|
Overview |
|
|
|
Group |
|
|
|
Quick Info
Windows NT
| Yes
| Win95
| OSR2
| Win32s
| No
| Import Library
| advapi32.lib
| Header File
| wincrypt.h
| Unicode
| WinNT
| Platform Notes
| None
|
|
|
CryptVerifySignature
[New - Windows NT]
[New - Windows 95, OEM Service Release 2]
The CryptVerifySignature function is used to verify a signature against a hash object.
Before calling this function, the CryptCreateHash function must be called to get a handle to a hash object. The CryptHashData and/or CryptHashSessionKey functions are then used to add the data and/or session keys to the hash
object.
Once this function has been completed, the only hash function that can be
called using the hHash handle is the CryptDestroyHash function.
BOOL CRYPTFUNC CryptVerifySignature(
HCRYPTHASH hHash,
|
| BYTE *pbSignature,
|
| DWORD dwSigLen,
|
| HCRYPTKEY hPubKey,
|
| LPCTSTR sDescription,
|
| DWORD dwFlags
|
| );
|
|
Parameters
hHash
[in] A handle to the hash object to verify against.
pbSignature
[in] The address of the signature data to be verified.
dwSigLen
[in] The number of bytes in the pbSignature signature data.
hPubKey
[in] A handle to the public key to use to authenticate the signature. This
public key must belong to the key pair that was originally used to create the
digital signature.
sDescription
[in] String describing the signed data. This must be exactly the same string
that was passed in to the CryptSignHash function when the signature was created. If this string does not match, the
signature verification will fail.
When this function is called, some CSPs (not the Microsoft RSA Base Provider)
will display this description string to the user, together with an indication
of whether the signature verified correctly. This provides the user with the
verification results in a way that is completely independent of the application.
dwFlags
[in] The flag values. This parameter is reserved for future use and should
always be zero.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To retrieve extended error
information, use the GetLastError function.
The following table lists the error codes most commonly returned by the GetLastError function. The error codes prefaced by "NTE" are generated by the particular
CSP you are using.
| Description
| ERROR_INVALID_HANDLE
| One of the parameters specifies an invalid handle.
| ERROR_INVALID_PARAMETER
| One of the parameters contains an invalid value. This is most often an illegal
pointer.
| NTE_BAD_FLAGS
| The dwFlags parameter is nonzero.
| NTE_BAD_HASH
| The hash object specified by the hHash parameter is invalid.
| NTE_BAD_KEY
| The hPubKey parameter does not contain a handle to a valid public key.
| NTE_BAD_SIGNATURE
| The signature failed to verify. This could be because the data itself has
changed, the description string did not match, or the wrong public key was
specified by hPubKey.
This error can also be returned if the hashing or signature algorithms do not
match the ones used to create the signature.
| NTE_BAD_UID
| The CSP context that was specified when the hash object was created cannot be
found.
| NTE_NO_MEMORY
| The CSP ran out of memory during the operation.
|
Example
#include <wincrypt.h>
HCRYPTPROV hProv = 0;
#define BUFFER_SIZE 256
BYTE pbBuffer[BUFFER_SIZE];
HCRYPTHASH hHash = 0;
HCRYPTKEY hPubKey = 0;
BYTE *pbSignature = NULL;
DWORD dwSigLen;
LPTSTR szDescription = NULL;
// Get handle to the default provider.
if(!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0)) {
printf("Error %x during CryptAcquireContext!\n", GetLastError());
goto done;
}
// Load 'pbBuffer' with 'BUFFER_SIZE' bytes of test data. This must
// be the same data that was originally signed.
...
// Point 'pbSignature' at the signature created by a previous call
// to CryptSignHash. Set 'dwSigLen' to the number of bytes in the
// signature.
...
// Point 'szDescription' at some text describing the data being
// signed. This must be the same description text that was originally
// passed to CryptSignHash.
...
// Get public key of the user that created the digital signature
// and import it into the CSP using CryptImportKey. This will return
// a handle to the public key in 'hPubKey'.
...
// Create hash object.
if(!CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) {
printf("Error %x during CryptCreateHash!\n", GetLastError());
goto done;
}
// Hash buffer.
if(!CryptHashData(hHash, pbBuffer, BUFFER_SIZE, 0)) {
printf("Error %x during CryptHashData!\n", GetLastError());
goto done;
}
// Validate digital signature.
if(!CryptVerifySignature(hHash, pbSignature, dwSigLen, hPubKey, szDescription,
0)) {
if(GetLastError() == NTE_BAD_SIGNATURE) {
printf("Signature failed to validate!\n");
} else {
printf("Error %x during CryptSignHash!\n", GetLastError());
}
} else {
printf("Signature validated OK\n");
}
done:
...
// Release public key.
if(hPubKey != 0) CryptDestroyKey(hPubKey);
// Destroy hash object.
if(hHash != 0) CryptDestroyHash(hHash);
// Release provider handle.
if(hProv != 0) CryptReleaseContext(hProv, 0);
See Also
CryptCreateHash, CryptDestroyHash, CryptHashData, CryptHashSessionKey, CryptSignHash
| Last news from Greatis Software |
 |
|
Nostalgia .Net |
|
.Net is powerful, but not all-powerful, so sometimes we need to use Win32 API for our .Net applications. It's simple enough with Platform Invoke if you have Win32 skill, but we do not always have time to dig the ancient documentation, declare the special types that are compatible with Win32, find the values of the Win32's constants and so on. Nostalgia .Net offers several simple-to-use classes, and components that will allow you to forget about the headache of Win32 and just use the power of Win32 in your application the same way as you use the native. Net classes. More » |
| Recommended software for developers |
 |
|
Ultimate Pack |
|
Component pack for Delphi and C++ Builder that contains runtime form designer, runtime object inspector, print suite and much more for the very special price. More » |
 |
|
Form Designer .Net |
|
Unique runtime form design solution that allows to edit any form in .Net WinForms application at runtime with full source codes for only 300 euro! More » |
 |
|
Print Suite .Net |
|
Print Suite .Net is a set of components for easy printing texts, images and grids from your WinForms applications. Full C# source codes are available More » |
 |
|
Gradient Controls .Net |
|
Gradient Controls .Net offers controls with gradient background feature. Labels, panels and so on... Full C# source codes are available More » |
 |
|
Greatis iGrid |
|
iGrid plots drawing grid right over your desktop, so you can use it everywhere, with any drawing application without any special plugins for different graphic editors. More » |
All the contacts and projectsDmitry Vasiliev (just.dmitry)
Related LinksSoftware for Visual Studio .NET developers
Software for Delphi and C++ Builder developers
Software for Visual Basic 6 developers
Delphi Tips&Tricks
MegaDetailed.NET More Online Helps Win32 Programmer's Reference
Win32 Multimedia Programmer's Reference
OLE Programmer's Reference
Microsoft Windows Pen API Programmer's Reference
Microsoft Windows Sockets 2 Reference
Microsoft Windows Telephony API (TAPI) Programmer's Reference
Unix Manual Pages
|
