CryptMsgGetAndVerifySigner

The CryptMsgGetAndVerifySigner function gets and verifies the signer of a cryptographic message.

#include <wincrypt.h>
BOOL WINAPI CryptMsgGetAndVerifySigner(
  HCRYPTMSG hCryptMsg,          // in
  DWORD cSignerStore,           // in
  HCERTSTORE *rghSignerStore,   // in, optional
  DWORD dwFlags,                // in
  PCCERT_CONTEXT *ppSigner,     // out,  optional
  DWORD pdwSignerIndex          // in/out, optional
);
 

Parameters

hCryptMsg

A handle to a cryptographic message.

cSignerStore

The count of stores in rghSignerStore.

rghSignerStore

The array of signer stores.

dwFlags

If CMSG_TRUSTED_SIGNER_FLAG is set, then, treat the signer stores in rghSignerStore as being trusted and only search them to find the certificate corresponding to the signer's issuer and serial number. Otherwise, the signer stores are optionally provided to supplement the message's store of certificates. If a signer certificate is found, its public key is used to verify the message signature.

The CMSG_SIGNER_ONLY_FLAG can be set to return the signer without doing the signature verification.

If CMSG_USE_SIGNER_INDEX_FLAG is set, then, only get the signer specified by *pdwSignerIndex. Otherwise, iterate through all the signers until a signer verifies or until there are no more signers.

ppSigner

See the Remarks below.

pdwSignerIndex

See the Remarks below.

Return Values

If the function fails, the return value is FALSE (zero). If it succeeds, the return value is TRUE (non-zero).

To retrieve extended error information, use the GetLastError function.

Remarks

For a verified signature, *ppSigner is updated with the certificate context of the signer and *pdwSignerIndex is updated with the index of the signer. ppSigner and/or pdwSignerIndex can be NULL, indicating the caller isn't interested in getting the certificate context and/or index of the signer.

Example

// EXAMPLE CODE FOR USING CryptMsgGetAndVerifySigner().
// Gets and verifies the cryptographic message.
// Assume that the handle to the crypt message (hCryptMsg)
// and the pointer to the array of signer stores
// (rghSignerStore) have already been defined.

// Set up the variables.
HCRYPTMSG hCryptMsg;             // A handle to the crypt message
DWORD cSignerStore = 128;        // # of stores in SignerStore
HCERTSTORE *rghSignerStore;      // Array of signer rghstores
DWORD dwFlags = CMSG_TRUSTED_SIGNER_FLAG;
                                 // Flag value
PCCERT_CONTEXT *ppSigner = NULL; // Pointer to a certificate context pointer
DWORD *pdwSignerIndex;           // Pointer to the signer index
BOOL fResult;                    // Return TRUE if function succeeds
                                 //   FALSE if function fails

// Function call to get and verify the signer
// of a cryptographic message
fResult= CryptMsgGetAndVerifySigner(
           hCryptMsg,          // in
           cSignerStore,       // in
           rghSignerStore,     // in
           dwFlags,            // in
           ppSigner,           // out
           pdwSignerIndex = NULL);
                               // in/out or set to NULL to indicate no
                               //   interest in getting signer index

if (!fResult){
  cout<< "Call to CryptMsgGetAndVerifySigner failed"<< endl
      << "error code = "<< GetLastError()<< endl;
}
else {
  cout<< "Call to CryptMsgGetAndVerifySigner successful"<< endl
      << "Flag value = "<< dwFlags<< endl
      << "Pointer to the signer of certificate context = "<< &ppSigner<< endl
      << "Index of the signer = "<< &pdwSignerIndex<< endl;
}
 

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
  Windows: Requires Windows 98 (or Windows 95 with IE 3.02 or later).
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.

See Also

CERT_CONTEXT, CTL_CONTEXT, CryptMsgOpenToDecode, CryptMsgControl