Click or drag to resize

Crypt32ManagedPfxVerifyPassword Method

attempts to decode the outer layer of a BLOB as a Personal Information Exchange (PFX) packet and to decrypt it with the given password.

Namespace:  PKI.ManagedAPI
Assembly:  PKI.Core (in PKI.Core.dll) Version: (
public static bool PfxVerifyPassword(
	byte[] rawData,
	string password


Type: SystemByte
A byte array that the method will attempt to decode as a PFX packet
Type: SystemString
String password to be checked. For this function to succeed, this password must be exactly the same as the password used to encrypt the packet.

If you set this value to an empty string or NULL, this function typically attempts to decrypt the password embedded in the PFX BLOB by using the empty string or NULL.

However, beginning with Windows 8 and Windows Server 2012, if a NULL or empty password was specified when the PFX BLOB was created and the application also specified that the password should be protected to an Active Directory (AD) principal, the Cryptography API (CAPI) randomly generates a password, encrypts it to the AD principal and embeds it in the PFX BLOB. The PFXVerifyPassword function will then try to use the specified AD principal (current user, computer, or AD group member) to decrypt the password.

Return Value

Type: Boolean
The method return TRUE if the password appears correct; otherwise, it returns FALSE.
ArgumentNullExceptionIf the rawData parameter is null.
See Also