Export (0) Print
Expand All

CERTENROLL_PROPERTYID enumeration

The CERTENROLL_PROPERTYID enumeration type contains predefined object identifiers for external properties that can be associated with a certificate in the certificate store. This enumeration is used by the ICertProperty interface.

The descriptions for each of the supported values identify the property data type so that you know how to create the value before calling the InitializeDecode method. The following interfaces, derived from ICertProperty, have been defined to simplify initialization and retrieval of the most common properties:

Syntax


typedef enum CERTENROLL_PROPERTYID { 
  XCN_PROPERTYID_NONE                             = 0,
  XCN_CERT_KEY_PROV_HANDLE_PROP_ID                = 1,
  XCN_CERT_KEY_PROV_INFO_PROP_ID                  = 2,
  XCN_CERT_SHA1_HASH_PROP_ID                      = 3,
  XCN_CERT_MD5_HASH_PROP_ID                       = 4,
  XCN_CERT_HASH_PROP_ID                           = 3,
  XCN_CERT_KEY_CONTEXT_PROP_ID                    = 5,
  XCN_CERT_KEY_SPEC_PROP_ID                       = 6,
  XCN_CERT_IE30_RESERVED_PROP_ID                  = 7,
  XCN_CERT_PUBKEY_HASH_RESERVED_PROP_ID           = 8,
  XCN_CERT_ENHKEY_USAGE_PROP_ID                   = 9,
  XCN_CERT_CTL_USAGE_PROP_ID                      = 9,
  XCN_CERT_NEXT_UPDATE_LOCATION_PROP_ID           = 10,
  XCN_CERT_FRIENDLY_NAME_PROP_ID                  = 11,
  XCN_CERT_PVK_FILE_PROP_ID                       = 12,
  XCN_CERT_DESCRIPTION_PROP_ID                    = 13,
  XCN_CERT_ACCESS_STATE_PROP_ID                   = 14,
  XCN_CERT_SIGNATURE_HASH_PROP_ID                 = 15,
  XCN_CERT_SMART_CARD_DATA_PROP_ID                = 16,
  XCN_CERT_EFS_PROP_ID                            = 17,
  XCN_CERT_FORTEZZA_DATA_PROP_ID                  = 18,
  XCN_CERT_ARCHIVED_PROP_ID                       = 19,
  XCN_CERT_KEY_IDENTIFIER_PROP_ID                 = 20,
  XCN_CERT_AUTO_ENROLL_PROP_ID                    = 21,
  XCN_CERT_PUBKEY_ALG_PARA_PROP_ID                = 22,
  XCN_CERT_CROSS_CERT_DIST_POINTS_PROP_ID         = 23,
  XCN_CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID     = 24,
  XCN_CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID    = 25,
  XCN_CERT_ENROLLMENT_PROP_ID                     = 26,
  XCN_CERT_DATE_STAMP_PROP_ID                     = 27,
  XCN_CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID  = 28,
  XCN_CERT_SUBJECT_NAME_MD5_HASH_PROP_ID          = 29,
  XCN_CERT_EXTENDED_ERROR_INFO_PROP_ID            = 30,
  XCN_CERT_RENEWAL_PROP_ID                        = 64,
  XCN_CERT_ARCHIVED_KEY_HASH_PROP_ID              = 65,
  XCN_CERT_AUTO_ENROLL_RETRY_PROP_ID              = 66,
  XCN_CERT_AIA_URL_RETRIEVED_PROP_ID              = 67,
  XCN_CERT_AUTHORITY_INFO_ACCESS_PROP_ID          = 68,
  XCN_CERT_BACKED_UP_PROP_ID                      = 69,
  XCN_CERT_OCSP_RESPONSE_PROP_ID                  = 70,
  XCN_CERT_REQUEST_ORIGINATOR_PROP_ID             = 71,
  XCN_CERT_SOURCE_LOCATION_PROP_ID                = 72,
  XCN_CERT_SOURCE_URL_PROP_ID                     = 73,
  XCN_CERT_NEW_KEY_PROP_ID                        = 74,
  XCN_CERT_FIRST_RESERVED_PROP_ID                 = 87,
  XCN_CERT_LAST_RESERVED_PROP_ID                  = 0x7fff,
  XCN_CERT_FIRST_USER_PROP_ID                     = 0x8000,
  XCN_CERT_LAST_USER_PROP_ID                      = 0xffff,
  XCN_CERT_STORE_LOCALIZED_NAME_PROP_ID           = 0x1000,
  XCN_CERT_CEP_PROP_ID                            = 87
} CERTENROLL_PROPERTYID;

Constants

XCN_PROPERTYID_NONE

No property is identified.

XCN_CERT_KEY_PROV_HANDLE_PROP_ID

Data type: HCRYPTPROV

The handle of the private key associated with the certificate.

XCN_CERT_KEY_PROV_INFO_PROP_ID

Data type: pointer to a CRYPT_KEY_PROV_INFO structure.

