wincrypt.h header

This header is used by Security and Identity. For more information, see:

Functions

Title Description
CertAddCertificateContextToStore Adds a certificate context to the certificate store.
CertAddCertificateLinkToStore Adds a link in a certificate store to a certificate context in a different store.
CertAddCRLContextToStore Adds a certificate revocation list (CRL) context to the specified certificate store.
CertAddCRLLinkToStore Adds a link in a store to a certificate revocation list (CRL) context in a different store.
CertAddCTLContextToStore Adds a certificate trust list (CTL) context to a certificate store.
CertAddCTLLinkToStore The CertAddCTLLinkToStore function adds a link in a store to a certificate trust list (CTL) context in a different store. Instead of creating and adding a duplicate of a CTL context, this function adds a link to the original CTL context.
CertAddEncodedCertificateToStore Creates a certificate context from an encoded certificate and adds it to the certificate store.
CertAddEncodedCertificateToSystemStoreA Opens the specified system store and adds the encoded certificate to it.
CertAddEncodedCertificateToSystemStoreW Opens the specified system store and adds the encoded certificate to it.
CertAddEncodedCRLToStore Creates a certificate revocation list (CRL) context from an encoded CRL and adds it to the certificate store.
CertAddEncodedCTLToStore Creates a certificate trust list (CTL) context from an encoded CTL and adds it to the certificate store.
CertAddEnhancedKeyUsageIdentifier The CertAddEnhancedKeyUsageIdentifier function adds a usage identifier object identifier (OID) to the enhanced key usage (EKU) extended property of the certificate.
CertAddRefServerOcspResponse Increments the reference count for an HCERT_SERVER_OCSP_RESPONSE handle.
CertAddRefServerOcspResponseContext Increments the reference count for a CERT_SERVER_OCSP_RESPONSE_CONTEXT structure.
CertAddSerializedElementToStore Adds a serialized certificate, certificate revocation list (CRL), or certificate trust list (CTL) element to the store.
CertAddStoreToCollection The CertAddStoreToCollection function adds a sibling certificate store to a collection certificate store.
CertAlgIdToOID Converts a CryptoAPI algorithm identifier (ALG_ID) to an Abstract Syntax Notation One (ASN.1) object identifier (OID) string.
CertCloseServerOcspResponse Closes an online certificate status protocol (OCSP) server response handle.
CertCloseStore Closes a certificate store handle and reduces the reference count on the store.
CertCompareCertificate Determines whether two certificates are identical by comparing the issuer name and serial number of the certificates.
CertCompareCertificateName The CertCompareCertificateName function compares two certificate CERT_NAME_BLOB structures to determine whether they are identical. The CERT_NAME_BLOB structures are used for the subject and the issuer of certificates.
CertCompareIntegerBlob The CertCompareIntegerBlob function compares two integer BLOBs to determine whether they represent equal numeric values.
CertComparePublicKeyInfo The CertComparePublicKeyInfo function compares two encoded public keys to determine whether they are identical.
CertControlStore Allows an application to be notified when there is a difference between the contents of a cached store in use and the contents of that store as it is persisted to storage.
CertCreateCertificateChainEngine The CertCreateCertificateChainEngine function creates a new, nondefault chain engine for an application.
CertCreateCertificateContext Creates a certificate context from an encoded certificate. The created context is not persisted to a certificate store. The function makes a copy of the encoded certificate within the created context.
CertCreateContext Creates the specified context from the encoded bytes. The context created does not include any extended properties.
CertCreateCRLContext The CertCreateCRLContext function creates a certificate revocation list (CRL) context from an encoded CRL. The created context is not persisted to a certificate store. It makes a copy of the encoded CRL within the created context.
CertCreateCTLContext The CertCreateCTLContext function creates a certificate trust list (CTL) context from an encoded CTL. The created context is not persisted to a certificate store. The function makes a copy of the encoded CTL within the created context.
CertCreateCTLEntryFromCertificateContextProperties The CertCreateCTLEntryFromCertificateContextProperties function creates a certificate trust list (CTL) entry whose attributes are the properties of the certificate context. The SubjectIdentifier in the CTL entry is the SHA1 hash of the certificate.
CertCreateSelfSignCertificate Builds a self-signed certificate and returns a pointer to a CERT_CONTEXT structure that represents the certificate.
CertDeleteCertificateFromStore The CertDeleteCertificateFromStore function deletes the specified certificate context from the certificate store.
CertDeleteCRLFromStore The CertDeleteCRLFromStore function deletes the specified certificate revocation list (CRL) context from the certificate store.
CertDeleteCTLFromStore The CertDeleteCTLFromStore function deletes the specified certificate trust list (CTL) context from a certificate store.
CertDuplicateCertificateChain The CertDuplicateCertificateChain function duplicates a pointer to a certificate chain by incrementing the chain's reference count.
CertDuplicateCertificateContext Duplicates a certificate context by incrementing its reference count.
CertDuplicateCRLContext The CertDuplicateCRLContext function duplicates a certificate revocation list (CRL) context by incrementing its reference count.
CertDuplicateCTLContext The CertDuplicateCTLContext function duplicates a certificate trust list (CTL) context by incrementing its reference count.
CertDuplicateStore Duplicates a store handle by incrementing the store's reference count.
CertEnumCertificateContextProperties The CertEnumCertificateContextProperties function retrieves the first or next extended property associated with a certificate context.
CertEnumCertificatesInStore Retrieves the first or next certificate in a certificate store. Used in a loop, this function can retrieve in sequence all certificates in a certificate store.
CertEnumCRLContextProperties The CertEnumCRLContextProperties function retrieves the first or next extended property associated with a certificate revocation list (CRL) context.
CertEnumCRLsInStore The CertEnumCRLsInStore function retrieves the first or next certificate revocation list (CRL) context in a certificate store. Used in a loop, this function can retrieve in sequence all CRL contexts in a certificate store.
CertEnumCTLContextProperties The CertEnumCTLContextProperties function retrieves the first or next extended property associated with a certificate trust list (CTL) context. Used in a loop, this function can retrieve in sequence all extended properties associated with a CTL context.
CertEnumCTLsInStore The CertEnumCTLsInStore function retrieves the first or next certificate trust list (CTL) context in a certificate store. Used in a loop, this function can retrieve in sequence all CTL contexts in a certificate store.
CertEnumPhysicalStore The CertEnumPhysicalStore function retrieves the physical stores on a computer. The function calls the provided callback function for each physical store found.
CertEnumSubjectInSortedCTL Retrieves the first or next TrustedSubject in a sorted certificate trust list (CTL).
CertEnumSystemStore The CertEnumSystemStore function retrieves the system stores available. The function calls the provided callback function for each system store found.
CertEnumSystemStoreLocation The CertEnumSystemStoreLocation function retrieves all of the system store locations. The function calls the provided callback function for each system store location found.
CertFindAttribute The CertFindAttribute function finds the first attribute in the CRYPT_ATTRIBUTE array, as identified by its object identifier (OID).
CertFindCertificateInCRL The CertFindCertificateInCRL function searches the certificate revocation list (CRL) for the specified certificate.
CertFindCertificateInStore Finds the first or next certificate context in a certificate store that matches a search criteria established by the dwFindType and its associated pvFindPara.
CertFindChainInStore Finds the first or next certificate in a store that meets the specified criteria.
CertFindCRLInStore Finds the first or next certificate revocation list (CRL) context in a certificate store that matches a search criterion established by the dwFindType parameter and the associated pvFindPara parameter.
CertFindCTLInStore Finds the first or next certificate trust list (CTL) context that matches search criteria established by the dwFindType and its associated pvFindPara.
CertFindExtension The CertFindExtension function finds the first extension in the CERT_EXTENSION array, as identified by its object identifier (OID).
CertFindRDNAttr The CertFindRDNAttr function finds the first RDN attribute identified by its object identifier (OID) in a list of the Relative Distinguished Names (RDN).
CertFindSubjectInCTL The CertFindSubjectInCTL function attempts to find the specified subject in a certificate trust list (CTL).
CertFindSubjectInSortedCTL The CertFindSubjectInSortedCTL function attempts to find the specified subject in a sorted certificate trust list (CTL).
CertFreeCertificateChain The CertFreeCertificateChain function frees a certificate chain by reducing its reference count. If the reference count becomes zero, memory allocated for the chain is released.
CertFreeCertificateChainEngine The CertFreeCertificateChainEngine function frees a certificate trust engine.
CertFreeCertificateChainList Frees the array of pointers to chain contexts.
CertFreeCertificateContext Frees a certificate context by decrementing its reference count. When the reference count goes to zero, CertFreeCertificateContext frees the memory used by a certificate context.
CertFreeCRLContext Frees a certificate revocation list (CRL) context by decrementing its reference count.
CertFreeCTLContext Frees a certificate trust list (CTL) context by decrementing its reference count.
CertFreeServerOcspResponseContext Decrements the reference count for a CERT_SERVER_OCSP_RESPONSE_CONTEXT structure.
