wincrypt.h header

This header is used by Security and Identity. For more information, see:

wincrypt.h contains the following programming interfaces:

Functions

 
CertAddCertificateContextToStore

Adds a certificate context to the certificate store.
CertAddCertificateLinkToStore

Adds a link in a certificate store to a certificate context in a different store.
CertAddCRLContextToStore

Adds a certificate revocation list (CRL) context to the specified certificate store.
CertAddCRLLinkToStore

Adds a link in a store to a certificate revocation list (CRL) context in a different store.
CertAddCTLContextToStore

Adds a certificate trust list (CTL) context to a certificate store.
CertAddCTLLinkToStore

The CertAddCTLLinkToStore function adds a link in a store to a certificate trust list (CTL) context in a different store. Instead of creating and adding a duplicate of a CTL context, this function adds a link to the original CTL context.
CertAddEncodedCertificateToStore

Creates a certificate context from an encoded certificate and adds it to the certificate store.
CertAddEncodedCertificateToSystemStoreA

Opens the specified system store and adds the encoded certificate to it.
CertAddEncodedCertificateToSystemStoreW

Opens the specified system store and adds the encoded certificate to it.
CertAddEncodedCRLToStore

Creates a certificate revocation list (CRL) context from an encoded CRL and adds it to the certificate store.
CertAddEncodedCTLToStore

Creates a certificate trust list (CTL) context from an encoded CTL and adds it to the certificate store.
CertAddEnhancedKeyUsageIdentifier

The CertAddEnhancedKeyUsageIdentifier function adds a usage identifier object identifier (OID) to the enhanced key usage (EKU) extended property of the certificate.
CertAddRefServerOcspResponse

Increments the reference count for an HCERT_SERVER_OCSP_RESPONSE handle.
CertAddRefServerOcspResponseContext

Increments the reference count for a CERT_SERVER_OCSP_RESPONSE_CONTEXT structure.
CertAddSerializedElementToStore

Adds a serialized certificate, certificate revocation list (CRL), or certificate trust list (CTL) element to the store.
CertAddStoreToCollection

The CertAddStoreToCollection function adds a sibling certificate store to a collection certificate store.
CertAlgIdToOID

Converts a CryptoAPI algorithm identifier (ALG_ID) to an Abstract Syntax Notation One (ASN.1) object identifier (OID) string.
CertCloseServerOcspResponse

Closes an online certificate status protocol (OCSP) server response handle.
CertCloseStore

Closes a certificate store handle and reduces the reference count on the store.
CertCompareCertificate

Determines whether two certificates are identical by comparing the issuer name and serial number of the certificates.
CertCompareCertificateName

The CertCompareCertificateName function compares two certificate CERT_NAME_BLOB structures to determine whether they are identical. The CERT_NAME_BLOB structures are used for the subject and the issuer of certificates.
CertCompareIntegerBlob

The CertCompareIntegerBlob function compares two integer BLOBs to determine whether they represent equal numeric values.
CertComparePublicKeyInfo

The CertComparePublicKeyInfo function compares two encoded public keys to determine whether they are identical.
CertControlStore

Allows an application to be notified when there is a difference between the contents of a cached store in use and the contents of that store as it is persisted to storage.
CertCreateCertificateChainEngine

The CertCreateCertificateChainEngine function creates a new, nondefault chain engine for an application.
CertCreateCertificateContext

Creates a certificate context from an encoded certificate. The created context is not persisted to a certificate store. The function makes a copy of the encoded certificate within the created context.
CertCreateContext

Creates the specified context from the encoded bytes. The context created does not include any extended properties.
CertCreateCRLContext

The CertCreateCRLContext function creates a certificate revocation list (CRL) context from an encoded CRL. The created context is not persisted to a certificate store. It makes a copy of the encoded CRL within the created context.
CertCreateCTLContext

The CertCreateCTLContext function creates a certificate trust list (CTL) context from an encoded CTL. The created context is not persisted to a certificate store. The function makes a copy of the encoded CTL within the created context.
CertCreateCTLEntryFromCertificateContextProperties

The CertCreateCTLEntryFromCertificateContextProperties function creates a certificate trust list (CTL) entry whose attributes are the properties of the certificate context. The SubjectIdentifier in the CTL entry is the SHA1 hash of the certificate.
CertCreateSelfSignCertificate

Builds a self-signed certificate and returns a pointer to a CERT_CONTEXT structure that represents the certificate.
CertDeleteCertificateFromStore

The CertDeleteCertificateFromStore function deletes the specified certificate context from the certificate store.
CertDeleteCRLFromStore

The CertDeleteCRLFromStore function deletes the specified certificate revocation list (CRL) context from the certificate store.
CertDeleteCTLFromStore

The CertDeleteCTLFromStore function deletes the specified certificate trust list (CTL) context from a certificate store.
CertDuplicateCertificateChain

The CertDuplicateCertificateChain function duplicates a pointer to a certificate chain by incrementing the chain's reference count.
CertDuplicateCertificateContext

Duplicates a certificate context by incrementing its reference count.
CertDuplicateCRLContext

The CertDuplicateCRLContext function duplicates a certificate revocation list (CRL) context by incrementing its reference count.
CertDuplicateCTLContext

The CertDuplicateCTLContext function duplicates a certificate trust list (CTL) context by incrementing its reference count.
CertDuplicateStore

Duplicates a store handle by incrementing the store's reference count.
CertEnumCertificateContextProperties

The CertEnumCertificateContextProperties function retrieves the first or next extended property associated with a certificate context.
CertEnumCertificatesInStore

Retrieves the first or next certificate in a certificate store. Used in a loop, this function can retrieve in sequence all certificates in a certificate store.
CertEnumCRLContextProperties

The CertEnumCRLContextProperties function retrieves the first or next extended property associated with a certificate revocation list (CRL) context.
CertEnumCRLsInStore

The CertEnumCRLsInStore function retrieves the first or next certificate revocation list (CRL) context in a certificate store. Used in a loop, this function can retrieve in sequence all CRL contexts in a certificate store.
CertEnumCTLContextProperties

The CertEnumCTLContextProperties function retrieves the first or next extended property associated with a certificate trust list (CTL) context. Used in a loop, this function can retrieve in sequence all extended properties associated with a CTL context.
CertEnumCTLsInStore

The CertEnumCTLsInStore function retrieves the first or next certificate trust list (CTL) context in a certificate store. Used in a loop, this function can retrieve in sequence all CTL contexts in a certificate store.
CertEnumPhysicalStore

The CertEnumPhysicalStore function retrieves the physical stores on a computer. The function calls the provided callback function for each physical store found.
CertEnumSubjectInSortedCTL

Retrieves the first or next TrustedSubject in a sorted certificate trust list (CTL).
CertEnumSystemStore

The CertEnumSystemStore function retrieves the system stores available. The function calls the provided callback function for each system store found.
CertEnumSystemStoreLocation

The CertEnumSystemStoreLocation function retrieves all of the system store locations. The function calls the provided callback function for each system store location found.
CertFindAttribute

The CertFindAttribute function finds the first attribute in the CRYPT_ATTRIBUTE array, as identified by its object identifier (OID).
CertFindCertificateInCRL

The CertFindCertificateInCRL function searches the certificate revocation list (CRL) for the specified certificate.
CertFindCertificateInStore

Finds the first or next certificate context in a certificate store that matches a search criteria established by the dwFindType and its associated pvFindPara.
CertFindChainInStore

Finds the first or next certificate in a store that meets the specified criteria.
CertFindCRLInStore

Finds the first or next certificate revocation list (CRL) context in a certificate store that matches a search criterion established by the dwFindType parameter and the associated pvFindPara parameter.
CertFindCTLInStore

Finds the first or next certificate trust list (CTL) context that matches search criteria established by the dwFindType and its associated pvFindPara.
CertFindExtension

The CertFindExtension function finds the first extension in the CERT_EXTENSION array, as identified by its object identifier (OID).
CertFindRDNAttr

The CertFindRDNAttr function finds the first RDN attribute identified by its object identifier (OID) in a list of the Relative Distinguished Names (RDN).
CertFindSubjectInCTL

