CryptDecryptMessage function (wincrypt.h)
The CryptDecryptMessage function decodes and decrypts a message.
Syntax
BOOL CryptDecryptMessage(
[in] PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara,
[in] const BYTE *pbEncryptedBlob,
[in] DWORD cbEncryptedBlob,
[out, optional] BYTE *pbDecrypted,
[in, out, optional] DWORD *pcbDecrypted,
[out, optional] PCCERT_CONTEXT *ppXchgCert
);
Parameters
[in] pDecryptPara
A pointer to a CRYPT_DECRYPT_MESSAGE_PARA structure that contains decryption parameters.
[in] pbEncryptedBlob
A pointer to a buffer that contains the encoded and encrypted message to be decrypted.
[in] cbEncryptedBlob
The size, in bytes, of the encoded and encrypted message.
[out, optional] pbDecrypted
A pointer to a buffer that receives the decrypted message.
To set the size of this information for memory allocation purposes, this parameter can be NULL. A decrypted message will not be returned if this parameter is NULL. For more information, see Retrieving Data of Unknown Length.
[in, out, optional] pcbDecrypted
A pointer to a DWORD that specifies the size, in bytes, of the buffer pointed to by the pbDecrypted parameter. When the function returns, this variable contains the size, in bytes, of the decrypted message copied to pbDecrypted.
[out, optional] ppXchgCert
A pointer to a CERT_CONTEXT structure of a certificate that corresponds to the private exchange key needed to decrypt the message. To indicate that the function should not return the certificate context used to decrypt, set this parameter to NULL.
Return value
If the function succeeds, the function returns nonzero (TRUE).
If the function fails, it returns zero (FALSE). For extended error information, call GetLastError.
| Return code | Description |
|---|---|
|
If the buffer specified by the pbDecrypted parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code, and stores the required buffer size, in bytes, in the variable pointed to by pcbDecrypted. |
|
Invalid message and certificate encoding types. Currently only PKCS_7_ASN_ENCODING and X509_ASN_ENCODING_TYPE are supported. Invalid cbSize in *pDecryptPara. |
|
Not an enveloped cryptographic message. |
|
The message was encrypted by using an unknown or unsupported algorithm. |
|
No certificate was found having a private key property to use for decrypting. |
If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information about these errors, see ASN.1 Encoding/Decoding Return Values.
Remarks
When NULL is passed for pbDecrypted, and pcbDecrypted is not NULL, NULL is returned for the address passed in ppXchgCert; otherwise, a pointer to a CERT_CONTEXT is returned. For a successfully decrypted message, this pointer to a CERT_CONTEXT points to the certificate context used to decrypt the message. It must be freed by calling CertFreeCertificateContext. If the function fails, the value at ppXchgCert is set to NULL.
Examples
For an example that uses this function, see Example C Program: Using CryptEncryptMessage and CryptDecryptMessage.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Target Platform | Windows |
| Header | wincrypt.h |
| Library | Crypt32.lib |
| DLL | Crypt32.dll |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for