CertGetCertificateChain Builds a certificate chain context starting from an end certificate and going back, if possible, to a trusted root certificate.
CertGetCertificateContextProperty Retrieves the information contained in an extended property of a certificate context.
CertGetCRLContextProperty Gets an extended property for the specified certificate revocation list (CRL) context.
CertGetCRLFromStore Gets the first or next certificate revocation list (CRL) context from the certificate store for the specified issuer.
CertGetCTLContextProperty Retrieves an extended property of a certificate trust list (CTL) context.
CertGetEnhancedKeyUsage Returns information from the enhanced key usage (EKU) extension or the EKU extended property of a certificate.
CertGetIntendedKeyUsage Acquires the intended key usage bytes from a certificate.
CertGetIssuerCertificateFromStore Retrieves the certificate context from the certificate store for the first or next issuer of the specified subject certificate. The new Certificate Chain Verification Functions are recommended instead of the use of this function.
CertGetNameStringA Obtains the subject or issuer name from a certificate CERT_CONTEXT structure and converts it to a null-terminated character string.
CertGetNameStringW Obtains the subject or issuer name from a certificate CERT_CONTEXT structure and converts it to a null-terminated character string.
CertGetPublicKeyLength The CertGetPublicKeyLength function acquires the bit length of public/private keys from a public key BLOB.
CertGetServerOcspResponseContext Retrieves a non-blocking, time valid online certificate status protocol (OCSP) response context for the specified handle.
CertGetStoreProperty Retrieves a store property.
CertGetSubjectCertificateFromStore Returns from a certificate store a subject certificate context uniquely identified by its issuer and serial number.
CertGetValidUsages Returns an array of usages that consist of the intersection of the valid usages for all certificates in an array of certificates.
CertIsRDNAttrsInCertificateName The CertIsRDNAttrsInCertificateName function compares the attributes in the certificate name with the specified CERT_RDN to determine whether all attributes are included there.
CertIsStrongHashToSign Determines whether the specified hash algorithm and the public key in the signing certificate can be used to perform strong signing.
CertIsValidCRLForCertificate The CertIsValidCRLForCertificate function checks a CRL to find out if it is a CRL that would include a specific certificate if that certificate were revoked.
CertNameToStrA Converts an encoded name in a CERT_NAME_BLOB structure to a null-terminated character string.
CertNameToStrW Converts an encoded name in a CERT_NAME_BLOB structure to a null-terminated character string.
CertOIDToAlgId Use the CryptFindOIDInfo function instead of this function because ALG_ID identifiers are no longer supported in CNG.
CertOpenServerOcspResponse Opens a handle to an online certificate status protocol (OCSP) response associated with a server certificate chain.
CertOpenStore Opens a certificate store by using a specified store provider type.
CertOpenSystemStoreA Opens the most common system certificate store. To open certificate stores with more complex requirements, such as file-based or memory-based stores, use CertOpenStore.
CertOpenSystemStoreW Opens the most common system certificate store. To open certificate stores with more complex requirements, such as file-based or memory-based stores, use CertOpenStore.
CertRDNValueToStrA The CertRDNValueToStr function converts a name in a CERT_RDN_VALUE_BLOB to a null-terminated character string.
CertRDNValueToStrW The CertRDNValueToStr function converts a name in a CERT_RDN_VALUE_BLOB to a null-terminated character string.
CertRegisterPhysicalStore Adds a physical store to a registry system store collection.
CertRegisterSystemStore Registers a system store.
CertRemoveEnhancedKeyUsageIdentifier The CertRemoveEnhancedKeyUsageIdentifier function removes a usage identifier object identifier (OID) from the enhanced key usage (EKU) extended property of the certificate.
CertRemoveStoreFromCollection Removes a sibling certificate store from a collection store.
CertResyncCertificateChainEngine Resyncs the certificate chain engine, which resynchronizes the stores the store's engine and updates the engine caches.
CertRetrieveLogoOrBiometricInfo Performs a URL retrieval of logo or biometric information specified in either the szOID_LOGOTYPE_EXT or szOID_BIOMETRIC_EXT certificate extension.
CertSaveStore Saves the certificate store to a file or to a memory BLOB.
CertSelectCertificateChains Retrieves certificate chains based on specified selection criteria.
CertSerializeCertificateStoreElement The CertSerializeCertificateStoreElement function serializes a certificate context's encoded certificate and its encoded properties. The result can be persisted to storage so that the certificate and properties can be retrieved at a later time.
CertSerializeCRLStoreElement The CertSerializeCRLStoreElement function serializes an encoded certificate revocation list (CRL) context and the encoded representation of its properties.
CertSerializeCTLStoreElement The CertSerializeCTLStoreElement function serializes an encoded certificate trust list (CTL) context and the encoded representation of its properties. The result can be persisted to storage so that the CTL and properties can be retrieved later.
CertSetCertificateContextPropertiesFromCTLEntry Sets the properties on the certificate context by using the attributes in the specified certificate trust list (CTL) entry.
CertSetCertificateContextProperty Sets an extended property for a specified certificate context.
CertSetCRLContextProperty Sets an extended property for the specified certificate revocation list (CRL) context.
CertSetCTLContextProperty Sets an extended property for the specified certificate trust list (CTL) context.
CertSetEnhancedKeyUsage The CertSetEnhancedKeyUsage function sets the enhanced key usage (EKU) property for the certificate.
CertSetStoreProperty The CertSetStoreProperty function sets a store property.
CertStrToNameA Converts a null-terminated X.500 string to an encoded certificate name.
CertStrToNameW Converts a null-terminated X.500 string to an encoded certificate name.
CertUnregisterPhysicalStore The CertUnregisterPhysicalStore function removes a physical store from a specified system store collection. CertUnregisterPhysicalStore can also be used to delete the physical store.
CertUnregisterSystemStore The CertUnregisterSystemStore function unregisters a specified system store.
CertVerifyCertificateChainPolicy Checks a certificate chain to verify its validity, including its compliance with any specified validity policy criteria.
CertVerifyCRLRevocation Check a certificate revocation list (CRL) to determine whether a subject's certificate has or has not been revoked.
CertVerifyCRLTimeValidity The CertVerifyCRLTimeValidity function verifies the time validity of a CRL.
CertVerifyCTLUsage Verifies that a subject is trusted for a specified usage by finding a signed and time-valid certificate trust list (CTL) with the usage identifiers that contain the subject.
CertVerifyRevocation Checks the revocation status of the certificates contained in the rgpvContext array. If a certificate in the list is found to be revoked, no further checking is done.
CertVerifySubjectCertificateContext The CertVerifySubjectCertificateContext function performs the enabled verification checks on a certificate by checking the validity of the certificate's issuer. The new Certificate Chain Verification Functions are recommended instead of this function.
CertVerifyTimeValidity The CertVerifyTimeValidity function verifies the time validity of a certificate.
CertVerifyValidityNesting The CertVerifyValidityNesting function verifies that a subject certificate's time validity nests correctly within its issuer's time validity.
CryptAcquireCertificatePrivateKey Obtains the private key for a certificate.
CryptAcquireContextA Used to acquire a handle to a particular key container within a particular cryptographic service provider (CSP). This returned handle is used in calls to CryptoAPI functions that use the selected CSP.
CryptAcquireContextW Used to acquire a handle to a particular key container within a particular cryptographic service provider (CSP). This returned handle is used in calls to CryptoAPI functions that use the selected CSP.
CryptBinaryToStringA Converts an array of bytes into a formatted string.
CryptBinaryToStringW Converts an array of bytes into a formatted string.
CryptContextAddRef Adds one to the reference count of an HCRYPTPROV cryptographic service provider (CSP) handle.
CryptCreateHash Initiates the hashing of a stream of data. It creates and returns to the calling application a handle to a cryptographic service provider (CSP) hash object.
CryptCreateKeyIdentifierFromCSP Important  This API is deprecated.
CryptDecodeMessage Decodes, decrypts, and verifies a cryptographic message.
CryptDecodeObject The CryptDecodeObject function decodes a structure of the type indicated by the lpszStructType parameter. The use of CryptDecodeObjectEx is recommended as an API that performs the same function with significant performance improvements.
CryptDecodeObjectEx Decodes a structure of the type indicated by the lpszStructType parameter.
CryptDecrypt Decrypts data previously encrypted by using the CryptEncrypt function.
CryptDecryptAndVerifyMessageSignature The CryptDecryptAndVerifyMessageSignature function decrypts a message and verifies its signature.
CryptDecryptMessage The CryptDecryptMessage function decodes and decrypts a message.
CryptDeriveKey Generates cryptographic session keys derived from a base data value.
CryptDestroyHash Destroys the hash object referenced by the hHash parameter.
CryptDestroyKey Releases the handle referenced by the hKey parameter.
CryptDuplicateHash Makes an exact copy of a hash to the point when the duplication is done.
