CryptSignMessage

The CryptSignMessage function creates a hash of the specified content, signs the hash, and then encodes both the original content and the signed hash (message).

#include <wincrypt.h>
BOOL WINAPI CryptSignMessage(
  PCRYPT_SIGN_MESSAGE_PARA pSignPara, // in
  BOOL fDetachedSignature,            // in
  DWORD cToBeSigned,                  // in
  const BYTE *rgpbToBeSigned[ ],      // in
  DWORD rgcbToBeSigned[ ],            // in
  BYTE *pbSignedBlob,                 // out
  DWORD *pcbSignedBlob                // in/out
);

Parameters

pSignPara
Pointer to the signature parameters. For details, see Simplified Message Data Structures.
fDetachedSignature
TRUE if this is to be a detached signature. Otherwise it should be set to FALSE. If this parameter is set to TRUE, only the signed hash is encoded in pbSignedBlob. Otherwise, both rgpbToBeSigned[] and the signed hash are encoded.
cToBeSigned
Count of the number of array elements in rgpbToBeSigned[] and rgcbToBeSigned[]. This parameter must be set to one (1) unless fDetachedSignature is set to TRUE.
rgpbToBeSigned[]
Array of pointers that point to the contents to be signed.
rgcbToBeSigned[]
Array of sizes, in bytes, of the contents pointed to in rgpbToBeSigned[].
pbSignedBlob
Pointer to a buffer that receives only the encoded signed hash if fDetachedSignature is TRUE, or receives both the encoded content and signed hash if fDetachedSignature is FALSE.

This parameter can be NULL to set the size of this information for memory allocation purposes. For more information, see Common In/Out Parameter Conventions.

pcbSignedBlob
Pointer to a variable that specifies the size, in bytes, of the buffer pointed to by the pbSignedBlob parameter. When the function returns, this variable contains the size, in bytes, of the signed and encoded message copied to *pbSignedBlob.

Note that when processing the data returned in the buffer, applications need to use the actual size of the data returned. The actual size may be slightly smaller than the size of the buffer specified on input. (On input, buffer sizes are usually specified large enough to insure that the largest possible output data will fit in the buffer.) On output, the variable pointed to by this parameter is updated to reflect the actual size of the data copied to the buffer.

Return Values

TRUE if the function succeeded. FALSE if the function failed.

Call GetLastError to see the reason for any failures. Note that errors from the called functions CryptCreateHash, CryptHashData, and CryptSignHash may be propagated to this function. This function has the following error codes.

Error code Description
ERROR_MORE_DATA If the buffer specified by the pbSignedBlob parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code, and stores the required buffer size, in bytes, into the variable pointed to by pcbSignedBlob.
E_INVALIDARG Invalid message encoding type. Currently only PKCS_7_ASN_ENCODING is supported. Invalid cbSize in *pSignPara.
CRYPT_E_NO_KEY_PROPERTY The pSigningCert in *pSignPara doesn't have a CERT_KEY_PROV_INFO_PROP_ID or CERT_KEY_CONTEXT_PROP_ID property.
CRYPT_E_OSS_ERROR Message ASN.1 encoding error. Note, to get the OSS error subtract CRYPT_E_OSS_ERROR from the returned error and see asn1code.h for details on the error.

Example

See Example Code Using CryptSignMessage.

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
  Windows: Requires Windows 98 (or Windows 95 with IE 3.02 or later).
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.

See Also

CryptSignAndEncryptMessage