Export (0) Print
Expand All

Alternatives to Using CAPICOM

[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista, Windows XP. Instead, use the .NET Framework to implement security features. For more information, see the alternatives listed below.]

Important  None of the alternatives to CAPICOM offer a solution for scripts; therefore, you must write your own ActiveX control. For more information, see ActiveX Controls.

Certificate Store Objects

We suggest the following alternatives for working with certificate stores and the certificates in those stores.

ObjectAlternative
Certificate

The Certificate object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Certificate2 Class in the System.Security.Cryptography.X509Certificates namespace.

CertificatePolicies

The CertificatePolicies object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Extension Class in the System.Security.Cryptography.X509Certificates namespace by calling the constructor that takes an OID as a parameter, and then use the OID for Certificate Policies to retrieve the certificate policies.

Certificates

The Certificates object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Certificate2Collection Class in the System.Security.Cryptography.X509Certificates namespace.

CertificateStatus

The CertificateStatus object is available for use in the operating systems specified in the Requirements section. Instead, use the X509ChainStatus Structure in the System.Security.Cryptography.X509Certificates namespace.

Chain

The Chain object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Chain Class in the System.Security.Cryptography.X509Certificates namespace.

ExtendedProperties

The ExtendedProperties object is available for use in the operating systems specified in the Requirements section. Instead, use Platform Invocation Services (PInvoke) to call the Win32 API function CertGetCertificateContextProperty and obtain the properties. For information about PInvoke, see Platform Invoke Tutorial. The .NET and CryptoAPI via P/Invoke: Part 1 and .NET and CryptoAPI via P/Invoke: Part 2 subsections of Extending .NET Cryptography with CAPICOM and P/Invoke may also be helpful.

ExtendedProperty

The ExtendedProperty object is available for use in the operating systems specified in the Requirements section. Instead, use Platform Invocation Services (PInvoke) to call the Win32 API function CertGetCertificateContextProperty and obtain the properties. For information about PInvoke, see Platform Invoke Tutorial. The .NET and CryptoAPI via P/Invoke: Part 1 and .NET and CryptoAPI via P/Invoke: Part 2 subsections of Extending .NET Cryptography with CAPICOM and P/Invoke may also be helpful.

Extension

The Extension object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Extension Class in the System.Security.Cryptography.X509Certificates namespace.

Extensions

The Extensions object is available for use in the operating systems specified in the Requirements section. Instead, use the X509ExtensionCollection Class in the System.Security.Cryptography.X509Certificates namespace.

PrivateKey

The PrivateKey object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Certificate2.PrivateKey Property in the System.Security.Cryptography.X509Certificates namespace.

PublicKey

The PublicKey object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Certificate2.PublicKey Property in the System.Security.Cryptography.X509Certificates namespace.

Store

The Store object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Store Class in the System.Security.Cryptography.X509Certificates namespace.

Template

The Template object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Extension Class in the System.Security.Cryptography.X509Certificates namespace by calling the constructor that takes an OID as a parameter, and then use the OID for Certificate Template to retrieve the certificate extension template.

 

Digital Signature Objects

We suggest the following alternatives to digitally sign data and to verify digital signatures.

ObjectAlternative
SignedCode

The SignedCode object is available for use in the operating systems specified in the Requirements section. Instead, use Platform Invocation Services (PInvoke) to call the Win32 API SignerSignEx, SignerTimeStampEx, and WinVerifyTrust functions to sign content with an Authenticode digital signature. For information about PInvoke, see Platform Invoke Tutorial. The .NET and CryptoAPI via P/Invoke: Part 1 and .NET and CryptoAPI via P/Invoke: Part 2 subsections of Extending .NET Cryptography with CAPICOM and P/Invoke may also be helpful.

SignedData

The SignedData object is available for use in the operating systems specified in the Requirements section. Instead, use the SignedCms Class in the System.Security.Cryptography.Pkcs namespace.

Signer

The Signer object is available for use in the operating systems specified in the Requirements section. Instead, use the CmsSigner Class in the System.Security.Cryptography.Pkcs namespace.

Signers

The Signers object is available for use in the operating systems specified in the Requirements section. Instead, use a collection of CmsSigner objects. For more information, see the CmsSigner Class in the System.Security.Cryptography.Pkcs namespace.

 

Enveloped Data Objects

We suggest the following alternatives to create enveloped data messages for privacy and to decrypt data in enveloped messages.