The CertFindSubjectInCTL function attempts to find the specified subject in a certificate trust list (CTL).
CertFindSubjectInSortedCTL

The CertFindSubjectInSortedCTL function attempts to find the specified subject in a sorted certificate trust list (CTL).
CertFreeCertificateChain

The CertFreeCertificateChain function frees a certificate chain by reducing its reference count. If the reference count becomes zero, memory allocated for the chain is released.
CertFreeCertificateChainEngine

The CertFreeCertificateChainEngine function frees a certificate trust engine.
CertFreeCertificateChainList

Frees the array of pointers to chain contexts.
CertFreeCertificateContext

Frees a certificate context by decrementing its reference count. When the reference count goes to zero, CertFreeCertificateContext frees the memory used by a certificate context.
CertFreeCRLContext

Frees a certificate revocation list (CRL) context by decrementing its reference count.
CertFreeCTLContext

Frees a certificate trust list (CTL) context by decrementing its reference count.
CertFreeServerOcspResponseContext

Decrements the reference count for a CERT_SERVER_OCSP_RESPONSE_CONTEXT structure.
CertGetCertificateChain

Builds a certificate chain context starting from an end certificate and going back, if possible, to a trusted root certificate.
CertGetCertificateContextProperty

Retrieves the information contained in an extended property of a certificate context.
CertGetCRLContextProperty

Gets an extended property for the specified certificate revocation list (CRL) context.
CertGetCRLFromStore

Gets the first or next certificate revocation list (CRL) context from the certificate store for the specified issuer.
CertGetCTLContextProperty

Retrieves an extended property of a certificate trust list (CTL) context.
CertGetEnhancedKeyUsage

Returns information from the enhanced key usage (EKU) extension or the EKU extended property of a certificate.
CertGetIntendedKeyUsage

Acquires the intended key usage bytes from a certificate.
CertGetIssuerCertificateFromStore

Retrieves the certificate context from the certificate store for the first or next issuer of the specified subject certificate. The new Certificate Chain Verification Functions are recommended instead of the use of this function.
CertGetNameStringA

Obtains the subject or issuer name from a certificate CERT_CONTEXT structure and converts it to a null-terminated character string.
CertGetNameStringW

Obtains the subject or issuer name from a certificate CERT_CONTEXT structure and converts it to a null-terminated character string.
CertGetPublicKeyLength

The CertGetPublicKeyLength function acquires the bit length of public/private keys from a public key BLOB.
CertGetServerOcspResponseContext

Retrieves a non-blocking, time valid online certificate status protocol (OCSP) response context for the specified handle.
CertGetStoreProperty

Retrieves a store property.
CertGetSubjectCertificateFromStore

Returns from a certificate store a subject certificate context uniquely identified by its issuer and serial number.
CertGetValidUsages

Returns an array of usages that consist of the intersection of the valid usages for all certificates in an array of certificates.
CertIsRDNAttrsInCertificateName

The CertIsRDNAttrsInCertificateName function compares the attributes in the certificate name with the specified CERT_RDN to determine whether all attributes are included there.
CertIsStrongHashToSign

Determines whether the specified hash algorithm and the public key in the signing certificate can be used to perform strong signing.
CertIsValidCRLForCertificate

The CertIsValidCRLForCertificate function checks a CRL to find out if it is a CRL that would include a specific certificate if that certificate were revoked.
CertNameToStrA

Converts an encoded name in a CERT_NAME_BLOB structure to a null-terminated character string.
CertNameToStrW

Converts an encoded name in a CERT_NAME_BLOB structure to a null-terminated character string.
CertOIDToAlgId

Use the CryptFindOIDInfo function instead of this function because ALG_ID identifiers are no longer supported in CNG.
CertOpenServerOcspResponse

Opens a handle to an online certificate status protocol (OCSP) response associated with a server certificate chain.
CertOpenStore

Opens a certificate store by using a specified store provider type.
CertOpenSystemStoreA

Opens the most common system certificate store. To open certificate stores with more complex requirements, such as file-based or memory-based stores, use CertOpenStore.
CertOpenSystemStoreW

Opens the most common system certificate store. To open certificate stores with more complex requirements, such as file-based or memory-based stores, use CertOpenStore.
CertRDNValueToStrA

The CertRDNValueToStr function converts a name in a CERT_RDN_VALUE_BLOB to a null-terminated character string.
CertRDNValueToStrW

The CertRDNValueToStr function converts a name in a CERT_RDN_VALUE_BLOB to a null-terminated character string.
CertRegisterPhysicalStore

Adds a physical store to a registry system store collection.
CertRegisterSystemStore

Registers a system store.
CertRemoveEnhancedKeyUsageIdentifier

The CertRemoveEnhancedKeyUsageIdentifier function removes a usage identifier object identifier (OID) from the enhanced key usage (EKU) extended property of the certificate.
CertRemoveStoreFromCollection

Removes a sibling certificate store from a collection store.
CertResyncCertificateChainEngine

Resyncs the certificate chain engine, which resynchronizes the stores the store's engine and updates the engine caches.
CertRetrieveLogoOrBiometricInfo

Performs a URL retrieval of logo or biometric information specified in either the szOID_LOGOTYPE_EXT or szOID_BIOMETRIC_EXT certificate extension.
CertSaveStore

Saves the certificate store to a file or to a memory BLOB.
CertSelectCertificateChains

Retrieves certificate chains based on specified selection criteria.
CertSerializeCertificateStoreElement

The CertSerializeCertificateStoreElement function serializes a certificate context's encoded certificate and its encoded properties. The result can be persisted to storage so that the certificate and properties can be retrieved at a later time.
CertSerializeCRLStoreElement

The CertSerializeCRLStoreElement function serializes an encoded certificate revocation list (CRL) context and the encoded representation of its properties.
CertSerializeCTLStoreElement

The CertSerializeCTLStoreElement function serializes an encoded certificate trust list (CTL) context and the encoded representation of its properties. The result can be persisted to storage so that the CTL and properties can be retrieved later.
CertSetCertificateContextPropertiesFromCTLEntry

Sets the properties on the certificate context by using the attributes in the specified certificate trust list (CTL) entry.
CertSetCertificateContextProperty

Sets an extended property for a specified certificate context.
CertSetCRLContextProperty

Sets an extended property for the specified certificate revocation list (CRL) context.
CertSetCTLContextProperty

Sets an extended property for the specified certificate trust list (CTL) context.
CertSetEnhancedKeyUsage

The CertSetEnhancedKeyUsage function sets the enhanced key usage (EKU) property for the certificate.
CertSetStoreProperty

The CertSetStoreProperty function sets a store property.
CertStrToNameA

Converts a null-terminated X.500 string to an encoded certificate name.
CertStrToNameW

Converts a null-terminated X.500 string to an encoded certificate name.
CertUnregisterPhysicalStore

The CertUnregisterPhysicalStore function removes a physical store from a specified system store collection. CertUnregisterPhysicalStore can also be used to delete the physical store.
CertUnregisterSystemStore

The CertUnregisterSystemStore function unregisters a specified system store.
CertVerifyCertificateChainPolicy

Checks a certificate chain to verify its validity, including its compliance with any specified validity policy criteria.
CertVerifyCRLRevocation

Check a certificate revocation list (CRL) to determine whether a subject's certificate has or has not been revoked.
CertVerifyCRLTimeValidity

The CertVerifyCRLTimeValidity function verifies the time validity of a CRL.
CertVerifyCTLUsage

Verifies that a subject is trusted for a specified usage by finding a signed and time-valid certificate trust list (CTL) with the usage identifiers that contain the subject.
CertVerifyRevocation

Checks the revocation status of the certificates contained in the rgpvContext array. If a certificate in the list is found to be revoked, no further checking is done.
CertVerifySubjectCertificateContext

The CertVerifySubjectCertificateContext function performs the enabled verification checks on a certificate by checking the validity of the certificate's issuer. The new Certificate Chain Verification Functions are recommended instead of this function.
CertVerifyTimeValidity

The CertVerifyTimeValidity function verifies the time validity of a certificate.
CertVerifyValidityNesting

The CertVerifyValidityNesting function verifies that a subject certificate's time validity nests correctly within its issuer's time validity.
CryptAcquireCertificatePrivateKey

