Verifying Signed Messages by Using CTLs
One of the advantages of using certificate trust lists (CTLs) is that applications can be designed that can automatically verify signed messages against trusted certificates without bothering the user with dialog boxes. It also gives a network administrator control sources to be trusted.
The following procedure can be used to verify the signature of a signed message by using a CTL.
To verify a signed message by using a CTL
Decode the message as follows:
- Get a pointer to the received message (the encoded BLOB).
- Call CryptMsgOpenToDecode, passing the necessary arguments.
- Call CryptMsgUpdate once, passing in the handle retrieved in step b and a pointer to the data that is to be decoded. This causes the appropriate actions to be taken on the message, depending on the message type.
Verify the signature of the decoded, signed message, and get a pointer to the signer's CERT_CONTEXT.
This can be done by calling CryptMsgGetAndVerifySigner, passing the message handle retrieved in step 1c as the hCryptMsg parameter. If the function call returns TRUE, the signature was verified, and a pointer to the signer's PCCERT_CONTEXT is returned in the ppSigner parameter.
Confirm that the signer is a trusted source as follows:
- Open the certificate store containing the appropriate CTL.
- Get a pointer to the CTL_CONTEXT by calling CertFindCTLInStore.
- To confirm that the signer is a trusted source, call CertFindSubjectInCTL, passing the pointer retrieved in the previous step in the pCtlContext parameter, CTL_CERT_SUBJECT_TYPE in the dwSubjectType parameter, and the pointer to the CERT_CONTEXT retrieved in step 2 in the pvSubject parameter. If the function call returns TRUE, the CERT_CONTEXT passed to the function is a trusted source in the CTL.