public const int ERROR_EFS_ALG_BLOB_TOO_BIG = 6013;

        /// The dwValueType for the CERT_NAME_VALUE is not one of the character strings.  Most likely it is either a CERT_RDN_ENCODED_BLOB or CERT_TDN_OCTED_STRING.

      /// The credential provider should align the credential BLOB pointed to by the refOutAuthBuffer parameter to a 32-bit boundary, even if the provider is running on a 64-bit system.

    // Verify the protection of a protected blob

    ' Verify the protection of a protected blob

    DFS_VOLUME_FLAVOR_AD_BLOB=0x0200,

    ///The dwValueType for the CERT_NAME_VALUE is not one of the character strings.  Most likely it is either a CERT_RDN_ENCODED_BLOB or CERT_TDN_OCTED_STRING.

    [Description("The dwValueType for the CERT_NAME_VALUE is not one of the character strings.  Most likely it is either a CERT_RDN_ENCODED_BLOB or CERT_TDN_OCTED_STRING.")]

    '''The dwValueType for the CERT_NAME_VALUE is not one of the character strings.  Most likely it is either a CERT_RDN_ENCODED_BLOB or CERT_TDN_OCTED_STRING.

    <Description("The dwValueType for the CERT_NAME_VALUE is not one of the character strings.  Most likely it is either a CERT_RDN_ENCODED_BLOB or CERT_TDN_OCTED_STRING.")> _

        VT_BLOB = 65,

        VT_BLOB_OBJECT = 70,

        VT_BSTR_BLOB = 4095,

/// <param name="ppbKeyBlob">[out] generated public / private key blob</param>

/// <param name="pcbKeyBlob">[out] size of the generated blob</param>

   [Out]out IntPtr ppbKeyBlob, [Out]out long pcbKeyBlob);

/// <param name="ppbKeyBlob">[out] generated public / private key blob</param>

/// <param name="pcbKeyBlob">[out] size of the generated blob</param>

public extern static bool StrongNameKeyGenEx([MarshalAs(UnmanagedType.LPWStr)]string wszKeyContainer, StrongNameKeyGenFlags dwFlags, int dwKeySize, Out IntPtr ppbKeyBlob, Out long pcbKeyBlob);

            IntPtr BLOB=IntPtr.Zero;

                BLOB = Marshal.AllocCoTaskMem(isz);

                Marshal.WriteInt32(BLOB,GETTECHNOLOGY);

                int test=ExtEscape( hDC, QUERYESCSUPPORT, 4, BLOB, 0, IntPtr.Zero);

                    Marshal.WriteInt32(BLOB,val);

                    test = ExtEscape(hDC,QUERYESCSUPPORT,isz,BLOB,0, IntPtr.Zero);

                if(BLOB!=IntPtr.Zero) Marshal.Release(BLOB);

        public int credentialBlobSize;        

        public IntPtr credentialBlob;

        byte[] passwordBytes =  new byte[cred.credentialBlobSize];

        // Copy the memory from the blob to our array

        Marshal.Copy(cred.credentialBlob, passwordBytes , 0, cred.credentialBlobSize);

        public byte[] CredentialBlob;

            public UInt32 CredentialBlobSize;

            public IntPtr CredentialBlob;

            CredentialBlob = new byte[lRawCredential.CredentialBlobSize],

            Marshal.Copy(lRawCredential.CredentialBlob, lCredential.CredentialBlob, 0, (int)lRawCredential.CredentialBlobSize);

Use System.Text.Encoding.Unicode.GetString to convert the CredentialBlob into a password string.

     public UInt32 credentialBlobSize;

     public IntPtr credentialBlob;

     userCredential.credentialBlobSize = (UInt32)bpassword.Length;

     userCredential.credentialBlob = Marshal.StringToCoTaskMemUni(password);

     public UInt32 credentialBlobSize;

     public IntPtr credentialBlob;

$cred.credentialBlobSize = [System.Text.Encoding]::Unicode.GetBytes($password).length

$cred.credentialBlob = [System.Runtime.InteropServices.Marshal]::StringToCoTaskMemUni($password)

public static extern bool CryptExportKey(IntPtr hKey, IntPtr hExpKey, uint dwBlobType, uint dwFlags, [In, Out] byte[] pbData, ref uint dwDataLen);

    ///     const void  **ppbHashValue,     // [OUT] Hash blob.

    ///     ULONG       *pcbHashValue,      // [OUT] Count of bytes in the hash blob.

    ///     const void  **ppbHashValue,     // [OUT] Pointer to the Hash Value Blob.

    ///     ULONG       *pcbHashValue,      // [OUT] Count of bytes in the Hash Value Blob.