Obtains the private key for a certificate.
CryptAcquireContextA

Used to acquire a handle to a particular key container within a particular cryptographic service provider (CSP). This returned handle is used in calls to CryptoAPI functions that use the selected CSP.
CryptAcquireContextW

Used to acquire a handle to a particular key container within a particular cryptographic service provider (CSP). This returned handle is used in calls to CryptoAPI functions that use the selected CSP.
CryptBinaryToStringA

Converts an array of bytes into a formatted string.
CryptBinaryToStringW

Converts an array of bytes into a formatted string.
CryptCloseAsyncHandle

CryptContextAddRef

Adds one to the reference count of an HCRYPTPROV cryptographic service provider (CSP) handle.
CryptCreateAsyncHandle

CryptCreateHash

Initiates the hashing of a stream of data. It creates and returns to the calling application a handle to a cryptographic service provider (CSP) hash object.
CryptCreateKeyIdentifierFromCSP

Important  This API is deprecated.
CryptDecodeMessage

Decodes, decrypts, and verifies a cryptographic message.
CryptDecodeObject

The CryptDecodeObject function decodes a structure of the type indicated by the lpszStructType parameter. The use of CryptDecodeObjectEx is recommended as an API that performs the same function with significant performance improvements.
CryptDecodeObjectEx

Decodes a structure of the type indicated by the lpszStructType parameter.
CryptDecrypt

Decrypts data previously encrypted by using the CryptEncrypt function.
CryptDecryptAndVerifyMessageSignature

The CryptDecryptAndVerifyMessageSignature function decrypts a message and verifies its signature.
CryptDecryptMessage

The CryptDecryptMessage function decodes and decrypts a message.
CryptDeriveKey

Generates cryptographic session keys derived from a base data value.
CryptDestroyHash

Destroys the hash object referenced by the hHash parameter.
CryptDestroyKey

Releases the handle referenced by the hKey parameter.
CryptDuplicateHash

Makes an exact copy of a hash to the point when the duplication is done.
CryptDuplicateKey

Makes an exact copy of a key and the state of the key.
CryptEncodeObject

The CryptEncodeObject function encodes a structure of the type indicated by the value of the lpszStructType parameter. The use of CryptEncodeObjectEx is recommended as an API that performs the same function with significant performance improvements.
CryptEncodeObjectEx

Encodes a structure of the type indicated by the value of the lpszStructType parameter.
CryptEncrypt

Encrypts data. The algorithm used to encrypt the data is designated by the key held by the CSP module and is referenced by the hKey parameter.
CryptEncryptMessage

The CryptEncryptMessage function encrypts and encodes a message.
CryptEnumKeyIdentifierProperties

The CryptEnumKeyIdentifierProperties function enumerates key identifiers and their properties.
CryptEnumOIDFunction

The CryptEnumOIDFunction function enumerates the registered object identifier (OID) functions.
CryptEnumOIDInfo

Enumerates predefined and registered object identifier (OID) CRYPT_OID_INFO structures. This function enumerates either all of the predefined and registered structures or only structures identified by a selected OID group.
CryptEnumProvidersA

Important  This API is deprecated.
CryptEnumProvidersW

Important  This API is deprecated.
CryptEnumProviderTypesA

Retrieves the first or next types of cryptographic service provider (CSP) supported on the computer.
CryptEnumProviderTypesW

Retrieves the first or next types of cryptographic service provider (CSP) supported on the computer.
CryptExportKey

Exports a cryptographic key or a key pair from a cryptographic service provider (CSP) in a secure manner.
CryptExportPKCS8

Exports the private key in PKCS
CryptExportPKCS8Ex

Exports the private key in PKCS
CryptExportPublicKeyInfo

The CryptExportPublicKeyInfo function exports the public key information associated with the corresponding private key of the provider. For an updated version of this function, see CryptExportPublicKeyInfoEx.
CryptExportPublicKeyInfoEx

Exports the public key information associated with the provider's corresponding private key.
CryptExportPublicKeyInfoFromBCryptKeyHandle

Exports the public key information associated with a provider's corresponding private key.
CryptFindCertificateKeyProvInfo

Enumerates the cryptographic providers and their containers to find the private key that corresponds to the certificate's public key.
CryptFindLocalizedName

Finds the localized name for the specified name, such as the localize name of the "Root" system store.
CryptFindOIDInfo

Retrieves the first predefined or registered CRYPT_OID_INFO structure that matches a specified key type and key. The search can be limited to object identifiers (OIDs) within a specified OID group.
CryptFormatObject

The CryptFormatObject function formats the encoded data and returns a Unicode string in the allocated buffer according to the certificate encoding type.
CryptFreeOIDFunctionAddress

The CryptFreeOIDFunctionAddress function releases a handle returned by CryptGetOIDFunctionAddress or CryptGetDefaultOIDFunctionAddress by decrementing the reference count on the function handle.
CryptGenKey

Generates a random cryptographic session key or a public/private key pair. A handle to the key or key pair is returned in phKey. This handle can then be used as needed with any CryptoAPI function that requires a key handle.
CryptGenRandom

Fills a buffer with cryptographically random bytes.
CryptGetAsyncParam

CryptGetDefaultOIDDllList

The CryptGetDefaultOIDDllList function acquires the list of the names of DLL files that contain registered default object identifier (OID) functions for a specified function set and encoding type.
CryptGetDefaultOIDFunctionAddress

The CryptGetDefaultOIDFunctionAddress function loads the DLL that contains a default function address.
CryptGetDefaultProviderA

Finds the default cryptographic service provider (CSP) of a specified provider type for the local computer or current user.
CryptGetDefaultProviderW

Finds the default cryptographic service provider (CSP) of a specified provider type for the local computer or current user.
CryptGetHashParam

Retrieves data that governs the operations of a hash object.
CryptGetKeyIdentifierProperty

The CryptGetKeyIdentifierProperty acquires a specific property from a specified key identifier.
CryptGetKeyParam

Retrieves data that governs the operations of a key.
CryptGetMessageCertificates

The CryptGetMessageCertificates function returns the handle of an open certificate store containing the message's certificates and CRLs. This function calls CertOpenStore using provider type CERT_STORE_PROV_PKCS7 as its lpszStoreProvider parameter.
CryptGetMessageSignerCount

The CryptGetMessageSignerCount function returns the number of signers of a signed message.
CryptGetObjectUrl

Acquires the URL of the remote object from a certificate, certificate trust list (CTL), or certificate revocation list (CRL).
CryptGetOIDFunctionAddress

Searches the list of registered and installed functions for an encoding type and object identifier (OID) match.
CryptGetOIDFunctionValue

The CryptGetOIDFunctionValue function queries a value associated with an OID.
CryptGetProvParam

Retrieves parameters that govern the operations of a cryptographic service provider (CSP).
CryptGetTimeValidObject

Retrieves a CRL, an OCSP response, or CTL object that is valid within a given context and time.
CryptGetUserKey

Retrieves a handle of one of a user's two public/private key pairs.
CryptHashCertificate

The CryptHashCertificate function hashes the entire encoded content of a certificate including its signature.
CryptHashCertificate2

Hashes a block of data by using a CNG hash provider.
CryptHashData

Adds data to a specified hash object.
CryptHashMessage

Creates a hash of the message.
CryptHashPublicKeyInfo

Encodes the public key information in a CERT_PUBLIC_KEY_INFO structure and computes the hash of the encoded bytes.
CryptHashSessionKey

Computes the cryptographic hash of a session key object.
CryptHashToBeSigned

Important  This API is deprecated.
CryptImportKey

Transfers a cryptographic key from a key BLOB into a cryptographic service provider (CSP).
CryptImportPKCS8

Imports the private key in PKCS
CryptImportPublicKeyInfo

Converts and imports the public key information into the provider and returns a handle of the public key.
CryptImportPublicKeyInfoEx

Important  This API is deprecated.
CryptImportPublicKeyInfoEx2

Imports a public key into the CNG asymmetric provider that corresponds to the public key object identifier (OID) and returns a CNG handle to the key.
CryptInitOIDFunctionSet

