CertGetCRLContextProperty function (wincrypt.h)
The CertGetCRLContextProperty function gets an extended property for the specified certificate revocation list (CRL) context.
Syntax
BOOL CertGetCRLContextProperty(
[in] PCCRL_CONTEXT pCrlContext,
[in] DWORD dwPropId,
[out] void *pvData,
[in, out] DWORD *pcbData
);
Parameters
[in] pCrlContext
A pointer to the CRL_CONTEXT structure.
[in] dwPropId
Identifies the property to be retrieved. Currently defined identifiers and the data type to be returned in pvData are listed in the following table.
Value | Meaning |
---|---|
|
Data type for pvData: pointer to a DWORD
Returns a DWORD value indicating whether write operations to the certificate are persisted. The DWORD value is not set if the certificate is in a memory store or in a registry-based store that is opened as read-only. |
|
Data type for pvData: NULL
Indicates the certificate is skipped during enumerations. A certificate with this property set is found with explicit search operations, such as those used to find a certificate with a specific hash or a serial number. No data in pvData is associated with this property. |
|
Data type for pvData: pointer to a BYTE array
Returns a null-terminated Unicode string naming the certificate type for which the certificate has been auto enrolled. |
|
Data type for pvData: pointer to a BYTE array
Returns an array of bytes containing an Abstract Syntax Notation One (ASN.1) encoded CTL_USAGE structure. |
|
Data type for pvData: pointer to a BYTE array
Returns the property displayed by the certificate UI. This property allows the user to describe the certificate's use. |
|
Data type for pvData:
Returns an array of bytes containing an ASN.1 encoded CERT_ENHKEY_USAGE structure. |
|
Data type for pvData: pointer to a BYTE array
Returns a null-terminated Unicode character string that contains the display name for the CRL. |
|
Data type for pvData: Pointer to a null-terminated Unicode string.
Returns a string containing a set of L"<PUBKEY>/<BITLENGTH>" public key algorithm and bit length pairs. The semicolon, L";", is used as the delimiter. The <PUBKEY> value identifies the CNG public key algorithm. The following algorithms are supported:
Note This property cannot be retrieved for a delegated OCSP signer certificate. A delegated signer certificate is signed with the same key used to sign the subject certificate and is checked there.
: L"RSA/2048;RSA/4096" |
|
Data type for pvData: Pointer to a null-terminated Unicode string.
Returns a string that contains a set of L"<SIGNATURE>/<HASH>" algorithm pairs. The semicolon, L";", is used as the delimiter between pairs. This property is set only when an OCSP response is converted to a CRL. For a delegated OCSP signer certificate, only the algorithm pair for the signer certificate is returned. For an independent OCSP signer certificate chain, an algorithm pair is returned for each certificate in the chain excluding the root. The <SIGNATURE> value identifies the CNG public key algorithm. The following algorithms are supported:
|
|
Data type for pvData: Pointer to a DWORD value.
Returns the length, in bits, of the public key in the CRL issuer certificate. This property is also applicable to an OCSP response that has been converted to a CRL. Windows 8 and Windows Server 2012: Support for this property begins. |
|
Data type for pvData: pointer to a CERT_KEY_CONTEXT
Returns a CERT_KEY_CONTEXT structure. |
|
Data type for pvData: pointer to a BYTE array
If nonexistent, searches for the szOID_SUBJECT_KEY_IDENTIFIER extension. If that fails, a SHA1 hash is done on the certificate's SubjectPublicKeyInfo member to produce the identifier values. |
|
Data type for pvData: pointer to an HCRYPTPROV
Returns the provider handle obtained from the CERT_KEY_CONTEXT_PROP_ID. |
|
Data type for pvData: pointer to a CRYPT_KEY_PROV_INFO
Returns a pointer to a CRYPT_KEY_PROV_INFO. |
|
Data type for pvData: pointer to a DWORD
Returns a DWORD value specifying the private key obtained from CERT_KEY_CONTEXT_PROP_ID property if it exists. Otherwise, if CERT_KEY_PROV_INFO_PROP_ID exists, it is the source of the dwKeySpec. |
|
Data type for pvData: pointer to a BYTE array
Returns the MD5 hash. If the hash does not exist, it is computed using CryptHashCertificate. |
|
Data type for pvData: pointer to a BYTE array
Returns the ASN.1 encoded CERT_ALT_NAME_INFO structure. CERT_NEXT_UPDATE_LOCATION_PROP_ID is currently used only with CTLs. |
|
Data type for pvData: pointer to a BYTE array
Returns a null-terminated Unicode, wide character string specifying the file name containing the private key associated with the certificate's public key. |
|
Data type for pvData: pointer to a BYTE array
Returns the SHA1 hash. If the hash does not exist, it is computed using CryptHashCertificate. |
|
Data type of pvData: Pointer to a null-terminated Unicode string.
Returns the L”<SIGNATURE>/<HASH>” string representing the certificate signature. The <SIGNATURE> value identifies the CNG public key algorithm. The following algorithms are supported:
Windows 8 and Windows Server 2012: Support for this property begins. |
|
Data type for pvData: pointer to a BYTE array
Returns the signature hash. If the hash does not exist, it is computed with CryptHashToBeSigned. The length of the hash is 20 bytes for SHA and 16 for MD5. |
For many property identifiers, pvData points to an array of bytes and not a CRYPT_DATA_BLOB as pointed to by the pvData parameter in CertSetCRLContextProperty.
For more information about each property identifier, see the documentation on the dwPropId parameter in CertSetCertificateContextProperty.
[out] pvData
A pointer to a buffer to receive the data as determined by dwPropId. Structures pointed to by members of a structure returned are also returned following the base structure. Therefore, the size contained in pcbData often exceed the size of the base structure.
This parameter can be NULL to set the size of the information for memory allocation purposes. For more information, see Retrieving Data of Unknown Length.
[in, out] pcbData
A pointer to a DWORD value specifying the size, in bytes, of the buffer pointed to by the pvData parameter. When the function returns, the DWORD value contains the number of bytes to be stored in the buffer.
Return value
If the function succeeds, the return value is TRUE.
If the function fails, the return value is FALSE.
Note that errors from the called function CryptHashCertificate can be propagated to this function. For extended error information, call GetLastError. Some possible error codes follow.
Return code | Description |
---|---|
|
The CRL does not have the specified property. |
|
If the buffer specified by the pvData parameter is not large enough to hold the returned data, the function sets the ERROR_MORE_DATA code and stores the required buffer size, in bytes, in the variable pointed to by pcbData. |
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows XP [desktop apps | UWP apps] |
Minimum supported server | Windows Server 2003 [desktop apps | UWP apps] |
Target Platform | Windows |
Header | wincrypt.h |
Library | Crypt32.lib |
DLL | Crypt32.dll |