The MakeSignature function generates a cryptographic checksum of the message, and also includes sequencing information to prevent message loss or insertion. MakeSignature allows the application to choose between several cryptographic algorithms, if supported by the chosen mechanism. The MakeSignature function uses the security context referenced by the context handle.
SECURITY_STATUS MakeSignature(
PCtxtHandle phContext, // context to use
ULONG fQOP, // quality of protection
PSecBufferDesc pMessage, // message to sign
ULONG MessageSeqNo // message sequence number
);
The SecBufferDesc structure also references a SecBuffer structure of type SECBUFFER_TOKEN that receives the signature.
If the function succeeds, the return value is SEC_E_OK.
If the function fails, the return value is a nonzero error code.
The MakeSignature function generates a signature that is based on the message and the session key for the context.
If the transport application created the security context to support sequence detection and the caller provides a sequence number, the function includes this information in the signature. This protects against reply, insertion, and suppression of messages. The security package will incorporate the sequence number passed down from the transport application.