The CryptInitOIDFunctionSet initializes and returns the handle of the OID function set identified by a supplied function set name.
CryptInstallDefaultContext

Installs a specific provider to be the default context provider for the specified algorithm.
CryptInstallOIDFunctionAddress

The CryptInstallOIDFunctionAddress function installs a set of callable object identifier (OID) function addresses.
CryptMemAlloc

The CryptMemAlloc function allocates memory for a buffer. It is used by all Crypt32.lib functions that return allocated buffers.
CryptMemFree

The CryptMemFree function frees memory allocated by CryptMemAlloc or CryptMemRealloc.
CryptMemRealloc

The CryptMemRealloc function frees the memory currently allocated for a buffer and allocates memory for a new buffer.
CryptMsgCalculateEncodedLength

Calculates the maximum number of bytes needed for an encoded cryptographic message given the message type, encoding parameters, and total length of the data to be encoded.
CryptMsgClose

The CryptMsgClose function closes a cryptographic message handle. At each call to this function, the reference count on the message is reduced by one. When the reference count reaches zero, the message is fully released.
CryptMsgControl

Performs a control operation after a message has been decoded by a final call to the CryptMsgUpdate function.
CryptMsgCountersign

Countersigns an existing signature in a message.
CryptMsgCountersignEncoded

Countersigns an existing PKCS
CryptMsgDuplicate

The CryptMsgDuplicate function duplicates a cryptographic message handle by incrementing its reference count.
CryptMsgEncodeAndSignCTL

The CryptMsgEncodeAndSignCTL function encodes a CTL and creates a signed message containing the encoded CTL.This function first encodes the CTL pointed to by pCtlInfo and then calls CryptMsgSignCTL to sign the encoded message.
CryptMsgGetAndVerifySigner

The CryptMsgGetAndVerifySigner function verifies a cryptographic message's signature.
CryptMsgGetParam

Acquires a message parameter after a cryptographic message has been encoded or decoded.
CryptMsgOpenToDecode

Opens a cryptographic message for decoding and returns a handle of the opened message.
CryptMsgOpenToEncode

Opens a cryptographic message for encoding and returns a handle of the opened message.
CryptMsgSignCTL

The CryptMsgSignCTL function creates a signed message containing an encoded CTL.
CryptMsgUpdate

Adds contents to a cryptographic message.
CryptMsgVerifyCountersignatureEncoded

Verifies a countersignature in terms of the SignerInfo structure (as defined by PKCS
CryptMsgVerifyCountersignatureEncodedEx

Verifies that the pbSignerInfoCounterSignature parameter contains the encrypted hash of the encryptedDigest field of the pbSignerInfo parameter structure.
CryptQueryObject

Retrieves information about the contents of a cryptography API object, such as a certificate, a certificate revocation list, or a certificate trust list.
CryptRegisterDefaultOIDFunction

The CryptRegisterDefaultOIDFunction registers a DLL containing the default function to be called for the specified encoding type and function name. Unlike CryptRegisterOIDFunction, the function name to be exported by the DLL cannot be overridden.
CryptRegisterOIDFunction

Registers a DLL that contains the function to be called for the specified encoding type, function name, and object identifier (OID).
CryptRegisterOIDInfo

The CryptRegisterOIDInfo function registers the OID information specified in the CRYPT_OID_INFO structure, persisting it to the registry.
CryptReleaseContext

Releases the handle of a cryptographic service provider (CSP) and a key container.
CryptRetrieveObjectByUrlA

Retrieves the public key infrastructure (PKI) object from a location specified by a URL.
CryptRetrieveObjectByUrlW

Retrieves the public key infrastructure (PKI) object from a location specified by a URL.
CryptRetrieveTimeStamp

Encodes a time stamp request and retrieves the time stamp token from a location specified by a URL to a Time Stamping Authority (TSA).
CryptSetAsyncParam

CryptSetHashParam

Customizes the operations of a hash object, including setting up initial hash contents and selecting a specific hashing algorithm.
CryptSetKeyIdentifierProperty

The CryptSetKeyIdentifierProperty function sets the property of a specified key identifier. This function can set the property on the computer identified in pwszComputerName.
CryptSetKeyParam

Customizes various aspects of a session key's operations.
CryptSetOIDFunctionValue

The CryptSetOIDFunctionValue function sets a value for the specified encoding type, function name, OID, and value name.
CryptSetProviderA

Specifies the current user's default cryptographic service provider (CSP).
CryptSetProviderExA

Specifies the default cryptographic service provider (CSP) of a specified provider type for the local computer or current user.
CryptSetProviderExW

Specifies the default cryptographic service provider (CSP) of a specified provider type for the local computer or current user.
CryptSetProviderW

Specifies the current user's default cryptographic service provider (CSP).
CryptSetProvParam

Customizes the operations of a cryptographic service provider (CSP). This function is commonly used to set a security descriptor on the key container associated with a CSP to control access to the private keys in that key container.
CryptSignAndEncodeCertificate

Encodes and signs a certificate, certificate revocation list (CRL), certificate trust list (CTL), or certificate request.
CryptSignAndEncryptMessage

The CryptSignAndEncryptMessage function creates a hash of the specified content, signs the hash, encrypts the content, hashes the encrypted contents and the signed hash, and then encodes both the encrypted content and the signed hash.
CryptSignCertificate

The CryptSignCertificate function signs the "to be signed" information in the encoded signed content.
CryptSignHashA

Signs data.
CryptSignHashW

Signs data.
CryptSignMessage

The CryptSignMessage function creates a hash of the specified content, signs the hash, and then encodes both the original message content and the signed hash.
CryptSignMessageWithKey

Signs a message by using a CSP's private key specified in the parameters.
CryptStringToBinaryA

Converts a formatted string into an array of bytes.
CryptStringToBinaryW

Converts a formatted string into an array of bytes.
CryptUninstallDefaultContext

Important  This API is deprecated.
CryptUnregisterDefaultOIDFunction

The CryptUnregisterDefaultOIDFunction removes the registration of a DLL containing the default function to be called for the specified encoding type and function name.
CryptUnregisterOIDFunction

Removes the registration of a DLL that contains the function to be called for the specified encoding type, function name, and OID.
CryptUnregisterOIDInfo

The CryptUnregisterOIDInfo function removes the registration of a specified CRYPT_OID_INFO OID information structure. The structure to be unregistered is identified by the structure's pszOID and dwGroupId members.
CryptVerifyCertificateSignature

Verifies the signature of a certificate, certificate revocation list (CRL), or certificate request by using the public key in a CERT_PUBLIC_KEY_INFO structure.
CryptVerifyCertificateSignatureEx

Verifies the signature of a subject certificate, certificate revocation list, certificate request, or keygen request by using the issuer's public key.
CryptVerifyDetachedMessageHash

The CryptVerifyDetachedMessageHash function verifies a detached hash.
CryptVerifyDetachedMessageSignature

The CryptVerifyDetachedMessageSignature function verifies a signed message containing a detached signature or signatures.
CryptVerifyMessageHash

The CryptVerifyMessageHash function verifies the hash of specified content.
CryptVerifyMessageSignature

Verifies a signed message's signature.
CryptVerifyMessageSignatureWithKey

Verifies a signed message's signature by using specified public key information.
CryptVerifySignatureA

Verifies the signature of a hash object.
CryptVerifySignatureW

Verifies the signature of a hash object.
CryptVerifyTimeStampSignature

Validates the time stamp signature on a specified array of bytes.
GetEncSChannel

This function is unavailable.
PFXExportCertStore

Exports the certificates and, if available, the associated private keys from the referenced certificate store.
PFXExportCertStoreEx

Exports the certificates and, if available, their associated private keys from the referenced certificate store.
PFXImportCertStore

Imports a PFX BLOB and returns the handle of a store that contains certificates and any associated private keys.
PFXIsPFXBlob

The PFXIsPFXBlob function attempts to decode the outer layer of a BLOB as a PFX packet.
PFXVerifyPassword

The PFXVerifyPassword function attempts to decode the outer layer of a BLOB as a Personal Information Exchange (PFX) packet and to decrypt it with the given password. No data from the BLOB is imported.