CryptDuplicateKey Makes an exact copy of a key and the state of the key.
CryptEncodeObject The CryptEncodeObject function encodes a structure of the type indicated by the value of the lpszStructType parameter. The use of CryptEncodeObjectEx is recommended as an API that performs the same function with significant performance improvements.
CryptEncodeObjectEx Encodes a structure of the type indicated by the value of the lpszStructType parameter.
CryptEncrypt Encrypts data. The algorithm used to encrypt the data is designated by the key held by the CSP module and is referenced by the hKey parameter.
CryptEncryptMessage The CryptEncryptMessage function encrypts and encodes a message.
CryptEnumKeyIdentifierProperties The CryptEnumKeyIdentifierProperties function enumerates key identifiers and their properties.
CryptEnumOIDFunction The CryptEnumOIDFunction function enumerates the registered object identifier (OID) functions.
CryptEnumOIDInfo Enumerates predefined and registered object identifier (OID) CRYPT_OID_INFO structures. This function enumerates either all of the predefined and registered structures or only structures identified by a selected OID group.
CryptEnumProvidersA Important  This API is deprecated.
CryptEnumProvidersW Important  This API is deprecated.
CryptEnumProviderTypesA Retrieves the first or next types of cryptographic service provider (CSP) supported on the computer.
CryptEnumProviderTypesW Retrieves the first or next types of cryptographic service provider (CSP) supported on the computer.
CryptExportKey Exports a cryptographic key or a key pair from a cryptographic service provider (CSP) in a secure manner.
CryptExportPKCS8 Exports the private key in PKCS #8 format. The function is superseded by CryptExportPKCS8Ex, which also may be altered or unavailable in subsequent versions.
CryptExportPKCS8Ex Exports the private key in PKCS #8 format.
CryptExportPublicKeyInfo The CryptExportPublicKeyInfo function exports the public key information associated with the corresponding private key of the provider. For an updated version of this function, see CryptExportPublicKeyInfoEx.
CryptExportPublicKeyInfoEx Exports the public key information associated with the provider's corresponding private key.
CryptExportPublicKeyInfoFromBCryptKeyHandle Exports the public key information associated with a provider's corresponding private key.
CryptFindCertificateKeyProvInfo Enumerates the cryptographic providers and their containers to find the private key that corresponds to the certificate's public key.
CryptFindLocalizedName Finds the localized name for the specified name, such as the localize name of the "Root" system store.
CryptFindOIDInfo Retrieves the first predefined or registered CRYPT_OID_INFO structure that matches a specified key type and key. The search can be limited to object identifiers (OIDs) within a specified OID group.
CryptFormatObject The CryptFormatObject function formats the encoded data and returns a Unicode string in the allocated buffer according to the certificate encoding type.
CryptFreeOIDFunctionAddress The CryptFreeOIDFunctionAddress function releases a handle returned by CryptGetOIDFunctionAddress or CryptGetDefaultOIDFunctionAddress by decrementing the reference count on the function handle.
CryptGenKey Generates a random cryptographic session key or a public/private key pair. A handle to the key or key pair is returned in phKey. This handle can then be used as needed with any CryptoAPI function that requires a key handle.
CryptGenRandom Fills a buffer with cryptographically random bytes.
CryptGetDefaultOIDDllList The CryptGetDefaultOIDDllList function acquires the list of the names of DLL files that contain registered default object identifier (OID) functions for a specified function set and encoding type.
CryptGetDefaultOIDFunctionAddress The CryptGetDefaultOIDFunctionAddress function loads the DLL that contains a default function address.
CryptGetDefaultProviderA Finds the default cryptographic service provider (CSP) of a specified provider type for the local computer or current user.
CryptGetDefaultProviderW Finds the default cryptographic service provider (CSP) of a specified provider type for the local computer or current user.
CryptGetHashParam Retrieves data that governs the operations of a hash object.
CryptGetKeyIdentifierProperty The CryptGetKeyIdentifierProperty acquires a specific property from a specified key identifier.
CryptGetKeyParam Retrieves data that governs the operations of a key.
CryptGetMessageCertificates The CryptGetMessageCertificates function returns the handle of an open certificate store containing the message's certificates and CRLs. This function calls CertOpenStore using provider type CERT_STORE_PROV_PKCS7 as its lpszStoreProvider parameter.
CryptGetMessageSignerCount The CryptGetMessageSignerCount function returns the number of signers of a signed message.
CryptGetObjectUrl Acquires the URL of the remote object from a certificate, certificate trust list (CTL), or certificate revocation list (CRL).
CryptGetOIDFunctionAddress Searches the list of registered and installed functions for an encoding type and object identifier (OID) match.
CryptGetOIDFunctionValue The CryptGetOIDFunctionValue function queries a value associated with an OID.
CryptGetProvParam Retrieves parameters that govern the operations of a cryptographic service provider (CSP).
CryptGetTimeValidObject Retrieves a CRL, an OCSP response, or CTL object that is valid within a given context and time.
CryptGetUserKey Retrieves a handle of one of a user's two public/private key pairs.
CryptHashCertificate The CryptHashCertificate function hashes the entire encoded content of a certificate including its signature.
CryptHashCertificate2 Hashes a block of data by using a CNG hash provider.
CryptHashData Adds data to a specified hash object.
CryptHashMessage Creates a hash of the message.
CryptHashPublicKeyInfo Encodes the public key information in a CERT_PUBLIC_KEY_INFO structure and computes the hash of the encoded bytes.
CryptHashSessionKey Computes the cryptographic hash of a session key object.
CryptHashToBeSigned Important  This API is deprecated.
CryptImportKey Transfers a cryptographic key from a key BLOB into a cryptographic service provider (CSP).
CryptImportPKCS8 Imports the private key in PKCS #8 format to a cryptographic service provider (CSP).
CryptImportPublicKeyInfo Converts and imports the public key information into the provider and returns a handle of the public key.
CryptImportPublicKeyInfoEx Important  This API is deprecated.
CryptImportPublicKeyInfoEx2 Imports a public key into the CNG asymmetric provider that corresponds to the public key object identifier (OID) and returns a CNG handle to the key.
CryptInitOIDFunctionSet The CryptInitOIDFunctionSet initializes and returns the handle of the OID function set identified by a supplied function set name.
CryptInstallDefaultContext Installs a specific provider to be the default context provider for the specified algorithm.
CryptInstallOIDFunctionAddress The CryptInstallOIDFunctionAddress function installs a set of callable object identifier (OID) function addresses.
CryptMemAlloc The CryptMemAlloc function allocates memory for a buffer. It is used by all Crypt32.lib functions that return allocated buffers.
CryptMemFree The CryptMemFree function frees memory allocated by CryptMemAlloc or CryptMemRealloc.
CryptMemRealloc The CryptMemRealloc function frees the memory currently allocated for a buffer and allocates memory for a new buffer.
CryptMsgCalculateEncodedLength Calculates the maximum number of bytes needed for an encoded cryptographic message given the message type, encoding parameters, and total length of the data to be encoded.
CryptMsgClose The CryptMsgClose function closes a cryptographic message handle. At each call to this function, the reference count on the message is reduced by one. When the reference count reaches zero, the message is fully released.
CryptMsgControl Performs a control operation after a message has been decoded by a final call to the CryptMsgUpdate function.
CryptMsgCountersign Countersigns an existing signature in a message.
CryptMsgCountersignEncoded Countersigns an existing PKCS #7 message signature.
CryptMsgDuplicate The CryptMsgDuplicate function duplicates a cryptographic message handle by incrementing its reference count.
CryptMsgEncodeAndSignCTL The CryptMsgEncodeAndSignCTL function encodes a CTL and creates a signed message containing the encoded CTL.This function first encodes the CTL pointed to by pCtlInfo and then calls CryptMsgSignCTL to sign the encoded message.
CryptMsgGetAndVerifySigner The CryptMsgGetAndVerifySigner function verifies a cryptographic message's signature.
CryptMsgGetParam Acquires a message parameter after a cryptographic message has been encoded or decoded.
CryptMsgOpenToDecode Opens a cryptographic message for decoding and returns a handle of the opened message.
CryptMsgOpenToEncode Opens a cryptographic message for encoding and returns a handle of the opened message.
CryptMsgSignCTL The CryptMsgSignCTL function creates a signed message containing an encoded CTL.
CryptMsgUpdate Adds contents to a cryptographic message.
CryptMsgVerifyCountersignatureEncoded Verifies a countersignature in terms of the SignerInfo structure (as defined by PKCS #7).
CryptMsgVerifyCountersignatureEncodedEx Verifies that the pbSignerInfoCounterSignature parameter contains the encrypted hash of the encryptedDigest field of the pbSignerInfo parameter structure.
CryptQueryObject Retrieves information about the contents of a cryptography API object, such as a certificate, a certificate revocation list, or a certificate trust list.
