The IX509ExtensionSmimeCapabilities interface can be used to report the decryption capabilities of an e-mail recipient to an e-mail sender so that the sender can choose the most secure algorithm supported by both parties. The following syntax shows the Abstract Syntax Notation One (ASN.1) structure of the extension. The extension value is encoded by using Distinguished Encoding Rules (DER) and included in the certificate request.
----------------------------------------------------------------------
-- SMIMECapabilities
-- XCN_OID_RSA_SMIMECapabilities (1.2.840.113549.1.9.15)
----------------------------------------------------------------------
SMIMECapabilities ::= SEQUENCE OF SMIMECapability
SMIMECapability ::= SEQUENCE
{
capabilityID EncodedObjectID,
smimeParameters ANY OPTIONAL
}
The extension can be initialized from a collection of ISmimeCapability objects, each of which identifies a symmetric encryption algorithm and optional key length. The following algorithms are supported.
| OID | Description |
|---|
| XCN_OID_OIWSEC_desCBC (1.3.14.3.2.7)
| Data Encryption Standard (DES) in cipher block chaining (CBC) mode. The key length is 56 bits. |
| XCN_OID_RSA_DES_EDE3_CBC (1.2.840.113549.3.7)
| Triple DES (3DES) in CBC mode. The key length is 168 bits. |
| XCN_OID_RSA_RC2CBC (1.2.840.113549.3.2)
| RC2 algorithm in CBC mode. The key length is variable from 40 to 128 bits. |
| XCN_OID_RSA_RC4 (1.2.840.113549.3.4)
| RC4 algorithm. The key length is variable from 40 to 128 bits. |
| XCN_OID_RSA_SMIMEalgCMS3DESwrap (1.2.840.113549.1.9.16.3.6)
| 3DES used for key wrapping. The key length is 168 bits. |
| XCN_OID_RSA_SMIMEalgCMSRC2wrap (1.2.840.113549.1.9.16.3.7)
| RC2 used for key wrapping. The key length is 128 bits. |
| XCN_OID_NIST_AES128_CBC (2.16.840.1.101.3.4.1.2)
| Advanced Encryption Standard (AES) in CBC mode. The key length is 128 bits. |
| XCN_OID_NIST_AES192_CBC (2.16.840.1.101.3.4.1.22)
| AES in CBC mode. The key length is 192 bits. |
| XCN_OID_NIST_AES256_CBC (2.16.840.1.101.3.4.1.42)
| AES in CBC mode. The key length is 256 bits. |
| XCN_OID_NIST_AES128_WRAP (2.16.840.1.101.3.4.1.5)
| AES used for key wrapping. The key length is 128 bits. |
| XCN_OID_NIST_AES192_WRAP (2.16.840.1.101.3.4.1.25)
| AES used for key wrapping. The key length is 192 bits. |
| XCN_OID_NIST_AES256_WRAP (2.16.840.1.101.3.4.1.45)
| AES used for key wrapping. The key length is 256 bits. |
To add this extension object to a PKCS #10 request or a CMC request, you must first add it to an IX509Extensions collection and use the collection to initialize an IX509AttributeExtensions object. For more information, see the PKCS #10 Extensions and the CMC Extensions topics.
Methods
The IX509ExtensionSmimeCapabilities interface inherits from IX509Extension.
In addition, IX509ExtensionSmimeCapabilities defines the following methods.
Properties
The IX509ExtensionSmimeCapabilities interface defines the following property.
| Property | Access type | Description |
|---|
SmimeCapabilities | Read-only | Retrieves a collection of ISmimeCapability objects.
|
Requirements
| Minimum supported client | Windows Vista |
|---|
| Minimum supported server | Windows Server 2008 |
|---|
| Header | CertEnroll.h |
|---|
| DLL | CertEnroll.dll |
|---|
Send comments about this topic to Microsoft
Build date: 11/19/2009