Upravit

Sdílet prostřednictvím


IX509CertificateRequestCmc interface (certenroll.h)

The IX509CertificateRequestCmc interface represents a CMC (Certificate Management Message over CMS) certificate request. A CMC request is always wrapped by a PKCS #7 certificate message syntax (CMS) object. Therefore, the IX509CertificateRequestCmc interface inherits from the IX509CertificateRequestPkcs7 interface.

A CMC request contains sequences of TaggedAttribute, TaggedRequest, and TaggedContentInfo ASN.1 structures. The TaggedOtherMsg structure identified in the RFC is not supported.


CmcData ::= SEQUENCE 
{
   controlSequence         ControlSequence,
   reqSequence             ReqSequence,
   cmsSequence             CmsSequence,
   otherMsgSequence        OtherMsgSequence
}


ControlSequence  ::=    SEQUENCE OF TaggedAttribute
ReqSequence      ::=    SEQUENCE OF TaggedRequest
CmsSequence      ::=    SEQUENCE OF TaggedContentInfo
OtherMsgSequence ::=    SEQUENCE OF TaggedOtherMsg

TaggedAttribute ::= SEQUENCE 
{
   bodyPartID              BodyPartID,
   type                    EncodedObjectID,
   values                  AttributeSetValue
}

TaggedRequest ::= CHOICE 
{
   tcr                     [0] IMPLICIT TaggedCertificationRequest
}

TaggedContentInfo ::= SEQUENCE 
{
   bodyPartID              BodyPartID,
   contentInfo             ANY
}

BodyPartID ::= INTEGER (0..4294967295)
EncodedObjectID ::= OBJECT IDENTIFIER
AttributeSetValue ::= SET OF ANY

A CMC request can contain a PKCS #10 request in the TaggedRequest sequence or another CMC request object in the TaggedContentInfo sequence. There is no theoretical limit to the possible number of nesting levels, but certification authorities typically place a physical limit on the request size.

The TaggedAttribute sequence contains extensions and optional attributes. For more information, see CMC Extensions and CMC Attributes.

Inheritance

The IX509CertificateRequestCmc interface inherits from IX509CertificateRequestPkcs7. IX509CertificateRequestCmc also has these types of members:

Methods

The IX509CertificateRequestCmc interface has these methods.

 
IX509CertificateRequestCmc::get_ArchivePrivateKey

Specifies or retrieves a Boolean value that indicates whether to archive a private key on the certification authority (CA). (Get)
IX509CertificateRequestCmc::get_CriticalExtensions

Retrieves an IObjectIds collection that identifies the version 3 certificate extensions marked as critical. (IX509CertificateRequestCmc.get_CriticalExtensions)
IX509CertificateRequestCmc::get_CryptAttributes

Retrieves an ICryptAttributes collection of optional certificate attributes. (IX509CertificateRequestCmc.get_CryptAttributes)
IX509CertificateRequestCmc::get_EncryptedKeyHash

Retrieves a hash of the private key to be archived.
IX509CertificateRequestCmc::get_EncryptionAlgorithm

Specifies or retrieves an object identifier (OID) of the algorithm used to encrypt the private key to be archived. (Get)
IX509CertificateRequestCmc::get_EncryptionStrength

Specifies or retrieves the relative encryption level applied to the private key to be archived. (Get)
IX509CertificateRequestCmc::get_KeyArchivalCertificate

Specifies or retrieves a certification authority (CA) encryption certificate. (Get)
IX509CertificateRequestCmc::get_NameValuePairs

Retrieves an IX509NameValuePairs collection associated with a certificate request.
IX509CertificateRequestCmc::get_NullSigned

Retrieves a Boolean value that specifies whether the primary signature on the certificate request is null-signed.
IX509CertificateRequestCmc::get_SenderNonce

Specifies or retrieves a byte array that contains a nonce. (Get)
IX509CertificateRequestCmc::get_SignatureInformation

Retrieves the IX509SignatureInformation object that contains information about the primary signature used to sign the certificate request.
IX509CertificateRequestCmc::get_SignerCertificates

Retrieves a collection of certificates used to sign the request.
IX509CertificateRequestCmc::get_SuppressOids

Retrieves a collection of extension or attribute object identifiers (OIDs) to be suppressed from the certificate during the encoding process.
IX509CertificateRequestCmc::get_TemplateObjectId

Retrieves the object identifier (OID) of the template used to create the certificate request. (IX509CertificateRequestCmc.get_TemplateObjectId)
IX509CertificateRequestCmc::get_TransactionId

Specifies or retrieves a transaction identifier that can be used to track a certificate request or response. (Get)
IX509CertificateRequestCmc::get_X509Extensions

Retrieves a collection of the extensions included in the certificate request. (IX509CertificateRequestCmc.get_X509Extensions)
IX509CertificateRequestCmc::InitializeFromInnerRequestTemplateName

The InitializeFromInnerRequestTemplateName method initializes the certificate request from an inner request object and a template.
IX509CertificateRequestCmc::put_ArchivePrivateKey

Specifies or retrieves a Boolean value that indicates whether to archive a private key on the certification authority (CA). (Put)
IX509CertificateRequestCmc::put_EncryptionAlgorithm

Specifies or retrieves an object identifier (OID) of the algorithm used to encrypt the private key to be archived. (Put)
IX509CertificateRequestCmc::put_EncryptionStrength

Specifies or retrieves the relative encryption level applied to the private key to be archived. (Put)
IX509CertificateRequestCmc::put_KeyArchivalCertificate

Specifies or retrieves a certification authority (CA) encryption certificate. (Put)
IX509CertificateRequestCmc::put_SenderNonce

Specifies or retrieves a byte array that contains a nonce. (Put)
IX509CertificateRequestCmc::put_TransactionId

Specifies or retrieves a transaction identifier that can be used to track a certificate request or response. (Put)

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header certenroll.h

See also

CertEnroll Interfaces

IX509CertificateRequest

IX509CertificateRequestPkcs7