The structure contains information about a CSP key container or a Cryptography API: Next Generation (CNG) key. This is used to acquire a handle to the private key. We recommend that you use the ICertPropertyKeyProvInfo interface to initialize and retrieve this property.

XCN_CERT_SHA1_HASH_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a SHA-1 hash value of the certificate. We recommend that you use the ICertPropertySHA1Hash interface to initialize and retrieve this property.

XCN_CERT_MD5_HASH_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains an MD5 hash value of the certificate.

XCN_CERT_HASH_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a hash of the certificate created by using the default hashing algorithm. The default algorithm is currently SHA-1.

XCN_CERT_KEY_CONTEXT_PROP_ID

Data type: pointer to a CERT_KEY_CONTEXT structure.

The structure contains the information necessary to retrieve a key, including the CSP or key service provider (KSP) handle and a value that indicates whether the key is used for signing or encryption.

XCN_CERT_KEY_SPEC_PROP_ID

Data type: pointer to a DWORD.

The DWORD contains a value that identifies whether the key is used for signing or for encryption and whether the key is associated with a CNG KSP. This is the same as the value specified in the dwKeySpec parameter of the CERT_KEY_CONTEXT structure. This value can be a bitwise-OR combination of the following values:

  • AT_KEYEXCHANGE
  • AT_SIGNATURE
  • CERT_NCRYPT_KEY_SPEC
XCN_CERT_IE30_RESERVED_PROP_ID

Not supported.

XCN_CERT_PUBKEY_HASH_RESERVED_PROP_ID

Not supported.

XCN_CERT_ENHKEY_USAGE_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a DER-encoded EnhancedKeyUsage extension in a CERT_ENHKEY_USAGE structure. You can encode the structure by using the CryptoAPI CryptEncodeObject function and setting the lpszStructType parameter to X509_ENHANCED_KEY_USAGE.

typedef struct _CTL_USAGE 
{
    DWORD               cUsageIdentifier;
    LPSTR               *rgpszUsageIdentifier; 
} 
CTL_USAGE, *PCTL_USAGE, CERT_ENHKEY_USAGE, *PCERT_ENHKEY_USAGE;
XCN_CERT_CTL_USAGE_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a DER-encoded certificate trust list (CTL) usage identifier in a CTL_USAGE structure. You can encode the structure by using the CryptoAPI CryptEncodeObject function and setting the lpszStructType parameter to X509_ENHANCED_KEY_USAGE.

typedef struct _CTL_USAGE 
{
    DWORD               cUsageIdentifier;
    LPSTR               *rgpszUsageIdentifier; 
} 
CTL_USAGE;
XCN_CERT_NEXT_UPDATE_LOCATION_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a DER-encoded AlternativeNames extension in a CERT_ALT_NAME_INFO structure. You can encode the structure by using the CryptoAPI CryptEncodeObject function and setting the lpszStructType parameter to X509_ALTERNATE_NAME.

XCN_CERT_FRIENDLY_NAME_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member contains a pointer to a null-terminated Unicode string that contains the display name for the certificate. We recommend that you use the ICertPropertyFriendlyName interface to initialize and retrieve this property.

XCN_CERT_PVK_FILE_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member contains a pointer to a null-terminated Unicode string that contains the name of the private key file.

XCN_CERT_DESCRIPTION_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member contains a pointer to a null-terminated Unicode string that contains a description of the certificate. We recommend that you use the ICertPropertyDescription interface to initialize and retrieve this property.

XCN_CERT_ACCESS_STATE_PROP_ID

Data type: pointer to a DWORD.

The DWORD can contain a value that is a bitwise-OR combination of the following flags:

  • CERT_ACCESS_STATE_WRITE_PERSIST_FLAG (0x1)
  • CERT_ACCESS_STATE_SYSTEM_STORE_FLAG (0x2)
  • CERT_ACCESS_STATE_LM_SYSTEM_STORE_FLAG (0x4)
  • CERT_ACCESS_STATE_GP_SYSTEM_STORE_FLAG (0x8)
This is a read-only property and cannot be associated with an existing certificate by calling the SetValueOnCertificate method. You can retrieve it by calling the RawData property after initializing the property value by using the InitializeFromCertificate method.
XCN_CERT_SIGNATURE_HASH_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a hash of the certificate signature.

XCN_CERT_SMART_CARD_DATA_PROP_ID

Not supported.

XCN_CERT_EFS_PROP_ID

Not supported.

XCN_CERT_FORTEZZA_DATA_PROP_ID

Not supported.

XCN_CERT_ARCHIVED_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that identifies whether a certificate is archived. A certificate is typically archived when it has been replaced by a newer certificate. Subsequent enumeration of the certificate store usually skips the archived certificates. To indicate that the certificate is not archived, you can set pbData to NULL and cbData to zero (0). To indicate that the certificate is archived, you can set pbData to something other than NULL such as the address of the CRYPT_INTEGER_BLOB structure. We recommend, however, that you use the ICertPropertyArchived interface to set this property.

