CAPICOM Reference
[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista and Windows XP. Instead, use the .NET Framework to implement security features. For more information, see Alternatives to Using CAPICOM.]
The CAPICOM COM client provides services that enable application developers to add security based on cryptography to applications. CryptoAPI includes functionality for authentication using digital signatures, for enveloping messages, and for encrypting and decrypting data.
| Category | Description |
|---|---|
| Certificate Store Objects | Objects available for using certificate stores and the certificates in those stores. |
| Digital Signature Objects | Objects used to digitally sign data and to verify digital signatures. |
| Enveloped Data Objects | Objects used to create enveloped data messages for privacy and to decrypt data in enveloped messages. |
| Data Encryption Objects | Objects used to encrypt data and to decrypt encrypted data. |
| Auxiliary Objects | Objects used to change default behaviors and to manage certificates, certificate stores, and user interface (UI) messages. |
| Interoperability Interfaces | Interfaces that allow derivations of CryptoAPI to work together with CAPICOM 2.0. |
| Enumeration Types | Enumeration types used with CAPICOM. |
Certificate Store Objects
The following objects work with certificate stores and the certificates in those stores. CAPICOM supports the use of Current User, Local Machine, Memory, and Active Directory certificate stores.
| Object | Description |
|---|---|
| Certificate | A single digital certificate. |
| CertificatePolicies | A collection of PolicyInformation objects. |
| Certificates | Collection of Certificate objects. |
| CertificateStatus | Provides status information on a certificate. |
| Chain | Creates and checks a certificate validation chain based on a digital certificate. |
| ExtendedProperties | Represents a collection of ExtendedProperty objects. |
| ExtendedProperty | Represents a Microsoft-extended property. |
| Extension | Represents a single certificate extension. |
| Extensions | Represents a collection of Extension objects. |
| PrivateKey | Represents a private key. |
| PublicKey | Represents a public key in a Certificate object. |
| Store | Provides the properties and methods to choose, manage, and use certificate stores and the certificates in those stores. |
| Template | Represents the certificate extension template of the certificate. |
Digital Signature Objects
The following objects are exported to digitally sign data and to verify digital signatures.
| Object | Description |
|---|---|
| SignedCode | Provides functionality for signing content with an Authenticode digital signature. |
| SignedData | Object used to sign data and to verify the signature on signed data. |
| Signer | Information on a single data signer, including the signer's certificate. |
| Signers | Collection of Signer objects. |
Enveloped Data Objects
The following objects are exported to create enveloped data messages for privacy and to decrypt data in enveloped messages.
| Object | Description |
|---|---|
| EnvelopedData | Objects used to create, send, and receive enveloped data. Enveloped data is encrypted so that only the intended recipients can decrypt it. |
| Recipients | Collection of the Certificate objects of the intended recipients of an enveloped message. |
Data Encryption Objects
The following object is exported to encrypt arbitrary data for privacy and to decrypt encrypted data.
| Object | Description |
|---|---|
| EncryptedData | Objects used to encrypt data. Encrypted data in an EncryptedData object can be decrypted. |
Auxiliary Objects
The following objects are exported to change default behaviors of other objects and to manage certificates, certificate stores, and messages.
| Object | Description |
|---|---|
| Algorithm | Sets the algorithm and key length to be used in cryptographic operations. |
| Attribute | Provides a single piece of added information about a signature, such as the time of signing. |
| Attributes | Collection of Attribute objects. |
| BasicConstraints | Provides read-only access to basic constraints on the uses of a certificate. |
| EKU | Provides access to EKU properties of certificates. |
| EKUs | Collection of EKU objects. |
| EncodedData | Represents a block of encoded data. |
| ExtendedKeyUsage | Provides read-only access to the extended key usage properties of certificates. |
| HashedData | Provides functionality for applying a hash algorithm to a string. |
| KeyUsage | Provides read-only access to key usage properties of certificates. |
| OID | Represents an object identifier that is used by several CAPICOM properties. |
| OIDs | Represents a collection of OID objects. |
| PolicyInformation | Provides access to the policy OIDs of an extension. |
| Qualifier | Represents a Certification Practice Statement (CPS) pointer or user notice qualifier. |
| Qualifiers | Represents a collection of qualifiers. |
| Settings | Enables or disables dialog boxes to prompt for signer or sender identity if that identity is not specified. |
| Utilities | Provides functionality for common tasks. |
Interoperability Interfaces
The following interfaces allow derivations of CryptoAPI to work together with CAPICOM 2.0.
| Interface | Description |
|---|---|
| ICertContext | Provides access to the context of a CAPICOM X.509v3 Certificate object. This context allows the CAPICOM certificate to be used in other derivations of CryptoAPI. |
| ICertStore | Provides access to the context of a CAPICOM Store object. This context allows the CAPICOM certificate store to be used in other derivations of CryptoAPI. |
| IChainContext | Provides access to the context of a CAPICOM Chain object. This context allows the CAPICOM certificate trust chain to be used in other derivations of CryptoAPI. |
Enumeration Types
CAPICOM defines the following enumeration types:
- CAPICOM_ACTIVE_DIRECTORY_SEARCH_LOCATION
- CAPICOM_ATTRIBUTE
- CAPICOM_CERT_INFO_TYPE
- CAPICOM_CERTIFICATE_FIND_TYPE
- CAPICOM_CERTIFICATE_INCLUDE_OPTION
- CAPICOM_CERTIFICATE_SAVE_AS_TYPE
- CAPICOM_CERTIFICATES_SAVE_AS_TYPE
- CAPICOM_CHECK_FLAG
- CAPICOM_EKU
- CAPICOM_ENCODING_TYPE
- CAPICOM_ENCRYPTION_ALGORITHM
- CAPICOM_ENCRYPTION_KEY_LENGTH
- CAPICOM_ERROR_CODE
- CAPICOM_EXPORT_FLAG
- CAPICOM_HASH_ALGORITHM
- CAPICOM_KEY_LOCATION
- CAPICOM_KEY_SPEC
- CAPICOM_KEY_STORAGE_FLAG
- CAPICOM_OID
- CAPICOM_PROPID
- CAPICOM_PROV_TYPE
- CAPICOM_SECRET_TYPE
- CAPICOM_SIGNED_DATA_VERIFY_FLAG
- CAPICOM_STORE_LOCATION
- CAPICOM_STORE_OPEN_MODE
- CAPICOM_STORE_SAVE_AS_TYPE