Verifying Signed Messages By Using CTLs

One of the advantages of using CTLs is that applications can be designed that can automatically verify signed messages against trusted certificates without bothering the user with dialog boxes. It also gives some control to a network administrator as to what sources should be trusted. The following procedure could be used to verify the signature of a signed message by using a CTL.

    To verify a signed message by using a CTL
  1. Decode the message.
    1. Get a pointer to the received message (the encoded blob).
    2. Call CryptMsgOpenToDecode, passing the necessary arguments.
    3. Call CryptMsgUpdate once, passing in the handle retrieved in step 2, and a pointer to the data that is to be decoded. This causes the appropriate actions to be taken on the message, depending on the message type.
  2. Verify the signature of the decoded, signed message, and get a pointer to the signer's CERT_CONTEXT.

    This can be done by calling CryptMsgGetAndVerifySigner, passing the message handle retrieved in step 1.c in the hCryptMsg argument. If the function call returns TRUE, then the signature was verified, and a pointer to the signer's PCERT_CONTEXT is returned in the ppSigner parameter.

  3. Confirm that the signer is a trusted source.
    1. Open the certificate store containing the appropriate CTL.
    2. Get a pointer to the CTL_CONTEXT by calling CertFindCTLInStore.
    3. To confirm that the signer is a trusted source, call CertFindSubjectInCTL, passing the pointer retrieved in the previous step in the pCtlContext argument, CTL_CERT_SUBJECT_TYPE in the dwSubjectType argument, and the pointer to the CERT_CONTEXT retrieved in step 2.a in the pvSubject argument. If the function call returns TRUE, the CERT_CONTEXT passed to the function is a trusted source in the CTL.