See Also
 Important: |
|---|
| This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
This function verifies the signature of a certificate, certificate revocation list (CRL), or certificate request by using the public key in a CERT_PUBLIC_KEY_INFO structure. The function does not require access to a private key.
Syntax
BOOL WINAPI CryptVerifyCertificateSignature( HCRYPTPROV hCryptProv, DWORD dwCertEncodingType, BYTE* pbEncoded, DWORD cbEncoded, PCERT_PUBLIC_KEY_INFO pPublicKey ); |
Parameters
- hCryptProv
-
[in] A handle to the cryptographic service provider (CSP) used to verify the signature.
NULL is passed unless there is a strong reason for passing in a specific cryptographic provider. Passing in NULL causes the default RSA or DSS provider to be acquired.
- dwCertEncodingType
-
[in] The certificate encoding type that was used to encrypt the subject. The message encoding type identifier, contained in the high WORD of this value, is ignored by this function.
This parameter can be the following currently defined certificate encoding type.
Value Meaning X509_ASN_ENCODING
1
0x1
Specifies X.509 certificate encoding.
- pbEncoded
-
[in] A pointer to an encoded BLOB of CERT_SIGNED_CONTENT_INFO content on which the signature is to be verified.
- cbEncoded
-
[in] The size, in bytes, of the encoded content in pbEncoded.
- pPublicKey
-
[in] A pointer to a CERT_PUBLIC_KEY_INFO structure that contains the public key to use when verifying the signature.
Return Value
Returns nonzero if successful or zero otherwise.
For extended error information, call GetLastError.
 Note: |
|---|
| Errors from the called functions CryptCreateHash, CryptImportKey, CryptVerifySignature, and CryptHashDatamay be propagated to this function. |
On failure, this function will cause the following error codes to be returned from GetLastError.
| Return code | Description |
|---|---|
|
ERROR_FILE_NOT_FOUND |
Invalid certificate encoding type. Currently only X509_ASN_ENCODING is supported. |
|
NTE_BAD_ALGID |
The signature algorithm's object identifier (OID) does not map to a known or supported hash algorithm. |
|
NTE_BAD_SIGNATURE |
The signature was not valid. |
If the function fails, GetLastErrormay return an ASN.1 encoding/decoding error.
Requirements
| Header | wincrypt.h |
| Library | coredll.lib |
| Windows Embedded CE | Windows CE 2.10 and later |
| Windows Mobile | Windows Mobile Version 5.0 and later |