Share via


CryptDecryptMessage (Compact 2013)

3/28/2014

This function decodes and decrypts a message.

Syntax

BOOL WINAPI CryptDecryptMessage(
    __in PCRYPT_DECRYPT_MESSAGE_PARA pDecryptPara,
    __in const BYTE* pbEncryptedBlob,
      __in DWORD cbEncryptedBlob,
      __out_opt BYTE* pbDecrypted,
      __inout_opt DWORD* pcbDecrypted,
      __out_opt PCCERT_CONTEXT* ppXchgCert
);

Parameters

  • pbEncryptedBlob
    [in] Pointer to a buffer that contains the encoded and encrypted message to be decrypted.
  • cbEncryptedBlob
    [in] Size, in bytes, of the encoded and encrypted message.
  • pbDecrypted
    [out, optional] Pointer to a buffer that receives the decrypted message.
    To set the size of this information for memory allocation purposes, this parameter can be NULL. A decrypted message will not be returned if this parameter is NULL. For more information, see Retrieving Data of Unknown Length.
  • pcbDecrypted
    [in, out, optional] Pointer to a DWORD that specifies the size, in bytes, of the buffer to which the pbDecrypted parameter points. When the function returns, this variable contains the size, in bytes, of the decrypted message copied to pbDecrypted.

    Note

    When processing the data returned in the pbDecrypted buffer, applications must use the actual size of the data returned. The actual size can be slightly smaller than the size of the buffer specified in pcbDecrypted on input. On input, buffer sizes are usually specified large enough to ensure that the largest possible output data will fit in the buffer. On output, the DWORD is updated to the actual size of the data copied to the buffer.

  • ppXchgCert
    [out, optional] Pointer to a CERT_CONTEXT structure of a certificate that corresponds to the private exchange key needed to decrypt the message. To indicate that the function should not return the certificate context used to decrypt, set this parameter to NULL.

Return Value

Returns true if function succeeds; otherwise, false. To retrieve extended error information, call GetLastError.

Note

Errors from calls to CryptImportKey and CryptDecrypt might be propagated to this function.

The following error codes are most commonly returned by the GetLastError function.

Value

Description

ERROR_MORE_DATA

If the buffer specified by the pbDecrypted parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code, and stores the required buffer size, in bytes, in the variable to which pcbDecrypted points.

E_INVALIDARG

Invalid message and certificate encoding types. Currently only PKCS_7_ASN_ENCODING and X509_ASN_ENCODING_TYPE are supported. Invalid cbSize in *pDecryptPara.

CRYPT_E_UNEXPECTED_MSG_TYPE

Not an enveloped cryptographic message.

NTE_BAD_ALGID

The message was encrypted by using an unknown or unsupported algorithm.

CRYPT_E_NO_DECRYPT_CERT

No certificate was found having a private key property to use for decrypting.

If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information about these errors, see ASN.1 Encoding/Decoding Return Values.

Remarks

When NULL is passed for pbDecrypted, and pcbDecrypted is not NULL, NULL is returned for the address passed in ppXchgCert; otherwise, a pointer to a CERT_CONTEXT is returned. For a successfully decrypted message, this pointer to a CERT_CONTEXT points to the certificate context used to decrypt the message. It must be freed by calling CertFreeCertificateContext. If the function fails, the value at ppXchgCert is set to NULL.

Requirements

Header

wincrypt.h

Library

crypt32.lib

See Also

Reference

Certificates Functions