CryptMsgEncodeAndSignCTL

The CryptMsgEncodeAndSignCTL function encodes the CTL and creates a signed message containing the encoded CTL.

The pCtlInfo is used to do the encoding. Then CryptMsgSignCTL is called.

#include <wincrypt.h>
BOOL WINAPI CryptMsgEncodeAndSignCTL(
  DWORD dwMsgEncodingType,              // in
  PCTL_INFO pCtlInfo,                   // in
  PCMSG_SIGNED_ENCODE_INFO pSignInfo,   // in
  DWORD dwFlags,                        // in
  BYTE *pbEncoded,                      // out
  DWORD *pcbEncoded                     // in/out
);

Parameters

dwMsgEncodingType
The type of message encoding used. Note that it is always acceptable to specify both the certificate and message encoding types, by combining them with a bitwise OR operation, as shown in the following example: 
CRYPT_ASN_ENCODING | PKCS_7_ASN_ENCODING

However, it is required only to specify the message encoding here. Currently defined encoding types are shown in the following table.
Encoding type Value
CRYPT_ASN_ENCODING 0x00000001
PKCS_7_ASN_ENCODING 0x00010000

pCtlInfo
A pointer to the CTL_INFO structure used to do the encoding.
pSignInfo
Points to a CMSG_SIGNED_ENCODE_INFO structure which optionally contains an array of a CMSG_SIGNER_ENCODE_INFO structures.

The message can be encoded without any signers if the CMSG_SIGNED_ENCODE_INFO structure's cbSize member is set to the size of the structure and all of the other members are set to zero.

dwFlags
CMSG_ENCODE_SORTED_CTL_FLAG
Set this flag if the CTL entries are to be sorted before encoding. This flag should be set if the CertFindSubjectInSortedCTL or CertEnumSubjectInSortedCTL functions will be called. If the subject identifier for the CTL entries is a hash, such as MD5 or SHA1, then CMSG_ENCODE_HASHED_SUBJECT_IDENTIFIER_FLAG should also be set.
CMSG_ENCODE_HASHED_SUBJECT_IDENTIFIER_FLAG
This flag should be set if the above CMSG_ENCODE_SORTED_CTL_FLAG flag is set, and the identifier for the TrustedSubjects is a hash, such as, MD5 or SHA1.
pbEncoded
Pointer to a buffer that receives the encoded message produced.

This parameter can be NULL to set the size of this information for memory allocation purposes. For more information, see Common In/Out Parameter Conventions.

pcbEncoded
Pointer to a variable that specifies the size, in bytes, of the buffer pointed to by the pbEncoded parameter. When the function returns, the variable pointed to by the pcbEncoded parameter contains the number of bytes stored in the buffer. This parameter can be NULL, only if pbEncoded is NULL.

Return Values

If the function fails, the return value is FALSE (zero). If it succeeds, the return value is TRUE (non-zero).

To retrieve extended error information, use the GetLastError function.

The following table lists the error codes most commonly returned by the GetLastError function.

Error code Description
Propagated errors that may be encountered: An error can be propagated from
CryptMsgOpenToEncode
CryptMsgUpdate

Example

// EXAMPLE CODE FOR USING CryptMsgEncodeAndSignCTL().
// Encodes the CTL and creates a signed message
// Assume that pointers to the PCTL_INFO structure
// (pCtlInfo), and the CMSG_SIGNED_ENCODE_INFO
// (pSignInfo) have already been defined.

// Set up the variables.
DWORD dwMsgEncodingType = CRYPT_ASN_ENCODING | PKCS_7_ASN_ENCODING;
                                   // Type of encoding
PCTL_INFO pCtlInfo;                // Pointer to the CTL_INFO
                                   //   structure to do the encoding
PCMSG_SIGNED_ENCODE_INFO pSignInfo;// Pointer to a
                                   //   CMSG_SIGNED_ENCODE_INFO
                                   //   structure
DWORD dwFlags = 0;                 // Reserved - set to 0
BYTE *pbEncoded;                   // Pointer to encoded message
DWORD cbEncoded;                   // Pointer to size, in bytes, of
                                   //   pbEncoded
BOOL fResult;                      // Return TRUE if function succeeds
                                   //   FALSE if function fails

// Function called the first time to get a pointer to
// the size of the encoded message (cbEncoded)
fResult= CryptMsgEncodeAndSignCTL(
           dwMsgEncodingType,
           pCtlInfo,
           pSignInfo,
           0,                        // dwFlags set to 0
           NULL,                     // NULL on first call
           &cbEncoded);

if (!fResult){
  cout << "first call to CryptMsgEncodeAndSignCTL failed"<< endl;
}
else {
  cout<< "first call to CryptMsgEncodeAndSignCTL successful"<< endl;
  pbEncoded = (BYTE*) malloc (cbEncoded);
  cout<< "memory allocated"<< endl;
}

// Function call to a pointer to the encoded message
fResult= CryptMsgEncodeAndSignCTL(
           dwMsgEncodingType,        // in
           pCtlInfo,                 // in
           pSignInfo,                // in
           0,                        // in - Reserved- set to 0
           pbEncoded,                // out
           &cbEncoded);              // in/out

if (!fResult) {                      // FALSE
 cout<< "Function failed"<< endl
     << "error code = "<< GetLastError()<< endl;
}
else {                               // TRUE
 cout<< "Function succeeded"<< endl
     << "size = "<< &cbEncoded<< endl
     << "encoded message at location = "<< pbEncoded<< endl;
}
free (pbEncoded);

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
  Windows: Requires Windows 98 (or Windows 95 with IE 3.02 or later).
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.

See Also

CMSG_SIGNED_ENCODE_INFO, CTL_INFO, CryptMsgOpenToEncode, CryptMsgSignCTL, CertFindSubjectInSortedCTL, CertEnumSubjectInSortedCTL