2.2.59 FW_CERT_CRITERIA
This structure contains fields that are used when selecting a local certificate and validating a remote peer's certificate during certificate authentication.
-
typedef struct FW_CERT_CRITERIA { WORD wSchemaVersion; WORD wFlags; FW_CERT_CRITERIA_TYPE CertCriteriaType; FW_CERT_CRITERIA_NAME_TYPE NameType; LPWSTR wszName; DWORD dwNumEku; LPSTR ppEku; LPWSTR wszHash; } FW_CERT_CRITERIA, *PFW_CERT_CRITERIA;
wSchemaVersion: Specifies the version of the criteria structure.
wFlags: A WORD containing bit flags, whose value is defined in FW_CERT_CRITERIA_FLAGS. The flag FW_AUTH_CERT_CRITERIA_FLAGS_FOLLOW_RENEWAL MUST NOT be set if the field wszHash is null. If specified, the flag FW_AUTH_CERT_CRITERIA_FLAGS_FOLLOW_RENEWAL MUST NOT be used if CertCriteriaType is equal to FW_CERT_CRITERIA_TYPE_VALIDATION.
CertCriteriaType: Specifies the type of criteria used, as among those specified in the FW_CERT_CRITERIA_TYPE enumeration. This value MUST be less than FW_CERT_CRITERIA_TYPE_MAX.
NameType: Specifies the type of name, as among those specified in the FW_CERT_CRITERIA_NAME_TYPE enumeration. This value MUST be less than FW_CERT_CRITERIA_NAME_MAX. If the value is not equal to FW_CERT_CRITERIA_NAME_NONE, then the value for wszName MUST be specified.
wszName: A Unicode string that specifies a name corresponding to the NameType specified. The length of this Unicode string MUST be less than 10,000 characters. The name MUST not contain the pipe "|" character.
dwNumEku: Specifies the number of EKU element entries in the ppEku array.
ppEku: Pointer to an array of pointers to null-terminated strings. Each string in the array MUST contain only characters in the range "0" to "9" or the "." character. The number of elements in the array MUST be equal to the value of the dwNumEku field.
wszHash: A Unicode string that specifies the hash of the certificate. The number of characters in the string MUST be equal to 40. Each character in the string MUST be in one of the following ranges: "0" to "9", "a" to "f", or "A" to "F".