Callback functions

 
PCRYPT_DECRYPT_PRIVATE_KEY_FUNC

Decrypts the private key and returns the decrypted key in the pbClearTextKey parameter.
PCRYPT_ENCRYPT_PRIVATE_KEY_FUNC

Encrypts the private key and returns the encrypted contents in the pbEncryptedKey parameter.
PCRYPT_RESOLVE_HCRYPTPROV_FUNC

Returns a handle to a cryptographic service provider (CSP) by using the phCryptProv parameter to receive the key being imported.
PFN_CERT_CHAIN_FIND_BY_ISSUER_CALLBACK

An application-defined callback function that allows the application to filter certificates that might be added to the certificate chain.
PFN_CERT_CREATE_CONTEXT_SORT_FUNC

Called for each sorted context entry when a context is created.
PFN_CERT_DLL_OPEN_STORE_PROV_FUNC

Implemented by a store-provider and is used to open a store.
PFN_CERT_ENUM_PHYSICAL_STORE

The CertEnumPhysicalStoreCallback callback function formats and presents information on each physical store found by a call to CertEnumPhysicalStore.
PFN_CERT_ENUM_SYSTEM_STORE

The CertEnumSystemStoreCallback callback function formats and presents information on each system store found by a call to CertEnumSystemStore.
PFN_CERT_ENUM_SYSTEM_STORE_LOCATION

The CertEnumSystemStoreLocationCallback callback function formats and presents information on each system store location found by a call to CertEnumSystemStoreLocation.
PFN_CERT_STORE_PROV_CLOSE

An application-defined callback function that is called by CertCloseStore when the store's reference count is decremented to zero.
PFN_CERT_STORE_PROV_CONTROL

The CertStoreProvControl callback function supports the CertControlStore API. All of the API's parameters are passed straight through to the callback. For details, see CertControlStore.
PFN_CERT_STORE_PROV_DELETE_CERT

An application-defined callback function that is called by CertDeleteCertificateFromStore before deleting a certificate from the store.
PFN_CERT_STORE_PROV_DELETE_CRL

An application-defined callback function that is called by CertDeleteCRLFromStore before deleting the CRL from the store.
PFN_CERT_STORE_PROV_READ_CERT

An application-defined callback function that reads the provider's copy of the certificate context.
PFN_CERT_STORE_PROV_READ_CRL

An application-defined callback function that reads the provider's copy of the CRL context.
PFN_CERT_STORE_PROV_READ_CTL

The CertStoreProvReadCTL callback function is called to read the provider's copy of the CTL context and, if it exists, to create a new CTL context.
PFN_CERT_STORE_PROV_SET_CERT_PROPERTY

An application-defined callback function that is called by CertSetCertificateContextProperty before setting the certificate's property.
PFN_CERT_STORE_PROV_SET_CRL_PROPERTY

An application-defined callback function that is called by CertSetCRLContextProperty before setting the CRL's property.
PFN_CERT_STORE_PROV_SET_CTL_PROPERTY

The CertStoreProvSetCTLProperty callback function determines whether a property can be set on a CTL.
PFN_CERT_STORE_PROV_WRITE_CERT

An application-defined callback function that is called by CertAddEncodedCertificateToStore, CertAddCertificateContextToStore and CertAddSerializedElementToStore before adding to the store.
PFN_CERT_STORE_PROV_WRITE_CRL

An application-defined callback function that is called by CertAddEncodedCRLToStore, CertAddCRLContextToStore and CertAddSerializedElementToStore before adding to the store.
PFN_CERT_STORE_PROV_WRITE_CTL

The CertStoreProvWriteCTL callback function can be called by CertAddEncodedCTLToStore, CertAddCTLContextToStore or CertAddSerializedElementToStore before a CTL is added to the store.
PFN_CMSG_CNG_IMPORT_CONTENT_ENCRYPT_KEY

Imports an already decrypted content encryption key (CEK).
PFN_CMSG_CNG_IMPORT_KEY_AGREE

Decrypts a content encryption key (CEK) that is intended for a key agreement recipient.
PFN_CMSG_CNG_IMPORT_KEY_TRANS

Imports and decrypts a content encryption key (CEK) that is intended for a key transport recipient.
PFN_CMSG_EXPORT_KEY_AGREE

Encrypts and exports the content encryption key for a key agreement recipient of an enveloped message.
PFN_CMSG_EXPORT_KEY_TRANS

Encrypts and exports the content encryption key for a key transport recipient of an enveloped message.
PFN_CMSG_EXPORT_MAIL_LIST

Encrypts and exports the content encryption key for a mailing list recipient of an enveloped message.
PFN_CMSG_GEN_CONTENT_ENCRYPT_KEY

Generates the symmetric key used to encrypt content for an enveloped message.
PFN_CMSG_IMPORT_KEY_AGREE

Imports a content encryption key for a key transport recipient of an enveloped message.
PFN_CMSG_IMPORT_KEY_TRANS

Imports a content encryption key for a key transport recipient of an enveloped message.
PFN_CMSG_IMPORT_MAIL_LIST

Imports a content encryption key for a key transport recipient of an enveloped message.
PFN_CRYPT_ENUM_KEYID_PROP

The CRYPT_ENUM_KEYID_PROP callback function is used with the CryptEnumKeyIdentifierProperties function.
PFN_CRYPT_ENUM_OID_FUNC

The CRYPT_ENUM_OID_FUNCTION callback function is used with the CryptEnumOIDFunction function.
PFN_CRYPT_ENUM_OID_INFO

The CRYPT_ENUM_OID_INFO callback function is used with the CryptEnumOIDInfo function.
PFN_CRYPT_EXPORT_PUBLIC_KEY_INFO_EX2_FUNC

Called by CryptExportPublicKeyInfoEx to export a public key BLOB and encode it.
PFN_CRYPT_EXTRACT_ENCODED_SIGNATURE_PARAMETERS_FUNC

Called to decode and return the hash algorithm identifier and optionally the signature parameters.
PFN_CRYPT_GET_SIGNER_CERTIFICATE

The CryptGetSignerCertificateCallback user supplied callback function is used with the CRYPT_VERIFY_MESSAGE_PARA structure to get and verify a message signer's certificate.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FLUSH

Specifies that an object has changed.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE

Releases the object returned by the provider.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE_IDENTIFIER

Releases memory for an object identifier.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_FREE_PASSWORD

Releases the password used to encrypt a personal information exchange (PFX) byte array.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_GET

Retrieves an object.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_INITIALIZE

Initializes the provider.
PFN_CRYPT_OBJECT_LOCATOR_PROVIDER_RELEASE

Releases the provider.
PFN_CRYPT_SIGN_AND_ENCODE_HASH_FUNC

Called to sign and encode a computed hash.
PFN_CRYPT_VERIFY_ENCODED_SIGNATURE_FUNC

Called to decrypt an encoded signature and compare it to a computed hash.
PFN_IMPORT_PUBLIC_KEY_INFO_EX2_FUNC

Called by CryptImportPublicKeyInfoEx2 to decode the public key algorithm identifier, load the algorithm provider, and import the key pair.

