).
If the function fails, the return value is zero (FALSE).
For extended error information, call the GetLastError function.
Note Errors from the called CryptCreateHash, CryptSignHash, and CryptHashData functions might be propagated to this function.
The following table shows the error codes for this function.
Error code | Description |
---|---|
ERROR_MORE_DATA | If the buffer specified by the pbSignature parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code and stores the required buffer size, in bytes, into the variable pointed to by the pcbSignature parameter. |
NTE_BAD_ALGID | The signature algorithm's object identifier doesn't map to a known or supported hash algorithm. |
Remarks
The desktop platform supports the PKCS_7_ASN_ENCODING flag, but Windows CE does not. Windows CE ignores the flag when it is specified.
Requirements
Runs on | Versions | Defined in | Include | Link to |
---|---|---|---|---|
Windows CE OS | 3.0 or later | Wincrypt.h | Crypt32.lib |
Note This API is part of the complete Windows CE OS package as provided by Microsoft. The functionality of a particular platform is determined by the original equipment manufacturer (OEM) and some devices may not support this API.
See Also
CryptAcquireContext, CryptCreateHash, CryptHashData, CryptSignAndEncodeCertificate, CryptSignHash, CRYPT_ALGORITHM_IDENTIFIER
Last updated on Tuesday, July 13, 2004
© 1992-2000 Microsoft Corporation. All rights reserved.