CERT_AUTHORITY_KEY_ID_INFO structure (wincrypt.h)
The CERT_AUTHORITY_KEY_ID_INFO structure identifies the key used to sign a certificate or certificate revocation list (CRL). This structure differentiates among distinct keys used by the same certification authority as, for example, keys changed when an update occurs.
The key can be identified by an explicit key identifier, by giving a certificate's issuer and serial number, or by both. If both are used, the certificate issuer must ensure that the explicit key identifier, the certificate issuer and the serial number are consistent.
CryptDecodeObject creates an instance of this structure when performed on a CERT_EXTENSION structure's Value member with its structure's pszObjId member set to szOID_AUTHORITY_KEY_IDENTIFIER.
An instance of this structure can be used as input to CryptEncodeObject to create an appropriate CERT_EXTENSION.
Syntax
typedef struct _CERT_AUTHORITY_KEY_ID_INFO {
CRYPT_DATA_BLOB KeyId;
CERT_NAME_BLOB CertIssuer;
CRYPT_INTEGER_BLOB CertSerialNumber;
} CERT_AUTHORITY_KEY_ID_INFO, *PCERT_AUTHORITY_KEY_ID_INFO;
Members
KeyId
A CRYPT_DATA_BLOB structure that contains a unique identifier of a public key.
CertIssuer
A CERT_NAME_BLOB structure that contains the encoded distinguished name of the certification authority that issued the certificate.
CertSerialNumber
A CRYPT_INTEGER_BLOB structure that contains the serial number of the certificate associated with the private key used to sign this certificate. For more information, see CERT_INFO.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Header | wincrypt.h |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for