Structures

 
AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA

Holds policy information used in the verification of certificate chains for files.
AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS

The AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_STATUS structure holds additional Authenticode policy information for chain verification of files.
AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA

The AUTHENTICODE_TS_EXTRA_CERT_CHAIN_POLICY_PARA structure contains time stamp policy information that can be used in certificate chain verification of files.
BLOBHEADER

Indicates a key's BLOB type and the algorithm that the key uses.
CERT_ACCESS_DESCRIPTION

The CERT_ACCESS_DESCRIPTION structure is a member of a CERT_AUTHORITY_INFO_ACCESS structure.
CERT_ALT_NAME_ENTRY

Contains an alternative name in one of a variety of name forms.
CERT_ALT_NAME_INFO

The CERT_ALT_NAME_INFO structure is used in encoding and decoding extensions for subject or issuer certificates, Certificate Revocation Lists (CRLs), and Certificate Trust Lists (CTLs).
CERT_AUTHORITY_INFO_ACCESS

Represents authority information access and subject information access certificate extensions and specifies how to access additional information and services for the subject or the issuer of a certificate.
CERT_AUTHORITY_KEY_ID_INFO

Identifies the key used to sign a certificate or certificate revocation list (CRL).
CERT_AUTHORITY_KEY_ID2_INFO

The CERT_AUTHORITY_KEY_ID2_INFO structure identifies the key used to sign a certificate or CRL.
CERT_BASIC_CONSTRAINTS_INFO

The CERT_BASIC_CONSTRAINTS_INFO structure contains information that indicates whether the certified subject can act as a certification authority (CA), an end entity, or both.
CERT_BASIC_CONSTRAINTS2_INFO

The CERT_BASIC_CONSTRAINTS2_INFO structure contains information indicating whether the certified subject can act as a CA or an end entity. If the subject can act as a CA, a certification path length constraint can also be specified.
CERT_BIOMETRIC_DATA

Contains information about biometric data.
CERT_BIOMETRIC_EXT_INFO

Contains a set of biometric information.
CERT_CHAIN_CONTEXT

Contains an array of simple certificate chains and a trust status structure that indicates summary validity data on all of the connected simple chains.
CERT_CHAIN_ELEMENT

The CERT_CHAIN_ELEMENT structure is a single element in a simple certificate chain.
CERT_CHAIN_ENGINE_CONFIG

Sets parameters for building a non-default certificate chain engine. The engine used determines the ways that certificate chains are built.
CERT_CHAIN_FIND_ISSUER_PARA

Contains information used in the CertFindChainInStore function to build certificate chains.
CERT_CHAIN_PARA

The CERT_CHAIN_PARA structure establishes the searching and matching criteria to be used in building a certificate chain.
CERT_CHAIN_POLICY_PARA

Contains information used in CertVerifyCertificateChainPolicy to establish policy criteria for the verification of certificate chains.
CERT_CHAIN_POLICY_STATUS

Holds certificate chain status information returned by the CertVerifyCertificateChainPolicy function when the certificate chains are validated.
CERT_CONTEXT

Contains both the encoded and decoded representations of a certificate.
CERT_CREATE_CONTEXT_PARA

Defines additional values that can be used when calling the CertCreateContext function.
CERT_CRL_CONTEXT_PAIR

The CERT_CRL_CONTEXT_PAIR structure contains a certificate context and an associated CRL context.
CERT_DH_PARAMETERS

Contains parameters associated with a Diffie/Hellman public key algorithm.
CERT_DSS_PARAMETERS

Contains parameters associated with a Digital Signature Standard (DSS) public key algorithm.
CERT_ECC_SIGNATURE

Contains the r and s values for an Elliptic Curve Digital Signature Algorithm (ECDSA) signature.
CERT_EXTENSION

The CERT_EXTENSION structure contains the extension information for a certificate, Certificate Revocation List (CRL) or Certificate Trust List (CTL).
CERT_EXTENSIONS

The CERT_EXTENSIONS structure contains an array of extensions.
CERT_GENERAL_SUBTREE

The CERT_GENERAL_SUBTREE structure is used in CERT_NAME_CONSTRAINTS_INFO structure. This structure provides the identity of a certificate that can be included or excluded.
CERT_HASHED_URL

Contains a hashed URL.
CERT_ID

Is used as a flexible means of uniquely identifying a certificate.
CERT_INFO

Contains the information of a certificate.
CERT_ISSUER_SERIAL_NUMBER

Acts as a unique identifier of a certificate containing the issuer and issuer's serial number for a certificate.
CERT_KEY_ATTRIBUTES_INFO

The CERT_KEY_ATTRIBUTES_INFO structure contains optional additional information about the public key being certified.
CERT_KEY_CONTEXT

Contains data associated with a CERT_KEY_CONTEXT_PROP_ID property.
CERT_KEY_USAGE_RESTRICTION_INFO

The CERT_KEY_USAGE_RESTRICTION_INFO structure contains restrictions imposed on the usage of a certificate's public key. This includes purposes for use of the key and policies under which the key can be used.
CERT_KEYGEN_REQUEST_INFO

Contains information stored in the Netscape key generation request. The subject and subject public key BLOBs are encoded.
CERT_LDAP_STORE_OPENED_PARA

Used with the CertOpenStore function when the CERT_STORE_PROV_LDAP provider is specified by using the CERT_LDAP_STORE_OPENED_FLAG flag to specify both the existing LDAP session to use to perform the query as well as the LDAP query string.
CERT_LOGOTYPE_AUDIO

Contains information about an audio logotype.
CERT_LOGOTYPE_AUDIO_INFO

Contains more detailed information about an audio logotype.
CERT_LOGOTYPE_DATA

Contains logotype data.
CERT_LOGOTYPE_DETAILS

Contains additional information about a logotype.
CERT_LOGOTYPE_EXT_INFO

Contains a set of logotype information.
CERT_LOGOTYPE_IMAGE

Contains information about an image logotype.
CERT_LOGOTYPE_IMAGE_INFO

Contains more detailed information about an image logotype.
CERT_LOGOTYPE_INFO

Contains information about logotype data.
CERT_LOGOTYPE_REFERENCE

Contains logotype reference information.
CERT_NAME_CONSTRAINTS_INFO

The CERT_NAME_CONSTRAINTS_INFO structure contains information about certificates that are specifically permitted or excluded from trust.
CERT_NAME_INFO

Contains subject or issuer names.
CERT_NAME_VALUE

Contains a relative distinguished name (RDN) attribute value.
CERT_OR_CRL_BLOB

Encapsulates certificates for use with Internet Key Exchange messages.
CERT_OR_CRL_BUNDLE

Encapsulates an array of certificates for use with Internet Key Exchange messages.
CERT_OTHER_LOGOTYPE_INFO

Contains information about logo types that are not predefined.
CERT_PAIR

The CERT_PAIR structure contains a certificate and its pair cross certificate.
CERT_PHYSICAL_STORE_INFO

Contains information on physical certificate stores.
CERT_POLICIES_INFO

The CERT_POLICIES_INFO structure contains an array of CERT_POLICY_INFO.
CERT_POLICY_CONSTRAINTS_INFO

The CERT_POLICY_CONSTRAINTS_INFO structure contains established policies for accepting certificates as trusted.
CERT_POLICY_ID

The CERT_POLICY_ID structure contains a list of certificate policies that the certificate expressly supports, together with optional qualifier information pertaining to these policies.
CERT_POLICY_INFO

The CERT_POLICY_INFO structure contains an object identifier (OID) specifying a policy and an optional array of policy qualifiers.
CERT_POLICY_MAPPING

Contains a mapping between issuer domain and subject domain policy OIDs.
CERT_POLICY_MAPPINGS_INFO

The CERT_POLICY_MAPPINGS_INFO structure provides mapping between the policy OIDs of two domains.
CERT_POLICY_QUALIFIER_INFO

The CERT_POLICY_QUALIFIER_INFO structure contains an object identifier (OID) specifying the qualifier and qualifier-specific supplemental information.
CERT_PRIVATE_KEY_VALIDITY

The CERT_PRIVATE_KEY_VALIDITY structure indicates a valid time span for the private key corresponding to a certificate's public key.
CERT_PUBLIC_KEY_INFO

Contains a public key and its algorithm.
CERT_QC_STATEMENT

Represents a single statement in a sequence of one or more statements for inclusion in a Qualified Certificate (QC) statements extension.
CERT_QC_STATEMENTS_EXT_INFO

Contains a sequence of one or more statements that make up the Qualified Certificate (QC) statements extension for a QC.
CERT_RDN

The CERT_RDN structure contains a relative distinguished name (RDN) consisting of an array of CERT_RDN_ATTR structures.
CERT_RDN_ATTR

Contains a single attribute of a relative distinguished name (RDN). A whole RDN is expressed in a CERT_RDN structure that contains an array of CERT_RDN_ATTR structures.
CERT_REQUEST_INFO

The CERT_REQUEST_INFO structure contains information for a certificate request. The subject, subject public key, and attribute BLOBs are encoded.
CERT_REVOCATION_CHAIN_PARA

Contains parameters used for building a chain for an independent online certificate status protocol (OCSP) response signer certificate.
CERT_REVOCATION_CRL_INFO

Contains information updated by a certificate revocation list (CRL) revocation type handler.
CERT_REVOCATION_INFO