        Blob = 3,

Working examples: [http://github.com/kg/shootblues/blob/master/SignatureCheck.cs], and [http://stackoverflow.com/a/6597017/640326]

    certDataBlob = Marshal.AllocHGlobal(certData.Length);

        Marshal.Copy(certData, 0, certDataBlob, certData.Length);

            certDataBlob, (uint)certData.Length);

        Marshal.FreeHGlobal(certDataBlob);

public struct CERT_NAME_BLOB

        CERT_NAME_BLOB name;

byte[] pbEncryptedBlob,

int cbEncryptedBlob,

    [In, Out] byte[] pbEncryptedBlob,

    ref int pcbEncryptedBlob);

    ref DATA_BLOB pDataIn,

    ref DATA_BLOB pOptionalEntropy,

    ref DATA_BLOB pDataOut

    ByRef pDataIn As DATA_BLOB, _

    ByRef pOptionalEntropy As DATA_BLOB, _

    ByRef pDataOut As DATA_BLOB _

DATA_BLOB

Change the DATA_BLOB and CRYPTPROTECT_PROMPTSTRUT from structures to classes. This way you don't have to pass the value types by ref. Both the pOptionalEntropy and the pPromptStruct can be null. If you use structs you have to new empty structs instead of just passing null if you use classes.

        [In, Out] byte[] pbSignedAndEncryptedBlob,

        ref int pcbSignedAndEncryptedBlob);

    ref DATA_BLOB pDataIn,

    ref DATA_BLOB pOptionalEntropy,

    ref DATA_BLOB pDataOut

     ByRef pDataIn As DATA_BLOB, _

     ByRef pOptionalEntropy As DATA_BLOB, _

     ByRef pDataOut As DATA_BLOB _

DATA_BLOB

        byte[] pbDetachedSignBlob,

        int cbDetachedSignBlob,

        rgpbToBeSigned,       // Pointer to signed BLOB.

        rgcbToBeSigned,       // Size of signed BLOB.

    [ In, Out ] byte[] pbVerifiedBlob,

    ref int pcbVerifiedBlob,

     byte[] pbVerifiedBlob,

     ref int pcbVerifiedBlob,

           pbVerifiedBlob,

           ref pcbVerifiedBlob,

    internal struct CRYPT_DATA_BLOB

Declare Function CRYPT_DATA_BLOB Lib "crypt32.dll" (TODO) As TODO

        public CRYPT_DATA_BLOB ListIdentifier;

        public CRYPT_INTEGER_BLOB SequenceNumber;

        ref CRYPT_DATA_BLOB pPfx,

    ByRef pPfx As CRYPT_DATA_BLOB, _

    internal struct CRYPT_DATA_BLOB

    internal static extern bool PFXIsPFXBlob(

                ref CRYPT_DATA_BLOB pPfx);

    Public Shared Function PFXIsPFXBlob( _

    ByRef pPfx As CRYPT_DATA_BLOB) As Boolean

    internal struct CRYPT_DATA_BLOB

struct Blob

        public IntPtr pBlobData;

Structure BLOB

   public CRYPT_OBJID_BLOB SerialNumber;

   public CRYPT_OBJID_BLOB Issuer;

   public CRYPT_OBJID_BLOB Subject;

   public CRYPT_OBJID_BLOB IssuerUniqueId;

   public CRYPT_OBJID_BLOB SubjectUniqueId;

public struct CERT_NAME_BLOB

Structure CERT_NAME_BLOB

   public CRYPT_BIT_BLOB PublicKey;

    public CRYPT_BIT_BLOB PublicKey;

    public CERT_NAME_BLOB Subject;

    public CRYPT_OBJID_BLOB Parameters;

alternative (without using CRYPT_OBJID_BLOB):

    public CRYPT_ATTR_BLOB rgValue;

public struct CRYPT_ATTR_BLOB

Structure CRYPT_ATTR_BLOB

struct CRYPT_BIT_BLOB  {

Structure CRYPT_BIT_BLOB  

public struct CRYPT_BIT_BLOB

Structure CRYPT_BIT_BLOB

    public struct CRYPT_INTEGER_BLOB

Structure CRYPT_INTEGER_BLOB

public struct CRYPT_OBJID_BLOB

Structure CRYPT_OBJID_BLOB

    public struct CRYPT_XYZ_BLOB

XYZ can be any of the mentioned BLOBs on MSDN.

private struct DATA_BLOB {

<StructLayout(LayoutKind.Sequential, CharSet:=CharSet.Unicode)> Structure DATA_BLOB

Remember that DATA_BLOB.pbData for the output parameters of the CryptProtectData and CryptUnprotectData functions will point to a block of unmanaged memory that needs to be cleaned up using a call to LocalFree from kernel32. You will of course have to use pinvoke to call LocalFree.

      /// SIGNER_BLOB_INFO*

      public System.IntPtr pSignerBlobInfo;

    //specify that the subject choice is a SUBJECT_FILE_INFO and not a SUBJECT_BLOB_INFO.

    public IntPtr Blob;