X509PrivateKeyUsageFlags Enumeration

The X509PrivateKeyUsageFlags enumeration specifies the permitted uses of a private key. It is the responsibility of the cryptographic provider. The enumeration value can be set and retrieved by using the KeyUsage property on the IX509PrivateKey interface.

Syntax

typedef enum X509PrivateKeyUsageFlags {
  XCN_NCRYPT_ALLOW_USAGES_NONE,
  XCN_NCRYPT_ALLOW_DECRYPT_FLAG,
  XCN_NCRYPT_ALLOW_SIGNING_FLAG,
  XCN_NCRYPT_ALLOW_KEY_AGREEMENT_FLAG,
  XCN_NCRYPT_ALLOW_KEY_IMPORT_FLAG,
  XCN_NCRYPT_ALLOW_ALL_USAGES
} ;

Constants

XCN_NCRYPT_ALLOW_USAGES_NONE The permitted uses are not defined.
XCN_NCRYPT_ALLOW_DECRYPT_FLAG The key can be used to decrypt content. This maps to the following X509KeyUsageFlags values:
  • XCN_CERT_DATA_ENCIPHERMENT_KEY_USAGE
  • XCN_CERT_DECIPHER_ONLY_KEY_USAGE
  • XCN_CERT_ENCIPHER_ONLY_KEY_USAGE
  • XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE
XCN_NCRYPT_ALLOW_SIGNING_FLAG The key can be used for signing. This maps to the following X509KeyUsageFlags values:
  • XCN_CERT_CRL_SIGN_KEY_USAGE
  • XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE
  • XCN_CERT_KEY_CERT_SIGN_KEY_USAGE
XCN_NCRYPT_ALLOW_KEY_AGREEMENT_FLAG The key can be used to establish key agreement between entities.
XCN_NCRYPT_ALLOW_KEY_IMPORT_FLAG
XCN_NCRYPT_ALLOW_ALL_USAGES All of the uses defined for this enumeration are permitted.

Requirements

   
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Header certenroll.h

See Also

CertEnroll Enumerations

CertEnroll Interfaces

IX509PrivateKey