Edit

CERT_AUTHORITY_KEY_ID2_INFO structure (wincrypt.h)

  • Article

The CERT_AUTHORITY_KEY_ID2_INFO structure identifies the key used to sign a certificate or CRL. It differs from the CERT_AUTHORITY_KEY_ID_INFO structure in that the certificate issuer is a CERT_ALT_NAME_INFO instead of a CERT_NAME_BLOB. Otherwise, the structures are used in the same way.

The key can be identified by an explicit key identifier, by giving a certificate's issuer and serial number, or by both. If both are used, the certificate issuer must ensure that the explicit key identifier, the certificate issuer and the serial number are consistent.

CryptDecodeObject creates an instance of this structure when performed on a CERT_EXTENSION structure's Value member with its the structure's pszObjId member set to szOID_AUTHORITY_KEY_IDENTIFIER2.

An instance of this structure can be used as input to CryptEncodeObject to create an appropriate CERT_EXTENSION.

Syntax

typedef struct _CERT_AUTHORITY_KEY_ID2_INFO {
  CRYPT_DATA_BLOB    KeyId;
  CERT_ALT_NAME_INFO AuthorityCertIssuer;
  CRYPT_INTEGER_BLOB AuthorityCertSerialNumber;
} CERT_AUTHORITY_KEY_ID2_INFO, *PCERT_AUTHORITY_KEY_ID2_INFO;

Members

KeyId

A CRYPT_DATA_BLOB structure that contains a unique identifier of a public key.

AuthorityCertIssuer

CERT_ALT_NAME_INFO that includes the encoded name of the CA that issued the certificate. The cAltEntry member of the structure may be set to zero if the name is not to be used to identify the CA.

AuthorityCertSerialNumber

A CRYPT_INTEGER_BLOB structure that includes the serial number of the certificate associated with the private key used to sign this certificate. For more information, see CERT_INFO.

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Header wincrypt.h

See also

CERT_ALT_NAME_INFO

CERT_AUTHORITY_KEY_ID_INFO