Hi Maarten, overall this patch looks pretty good. A few minor comments:
+ tempbuffer = HeapAlloc(GetProcessHeap(), 0, TEMP_BLOCK_SIZE); + if (!tempbuffer) + goto out; You return TRUE in this case. You probably ought to set last error and return FALSE instead. + while (ReadFile(hFile, tempbuffer, TEMP_BLOCK_SIZE, &readbytes, NULL) && readbytes) + CryptHashData(hash, tempbuffer, readbytes, 0); Why not while ((ret = ReadFile...) && readbytes) instead? This way you can at least return failure if reading the file fails for whatever reason. + SetLastError(ERROR_INSUFFICIENT_BUFFER); return TRUE; Why are you setting ERROR_INSUFFICIENT_BUFFER in the success case? If it's just to pass that test, I think you might remove the test instead: in general we don't like to check last error in case of success, unless we know an app does so. --Juan