X509PrivateKeyExportFlags enumeration (certenroll.h)

The X509PrivateKeyExportFlags enumeration type specifies the export policy for a private key. For a Cryptography API: Next Generation (CNG) key, the policy is stored by the key service provider (KSP), and it is the responsibility of the KSP to enforce the policy. When a legacy cryptographic service provider (CSP) is specified, the policy is used when creating the key, and it is the responsibility of the CSP to enforce the policy. This enumeration is used when specifying and retrieving the ExportPolicy property on the IX509PrivateKey interface.

Syntax

typedef enum X509PrivateKeyExportFlags {
  XCN_NCRYPT_ALLOW_EXPORT_NONE = 0,
  XCN_NCRYPT_ALLOW_EXPORT_FLAG = 0x1,
  XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG = 0x2,
  XCN_NCRYPT_ALLOW_ARCHIVING_FLAG = 0x4,
  XCN_NCRYPT_ALLOW_PLAINTEXT_ARCHIVING_FLAG = 0x8
} ;

Constants

 
XCN_NCRYPT_ALLOW_EXPORT_NONE
Value: 0
Export is not allowed. This is the default value.
XCN_NCRYPT_ALLOW_EXPORT_FLAG
Value: 0x1
The private key can be exported.
XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG
Value: 0x2
The private key can be exported in plaintext form.
XCN_NCRYPT_ALLOW_ARCHIVING_FLAG
Value: 0x4
The private key can be exported once for archiving.
XCN_NCRYPT_ALLOW_PLAINTEXT_ARCHIVING_FLAG
Value: 0x8
The private key can be exported once in plaintext form for archiving.

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Header certenroll.h

See also

CertEnroll Enumerations

CertEnroll Interfaces

IX509PrivateKey