CryptRegisterDefaultOIDFunction The CryptRegisterDefaultOIDFunction registers a DLL containing the default function to be called for the specified encoding type and function name. Unlike CryptRegisterOIDFunction, the function name to be exported by the DLL cannot be overridden.
CryptRegisterOIDFunction Registers a DLL that contains the function to be called for the specified encoding type, function name, and object identifier (OID).
CryptRegisterOIDInfo The CryptRegisterOIDInfo function registers the OID information specified in the CRYPT_OID_INFO structure, persisting it to the registry.
CryptReleaseContext Releases the handle of a cryptographic service provider (CSP) and a key container.
CryptRetrieveObjectByUrlA Retrieves the public key infrastructure (PKI) object from a location specified by a URL.
CryptRetrieveObjectByUrlW Retrieves the public key infrastructure (PKI) object from a location specified by a URL.
CryptRetrieveTimeStamp Encodes a time stamp request and retrieves the time stamp token from a location specified by a URL to a Time Stamping Authority (TSA).
CryptSetHashParam Customizes the operations of a hash object, including setting up initial hash contents and selecting a specific hashing algorithm.
CryptSetKeyIdentifierProperty The CryptSetKeyIdentifierProperty function sets the property of a specified key identifier. This function can set the property on the computer identified in pwszComputerName.
CryptSetKeyParam Customizes various aspects of a session key's operations.
CryptSetOIDFunctionValue The CryptSetOIDFunctionValue function sets a value for the specified encoding type, function name, OID, and value name.
CryptSetProviderA Specifies the current user's default cryptographic service provider (CSP).
CryptSetProviderExA Specifies the default cryptographic service provider (CSP) of a specified provider type for the local computer or current user.
CryptSetProviderExW Specifies the default cryptographic service provider (CSP) of a specified provider type for the local computer or current user.
CryptSetProviderW Specifies the current user's default cryptographic service provider (CSP).
CryptSetProvParam Customizes the operations of a cryptographic service provider (CSP). This function is commonly used to set a security descriptor on the key container associated with a CSP to control access to the private keys in that key container.
CryptSignAndEncodeCertificate Encodes and signs a certificate, certificate revocation list (CRL), certificate trust list (CTL), or certificate request.
CryptSignAndEncryptMessage The CryptSignAndEncryptMessage function creates a hash of the specified content, signs the hash, encrypts the content, hashes the encrypted contents and the signed hash, and then encodes both the encrypted content and the signed hash.
CryptSignCertificate The CryptSignCertificate function signs the "to be signed" information in the encoded signed content.
CryptSignHashA Signs data.
CryptSignHashW Signs data.
CryptSignMessage The CryptSignMessage function creates a hash of the specified content, signs the hash, and then encodes both the original message content and the signed hash.
CryptSignMessageWithKey Signs a message by using a CSP's private key specified in the parameters.
CryptStringToBinaryA Converts a formatted string into an array of bytes.
CryptStringToBinaryW Converts a formatted string into an array of bytes.
CryptUninstallDefaultContext Important  This API is deprecated.
CryptUnregisterDefaultOIDFunction The CryptUnregisterDefaultOIDFunction removes the registration of a DLL containing the default function to be called for the specified encoding type and function name.
CryptUnregisterOIDFunction Removes the registration of a DLL that contains the function to be called for the specified encoding type, function name, and OID.
CryptUnregisterOIDInfo The CryptUnregisterOIDInfo function removes the registration of a specified CRYPT_OID_INFO OID information structure. The structure to be unregistered is identified by the structure's pszOID and dwGroupId members.
CryptVerifyCertificateSignature Verifies the signature of a certificate, certificate revocation list (CRL), or certificate request by using the public key in a CERT_PUBLIC_KEY_INFO structure.
CryptVerifyCertificateSignatureEx Verifies the signature of a subject certificate, certificate revocation list, certificate request, or keygen request by using the issuer's public key.
CryptVerifyDetachedMessageHash The CryptVerifyDetachedMessageHash function verifies a detached hash.
CryptVerifyDetachedMessageSignature The CryptVerifyDetachedMessageSignature function verifies a signed message containing a detached signature or signatures.
CryptVerifyMessageHash The CryptVerifyMessageHash function verifies the hash of specified content.
CryptVerifyMessageSignature Verifies a signed message's signature.
CryptVerifyMessageSignatureWithKey Verifies a signed message's signature by using specified public key information.
CryptVerifySignatureA Verifies the signature of a hash object.
CryptVerifySignatureW Verifies the signature of a hash object.
CryptVerifyTimeStampSignature Validates the time stamp signature on a specified array of bytes.
GetEncSChannel This function is unavailable.
PFXExportCertStore Exports the certificates and, if available, the associated private keys from the referenced certificate store.
PFXExportCertStoreEx Exports the certificates and, if available, their associated private keys from the referenced certificate store.
PFXImportCertStore Imports a PFX BLOB and returns the handle of a store that contains certificates and any associated private keys.
PFXIsPFXBlob The PFXIsPFXBlob function attempts to decode the outer layer of a BLOB as a PFX packet.
PFXVerifyPassword The PFXVerifyPassword function attempts to decode the outer layer of a BLOB as a Personal Information Exchange (PFX) packet and to decrypt it with the given password. No data from the BLOB is imported.

Callback functions

Title Description
PCRYPT_DECRYPT_PRIVATE_KEY_FUNC Decrypts the private key and returns the decrypted key in the pbClearTextKey parameter.
PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC Encrypts the private key and returns the encrypted contents in the pbEncryptedKey parameter.
PCRYPT_RESOLVE_HCRYPTPROV_FUNC Returns a handle to a cryptographic service provider (CSP) by using the phCryptProv parameter to receive the key being imported.
PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK An application-defined callback function that allows the application to filter certificates that might be added to the certificate chain.
PFN_CERT_CREATE_CONTEXT_SORT_FUNC Called for each sorted context entry when a context is created.
PFN_CERT_DLL_OPEN_STORE_PROV_FUNC Implemented by a store-provider and is used to open a store.
PFN_CERT_ENUM_PHYSICAL_STORE The CertEnumPhysicalStoreCallback callback function formats and presents information on each physical store found by a call to CertEnumPhysicalStore.
PFN_CERT_ENUM_SYSTEM_STORE The CertEnumSystemStoreCallback callback function formats and presents information on each system store found by a call to CertEnumSystemStore.
PFN_CERT_ENUM_SYSTEM_STORE_LOCATION The CertEnumSystemStoreLocationCallback callback function formats and presents information on each system store location found by a call to CertEnumSystemStoreLocation.
PFN_CERT_STORE_PROV_CLOSE An application-defined callback function that is called by CertCloseStore when the store's reference count is decremented to zero.
PFN_CERT_STORE_PROV_CONTROL The CertStoreProvControl callback function supports the CertControlStore API. All of the API's parameters are passed straight through to the callback. For details, see CertControlStore.
PFN_CERT_STORE_PROV_DELETE_CERT An application-defined callback function that is called by CertDeleteCertificateFromStore before deleting a certificate from the store.
PFN_CERT_STORE_PROV_DELETE_CRL An application-defined callback function that is called by CertDeleteCRLFromStore before deleting the CRL from the store.
PFN_CERT_STORE_PROV_READ_CERT An application-defined callback function that reads the provider's copy of the certificate context.
PFN_CERT_STORE_PROV_READ_CRL An application-defined callback function that reads the provider's copy of the CRL context.
PFN_CERT_STORE_PROV_READ_CTL The CertStoreProvReadCTL callback function is called to read the provider's copy of the CTL context and, if it exists, to create a new CTL context.
PFN_CERT_STORE_PROV_SET_CERT_PROPERTY An application-defined callback function that is called by CertSetCertificateContextProperty before setting the certificate's property.
PFN_CERT_STORE_PROV_SET_CRL_PROPERTY An application-defined callback function that is called by CertSetCRLContextProperty before setting the CRL's property.
PFN_CERT_STORE_PROV_SET_CTL_PROPERTY The CertStoreProvSetCTLProperty callback function determines whether a property can be set on a CTL.
PFN_CERT_STORE_PROV_WRITE_CERT An application-defined callback function that is called by CertAddEncodedCertificateToStore, CertAddCertificateContextToStore and CertAddSerializedElementToStore before adding to the store.
PFN_CERT_STORE_PROV_WRITE_CRL An application-defined callback function that is called by CertAddEncodedCRLToStore, CertAddCRLContextToStore and CertAddSerializedElementToStore before adding to the store.
PFN_CERT_STORE_PROV_WRITE_CTL The CertStoreProvWriteCTL callback function can be called by CertAddEncodedCTLToStore, CertAddCTLContextToStore or CertAddSerializedElementToStore before a CTL is added to the store.
PFN_CMSG_CNG_IMPORT_CONTENT_ENCRYPT_KEY Imports an already decrypted content encryption key (CEK).
PFN_CMSG_CNG_IMPORT_KEY_AGREE Decrypts a content encryption key (CEK) that is intended for a key agreement recipient.