Indicates the revocation status of a certificate in a CERT_CHAIN_ELEMENT.
CERT_REVOCATION_PARA

Is passed in calls to the CertVerifyRevocation function to assist in finding the issuer of the context to be verified.
CERT_REVOCATION_STATUS

Contains information on the revocation status of the certificate.
CERT_SELECT_CHAIN_PARA

Contains the parameters used for building and selecting chains.
CERT_SELECT_CRITERIA

Specifies selection criteria that is passed to the CertSelectCertificateChains function.
CERT_SERVER_OCSP_RESPONSE_CONTEXT

Contains an encoded OCSP response.
CERT_SIGNED_CONTENT_INFO

The CERT_SIGNED_CONTENT_INFO structure contains encoded content to be signed and a BLOB to hold the signature. The ToBeSigned member is an encoded CERT_INFO, CRL_INFO, CTL_INFO or CERT_REQUEST_INFO.
CERT_SIMPLE_CHAIN

The CERT_SIMPLE_CHAIN structure contains an array of chain elements and a summary trust status for the chain that the array represents.
CERT_STORE_PROV_FIND_INFO

Used by many of the store provider callback functions.
CERT_STORE_PROV_INFO

Contains information returned by the installed CertDllOpenStoreProv function when a store is opened by using the CertOpenStore function.
CERT_STRONG_SIGN_PARA

Contains parameters used to check for strong signatures on certificates, certificate revocation lists (CRLs), online certificate status protocol (OCSP) responses, and PKCS
CERT_STRONG_SIGN_SERIALIZED_INFO

Contains the signature algorithm/hash algorithm and public key algorithm/bit length pairs that can be used for strong signing.
CERT_SYSTEM_STORE_INFO

The CERT_SYSTEM_STORE_INFO structure contains information used by functions that work with system stores. Currently, no essential information is contained in this structure.
CERT_SYSTEM_STORE_RELOCATE_PARA

The CERT_SYSTEM_STORE_RELOCATE_PARA structure contains data to be passed to CertOpenStore when that function's dwFlags parameter is set to CERT_SYSTEM_STORE_RELOCATE_FLAG.
CERT_TEMPLATE_EXT

A certificate template.
CERT_TRUST_LIST_INFO

The CERT_TRUST_LIST_INFO structure that indicates valid usage of a CTL.
CERT_TRUST_STATUS

Contains trust information about a certificate in a certificate chain, summary trust information about a simple chain of certificates, or summary information about an array of simple chains.
CERT_USAGE_MATCH

Provides criteria for identifying issuer certificates to be used to build a certificate chain.
CERT_X942_DH_PARAMETERS

Contains parameters associated with a Diffie-Hellman public key algorithm.
CERT_X942_DH_VALIDATION_PARAMS

Optionally pointed to by a member of the CERT_X942_DH_PARAMETERS structure and contains additional seed information.
CMC_ADD_ATTRIBUTES_INFO

Contains certificate attributes to be added to a certificate.
CMC_ADD_EXTENSIONS_INFO

Contains certificate extension control attributes to be added to a certificate.
CMC_DATA_INFO

Provides a means of communicating different pieces of tagged information.
CMC_PEND_INFO

A possible member of a CMC_STATUS_INFO structure.
CMC_RESPONSE_INFO

Provides a means of communicating different pieces of tagged information.
CMC_STATUS_INFO

Contains status information about Certificate Management Messages over CMS.
CMC_TAGGED_ATTRIBUTE

Used in the CMC_DATA_INFO and CMC_RESPONSE_INFO structures.
CMC_TAGGED_CERT_REQUEST

Used in the CMC_TAGGED_REQUEST structure.
CMC_TAGGED_CONTENT_INFO

Used in the CMC_DATA_INFO and CMC_RESPONSE_INFO structures.
CMC_TAGGED_OTHER_MSG

Used in the CMC_DATA_INFO and CMC_RESPONSE_INFO structures.
CMC_TAGGED_REQUEST

Used in the CMC_DATA_INFO structures to request a certificate.
CMS_DH_KEY_INFO

Used with the KP_CMS_DH_KEY_INFO parameter in the CryptSetKeyParam function to contain Diffie-Hellman key information.
CMS_KEY_INFO

Not used.
CMSG_CMS_RECIPIENT_INFO

Used with the CryptMsgGetParam function to get information on a key transport, key agreement, or mail list envelope message recipient.
CMSG_CMS_SIGNER_INFO

Contains the content of the defined SignerInfo in signed or signed and enveloped messages.
CMSG_CNG_CONTENT_DECRYPT_INFO

Contains all the relevant information passed between CryptMsgControl and object identifier (OID) installable functions for the import and decryption of a Cryptography API:_Next Generation (CNG) content encryption key (CEK).
CMSG_CONTENT_ENCRYPT_INFO

Contains information shared between the PFN_CMSG_GEN_CONTENT_ENCRYPT_KEY, PFN_CMSG_EXPORT_KEY_TRANS, PFN_CMSG_EXPORT_KEY_AGREE, and PFN_CMSG_EXPORT_MAIL_LIST functions.
CMSG_CTRL_ADD_SIGNER_UNAUTH_ATTR_PARA

Used to add an unauthenticated attribute to a signer of a signed message.
CMSG_CTRL_DECRYPT_PARA

Contains information used to decrypt an enveloped message for a key transport recipient. This structure is passed to CryptMsgControl if the dwCtrlType parameter is CMSG_CTRL_DECRYPT.
CMSG_CTRL_DEL_SIGNER_UNAUTH_ATTR_PARA

Used to delete an unauthenticated attribute of a signer of a signed message.
CMSG_CTRL_KEY_AGREE_DECRYPT_PARA

Contains information about a key agreement recipient.
CMSG_CTRL_KEY_TRANS_DECRYPT_PARA

Contains information about a key transport message recipient.
CMSG_CTRL_MAIL_LIST_DECRYPT_PARA

Contains information on a mail list message recipient.
CMSG_CTRL_VERIFY_SIGNATURE_EX_PARA

Contains information used to verify a message signature. It contains the signer index and signer public key.
CMSG_ENVELOPED_ENCODE_INFO

Contains information needed to encode an enveloped message. It is passed to CryptMsgOpenToEncode if the dwMsgType parameter is CMSG_ENVELOPED.
CMSG_HASHED_ENCODE_INFO

Used with hashed messages. It is passed to the CryptMsgOpenToEncode function if the CryptMsgOpenToEncode function's dwMsgType parameter is CMSG_ENVELOPED.
CMSG_KEY_AGREE_ENCRYPT_INFO

Contains encryption information applicable to all key agreement recipients of an enveloped message.
CMSG_KEY_AGREE_KEY_ENCRYPT_INFO

Contains the encrypted key for a key agreement recipient of an enveloped message.
CMSG_KEY_AGREE_RECIPIENT_ENCODE_INFO

Contains information about a message recipient that is using key agreement key management.
CMSG_KEY_AGREE_RECIPIENT_INFO

Contains information used for key agreement algorithms.
CMSG_KEY_TRANS_ENCRYPT_INFO

Contains encryption information for a key transport recipient of enveloped data.
CMSG_KEY_TRANS_RECIPIENT_ENCODE_INFO

Contains encoded key transport information for a message recipient.
CMSG_KEY_TRANS_RECIPIENT_INFO

The CMSG_KEY_TRANS_RECIPIENT_INFO structure contains information used in key transport algorithms.
CMSG_MAIL_LIST_ENCRYPT_INFO

Contains encryption information for a mailing list recipient of enveloped data.
CMSG_MAIL_LIST_RECIPIENT_ENCODE_INFO

The CMSG_MAIL_LIST_RECIPIENT_ENCODE_INFO structure is used with previously distributed symmetric keys for decrypting the content key encryption key (KEK).
CMSG_MAIL_LIST_RECIPIENT_INFO

Contains information used for previously distributed symmetric key-encryption keys (KEK).
CMSG_RC2_AUX_INFO

Contains the bit length of the key for RC2 encryption algorithms.
CMSG_RC4_AUX_INFO

