IOpcDigitalSignatureManager::Validate method (msopc.h)

Article
02/22/2024

Validates a specified package signature using a specified certificate.

Syntax

HRESULT Validate(
  [in]          IOpcDigitalSignature            *signature,
  [in]          const CERT_CONTEXT              *certificate,
  [out, retval] OPC_SIGNATURE_VALIDATION_RESULT *validationResult
);

Parameters

[in] signature

An IOpcDigitalSignature interface pointer that represents the signature to be validated.

[in] certificate

A pointer to a CERT_CONTEXT structure that contains a certificate that is used to validate the signature.

[out, retval] validationResult

A value that describes the result of the validation check.

Return value

The method returns an HRESULT. Possible values include, but are not limited to, those in the following table.

Return code	Description
S_OK	The method succeeded.
E_POINTER	At least one of the signature, certificate, and validationResult parameters is NULL.

Remarks

This method does not perform security checks on an X.509 Public Key Infrastructure Certificate; the caller must perform the checks for revocation, expiration, certificate chain, and all other necessary checks.

This method checks that the specified signature (signed entities and the signature markup) has not been altered since the signature was generated, but does not validate the identity of the signer.

Important The caller must validate the identity of the signer.

If there are errors in a package signature, some of these errors may not be exposed until this method is called.

Thread Safety

Packaging objects are not thread-safe.

For more information, see the Getting Started with the Packaging API.

Requirements

Requirement	Value
Minimum supported client	Windows 7 [desktop apps only]
Minimum supported server	Windows Server 2008 R2 [desktop apps only]
Target Platform	Windows
Header	msopc.h