IEnroll4::LimitExchangeKeyToEncipherment property

[This property is no longer available for use as of Windows Server 2008 and Windows Vista.]

The LimitExchangeKeyToEncipherment property sets or retrieves a Boolean value that determines whether an AT_KEYEXCHANGE request contains digital signature and nonrepudiation key usages.

This property was first introduced in the IEnroll2 interface.

This property is read/write.

Syntax


HRESULT put_LimitExchangeKeyToEncipherment(
  [in]   BOOL fLimitExchangeKeyToEncipherment
);

HRESULT get_LimitExchangeKeyToEncipherment(
  [out]  BOOL *pfLimitExchangeKeyToEncipherment
);

Property value

BOOL value assigned to the LimitExchangeKeyToEncipherment property. The default value is FALSE.

Error codes

If the property access methods put_LimitExchangeKeyToEncipherment and get_LimitExchangeKeyToEncipherment succeed, they return S_OK.

Any other HRESULT value indicates that the call failed.

Remarks

This property is a Boolean value and affects only AT_KEYEXCHANGE requests. It has no impact on AT_SIGNATURE requests.

If the value for this property is FALSE, an AT_KEYEXCHANGE request will contain the following key usages:

  • CERT_DATA_ENCIPHERMENT_KEY_USAGE
  • CERT_KEY_ENCIPHERMENT_KEY_USAGE
  • CERT_DIGITAL_SIGNATURE_KEY_USAGE
  • CERT_NON_REPUDIATION_KEY_USAGE

If the value for this property is TRUE, an AT_KEYEXCHANGE request will contain the following key usages:

  • CERT_DATA_ENCIPHERMENT_KEY_USAGE
  • CERT_KEY_ENCIPHERMENT_KEY_USAGE

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

End of client support

Windows XP

End of server support

Windows Server 2003

Header

Xenroll.h

Library

Uuid.lib

DLL

Xenroll.dll

IID

IID_IEnroll4 is defined as f8053fe5-78f4-448f-a0db-41d61b73446b

See also

IEnroll4

 

 

Community Additions

ADD
Show:
© 2014 Microsoft