Share via


CMSG_SIGNER_ENCODE_INFO (Compact 2013)

3/28/2014

This structure contains signer information. It is passed optionally to CryptMsgOpenToEncode as a member of the CMSG_SIGNED_ENCODE_INFO structure, if the dwMsgType parameter is CMSG_SIGNED.

Syntax

typedef struct _CMSG_SIGNER_ENCODE_INFO {
  DWORD cbSize;
  PCERT_INFO pCertInfo;
  HCRYPTPROV hCryptProv;
  DWORD dwKeySpec;
  CRYPT_ALGORITHM_IDENTIFIER HashAlgorithm;
  void* pvHashAuxInfo;
  DWORD cAuthAttr;
  PCRYPT_ATTRIBUTE rgAuthAttr;
  DWORD cUnauthAttr;
  PCRYPT_ATTRIBUTE rgUnauthAttr;
  CERT_ID SignerId;
  CRYPT_ALGORITHM_IDENTIFIER HashEncryptionAlgorithm;
  void* pvHashEncryptionAuxInfo;
} CMSG_SIGNER_ENCODE_INFO, *PCMSG_SIGNER_ENCODE_INFO;

Members

  • cbSize
    Size of this structure in bytes.
  • pCertInfo
    Pointer to a CERT_INFO structure that contains the Issuer, SerialNumber, and SubjectPublicKeyInfo members.

    The pbData members of the Issuer and SerialNumber structures combined uniquely identify a certificate. The Algorithm member of the SubjectPublicKeyInfo structure specifies the hash encryption algorithm used.

  • hCryptProv
    Handle to the cryptographic service provider (CSP). If HashEncryptionAlgorithm is set to szOID_PKIX_NO_SIGNATURE, this handle can be the handle of a CSP acquired using dwFlags set to CRYPT_VERIFYCONTEXT.
  • dwKeySpec
    Specifies the private key to be used.

    If dwKeySpec is zero, then the default AT_KEYEXCHANGE value is used.

    The following dwKeySpec values are defined for the default provider.

    Value

    Description

    AT_KEYEXCHANGE

    Keys used to encrypt/decrypt session keys.

    AT_SIGNATURE

    Keys used to create and verify digital signatures.

  • pvHashAuxInfo
    Currently not used. This member must be set to NULL.
  • cAuthAttr
    Number of elements in the rgAuthAttr array. If no authenticated attributes are present in rgAuthAttr, then cAuthAttr is 0 (zero).
  • rgAuthAttr
    Pointer to an array of CRYPT_ATTRIBUTE structures, each containing authenticated attribute information.

    The PKCS #9 standard dictates that if there are any attributes, there must be at least two: the content type object identifier (OID) and the hash of the message. These attributes are automatically added by the system.

  • cUnauthAttr
    Number of elements in the rgUnauthAttr array. If there are no unauthenticated attributes, cUnauthAttr is 0 (zero).
  • rgUnauthAttr
    Pointer to an array of CRYPT_ATTRIBUTE structures, each holding unauthenticated attribute information. Unauthenticated attributes can contain countersignatures among other uses.
  • SignerId
    CERT_ID structure that contains a unique identifier of the signer's certificate. This member can optionally be used with PKCS # 7 with CMS. If this member is present and its dwIdChoice member is not 0 (zero), it is used to identify to the certificate instead of the Issuer and SerialNumber members of the CERT_INFO structure pointed to by pCertInfo. If not NULL, its dwIdChoice member is used instead of the Issuer and SerialNumber in pCertInfo. CMS supports the KEY_IDENTIFIER and ISSUER_SERIAL_NUMBER CERT_IDs. PKCS Version 1.5 only supports the ISSUER_SERIAL_NUMBER CERT_ID choice. This member can be used only if CMSG_SIGNER_ENCODE_INFO_HAS_CMS_FIELDS is defined.
  • HashEncryptionAlgorithm
    CRYPT_ALGORITHM_IDENTIFIER structure that is optionally used with PKCS #7 with CMS. If this member is not NULL, the algorithm identified is used instead of the SubjectPublicKeyInfo.Algorithm algorithm. If set to szOID_PKIX_NO_SIGNATURE, the signature value contains only the hash octets. If present and not NULL, this member is used instead of the PublicKeyInfo.Algorithm algorithm.

    For RSA, the hash encryption algorithm is normally the same as the public key algorithm. For DSA, the hash encryption algorithm is normally a DSS signature algorithm.

    This member can be used only if CMSG_SIGNER_ENCODE_INFO_HAS_CMS_FIELDS is defined.

  • pvHashEncryptionAuxInfo
    Currently not used. It must be set to NULL if it is present in the data structure. This member is present only if CMSG_SIGNER_ENCODE_INFO_HAS_CMS_FIELDS is defined.

Requirements

Header

wincrypt.h

See Also

Reference

Cryptography Structures
CERT_INFO
CRYPT_ALGORITHM_IDENTIFIER
CRYPT_ATTRIBUTE
CryptMsgControl