IX509CertificateRequestCmc interface (certenroll.h)

  • 2 minutes to read

The IX509CertificateRequestCmc interface represents a CMC (Certificate Management Message over CMS) certificate request. A CMC request is always wrapped by a PKCS #7 certificate message syntax (CMS) object. Therefore, the IX509CertificateRequestCmc interface inherits from the IX509CertificateRequestPkcs7 interface.

A CMC request contains sequences of TaggedAttribute, TaggedRequest, and TaggedContentInfo ASN.1 structures. The TaggedOtherMsg structure identified in the RFC is not supported.


CmcData ::= SEQUENCE 
{
   controlSequence         ControlSequence,
   reqSequence             ReqSequence,
   cmsSequence             CmsSequence,
   otherMsgSequence        OtherMsgSequence
}


ControlSequence  ::=    SEQUENCE OF TaggedAttribute
ReqSequence      ::=    SEQUENCE OF TaggedRequest
CmsSequence      ::=    SEQUENCE OF TaggedContentInfo
OtherMsgSequence ::=    SEQUENCE OF TaggedOtherMsg

TaggedAttribute ::= SEQUENCE 
{
   bodyPartID              BodyPartID,
   type                    EncodedObjectID,
   values                  AttributeSetValue
}

TaggedRequest ::= CHOICE 
{
   tcr                     [0] IMPLICIT TaggedCertificationRequest
}

TaggedContentInfo ::= SEQUENCE 
{
   bodyPartID              BodyPartID,
   contentInfo             ANY
}

BodyPartID ::= INTEGER (0..4294967295)
EncodedObjectID ::= OBJECT IDENTIFIER
AttributeSetValue ::= SET OF ANY
A CMC request can contain a PKCS #10 request in the TaggedRequest sequence or another CMC request object in the TaggedContentInfo sequence. There is no theoretical limit to the possible number of nesting levels, but certification authorities typically place a physical limit on the request size.

The TaggedAttribute sequence contains extensions and optional attributes. For more information, see CMC Extensions and CMC Attributes.

Inheritance

The IX509CertificateRequestCmc interface inherits from IX509CertificateRequestPkcs7. IX509CertificateRequestCmc also has these types of members:

Methods

The IX509CertificateRequestCmc interface has these methods.

Method Description
IX509CertificateRequestCmc::get_ArchivePrivateKey Specifies or retrieves a Boolean value that indicates whether to archive a private key on the certification authority (CA).
IX509CertificateRequestCmc::get_CriticalExtensions Retrieves an IObjectIds collection that identifies the version 3 certificate extensions marked as critical.
IX509CertificateRequestCmc::get_CryptAttributes Retrieves an ICryptAttributes collection of optional certificate attributes.
IX509CertificateRequestCmc::get_EncryptedKeyHash Retrieves a hash of the private key to be archived.
IX509CertificateRequestCmc::get_EncryptionAlgorithm Specifies or retrieves an object identifier (OID) of the algorithm used to encrypt the private key to be archived.
IX509CertificateRequestCmc::get_EncryptionStrength Specifies or retrieves the relative encryption level applied to the private key to be archived.
IX509CertificateRequestCmc::get_KeyArchivalCertificate Specifies or retrieves a certification authority (CA) encryption certificate.
IX509CertificateRequestCmc::get_NameValuePairs Retrieves an IX509NameValuePairs collection associated with a certificate request.
IX509CertificateRequestCmc::get_NullSigned Retrieves a Boolean value that specifies whether the primary signature on the certificate request is null-signed.
IX509CertificateRequestCmc::get_SenderNonce Specifies or retrieves a byte array that contains a nonce.
IX509CertificateRequestCmc::get_SignatureInformation Retrieves the IX509SignatureInformation object that contains information about the primary signature used to sign the certificate request.
IX509CertificateRequestCmc::get_SignerCertificates Retrieves a collection of certificates used to sign the request.
IX509CertificateRequestCmc::get_SuppressOids Retrieves a collection of extension or attribute object identifiers (OIDs) to be suppressed from the certificate during the encoding process.
IX509CertificateRequestCmc::get_TemplateObjectId Retrieves the object identifier (OID) of the template used to create the certificate request.
IX509CertificateRequestCmc::get_TransactionId Specifies or retrieves a transaction identifier that can be used to track a certificate request or response.
IX509CertificateRequestCmc::get_X509Extensions Retrieves a collection of the extensions included in the certificate request.
IX509CertificateRequestCmc::InitializeFromInnerRequestTemplateName The InitializeFromInnerRequestTemplateName method initializes the certificate request from an inner request object and a template.
IX509CertificateRequestCmc::put_ArchivePrivateKey Specifies or retrieves a Boolean value that indicates whether to archive a private key on the certification authority (CA).
IX509CertificateRequestCmc::put_EncryptionAlgorithm Specifies or retrieves an object identifier (OID) of the algorithm used to encrypt the private key to be archived.
IX509CertificateRequestCmc::put_EncryptionStrength Specifies or retrieves the relative encryption level applied to the private key to be archived.
IX509CertificateRequestCmc::put_KeyArchivalCertificate Specifies or retrieves a certification authority (CA) encryption certificate.
IX509CertificateRequestCmc::put_SenderNonce Specifies or retrieves a byte array that contains a nonce.
IX509CertificateRequestCmc::put_TransactionId Specifies or retrieves a transaction identifier that can be used to track a certificate request or response.

Requirements

   
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header certenroll.h

See also

CertEnroll Interfaces

IX509CertificateRequest

IX509CertificateRequestPkcs7