Export (0) Print
Expand All
Expand Minimize

CERT_STRONG_SIGN_SERIALIZED_INFO structure

Contains the signature algorithm/hash algorithm and public key algorithm/bit length pairs that can be used for strong signing. This structure is used by the CERT_STRONG_SIGN_PARA structure.

Syntax


typedef struct _CERT_STRONG_SIGN_SERIALIZED_INFO {
  DWORD  dwFlags;
  LPWSTR pwszCNGSignHashAlgids;
  LPWSTR pwszCNGPubKeyMinBitLengths;
} CERT_STRONG_SIGN_SERIALIZED_INFO, *PCERT_STRONG_SIGN_SERIALIZED_INFO;

Members

dwFlags

By default, certificate strong signing parameters do not apply to certificate revocation lists (CRLs) or online certificate status protocol (OCSP) responses. You can set one or both of the following values to enable strong signing on CRLs and OCSP responses.

ValueMeaning
CERT_STRONG_SIGN_ENABLE_CRL_CHECK
0x1

Enable strong signing of CRLs.

CERT_STRONG_SIGN_ENABLE_OCSP_CHECK
0x2

Enable strong signing of OCSP responses.

 

pwszCNGSignHashAlgids

Pointer to a null-terminated Unicode string that contains a set of signature algorithm/hash algorithm pairs. A Unicode semicolon (L";") separates the pairs. This is shown by the following example.

L"RSA/SHA256;RSA/SHA384;ECDSA/SHA256;ECDSA/SHA384"

The following signature algorithms are supported:

  • L"RSA" (BCRYPT_RSA_ALGORITHM)
  • L"DSA" (BCRYPT_DSA_ALGORITHM)
  • L"ECDSA" (SSL_ECDSA_ALGORITHM)

The following signature algorithms are not supported:

  • L"ECDSA_P256" (BCRYPT_ECDSA_P256_ALGORITHM)
  • L"ECDSA_P384" (BCRYPT_ECDSA_P384_ALGORITHM)
  • L"ECDSA_P521" (BCRYPT_ECDSA_P521_ALGORITHM)

The following hash algorithms are supported:

  • L"MD5" (BCRYPT_MD5_ALGORITHM)
  • L"SHA1" (BCRYPT_SHA1_ALGORITHM)
  • L"SHA256" (BCRYPT_SHA256_ALGORITHM)
  • L"SHA256" (BCRYPT_SHA256_ALGORITHM)
  • L"SHA512" (BCRYPT_SHA512_ALGORITHM)
pwszCNGPubKeyMinBitLengths

Pointer to a null-terminated Unicode string that contains a set of public key algorithm/bit length pairs. A Unicode semicolon (L";") separates the pairs. This is shown by the following example.

L”RSA/2048;ECDSA/256”

The following public key algorithms are supported:

  • L"RSA" (BCRYPT_RSA_ALGORITHM)
  • L"DSA" (BCRYPT_DSA_ALGORITHM)
  • L"ECDSA" (SSL_ECDSA_ALGORITHM)

Remarks

This structure is used by the CERT_STRONG_SIGN_PARA structure which is directly referenced by the following functions:

Also, CERT_STRONG_SIGN_PARA is indirectly referenced by the following:

Requirements

Minimum supported client

Windows 8 [desktop apps only]

Minimum supported server

Windows Server 2012 [desktop apps only]

Header

Wincrypt.h

See also

CERT_STRONG_SIGN_PARA

 

 

Community Additions

ADD
Show:
© 2014 Microsoft