Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

X509PrivateKeyProtection enumeration

The X509PrivateKeyProtection enumeration specifies the level of private key protection supported by a cryptographic provider. For example, if strong key protection is enabled, the user is typically prompted to enter a password when the key is created and whenever the key is used. The precise behavior is specified by the KSP or CSP being used. The enumeration value can be specified or retrieved by using the KeyProtection property on the IX509PrivateKey interface.

Syntax


typedef enum  { 
  XCN_NCRYPT_UI_NO_PROTECTION_FLAG          = 0,
  XCN_NCRYPT_UI_PROTECT_KEY_FLAG            = 0x1,
  XCN_NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG  = 0x2
} X509PrivateKeyProtection;

Constants

XCN_NCRYPT_UI_NO_PROTECTION_FLAG

The protection level is not specified.

XCN_NCRYPT_UI_PROTECT_KEY_FLAG

A user interface is displayed to indicate that a process is attempting to use the key. The exact behavior is specified by the KSP or CSP being used. Some Microsoft legacy CSPs allow the client to decide whether a password is required to use the key or whether the user must only acknowledge a prompt.

XCN_NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG

Specifies strong key protection. The user is typically prompted to enter a password when the key is created and whenever the key is used. The exact behavior is specified by the KSP being used. This value is not supported by the Certificate Enrollment API for legacy CSPs.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

CertEnroll.h

See also

CertEnroll Enumerations
CertEnroll Interfaces
IX509PrivateKey

 

 

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.