PFN_CMSG_CNG_IMPORT_KEY_TRANS Imports and decrypts a content encryption key (CEK) that is intended for a key transport recipient.
PFN_CMSG_EXPORT_KEY_AGREE Encrypts and exports the content encryption key for a key agreement recipient of an enveloped message.
PFN_CMSG_EXPORT_KEY_TRANS Encrypts and exports the content encryption key for a key transport recipient of an enveloped message.
PFN_CMSG_EXPORT_MAIL_LIST Encrypts and exports the content encryption key for a mailing list recipient of an enveloped message.
PFN_CMSG_GEN_CONTENT_ENCRYPT_KEY Generates the symmetric key used to encrypt content for an enveloped message.
PFN_CMSG_IMPORT_KEY_AGREE Imports a content encryption key for a key transport recipient of an enveloped message.
PFN_CMSG_IMPORT_KEY_TRANS Imports a content encryption key for a key transport recipient of an enveloped message.
PFN_CMSG_IMPORT_MAIL_LIST Imports a content encryption key for a key transport recipient of an enveloped message.
PFN_CRYPT_ENUM_KEYID_PROP The CRYPT_ENUM_KEYID_PROP callback function is used with the CryptEnumKeyIdentifierProperties function.
PFN_CRYPT_ENUM_OID_FUNC The CRYPT_ENUM_OID_FUNCTION callback function is used with the CryptEnumOIDFunction function.
PFN_CRYPT_ENUM_OID_INFO The CRYPT_ENUM_OID_INFO callback function is used with the CryptEnumOIDInfo function.
PFN_CRYPT_EXPORT_PUBLIC_KEY_INFO_EX2_FUNC Called by CryptExportPublicKeyInfoEx to export a public key BLOB and encode it.
PFN_CRYPT_EXTRACT_ENCODED_SIGNATURE_PARAMETERS_FUNC Called to decode and return the hash algorithm identifier and optionally the signature parameters.
PFN_CRYPT_GET_SIGNER_CERTIFICATE The CryptGetSignerCertificateCallback user supplied callback function is used with the CRYPT_VERIFY_MESSAGE_PARA structure to get and verify a message signer's certificate.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FLUSH Specifies that an object has changed.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE Releases the object returned by the provider.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE_IDENTIFIER Releases memory for an object identifier.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE_PASSWORD Releases the password used to encrypt a personal information exchange (PFX) byte array.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_GET Retrieves an object.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_INITIALIZE Initializes the provider.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_RELEASE Releases the provider.
PFN_CRYPT_SIGN_AND_ENCODE_HASH_FUNC Called to sign and encode a computed hash.
PFN_CRYPT_VERIFY_ENCODED_SIGNATURE_FUNC Called to decrypt an encoded signature and compare it to a computed hash.
PFN_IMPORT_PUBLIC_KEY_INFO_EX2_FUNC Called by CryptImportPublicKeyInfoEx2 to decode the public key algorithm identifier, load the algorithm provider, and import the key pair.

Structures

Title Description
AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA Holds policy information used in the verification of certificate chains for files.
AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS The AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS structure holds additional Authenticode policy information for chain verification of files.
AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA The AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA structure contains time stamp policy information that can be used in certificate chain verification of files.
BLOBHEADER Indicates a key's BLOB type and the algorithm that the key uses.
CERT_ACCESS_DESCRIPTION The CERT_ACCESS_DESCRIPTION structure is a member of a CERT_AUTHORITY_INFO_ACCESS structure.
CERT_ALT_NAME_ENTRY Contains an alternative name in one of a variety of name forms.
CERT_ALT_NAME_INFO The CERT_ALT_NAME_INFO structure is used in encoding and decoding extensions for subject or issuer certificates, Certificate Revocation Lists (CRLs), and Certificate Trust Lists (CTLs).
CERT_AUTHORITY_INFO_ACCESS Represents authority information access and subject information access certificate extensions and specifies how to access additional information and services for the subject or the issuer of a certificate.
CERT_AUTHORITY_KEY_ID_INFO Identifies the key used to sign a certificate or certificate revocation list (CRL).
CERT_AUTHORITY_KEY_ID2_INFO The CERT_AUTHORITY_KEY_ID2_INFO structure identifies the key used to sign a certificate or CRL.
CERT_BASIC_CONSTRAINTS_INFO The CERT_BASIC_CONSTRAINTS_INFO structure contains information that indicates whether the certified subject can act as a certification authority (CA), an end entity, or both.
CERT_BASIC_CONSTRAINTS2_INFO The CERT_BASIC_CONSTRAINTS2_INFO structure contains information indicating whether the certified subject can act as a CA or an end entity. If the subject can act as a CA, a certification path length constraint can also be specified.
CERT_BIOMETRIC_DATA Contains information about biometric data.
CERT_BIOMETRIC_EXT_INFO Contains a set of biometric information.
CERT_CHAIN_CONTEXT Contains an array of simple certificate chains and a trust status structure that indicates summary validity data on all of the connected simple chains.
CERT_CHAIN_ELEMENT The CERT_CHAIN_ELEMENT structure is a single element in a simple certificate chain.
CERT_CHAIN_ENGINE_CONFIG Sets parameters for building a non-default certificate chain engine. The engine used determines the ways that certificate chains are built.
CERT_CHAIN_FIND_ISSUER_PARA Contains information used in the CertFindChainInStore function to build certificate chains.
CERT_CHAIN_PARA The CERT_CHAIN_PARA structure establishes the searching and matching criteria to be used in building a certificate chain.
CERT_CHAIN_POLICY_PARA Contains information used in CertVerifyCertificateChainPolicy to establish policy criteria for the verification of certificate chains.
CERT_CHAIN_POLICY_STATUS Holds certificate chain status information returned by the CertVerifyCertificateChainPolicy function when the certificate chains are validated.
CERT_CONTEXT Contains both the encoded and decoded representations of a certificate.
CERT_CREATE_CONTEXT_PARA Defines additional values that can be used when calling the CertCreateContext function.
CERT_CRL_CONTEXT_PAIR The CERT_CRL_CONTEXT_PAIR structure contains a certificate context and an associated CRL context.
CERT_DH_PARAMETERS Contains parameters associated with a Diffie/Hellman public key algorithm.
CERT_DSS_PARAMETERS Contains parameters associated with a Digital Signature Standard (DSS) public key algorithm.
CERT_ECC_SIGNATURE Contains the r and s values for an Elliptic Curve Digital Signature Algorithm (ECDSA) signature.
CERT_EXTENSION The CERT_EXTENSION structure contains the extension information for a certificate, Certificate Revocation List (CRL) or Certificate Trust List (CTL).
CERT_EXTENSIONS The CERT_EXTENSIONS structure contains an array of extensions.
CERT_GENERAL_SUBTREE The CERT_GENERAL_SUBTREE structure is used in CERT_NAME_CONSTRAINTS_INFO structure. This structure provides the identity of a certificate that can be included or excluded.
CERT_HASHED_URL Contains a hashed URL.
CERT_ID Is used as a flexible means of uniquely identifying a certificate.
CERT_INFO Contains the information of a certificate.
CERT_ISSUER_SERIAL_NUMBER Acts as a unique identifier of a certificate containing the issuer and issuer's serial number for a certificate.
CERT_KEY_ATTRIBUTES_INFO The CERT_KEY_ATTRIBUTES_INFO structure contains optional additional information about the public key being certified.
CERT_KEY_CONTEXT Contains data associated with a CERT_KEY_CONTEXT_PROP_ID property.
CERT_KEY_USAGE_RESTRICTION_INFO The CERT_KEY_USAGE_RESTRICTION_INFO structure contains restrictions imposed on the usage of a certificate's public key. This includes purposes for use of the key and policies under which the key can be used.
CERT_KEYGEN_REQUEST_INFO Contains information stored in the Netscape key generation request. The subject and subject public key BLOBs are encoded.
CERT_LDAP_STORE_OPENED_PARA Used with the CertOpenStore function when the CERT_STORE_PROV_LDAP provider is specified by using the CERT_LDAP_STORE_OPENED_FLAG flag to specify both the existing LDAP session to use to perform the query as well as the LDAP query string.
CERT_LOGOTYPE_AUDIO Contains information about an audio logotype.
CERT_LOGOTYPE_AUDIO_INFO Contains more detailed information about an audio logotype.
CERT_LOGOTYPE_DATA Contains logotype data.
CERT_LOGOTYPE_DETAILS Contains additional information about a logotype.
CERT_LOGOTYPE_EXT_INFO Contains a set of logotype information.
CERT_LOGOTYPE_IMAGE Contains information about an image logotype.
CERT_LOGOTYPE_IMAGE_INFO Contains more detailed information about an image logotype.
CERT_LOGOTYPE_INFO Contains information about logotype data.
CERT_LOGOTYPE_REFERENCE Contains logotype reference information.
CERT_NAME_CONSTRAINTS_INFO The CERT_NAME_CONSTRAINTS_INFO structure contains information about certificates that are specifically permitted or excluded from trust.
