Export (0) Print
Expand All
Expand Minimize

CERT_KEY_USAGE_RESTRICTION_INFO structure

The CERT_KEY_USAGE_RESTRICTION_INFO structure contains restrictions imposed on the usage of a certificate's public key. This includes purposes for use of the key and policies under which the key can be used.

CryptDecodeObject creates an instance of this structure when performed on a CERT_EXTENSION structure's Value member with its structure's pszObjId member set to szOID_KEY_USAGE_RESTRICTION.

An instance of this structure can be used as input to the CryptEncodeObject function to create an appropriate CERT_EXTENSION.

Syntax


typedef struct _CERT_KEY_USAGE_RESTRICTION_INFO {
  DWORD           cCertPolicyId;
  PCERT_POLICY_ID rgCertPolicyId;
  CRYPT_BIT_BLOB  RestrictedKeyUsage;
} CERT_KEY_USAGE_RESTRICTION_INFO, *PCERT_KEY_USAGE_RESTRICTION_INFO;

Members

cCertPolicyId

The number of elements in the rgCertPolicyId array.

rgCertPolicyId

An array of pointers to CERT_POLICY_ID structures.

RestrictedKeyUsage

A CRYPT_BIT_BLOB value that includes, as its pbData, a byte that indicates the purposes for which the key can be used.

If the cbData member is zero, the key has no usage restrictions.

The following are currently defined values for the pbData member of RestrictedKeyUsage. These can be combined using a bitwise-OR operation.

  • CERT_DATA_ENCIPHERMENT_KEY_USAGE
  • CERT_DIGITAL_SIGNATURE_KEY_USAGE
  • CERT_KEY_AGREEMENT_KEY_USAGE
  • CERT_KEY_CERT_SIGN_KEY_USAGE
  • CERT_KEY_ENCIPHERMENT_KEY_USAGE
  • CERT_NON_REPUDIATION_KEY_USAGE
  • CERT_OFFLINE_CRL_SIGN_KEY_USAGE

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Wincrypt.h

See also

CERT_EXTENSION
CERT_POLICY_ID
CRYPT_BIT_BLOB
CryptDecodeObject
CryptEncodeObject

 

 

Community Additions

ADD
Show:
© 2014 Microsoft