Verifying a DSS Signature

To verify a DSS signature, the DSS public key of the signer must be imported, the signed data must be hashed, and then the signature can be verified. The steps necessary for this are shown in the following procedure.

    To verify a DSS Signature

1. Call CryptAcquireContext to get a pointer to the Microsoft DSS Cryptographic Provider.
2. Call CryptImportKey to import the signer's DSS public key.
3. Call CryptCreateHash with the Algid argument set to CALG_SHA to get a pointer to an SHA hash object.
4. Call CryptHashData with the hHash argument set to the pointer retrieved in the previous step, and with pbData pointing to the signed data. This creates a hash of the data and returns a handle to the hash in the phHash argument of the CryptCreateHash function call.
5. Call CryptVerifySignature with the following settings:

   hHash. set to the handle to the hash performed in the previous step.

   pbSignature. points to the signature to be verified.

   dwSigLen. set to the length of the signature.

   hPubKey. set to the handle of the public key imported in step 2.

   dwFlags. set to zero.