CERT_NAME_INFO Contains subject or issuer names.
CERT_NAME_VALUE Contains a relative distinguished name (RDN) attribute value.
CERT_OR_CRL_BLOB Encapsulates certificates for use with Internet Key Exchange messages.
CERT_OR_CRL_BUNDLE Encapsulates an array of certificates for use with Internet Key Exchange messages.
CERT_OTHER_LOGOTYPE_INFO Contains information about logo types that are not predefined.
CERT_PAIR The CERT_PAIR structure contains a certificate and its pair cross certificate.
CERT_PHYSICAL_STORE_INFO Contains information on physical certificate stores.
CERT_POLICIES_INFO The CERT_POLICIES_INFO structure contains an array of CERT_POLICY_INFO.
CERT_POLICY_CONSTRAINTS_INFO The CERT_POLICY_CONSTRAINTS_INFO structure contains established policies for accepting certificates as trusted.
CERT_POLICY_ID The CERT_POLICY_ID structure contains a list of certificate policies that the certificate expressly supports, together with optional qualifier information pertaining to these policies.
CERT_POLICY_INFO The CERT_POLICY_INFO structure contains an object identifier (OID) specifying a policy and an optional array of policy qualifiers.
CERT_POLICY_MAPPING Contains a mapping between issuer domain and subject domain policy OIDs.
CERT_POLICY_MAPPINGS_INFO The CERT_POLICY_MAPPINGS_INFO structure provides mapping between the policy OIDs of two domains.
CERT_POLICY_QUALIFIER_INFO The CERT_POLICY_QUALIFIER_INFO structure contains an object identifier (OID) specifying the qualifier and qualifier-specific supplemental information.
CERT_PRIVATE_KEY_VALIDITY The CERT_PRIVATE_KEY_VALIDITY structure indicates a valid time span for the private key corresponding to a certificate's public key.
CERT_PUBLIC_KEY_INFO Contains a public key and its algorithm.
CERT_QC_STATEMENT Represents a single statement in a sequence of one or more statements for inclusion in a Qualified Certificate (QC) statements extension.
CERT_QC_STATEMENTS_EXT_INFO Contains a sequence of one or more statements that make up the Qualified Certificate (QC) statements extension for a QC.
CERT_RDN The CERT_RDN structure contains a relative distinguished name (RDN) consisting of an array of CERT_RDN_ATTR structures.
CERT_RDN_ATTR Contains a single attribute of a relative distinguished name (RDN). A whole RDN is expressed in a CERT_RDN structure that contains an array of CERT_RDN_ATTR structures.
CERT_REQUEST_INFO The CERT_REQUEST_INFO structure contains information for a certificate request. The subject, subject public key, and attribute BLOBs are encoded.
CERT_REVOCATION_CHAIN_PARA Contains parameters used for building a chain for an independent online certificate status protocol (OCSP) response signer certificate.
CERT_REVOCATION_CRL_INFO Contains information updated by a certificate revocation list (CRL) revocation type handler.
CERT_REVOCATION_INFO Indicates the revocation status of a certificate in a CERT_CHAIN_ELEMENT.
CERT_REVOCATION_PARA Is passed in calls to the CertVerifyRevocation function to assist in finding the issuer of the context to be verified.
CERT_REVOCATION_STATUS Contains information on the revocation status of the certificate.
CERT_SELECT_CHAIN_PARA Contains the parameters used for building and selecting chains.
CERT_SELECT_CRITERIA Specifies selection criteria that is passed to the CertSelectCertificateChains function.
CERT_SERVER_OCSP_RESPONSE_CONTEXT Contains an encoded OCSP response.
CERT_SIGNED_CONTENT_INFO The CERT_SIGNED_CONTENT_INFO structure contains encoded content to be signed and a BLOB to hold the signature. The ToBeSigned member is an encoded CERT_INFO, CRL_INFO, CTL_INFO or CERT_REQUEST_INFO.
CERT_SIMPLE_CHAIN The CERT_SIMPLE_CHAIN structure contains an array of chain elements and a summary trust status for the chain that the array represents.
CERT_STORE_PROV_FIND_INFO Used by many of the store provider callback functions.
CERT_STORE_PROV_INFO Contains information returned by the installed CertDllOpenStoreProv function when a store is opened by using the CertOpenStore function.
CERT_STRONG_SIGN_PARA Contains parameters used to check for strong signatures on certificates, certificate revocation lists (CRLs), online certificate status protocol (OCSP) responses, and PKCS #7 messages.
CERT_STRONG_SIGN_SERIALIZED_INFO Contains the signature algorithm/hash algorithm and public key algorithm/bit length pairs that can be used for strong signing.
CERT_SYSTEM_STORE_INFO The CERT_SYSTEM_STORE_INFO structure contains information used by functions that work with system stores. Currently, no essential information is contained in this structure.
CERT_SYSTEM_STORE_RELOCATE_PARA The CERT_SYSTEM_STORE_RELOCATE_PARA structure contains data to be passed to CertOpenStore when that function's dwFlags parameter is set to CERT_SYSTEM_STORE_RELOCATE_FLAG.
CERT_TEMPLATE_EXT A certificate template.
CERT_TRUST_LIST_INFO The CERT_TRUST_LIST_INFO structure that indicates valid usage of a CTL.
CERT_TRUST_STATUS Contains trust information about a certificate in a certificate chain, summary trust information about a simple chain of certificates, or summary information about an array of simple chains.
CERT_USAGE_MATCH Provides criteria for identifying issuer certificates to be used to build a certificate chain.
CERT_X942_DH_PARAMETERS Contains parameters associated with a Diffie-Hellman public key algorithm.
CERT_X942_DH_VALIDATION_PARAMS Optionally pointed to by a member of the CERT_X942_DH_PARAMETERS structure and contains additional seed information.
CMC_ADD_ATTRIBUTES_INFO Contains certificate attributes to be added to a certificate.
CMC_ADD_EXTENSIONS_INFO Contains certificate extension control attributes to be added to a certificate.
CMC_DATA_INFO Provides a means of communicating different pieces of tagged information.
CMC_PEND_INFO A possible member of a CMC_STATUS_INFO structure.
CMC_RESPONSE_INFO Provides a means of communicating different pieces of tagged information.
CMC_STATUS_INFO Contains status information about Certificate Management Messages over CMS.
CMC_TAGGED_ATTRIBUTE Used in the CMC_DATA_INFO and CMC_RESPONSE_INFO structures.
CMC_TAGGED_CERT_REQUEST Used in the CMC_TAGGED_REQUEST structure.
CMC_TAGGED_CONTENT_INFO Used in the CMC_DATA_INFO and CMC_RESPONSE_INFO structures.
CMC_TAGGED_OTHER_MSG Used in the CMC_DATA_INFO and CMC_RESPONSE_INFO structures.
CMC_TAGGED_REQUEST Used in the CMC_DATA_INFO structures to request a certificate.
CMS_DH_KEY_INFO Used with the KP_CMS_DH_KEY_INFO parameter in the CryptSetKeyParam function to contain Diffie-Hellman key information.
CMS_KEY_INFO Not used.
CMSG_CMS_RECIPIENT_INFO Used with the CryptMsgGetParam function to get information on a key transport, key agreement, or mail list envelope message recipient.
CMSG_CMS_SIGNER_INFO Contains the content of the defined SignerInfo in signed or signed and enveloped messages.
CMSG_CNG_CONTENT_DECRYPT_INFO Contains all the relevant information passed between CryptMsgControl and object identifier (OID) installable functions for the import and decryption of a Cryptography API:_Next Generation (CNG) content encryption key (CEK).
CMSG_CONTENT_ENCRYPT_INFO Contains information shared between the PFN_CMSG_GEN_CONTENT_ENCRYPT_KEY, PFN_CMSG_EXPORT_KEY_TRANS, PFN_CMSG_EXPORT_KEY_AGREE, and PFN_CMSG_EXPORT_MAIL_LIST functions.
CMSG_CTRL_ADD_SIGNER_UNAUTH_ATTR_PARA Used to add an unauthenticated attribute to a signer of a signed message.
CMSG_CTRL_DECRYPT_PARA Contains information used to decrypt an enveloped message for a key transport recipient. This structure is passed to CryptMsgControl if the dwCtrlType parameter is CMSG_CTRL_DECRYPT.
CMSG_CTRL_DEL_SIGNER_UNAUTH_ATTR_PARA Used to delete an unauthenticated attribute of a signer of a signed message.
CMSG_CTRL_KEY_AGREE_DECRYPT_PARA Contains information about a key agreement recipient.
CMSG_CTRL_KEY_TRANS_DECRYPT_PARA Contains information about a key transport message recipient.
CMSG_CTRL_MAIL_LIST_DECRYPT_PARA Contains information on a mail list message recipient.
CMSG_CTRL_VERIFY_SIGNATURE_EX_PARA Contains information used to verify a message signature. It contains the signer index and signer public key.
