X509PrivateKeyExportFlags enumeration (certenroll.h)

The X509PrivateKeyExportFlags enumeration type specifies the export policy for a private key. For a Cryptography API: Next Generation (CNG) key, the policy is stored by the key service provider (KSP), and it is the responsibility of the KSP to enforce the policy. When a legacy cryptographic service provider (CSP) is specified, the policy is used when creating the key, and it is the responsibility of the CSP to enforce the policy. This enumeration is used when specifying and retrieving the ExportPolicy property on the IX509PrivateKey interface.

Syntax

typedef enum X509PrivateKeyExportFlags {
  XCN_NCRYPT_ALLOW_EXPORT_NONE,
  XCN_NCRYPT_ALLOW_EXPORT_FLAG,
  XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG,
  XCN_NCRYPT_ALLOW_ARCHIVING_FLAG,
  XCN_NCRYPT_ALLOW_PLAINTEXT_ARCHIVING_FLAG
} ;

Constants

Name Description
XCN_NCRYPT_ALLOW_EXPORT_NONE Export is not allowed. This is the default value.
XCN_NCRYPT_ALLOW_EXPORT_FLAG The private key can be exported.
XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG The private key can be exported in plaintext form.
XCN_NCRYPT_ALLOW_ARCHIVING_FLAG The private key can be exported once for archiving.
XCN_NCRYPT_ALLOW_PLAINTEXT_ARCHIVING_FLAG The private key can be exported once in plaintext form for archiving.

Requirements

   
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Header certenroll.h

See also

CertEnroll Enumerations

CertEnroll Interfaces

IX509PrivateKey