ObjectDescription
EnvelopedData

The EnvelopedData object is available for use in the operating systems specified in the Requirements section. Instead, use the EnvelopedCms Class in the System.Security.Cryptography.Pkcs namespace.

Recipients

The Recipients object is available for use in the operating systems specified in the Requirements section. Instead, use the CmsRecipientCollection Class in the System.Security.Cryptography.Pkcs namespace.

 

Data Encryption Objects

We suggest the following alternatives to encrypt arbitrary data for privacy and to decrypt encrypted data.

ObjectDescription
EncryptedData

The EncryptedData object is available for use in the operating systems specified in the Requirements section. Instead, use Platform Invocation Services (PInvoke) to call the Win32 API functions CryptEncryptMessage and CryptDecryptMessage to encrypt and decrypt messages. For information about PInvoke, see Platform Invoke Tutorial. The .NET and CryptoAPI via P/Invoke: Part 1 and .NET and CryptoAPI via P/Invoke: Part 2 subsections of Extending .NET Cryptography with CAPICOM and P/Invoke may also be helpful.

 

Auxiliary Objects

We suggest the following alternatives to change default behaviors of other objects and to manage certificates, certificate stores, and messages.

ObjectDescription
Algorithm

The Algorithm object is available for use in the operating systems specified in the Requirements section. Instead, use the AlgorithmIdentifier Class in the System.Security.Cryptography.Pkcs namespace.

Attribute

The Attribute object is available for use in the operating systems specified in the Requirements section. Instead, use the CryptographicAttributeObject Class in the System.Security.Cryptography namespace.

Attributes

The Attributes object is available for use in the operating systems specified in the Requirements section. Instead, use the CryptographicAttributeObjectCollection Class in the System.Security.Cryptography namespace.

BasicConstraints

The BasicConstraints object is available for use in the operating systems specified in the Requirements section. Instead, use the X509BasicConstraintsExtension Class in the System.Security.Cryptography.X509Certificates namespace.

EKU

The EKU object is available for use in the operating systems specified in the Requirements section. Instead, use the X509EnhancedKeyUsageExtension Class in the System.Security.Cryptography.X509Certificates namespace.

EKUs

The EKUs object is available for use in the operating systems specified in the Requirements section. Instead, use the X509ExtensionCollection Class in the System.Security.Cryptography.X509Certificates namespace.

EncodedData

The EncodedData object is available for use in the operating systems specified in the Requirements section. Instead, use the AsnEncodedData Class in the System.Security.Cryptography namespace.

ExtendedKeyUsage

The ExtendedKeyUsage object is available for use in the operating systems specified in the Requirements section. Instead, use the X509EnhancedKeyUsageExtension Class in the System.Security.Cryptography.X509Certificates namespace.

HashedData

The HashedData object is available for use in the operating systems specified in the Requirements section. Instead, use the HashAlgorithm Class in the System.Security.Cryptography namespace.

KeyUsage

The KeyUsage object is available for use in the operating systems specified in the Requirements section. Instead, use the X509EnhancedKeyUsageExtension Class in the System.Security.Cryptography.X509Certificates namespace.

NoticeNumbers

The NoticeNumbers object is available for use in the operating systems specified in the Requirements section. For more information, see Qualifier.

OID

The OID object is available for use in the operating systems specified in the Requirements section. Instead, use the Oid Class in the System.Security.Cryptography namespace.

OIDs

The OIDs object is available for use in the operating systems specified in the Requirements section. Instead, use the OidCollection Class in the System.Security.Cryptography namespace.

PolicyInformation

The PolicyInformation object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Extension Class in the System.Security.Cryptography.X509Certificates namespace by calling the constructor that takes an OID as a parameter, and then use the OID for Certificate Policies to process policy information in the Certificate policies extension.

Qualifier

The Qualifier object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Extension Class in the System.Security.Cryptography.X509Certificates namespace by calling the constructor that takes an OID as a parameter, and then use the OID for Certificate Policies to process qualifiers that are part of the policy information in the Certificate Policies extension.

Qualifiers

The Qualifiers object is available for use in the operating systems specified in the Requirements section. Instead, use the X509Extension Class in the System.Security.Cryptography.X509Certificates namespace by calling the constructor that takes an OID as a parameter, and then use the OID for Certificate Policies to process qualifiers that are part of the policy information in the Certificate Policies extension.

Settings

No alternative is available.

Utilities

No alternative is available.

 

 

 

Community Additions

ADD
Show:
© 2014 Microsoft