CMSG_ENVELOPED_ENCODE_INFO Contains information needed to encode an enveloped message. It is passed to CryptMsgOpenToEncode if the dwMsgType parameter is CMSG_ENVELOPED.
CMSG_HASHED_ENCODE_INFO Used with hashed messages. It is passed to the CryptMsgOpenToEncode function if the CryptMsgOpenToEncode function's dwMsgType parameter is CMSG_ENVELOPED.
CMSG_KEY_AGREE_ENCRYPT_INFO Contains encryption information applicable to all key agreement recipients of an enveloped message.
CMSG_KEY_AGREE_KEY_ENCRYPT_INFO Contains the encrypted key for a key agreement recipient of an enveloped message.
CMSG_KEY_AGREE_RECIPIENT_ENCODE_INFO Contains information about a message recipient that is using key agreement key management.
CMSG_KEY_AGREE_RECIPIENT_INFO Contains information used for key agreement algorithms.
CMSG_KEY_TRANS_ENCRYPT_INFO Contains encryption information for a key transport recipient of enveloped data.
CMSG_KEY_TRANS_RECIPIENT_ENCODE_INFO Contains encoded key transport information for a message recipient.
CMSG_KEY_TRANS_RECIPIENT_INFO The CMSG_KEY_TRANS_RECIPIENT_INFO structure contains information used in key transport algorithms.
CMSG_MAIL_LIST_ENCRYPT_INFO Contains encryption information for a mailing list recipient of enveloped data.
CMSG_MAIL_LIST_RECIPIENT_ENCODE_INFO The CMSG_MAIL_LIST_RECIPIENT_ENCODE_INFO structure is used with previously distributed symmetric keys for decrypting the content key encryption key (KEK).
CMSG_MAIL_LIST_RECIPIENT_INFO Contains information used for previously distributed symmetric key-encryption keys (KEK).
CMSG_RC2_AUX_INFO Contains the bit length of the key for RC2 encryption algorithms.
CMSG_RC4_AUX_INFO The CMSG_RC4_AUX_INFO structure contains the bit length of the key for RC4 encryption algorithms. The pvEncryptionAuxInfo member in CMSG_ENVELOPED_ENCODE_INFO can be set to point to an instance of this structure.
CMSG_RECIPIENT_ENCODE_INFO Contains information a message recipient's content encryption key management type.
CMSG_RECIPIENT_ENCRYPTED_KEY_ENCODE_INFO Contains information on a message receiver used to decrypt the session key needed to decrypt the message contents.
CMSG_RECIPIENT_ENCRYPTED_KEY_INFO The CMSG_RECIPIENT_ENCRYPTED_KEY_INFO structure contains information used for an individual key agreement recipient.
CMSG_SIGNED_ENCODE_INFO Contains information to be passed to CryptMsgOpenToEncode if dwMsgType is CMSG_SIGNED.
CMSG_SIGNER_ENCODE_INFO Contains signer information. It is passed to CryptMsgCountersign, CryptMsgCountersignEncoded, and optionally to CryptMsgOpenToEncode as a member of the CMSG_SIGNED_ENCODE_INFO structure, if the dwMsgType parameter is CMSG_SIGNED.
CMSG_SIGNER_INFO The CMSG_SIGNER_INFO structure contains the content of the PKCS #7 defined SignerInfo in signed messages. In decoding a received message, CryptMsgGetParam is called for each signer to get a CMSG_SIGNER_INFO structure.
CMSG_SP3_COMPATIBLE_AUX_INFO Contains information needed for SP3 compatible encryption.
CMSG_STREAM_INFO Used to enable stream processing of data rather than single block processing.
CRL_CONTEXT The CRL_CONTEXT structure contains both the encoded and decoded representations of a certificate revocation list (CRL). CRL contexts returned by any CryptoAPI function must be freed by calling the CertFreeCRLContext function.
CRL_DIST_POINT Identifies a single certificate revocation list (CRL) distribution point that a certificate user can reference to determine whether certificates have been revoked.
CRL_DIST_POINT_NAME Identifies a location from which the CRL can be obtained.
CRL_DIST_POINTS_INFO Contains a list of certificate revocation list (CRL) distribution points a certificate user can reference to determine whether the certificate has been revoked.
CRL_ENTRY Contains information about a single revoked certificate. It is a member of a CRL_INFO structure.
CRL_FIND_ISSUED_FOR_PARA Contains the certificate contexts of both a subject and a certificate issuer.
CRL_INFO Contains the information of a certificate revocation list (CRL).
CRL_ISSUING_DIST_POINT Contains information about the kinds of certificates listed in a certificate revocation list (CRL).
CROSS_CERT_DIST_POINTS_INFO Provides information used to update dynamic cross certificates.
CRYPT_AES_128_KEY_STATE Specifies the 128-bit symmetric key information for an Advanced Encryption Standard (AES) cipher.
CRYPT_AES_256_KEY_STATE Specifies the 256-bit symmetric key information for an Advanced Encryption Standard (AES) cipher.
CRYPT_ALGORITHM_IDENTIFIER Specifies an algorithm used to encrypt a private key.
CRYPT_ATTRIBUTE The CRYPT_ATTRIBUTE structure specifies an attribute that has one or more values.
CRYPT_ATTRIBUTE_TYPE_VALUE Contains a single attribute value. The Value member's CRYPT_OBJID_BLOB is encoded.
CRYPT_ATTRIBUTES Contains an array of attributes.
CRYPT_BIT_BLOB Contains a set of bits represented by an array of bytes.
CRYPT_BLOB_ARRAY Contains an array of CRYPT_DATA_BLOB structures.
CRYPT_CONTENT_INFO Contains data encoded in the PKCS #7 ContentInfo data format.
CRYPT_CONTENT_INFO_SEQUENCE_OF_ANY Contains information representing the Netscape certificate sequence of certificates.
CRYPT_CREDENTIALS Contains information about credentials that can be passed as optional input to a remote object retrieval function such as CryptRetrieveObjectByUrl or CryptGetTimeValidObject.
CRYPT_DECODE_PARA Used by the CryptDecodeObjectEx function to provide access to memory allocation and memory freeing callback functions.
CRYPT_DECRYPT_MESSAGE_PARA The CRYPT_DECRYPT_MESSAGE_PARA structure contains information for decrypting messages.
CRYPT_DEFAULT_CONTEXT_MULTI_OID_PARA Used with the CryptInstallDefaultContext function to contain an array of object identifier strings.
CRYPT_ECC_CMS_SHARED_INFO Represents key-encryption key information when using Elliptic Curve Cryptography (ECC) in the Cryptographic Message Syntax (CMS) EnvelopedData content type.
CRYPT_ENCODE_PARA Used by the CryptEncodeObjectEx function to provide access to memory allocation and memory freeing callback functions.
CRYPT_ENCRYPT_MESSAGE_PARA Contains information used to encrypt messages.
CRYPT_ENCRYPTED_PRIVATE_KEY_INFO Contains the information in a PKCS #8 EncryptedPrivateKeyInfo ASN.1 type found in the PKCS #8 standard.
CRYPT_ENROLLMENT_NAME_VALUE_PAIR Used to create certificate requests on behalf of a user.
CRYPT_GET_TIME_VALID_OBJECT_EXTRA_INFO Contains optional extra information that can be passed to the CryptGetTimeValidObject function in the pExtraInfo parameter.
CRYPT_HASH_MESSAGE_PARA Contains data for hashing messages.
CRYPT_INTEGER_BLOB The CryptoAPI CRYPT_INTEGER_BLOB structure is used for an arbitrary array of bytes. It is declared in Wincrypt.h and provides flexibility for objects that can contain various data types.
CRYPT_KEY_PROV_INFO The CRYPT_KEY_PROV_INFO structure contains information about a key container within a cryptographic service provider (CSP).
CRYPT_KEY_PROV_PARAM Contains information about a key container parameter.
CRYPT_KEY_SIGN_MESSAGE_PARA Contains information about the cryptographic service provider (CSP) and algorithms used to sign a message.
CRYPT_KEY_VERIFY_MESSAGE_PARA Contains information needed to verify signed messages without a certificate for the signer.
CRYPT_MASK_GEN_ALGORITHM Identifies the algorithm used to generate an RSA PKCS #1 v2.1 signature mask.
CRYPT_OBJECT_LOCATOR_PROVIDER_TABLE Contains pointers to functions implemented by an object location provider.
CRYPT_OID_FUNC_ENTRY Contains an object identifier (OID) and a pointer to its related function.
CRYPT_OID_INFO Contains information about an object identifier (OID).
CRYPT_PASSWORD_CREDENTIALSA Contains the user name and password credentials to be used in the CRYPT_CREDENTIALS structure as optional input to a remote object retrieval function such as CryptRetrieveObjectByUrl or CryptGetTimeValidObject.
