CryptSignAndEncryptMessage function (wincrypt.h)

The CryptSignAndEncryptMessage function creates a hash of the specified content, signs the hash, encrypts the content, hashes the encrypted contents and the signed hash, and then encodes both the encrypted content and the signed hash. The result is the same as if the hash were first signed and then encrypted.


BOOL CryptSignAndEncryptMessage(
  [in]      PCRYPT_SIGN_MESSAGE_PARA    pSignPara,
  [in]      PCRYPT_ENCRYPT_MESSAGE_PARA pEncryptPara,
  [in]      DWORD                       cRecipientCert,
  [in]      PCCERT_CONTEXT []           rgpRecipientCert,
  [in]      const BYTE                  *pbToBeSignedAndEncrypted,
  [in]      DWORD                       cbToBeSignedAndEncrypted,
  [out]     BYTE                        *pbSignedAndEncryptedBlob,
  [in, out] DWORD                       *pcbSignedAndEncryptedBlob


[in] pSignPara

A pointer to a CRYPT_SIGN_MESSAGE_PARA structure that contains the signature parameters.

[in] pEncryptPara

A pointer to a CRYPT_ENCRYPT_MESSAGE_PARA structure containing encryption parameters.

[in] cRecipientCert

Number of array elements in rgpRecipientCert.

[in] rgpRecipientCert

Array of pointers to CERT_CONTEXT structures. Each structure is the certificate of an intended recipients of the message.

[in] pbToBeSignedAndEncrypted

A pointer to a buffer containing the content to be signed and encrypted.

[in] cbToBeSignedAndEncrypted

The size, in bytes, of the pbToBeSignedAndEncrypted buffer.

[out] pbSignedAndEncryptedBlob

A pointer to a buffer to receive the encrypted and encoded message.

This parameter can be NULL to set the size of this information for memory allocation purposes. For more information, see Retrieving Data of Unknown Length.

[in, out] pcbSignedAndEncryptedBlob

A pointer to DWORD specifying the size, in bytes, of the buffer pointed to by pbSignedAndEncryptedBlob. When the function returns, this variable contains the size, in bytes, of the signed and encrypted message copied to *pbSignedAndEncryptedBlob.

Note  When processing the data returned, applications must use the actual size of the data returned. The actual size can be slightly smaller than the size of the buffer specified on input. (On input, buffer sizes are usually specified large enough to ensure that the largest possible output data will fit in the buffer.) On output, the variable pointed to by this parameter is updated to reflect the actual size of the data copied to the buffer.

Return value

If the function succeeds, the return value is nonzero (TRUE).

If the function fails, the return value is zero (FALSE).

For extended error information, call GetLastError.

The following lists the error code most commonly returned by the GetLastError function.

Return code Description
If the buffer specified by the pbSignedAndEncryptedBlob parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code, and stores the required buffer size, in bytes, into the variable pointed to by pcbSignedAndEncryptedBlob.
Note  Errors from the called functions CryptSignMessage and CryptEncryptMessage might be propagated to this function.


Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Crypt32.lib
DLL Crypt32.dll

See also



Simplified Message Functions