X509PrivateKeyUsageFlags enumeration

The X509PrivateKeyUsageFlags enumeration specifies the permitted uses of a private key. It is the responsibility of the cryptographic provider. The enumeration value can be set and retrieved by using the KeyUsage property on the IX509PrivateKey interface.

Syntax

C++

typedef enum  { 
  XCN_NCRYPT_ALLOW_USAGES_NONE         = 0,
  XCN_NCRYPT_ALLOW_DECRYPT_FLAG        = 0x1,
  XCN_NCRYPT_ALLOW_SIGNING_FLAG        = 0x2,
  XCN_NCRYPT_ALLOW_KEY_AGREEMENT_FLAG  = 0x4,
  XCN_NCRYPT_ALLOW_ALL_USAGES          = 0xffffff
} X509PrivateKeyUsageFlags;

Constants

XCN_NCRYPT_ALLOW_USAGES_NONE

The permitted uses are not defined.

XCN_NCRYPT_ALLOW_DECRYPT_FLAG

The key can be used to decrypt content. This maps to the following X509KeyUsageFlags values:

• XCN_CERT_DATA_ENCIPHERMENT_KEY_USAGE
• XCN_CERT_DECIPHER_ONLY_KEY_USAGE
• XCN_CERT_ENCIPHER_ONLY_KEY_USAGE
• XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE

XCN_NCRYPT_ALLOW_SIGNING_FLAG

The key can be used for signing. This maps to the following X509KeyUsageFlags values:

• XCN_CERT_CRL_SIGN_KEY_USAGE
• XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE
• XCN_CERT_KEY_CERT_SIGN_KEY_USAGE

XCN_NCRYPT_ALLOW_KEY_AGREEMENT_FLAG

The key can be used to establish key agreement between entities.

XCN_NCRYPT_ALLOW_ALL_USAGES

All of the uses defined for this enumeration are permitted.

Requirements

Minimum supported client	Windows Vista [desktop apps only]
Minimum supported server	Windows Server 2008 [desktop apps only]
Header	CertEnroll.h

See also

CertEnroll Enumerations

CertEnroll Interfaces

IX509PrivateKey

 

 

Send comments about this topic to Microsoft

Build date: 10/26/2012