CryptVerifyTimeStampSignature function (wincrypt.h)

The CryptVerifyTimeStampSignature function validates the time stamp signature on a specified array of bytes.


BOOL CryptVerifyTimeStampSignature(
  [in]            const BYTE               *pbTSContentInfo,
                  DWORD                    cbTSContentInfo,
  [in, optional]  const BYTE               *pbData,
                  DWORD                    cbData,
  [in, optional]  HCERTSTORE               hAdditionalStore,
  [out]           PCRYPT_TIMESTAMP_CONTEXT *ppTsContext,
  [out, optional] PCCERT_CONTEXT           *ppTsSigner,
  [out, optional] HCERTSTORE               *phStore


[in] pbTSContentInfo

A pointer to a buffer that contains time stamp content.


The size, in bytes, of the buffer pointed to by the pbTSContentInfo parameter.

[in, optional] pbData

A pointer to an array of bytes on which to validate the time stamp signature.


The size, in bytes, of the array pointed to by the pbData parameter.

[in, optional] hAdditionalStore

The handle of an additional store to search for supporting Time Stamping Authority (TSA) signing certificates and certificate trust lists (CTLs). This parameter can be NULL if no additional store is to be searched.

[out] ppTsContext

A pointer to a PCRYPT_TIMESTAMP_CONTEXT structure. When you have finished using the context, you must free it by calling the CryptMemFree function.

[out, optional] ppTsSigner

A pointer to a PCERT_CONTEXT that receives the certificate of the signer. When you have finished using this structure, you must free it by passing this pointer to the CertFreeCertificateContext function.

Set this parameter to NULL if the TSA signer's certificate is not needed.

[out, optional] phStore

A pointer to a handle that receives the certificate store opened on CMS to search for supporting certificates.

This parameter can be NULL if the TSA supporting certificates are not needed. When you have finished using this handle, you must release it by passing it to the CertCloseStore function.

Return value

If the function succeeds, the function returns TRUE. For extended error information, call the GetLastError function.


The caller should validate the pszTSAPolicyId member of the CRYPT_TIMESTAMP_INFO structure when it is returned by the CryptRetrieveTimeStamp function. If a TSA policy was specified in the request and the ftTime member contains a valid value, the caller should build a certificate context chain with which to populate the ppTsSigner parameter and validate the trust.


Requirement Value
Minimum supported client Windows 7 [desktop apps | UWP apps]
Minimum supported server Windows Server 2008 R2 [desktop apps | UWP apps]
Target Platform Windows
Header wincrypt.h
DLL Crypt32.dll

See also