CryptMsgEncodeAndSignCTL function

The CryptMsgEncodeAndSignCTL function encodes a CTL and creates a signed message containing the encoded CTL.

This function first encodes the CTL pointed to by pCtlInfo and then calls CryptMsgSignCTL to sign the encoded message.

Syntax

BOOL CryptMsgEncodeAndSignCTL(
  DWORD                    dwMsgEncodingType,
  PCTL_INFO                pCtlInfo,
  PCMSG_SIGNED_ENCODE_INFO pSignInfo,
  DWORD                    dwFlags,
  BYTE                     *pbEncoded,
  DWORD                    *pcbEncoded
);

Parameters

dwMsgEncodingType

Specifies the encoding type used. It is always acceptable to specify both the certificate and message encoding types by combining them with a bitwise-OR operation as shown in the following example:

X509_ASN_ENCODING | PKCS_7_ASN_ENCODING

Currently defined encoding types are:

  • X509_ASN_ENCODING
  • PKCS_7_ASN_ENCODING

pCtlInfo

A pointer to the CTL_INFO structure containing the CTL to be encoded and signed.

pSignInfo

A pointer to a CMSG_SIGNED_ENCODE_INFO structure that contains an array of a CMSG_SIGNER_ENCODE_INFO structures.

The message can be encoded without signers if the cbSize member of the structure is set to the size of the structure and all of the other members are set to zero.

dwFlags

CMSG_ENCODE_SORTED_CTL_FLAG is set if the CTL entries are to be sorted before encoding. This flag is set if the CertFindSubjectInSortedCTL or CertEnumSubjectInSortedCTL functions will be called.

CMSG_ENCODE_HASHED_SUBJECT_IDENTIFIER_FLAG is set if CMSG_ENCODE_SORTED_CTL_FLAG is set, and the identifier for the TrustedSubjects is a hash, such as MD5 or SHA1.

If CMS_PKCS7 is defined, dwFlags can be set to CMSG_CMS_ENCAPSULATED_CTL_FLAG to encode a CMS compatible V3 SignedData message.

pbEncoded

A pointer to a buffer that receives the encoded, signed message created.

This parameter can be NULL to set the size of this information for memory allocation purposes. For more information, see Retrieving Data of Unknown Length.

pcbEncoded

A pointer to a DWORD that specifies the size, in bytes, of the pbEncoded buffer. When the function returns, the DWORD contains the number of bytes stored or to be stored in the buffer.

Return Value

If the function succeeds, the return value is nonzero (TRUE).

If the function fails, the return value is zero (FALSE). To get extended error information, call GetLastError. Errors can be propagated from calls to CryptMsgOpenToEncode and CryptMsgUpdate.

Requirements

   
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Crypt32.lib
DLL Crypt32.dll

See Also

CMSG_SIGNED_ENCODE_INFO

CTL_INFO

CertEnumSubjectInSortedCTL

CertFindSubjectInSortedCTL

CryptMsgOpenToEncode

CryptMsgSignCTL

Verification Functions Using CTLs