The CPSignHash function is used by applications to sign hash values.
BOOL CPSignHash(
HCRYPTPROV hProv, // in
HCRYPTHASH hHash, // in
DWORD dwKeySpec, // in
LPCWSTR sDescription, // in
DWORD dwFlags, // in
BYTE *pbSignature, // out
DWORD *pdwSigLen // in, out
);
If this parameter is NULL, then the signature operation is not performed. Instead, the required buffer size (in bytes) should be returned in pdwSigLen. This is not an error.
If the buffer specified by pbSignature is not large enough to hold the signature, the ERROR_MORE_DATA error code should be returned via the SetLastError function. In this case, the required buffer size must be returned in pdwDataLen.
If this function fails with any error code other than ERROR_MORE_DATA, zero should be returned in this parameter.
If the function succeeds, TRUE should be returned; otherwise, return FALSE. When FALSE is returned, the appropriate error code (see the following table) must be set via SetLastError.
Error | Description |
---|---|
ERROR_MORE_DATA | The pbData buffer is not large enough to hold the requested data. |
NTE_BAD_ALGID | The hHash handle specifies a hash algorithm that this function does not support. |
NTE_BAD_FLAGS | The dwFlags parameter is non-zero. |
NTE_BAD_HASH | The hash object specified by the hHash parameter is invalid. |
NTE_BAD_UID | The CSP context that was specified when the hash object was created cannot now be found. |
NTE_NO_KEY | The private key specified by dwKeySpec does not exist. |
NTE_NO_MEMORY | The CSP ran out of memory during the operation. |
Depending on the key pair that is to be used, many CSPs will ask the user directly before performing the signature operation. When this is the case, the sDescription string, if supported, should be displayed to the user so that he or she knows what is being signed.
The CPSignHash function typically performs the following steps internally:
The application should not be allowed to add more data to the hash object after it has been signed. However, the application is still responsible for calling the CPDestroyHash function.
CPCreateHash, CPHashData, CPVerifySignature, CryptSignHash