Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This section presents the steps to decrypt an encrypted message.
To decrypt an encrypted message
- Get a pointer to the digitally enveloped message.
- Open a certificate store.
- From the message, retrieve the recipient identifier (My ID).
- Use the recipient identifier to retrieve the certificate.
- Get the private key for the certificate.
- Use the private key to decrypt the symmetric (session) key.
- Retrieve the encryption algorithm from the message.
- Using the decrypted session key and the encryption algorithm, decrypt the data.
CryptDecryptMessage does all of the tasks for decrypting a message; however, initialization of structures and other data is still necessary.
To decrypt data using CryptDecryptMessage
- Get a pointer to the encrypted BLOB.
- Open a certificate store.
- Create a certificate store array.
- Initialize the CRYPT_DECRYPT_MESSAGE_PARA structure.
- Call CryptDecryptMessage to decrypt the data contained in the message.
Example C Program: Using CryptEncryptMessage and CryptDecryptMessage implements the procedure just presented. Comments show which code elements accomplish each step in the procedure. For details about the function, see CryptDecryptMessage, and for details about the data structure, see CRYPT_DECRYPT_MESSAGE_PARA.