CRYPT_PASSWORD_CREDENTIALSW Contains the user name and password credentials to be used in the CRYPT_CREDENTIALS structure as optional input to a remote object retrieval function such as CryptRetrieveObjectByUrl or CryptGetTimeValidObject.
CRYPT_PKCS12_PBE_PARAMS Contains parameters used to create an encryption key, initialization vector (IV), or Message Authentication Code (MAC) key for a PKCS #12 password based encryption algorithm.
CRYPT_PKCS8_EXPORT_PARAMS Identifies the private key and a callback function to encrypt the private key. CRYPT_PKCS8_EXPORT_PARAMS is used as a parameter to the CryptExportPKCS8Ex function, which exports a private key in PKCS #8 format.
CRYPT_PKCS8_IMPORT_PARAMS Contains a PKCS #8 private key and pointers to callback functions. CRYPT_PKCS8_IMPORT_PARAMS is used by the CryptImportPKCS8 function.
CRYPT_PRIVATE_KEY_INFO Contains a clear-text private key in the PrivateKey field (DER encoded). CRYPT_PRIVATE_KEY_INFO contains the information in a PKCS #8 PrivateKeyInfo ASN.1 type found in the PKCS #8 standard.
CRYPT_PSOURCE_ALGORITHM Identifies the algorithm and (optionally) the value of the label for an RSAES-OAEP key encryption.
CRYPT_RC2_CBC_PARAMETERS Contains information used with szOID_RSA_RC2CBC encryption.
CRYPT_RETRIEVE_AUX_INFO Contains optional information to pass to the CryptRetrieveObjectByUrl function.
CRYPT_RSA_SSA_PSS_PARAMETERS Contains the parameters for an RSA PKCS #1 v2.1 signature.
CRYPT_RSAES_OAEP_PARAMETERS Contains the parameters for an RSAES-OAEP key encryption.
CRYPT_SEQUENCE_OF_ANY Contains an arbitrary list of encoded BLOBs.
CRYPT_SIGN_MESSAGE_PARA The CRYPT_SIGN_MESSAGE_PARA structure contains information for signing messages using a specified signing certificate context.
CRYPT_SMART_CARD_ROOT_INFO Contains the smart card and session IDs associated with a certificate context.
CRYPT_SMIME_CAPABILITIES Contains a prioritized array of supported capabilities.
CRYPT_SMIME_CAPABILITY The CRYPT_SMIME_CAPABILITY structure specifies a single capability and its associated parameters. Single capabilities are grouped together into a list of CRYPT_SMIME_CAPABILITIES which can specify a prioritized list of capability preferences.
CRYPT_TIME_STAMP_REQUEST_INFO Used for time stamping.
CRYPT_TIMESTAMP_ACCURACY Is used by the CRYPT_TIMESTAMP_INFO structure to represent the accuracy of the time deviation around the UTC time at which the time stamp token was created by the Time Stamp Authority (TSA).
CRYPT_TIMESTAMP_CONTEXT Contains both the encoded and decoded representations of a time stamp token.
CRYPT_TIMESTAMP_INFO Contains a signed data content type in Cryptographic Message Syntax (CMS) format.
CRYPT_TIMESTAMP_PARA Defines additional parameters for the time stamp request.
CRYPT_TIMESTAMP_REQUEST Defines a time stamp request structure that corresponds to the Abstract Syntax Notation One (ASN.1) definition of a TimeStampReq type.
CRYPT_TIMESTAMP_RESPONSE Is used internally to encapsulate an Abstract Syntax Notation One (ASN.1) Distinguished Encoding Rules (DER) encoded response.
CRYPT_URL_INFO Contains information about groupings of URLs.
CRYPT_VERIFY_CERT_SIGN_STRONG_PROPERTIES_INFO Contains the length, in bits, of the public key and the names of the signing and hashing algorithms used for strong signing.
CRYPT_VERIFY_MESSAGE_PARA The CRYPT_VERIFY_MESSAGE_PARA structure contains information needed to verify signed messages.
CRYPT_X942_OTHER_INFO The CRYPT_X942_OTHER_INFO structure contains additional key generation information.
CRYPTNET_URL_CACHE_FLUSH_INFO Contains expiry information used by the Cryptnet URL Cache (CUC) service to maintain a URL cache entry.
CRYPTNET_URL_CACHE_PRE_FETCH_INFO Contains update information used by the Cryptnet URL Cache (CUC) service to maintain a URL cache entry.
CRYPTNET_URL_CACHE_RESPONSE_INFO Contains response information used by the Cryptnet URL Cache (CUC) service to maintain a URL cache entry.
CTL_ANY_SUBJECT_INFO Contains a SubjectAlgorithm to be matched in the certificate trust list (CTL) and the SubjectIdentifier to be matched in one of the CTL entries in calls to CertFindSubjectInCTL.
CTL_CONTEXT The CTL_CONTEXT structure contains both the encoded and decoded representations of a CTL.
CTL_ENTRY An element of a certificate trust list (CTL).
CTL_FIND_SUBJECT_PARA Contains data used by CertFindCTLInStore with a dwFindType parameter of CTL_FIND_SUBJECT to find a Certificate Trust List (CTL).
CTL_FIND_USAGE_PARA A member of the CTL_FIND_SUBJECT_PARA structure and it is used by CertFindCTLInStore.
CTL_INFO Contains the information stored in a Certificate Trust List (CTL).
CTL_USAGE Contains an array of object identifiers (OIDs) for Certificate Trust List (CTL) extensions.
CTL_USAGE_MATCH Provides parameters for finding certificate trust lists (CTL) used to build a certificate chain.
CTL_VERIFY_USAGE_PARA The CTL_VERIFY_USAGE_PARA structure contains parameters used by CertVerifyCTLUsage to establish the validity of a CTL's usage.
CTL_VERIFY_USAGE_STATUS Contains information about a Certificate Trust List (CTL) returned by CertVerifyCTLUsage.
DHPRIVKEY_VER3 Contains information specific to the particular private key contained in the key BLOB.
DHPUBKEY Contains information specific to the particular Diffie-Hellman public key contained in the key BLOB.
DHPUBKEY_VER3 Contains information specific to the particular public key contained in the key BLOB.
DSSSEED Holds the seed and counter values that can be used to verify the primes of the DSS public key.
EV_EXTRA_CERT_CHAIN_POLICY_PARA Specifies the parameters that are passed in for EV policy validation. Applications use this structure to pass hints to the API that indicate which of the policy qualifier flags of the extended validation certificates are important to the application.
EV_EXTRA_CERT_CHAIN_POLICY_STATUS Contains policy flags returned from a call to the CertVerifyCertificateChainPolicy function.
HMAC_INFO The HMAC_INFO structure specifies the hash algorithm and the inner and outer strings that are to be used to calculate the HMAC hash.
HTTPSPolicyCallbackData Holds policy information used in the verification of Secure Sockets Layer (SSL) client/server certificate chains.
OCSP_BASIC_RESPONSE_ENTRY Contains the current certificate status for a single certificate.
OCSP_BASIC_RESPONSE_INFO Contains a basic online certificate status protocol (OCSP) response as specified by RFC 2560.
OCSP_BASIC_REVOKED_INFO Contains the reason a certificate was revoked.
OCSP_BASIC_SIGNED_RESPONSE_INFO Contains a basic online certificate status protocol (OCSP) response with a signature.
OCSP_CERT_ID Contains information to identify a certificate in an online certificate status protocol (OCSP) request or response.
OCSP_REQUEST_ENTRY Contains information about a single certificate in an online certificate status protocol (OCSP) request.
OCSP_REQUEST_INFO Contains information for an online certificate status protocol (OCSP) request as specified by RFC 2560.
OCSP_RESPONSE_INFO Indicates the success or failure of the corresponding online certificate status protocol (OCSP) request. For successful requests, it contains the type and value of response information.
OCSP_SIGNATURE_INFO Contains a signature for an online certificate status protocol (OCSP) request or response.
OCSP_SIGNED_REQUEST_INFO Contains information for an online certificate status protocol (OCSP) request with optional signature information.
PROV_ENUMALGS Used with the CryptGetProvParam function when the PP_ENUMALGS parameter is retrieved to contain information about an algorithm supported by a cryptographic service provider (CSP).
PROV_ENUMALGS_EX Used with the CryptGetProvParam function when the PP_ENUMALGS_EX parameter is retrieved to contain information about an algorithm supported by a cryptographic service provider (CSP).
ROOT_INFO_LUID Contains a locally unique identifier (LUID) for Cryptographic Smart Card Root Information.
RSAPUBKEY The RSAPUBKEY structure contains information specific to the particular public key contained in the key BLOB.
SCHANNEL_ALG The SCHANNEL_ALG structure contains algorithm and key size information. It is used as the structure passed as pbData in CryptSetKeyParam when dwParam is set to KP_SCHANNEL_ALG.
SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS The SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS structure checks if any certificates in the chain have weak cryptography and checks if a third party root certificate is compliant with the Microsoft Root Program requirements.