The CryptVerifyDetachedMessageSignature function verifies a signed message's signature.

C# Signature:

    [DllImport("Crypt32.dll", SetLastError = true)]
    static internal extern bool CryptVerifyDetachedMessageSignature(
        ref CRYPT_VERIFY_MESSAGE_PARA pVerifyPara,
        int dwSignerIndex,
        byte[] pbDetachedSignBlob,
        int cbDetachedSignBlob,
        int cToBeSigned,
        IntPtr[] rgpbToBeSigned,
        int[] rgcbToBeSigned,
        IntPtr ppSignerCert);

VB Signature:

Declare Function CryptVerifyDetachedMessageSignature Lib "crypt32.dll" (TODO) As TODO

User-Defined Types:

None.

Notes:

None.

Tips & Tricks:

Please add some!

Sample Code:

  public void VerifyDetachedMessageSignature2(byte[] messageData, byte[] signatureData, out byte[] p_x509)
  {
    CRYPT_VERIFY_MESSAGE_PARA verifyParams;
    IntPtr buffer = Marshal.AllocCoTaskMem(Marshal.SizeOf(typeof(byte)) * messageData.Length);
    Marshal.Copy(messageData, 0, buffer, messageData.Length);
    IntPtr[] rgpbToBeSigned = new IntPtr[1] { buffer };
    int[] rgcbToBeSigned = new int[1] { messageData.Length };

    p_x509 = null;
    GCHandle pCertContext;

    verifyParams = new CRYPT_VERIFY_MESSAGE_PARA();
    verifyParams.cbSize = (int)Marshal.SizeOf(verifyParams);
    verifyParams.dwMsgAndCertEncodingType = CryptoConstants.X509_ASN_ENCODING | CryptoConstants.PKCS_7_ASN_ENCODING;
    verifyParams.hCryptProv = 0;
    verifyParams.pfnGetSignerCertificate = IntPtr.Zero;
    verifyParams.pvGetArg = IntPtr.Zero;

    pCertContext = GCHandle.Alloc(IntPtr.Zero, GCHandleType.Pinned);

    try
    {
        bool res = CryptoApiProvider.CryptVerifyDetachedMessageSignature(
        ref verifyParams,     // Verify parameters.
        0,            // Signer index.
        signatureData,        // Buffer for decoded message.
        signatureData.Length,     // Size of buffer.
1,         rgpbToBeSigned,       // Pointer to signed BLOB.
        rgcbToBeSigned,       // Size of signed BLOB.
        pCertContext.AddrOfPinnedObject());

        if (!res)
        {
        throw new Exception("Error while encrypting data [" + Marshal.GetLastWin32Error() + "].");
        }

        try
        {
        X509Certificate x509 = new X509Certificate( ( IntPtr )pCertContext.Target );
        }
        finally
        {
        Crypt32.CertFreeCertificateContext( ( IntPtr )pCertContext.Target );
        }
    }
    finally
    {
        pCertContext.Free();
    }
  }

Alternative Managed API:

Do you know one? Please contribute it!

Please edit this page!

Do you have...

• helpful tips or sample code to share for using this API in managed code?
• corrections to the existing content?
• variations of the signature you want to share?
• additional languages you want to include?

Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).