KeyIdentifierHashAlgorithm enumeration (certenroll.h)

The KeyIdentifierHashAlgorithm enumeration type specifies the algorithm used to hash the public key in a certificate request. This enumeration is used by the ComputeKeyIdentifier method on the IX509PublicKey interface, and the key identifier can be used to initialize the IX509ExtensionSubjectKeyIdentifier and IX509ExtensionAuthorityKeyIdentifier objects.

Syntax

typedef enum KeyIdentifierHashAlgorithm {
  SKIHashDefault = 0,
  SKIHashSha1 = 1,
  SKIHashCapiSha1 = 2,
  SKIHashSha256 = 3,
  SKIHashHPKP = 5
} ;

Constants

 
SKIHashDefault
Value: 0
The default hash algorithm. This is redundant with the SKIHashSha1 value.
SKIHashSha1
Value: 1
A 160-bit SHA-1 hash of a Distinguished Encoding Rules (DER) encoded public key, excluding the tag, length, and number of unused bits.
SKIHashCapiSha1
Value: 2
A 160-bit SHA-1 hash of a DER-encoded public key, including the tag, length, and number of unused bits.
SKIHashSha256
Value: 3
A 256-bit SHA256 (SHA-2) hash of a DER-encoded public key, including the tag, length, and number of unused bits.
SKIHashHPKP
Value: 5

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Header certenroll.h

See also

CertEnroll Enumerations

CertEnroll Interfaces

ComputeKeyIdentifier

IX509ExtensionAuthorityKeyIdentifier

IX509ExtensionSubjectKeyIdentifier

IX509PublicKey