Important: |
---|
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
CryptoAPI supports the encoding and decoding of certificates. CryptoAPI includes an extensive, flexible system of functions and C structures that allow encoding and decoding in various ways. CryptoAPI supports standard X.509 certificate structure and standard ASN.1 encoding to provide interoperability with other systems.
Certificate Contexts
A certificate context, CERT_CONTEXT, is a C structure that contains an encoded member, a handle to a certificate store, a pointer to the original encoded certificate BLOB, and a pointer to a CERT_INFOC structure.
The IssuerUniqueIDand SubjectUniqueIDmembers are part of the X.509 version 2 certificate implementation but are seldom used. Certificate extensions in version 3 replace the functionality of these members.
If the information contained in the encoded (shaded) members Issuerand Subjectis needed, those members must be decoded. Use CryptDecodeObjectExto decode these members. The following illustration shows the process of decoding one of these members.
In the illustrated case, the CryptDecodeObjectfunction creates a CERT_NAME_INFOstructure, an array of CERT_RDNstructures, a corresponding array of CERT_RDN_ATTRstructures, and a string containing the name. Members of the CERT_RDN_ATTRstructure determine the contents of the string. For example, if the pszObjIdmember is 2.5.4.3, the string contains a common name. If it is 2.5.4.10, the string would contain an organization name. For a list of these ObjIds, see CERT_RDN_ATTR.
The dwValueTypemember contains information about the type of string. If it is CERT_RDN_PRINTABLE_STRING, the value member contains a byte-width, zero-terminated character string. If it is CERT_RDN_UNICODE_STRING, the string is a double-width (word-sized) character string.