CertIsRDNAttrsInCertificateName function (wincrypt.h)

The CertIsRDNAttrsInCertificateName function compares the attributes in the certificate name with the specified CERT_RDN to determine whether all attributes are included there. The comparison iterates through the CERT_RDN and looks for an attribute match in any of the CERT_RDNs of the certificate name.

Syntax

BOOL CertIsRDNAttrsInCertificateName(
  [in] DWORD           dwCertEncodingType,
  [in] DWORD           dwFlags,
  [in] PCERT_NAME_BLOB pCertName,
  [in] PCERT_RDN       pRDN
);

Parameters

[in] dwCertEncodingType

Specifies the encoding type used. It is always acceptable to specify both the certificate and message encoding types by combining them with a bitwise-OR operation as shown in the following example:

X509_ASN_ENCODING | PKCS_7_ASN_ENCODING

Currently defined encoding types are:

  • X509_ASN_ENCODING
  • PKCS_7_ASN_ENCODING

[in] dwFlags

CERT_UNICODE_IS_RDN_ATTRS_FLAG must be set if the pRDN was initialized with Unicode strings as in CryptEncodeObject with lpszStructType set to X509_UNICODE_NAME.

CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG is set to do a case insensitive match. Otherwise, an exact, case sensitive match is done.

[in] pCertName

A pointer to a CRYPT_INTEGER_BLOB that contains the encoded subject or issuer name.

[in] pRDN

Array of CERT_RDN structures that contain the attributes to be found in the name. The CERT_RDN_ATTR member of the CERT_RDN structure behaves according to the following rules.

  • If pszObjId is NULL, the attribute object identifier (OID) is ignored.
  • If dwValueType is CERT_RDN_ANY_TYPE, the value type is ignored.
  • If the pbData member of Value is NULL, any value can be a match.

Return value

If the function succeeds and all of the RDN values in the specified CERT_RDN are in the certificate name, the return value is nonzero (TRUE).

If the function fails, or if there are RDN values in the specified CERT_RDN that are not in the certificate name, the return value is zero (FALSE). For extended error information, call GetLastError.

The following table lists some possible error codes.

Return code Description
CRYPT_E_NO_MATCH
Not all the attributes were found and matched.
ERROR_FILE_NOT_FOUND
Invalid certificate encoding type. Currently only X509_ASN_ENCODING is supported.
 

If the function fails, GetLastError may return an Abstract Syntax Notation One (ASN.1) encoding/decoding error. For information about these errors, see ASN.1 Encoding/Decoding Return Values.

Remarks

Currently, only an exact, case-sensitive match is supported.

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Crypt32.lib
DLL Crypt32.dll

See also

CertFindCertificateInStore

Data Management Functions