XCN_CERT_KEY_IDENTIFIER_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains the hash of the certificate subject public key. Typically, this is a 20-byte SHA-1 hash. For more information, see the IX509ExtensionSubjectKeyIdentifier interface.

XCN_CERT_AUTO_ENROLL_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member contains a pointer to a null-terminated Unicode string that contains the name or object identifier used for auto-enrollment. We recommend that you use the ICertPropertyAutoEnroll interface to initialize and retrieve this property.

XCN_CERT_PUBKEY_ALG_PARA_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to the DER-encoded public key algorithm parameters. For more information, see the EncodedParameters property on the IX509PublicKey interface.

XCN_CERT_CROSS_CERT_DIST_POINTS_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a DER-encoded CROSS_CERT_DIST_POINTS_INFO structure. You can encode the structure by using the CryptoAPI CryptEncodeObject function and setting the lpszStructType parameter to X509_CROSS_CERT_DIST_POINTS.

XCN_CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains an MD5 hash of the public key associated with the private key used to sign the certificate.

XCN_CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains an MD5 hash of the public key contained in the certificate.

XCN_CERT_ENROLLMENT_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains the following information (in the order listed) about a pending request. Each Unicode string is null-terminated, and the length includes the terminating null character.

  • Request ID length (4 bytes)
  • Request ID string
  • CA DNS name string length (4 bytes)
  • CA DNS name string
  • CA name string length (4 bytes)
  • CA name string
  • Display name length (4 bytes)
  • Display name string
We recommend that you use the ICertPropertyEnrollment interface to initialize and retrieve this property.
XCN_CERT_DATE_STAMP_PROP_ID

Data type: pointer to a FILETIME structure.

The structure contains the time that the certificate was added to the certificate store.

XCN_CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains an MD5 hash of the CA signing certificate serial number.

XCN_CERT_SUBJECT_NAME_MD5_HASH_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains an MD5 hash of the subject name.

XCN_CERT_EXTENDED_ERROR_INFO_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a null-terminated Unicode string that contains information about an error.

XCN_CERT_RENEWAL_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a SHA-1 hash of the certificate that is being renewed. We recommend that you use the ICertPropertyRenewal interface to initialize and retrieve this property.

XCN_CERT_ARCHIVED_KEY_HASH_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a hash of the archived private key. We recommend that you use the ICertPropertyArchivedKeyHash interface to initialize and retrieve this property value.

XCN_CERT_AUTO_ENROLL_RETRY_PROP_ID

Not supported.

XCN_CERT_AIA_URL_RETRIEVED_PROP_ID

Not supported.

XCN_CERT_AUTHORITY_INFO_ACCESS_PROP_ID

Not supported.

XCN_CERT_BACKED_UP_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a byte array that contains a VARIANT_BOOL followed by a FILETIME structure. To specify that the certificate is not backed up, set the first sizeof(VARIANT_BOOL) bytes in the array to zero (0). Otherwise, specify a value that is not zero. To specify the time at which the certificate was backed up, set the next sizeof(FILETIME) bytes to the date and time. We recommend that you use the ICertPropertyBackedUp interface to set this property value. This property is not currently used.

XCN_CERT_OCSP_RESPONSE_PROP_ID

Not supported.

XCN_CERT_REQUEST_ORIGINATOR_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a null-terminated Unicode string that contains the name of the computer that originated an auto-enrollment certificate request. We recommend that you use the ICertPropertyRequestOriginator interface to initialize and retrieve this property.

XCN_CERT_SOURCE_LOCATION_PROP_ID

Not supported.

XCN_CERT_SOURCE_URL_PROP_ID

Not supported.

XCN_CERT_NEW_KEY_PROP_ID

Not supported.

XCN_CERT_FIRST_RESERVED_PROP_ID

Not supported.

XCN_CERT_LAST_RESERVED_PROP_ID

Not supported.

XCN_CERT_FIRST_USER_PROP_ID

The minimum number for a user-defined property ID.

XCN_CERT_LAST_USER_PROP_ID

The maximum number for a user-defined property ID.

XCN_CERT_STORE_LOCALIZED_NAME_PROP_ID

Data type: pointer to a CRYPT_INTEGER_BLOB structure.

The pbData structure member points to a null-terminated Unicode string that contains the localized name of the certificate store.

XCN_CERT_CEP_PROP_ID

Contains information about a certificate enrollment policy (CEP) server and a certificate enrollment server (CES). This includes:

  • The CEP authentication method.
  • The CES authentication method.
  • The CEP URL.
  • The CES URL
  • The CEP ID.
  • The request ID string.

For more information, see ICertPropertyEnrollmentPolicyServer.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

CertEnroll.h

See also

CertEnroll Enumerations
CertEnroll Interfaces

 

 

Community Additions

ADD
Show:
© 2014 Microsoft