Windows Mobile 6.5
A version of this page is also available for

This structure contains optional additional information about the public key being certified. It can include a key identifier, an indication of the intended use of that key, or an indication of the period of use of the corresponding private key.

The CryptDecodeObject function creates an instance of this structure when performed on a CERT_EXTENSION structure's Value member with the structure's pszObjId member set to szOID_KEY_ATTRIBUTES.

An instance of this structure can be used as input to the CryptEncodeObject function to create an appropriate CERT_EXTENSION structure.

typedef struct _CERT_KEY_ATTRIBUTES_INFO {
  CRYPT_BIT_BLOB IntendedKeyUsage;


CRYPT_DATA_BLOB structure with a unique identifier of a key.


CRYPT_BIT_BLOB structure with its pbData member indicating the intended purpose of the key. See the RestrictedKeyUsage member of the CERT_KEY_USAGE_RESTRICTION_INFO structure for a list of usage bit values.

This member can be used to find the correct key or certificate of a user who has multiple keys or certificates. Its indication of usage is an advisory field only and does not imply that usage of the key is restricted to the purpose indicated. The list of intended uses is not necessarily all-inclusive, and the field can be omitted. If a key is to be restricted to a particular use, a CERT_KEY_USAGE_RESTRICTION_INFO extension must be used.


Pointer to a CERT_PRIVATE_KEY_VALIDITY structure that indicates the period of use of the private key corresponding to the certified public key. This member is optional and can be set to NULL.

Windows Embedded CEWindows CE 3.0 and later
Windows MobileWindows Mobile Version 5.0 and later

Community Additions