The CMSG_RC4_AUX_INFO structure contains the bit length of the key for RC4 encryption algorithms. The pvEncryptionAuxInfo member in CMSG_ENVELOPED_ENCODE_INFO can be set to point to an instance of this structure.
CMSG_RECIPIENT_ENCODE_INFO

Contains information a message recipient's content encryption key management type.
CMSG_RECIPIENT_ENCRYPTED_KEY_ENCODE_INFO

Contains information on a message receiver used to decrypt the session key needed to decrypt the message contents.
CMSG_RECIPIENT_ENCRYPTED_KEY_INFO

The CMSG_RECIPIENT_ENCRYPTED_KEY_INFO structure contains information used for an individual key agreement recipient.
CMSG_SIGNED_ENCODE_INFO

Contains information to be passed to CryptMsgOpenToEncode if dwMsgType is CMSG_SIGNED.
CMSG_SIGNER_ENCODE_INFO

Contains signer information. It is passed to CryptMsgCountersign, CryptMsgCountersignEncoded, and optionally to CryptMsgOpenToEncode as a member of the CMSG_SIGNED_ENCODE_INFO structure, if the dwMsgType parameter is CMSG_SIGNED.
CMSG_SIGNER_INFO

The CMSG_SIGNER_INFO structure contains the content of the PKCS
CMSG_SP3_COMPATIBLE_AUX_INFO

Contains information needed for SP3 compatible encryption.
CMSG_STREAM_INFO

Used to enable stream processing of data rather than single block processing.
CRL_CONTEXT

The CRL_CONTEXT structure contains both the encoded and decoded representations of a certificate revocation list (CRL). CRL contexts returned by any CryptoAPI function must be freed by calling the CertFreeCRLContext function.
CRL_DIST_POINT

Identifies a single certificate revocation list (CRL) distribution point that a certificate user can reference to determine whether certificates have been revoked.
CRL_DIST_POINT_NAME

Identifies a location from which the CRL can be obtained.
CRL_DIST_POINTS_INFO

Contains a list of certificate revocation list (CRL) distribution points a certificate user can reference to determine whether the certificate has been revoked.
CRL_ENTRY

Contains information about a single revoked certificate. It is a member of a CRL_INFO structure.
CRL_FIND_ISSUED_FOR_PARA

Contains the certificate contexts of both a subject and a certificate issuer.
CRL_INFO

Contains the information of a certificate revocation list (CRL).
CRL_ISSUING_DIST_POINT

Contains information about the kinds of certificates listed in a certificate revocation list (CRL).
CROSS_CERT_DIST_POINTS_INFO

Provides information used to update dynamic cross certificates.
CRYPT_AES_128_KEY_STATE

Specifies the 128-bit symmetric key information for an Advanced Encryption Standard (AES) cipher.
CRYPT_AES_256_KEY_STATE

Specifies the 256-bit symmetric key information for an Advanced Encryption Standard (AES) cipher.
CRYPT_ALGORITHM_IDENTIFIER

Specifies an algorithm used to encrypt a private key.
CRYPT_ATTRIBUTE

The CRYPT_ATTRIBUTE structure specifies an attribute that has one or more values.
CRYPT_ATTRIBUTE_TYPE_VALUE

Contains a single attribute value. The Value member's CRYPT_OBJID_BLOB is encoded.
CRYPT_ATTRIBUTES

Contains an array of attributes.
CRYPT_BIT_BLOB

Contains a set of bits represented by an array of bytes.
CRYPT_BLOB_ARRAY

Contains an array of CRYPT_DATA_BLOB structures.
CRYPT_CONTENT_INFO

Contains data encoded in the PKCS
CRYPT_CONTENT_INFO_SEQUENCE_OF_ANY

Contains information representing the Netscape certificate sequence of certificates.
CRYPT_CREDENTIALS

Contains information about credentials that can be passed as optional input to a remote object retrieval function such as CryptRetrieveObjectByUrl or CryptGetTimeValidObject.
CRYPT_DECODE_PARA

Used by the CryptDecodeObjectEx function to provide access to memory allocation and memory freeing callback functions.
CRYPT_DECRYPT_MESSAGE_PARA

The CRYPT_DECRYPT_MESSAGE_PARA structure contains information for decrypting messages.
CRYPT_DEFAULT_CONTEXT_MULTI_OID_PARA

Used with the CryptInstallDefaultContext function to contain an array of object identifier strings.
CRYPT_ECC_CMS_SHARED_INFO

Represents key-encryption key information when using Elliptic Curve Cryptography (ECC) in the Cryptographic Message Syntax (CMS) EnvelopedData content type.
CRYPT_ENCODE_PARA

Used by the CryptEncodeObjectEx function to provide access to memory allocation and memory freeing callback functions.
CRYPT_ENCRYPT_MESSAGE_PARA

Contains information used to encrypt messages.
CRYPT_ENCRYPTED_PRIVATE_KEY_INFO

Contains the information in a PKCS
CRYPT_ENROLLMENT_NAME_VALUE_PAIR

Used to create certificate requests on behalf of a user.
CRYPT_GET_TIME_VALID_OBJECT_EXTRA_INFO

Contains optional extra information that can be passed to the CryptGetTimeValidObject function in the pExtraInfo parameter.
CRYPT_HASH_MESSAGE_PARA

Contains data for hashing messages.
CRYPT_INTEGER_BLOB

The CryptoAPI CRYPT_INTEGER_BLOB structure is used for an arbitrary array of bytes. It is declared in Wincrypt.h and provides flexibility for objects that can contain various data types.
CRYPT_KEY_PROV_INFO

The CRYPT_KEY_PROV_INFO structure contains information about a key container within a cryptographic service provider (CSP).
CRYPT_KEY_PROV_PARAM

Contains information about a key container parameter.
CRYPT_KEY_SIGN_MESSAGE_PARA

Contains information about the cryptographic service provider (CSP) and algorithms used to sign a message.
CRYPT_KEY_VERIFY_MESSAGE_PARA

Contains information needed to verify signed messages without a certificate for the signer.
CRYPT_MASK_GEN_ALGORITHM

Identifies the algorithm used to generate an RSA PKCS
CRYPT_OBJECT_LOCATOR_PROVIDER_TABLE

Contains pointers to functions implemented by an object location provider.
CRYPT_OID_FUNC_ENTRY

Contains an object identifier (OID) and a pointer to its related function.
CRYPT_OID_INFO

Contains information about an object identifier (OID).
CRYPT_PASSWORD_CREDENTIALSA

Contains the user name and password credentials to be used in the CRYPT_CREDENTIALS structure as optional input to a remote object retrieval function such as CryptRetrieveObjectByUrl or CryptGetTimeValidObject.
CRYPT_PASSWORD_CREDENTIALSW

Contains the user name and password credentials to be used in the CRYPT_CREDENTIALS structure as optional input to a remote object retrieval function such as CryptRetrieveObjectByUrl or CryptGetTimeValidObject.
CRYPT_PKCS12_PBE_PARAMS

Contains parameters used to create an encryption key, initialization vector (IV), or Message Authentication Code (MAC) key for a PKCS
CRYPT_PKCS8_EXPORT_PARAMS

Identifies the private key and a callback function to encrypt the private key. CRYPT_PKCS8_EXPORT_PARAMS is used as a parameter to the CryptExportPKCS8Ex function, which exports a private key in PKCS
CRYPT_PKCS8_IMPORT_PARAMS

Contains a PKCS
CRYPT_PRIVATE_KEY_INFO

Contains a clear-text private key in the PrivateKey field (DER encoded). CRYPT_PRIVATE_KEY_INFO contains the information in a PKCS
CRYPT_PSOURCE_ALGORITHM

Identifies the algorithm and (optionally) the value of the label for an RSAES-OAEP key encryption.
CRYPT_RC2_CBC_PARAMETERS

Contains information used with szOID_RSA_RC2CBC encryption.
CRYPT_RETRIEVE_AUX_INFO

Contains optional information to pass to the CryptRetrieveObjectByUrl function.
CRYPT_RSA_SSA_PSS_PARAMETERS

Contains the parameters for an RSA PKCS
CRYPT_RSAES_OAEP_PARAMETERS

Contains the parameters for an RSAES-OAEP key encryption.
CRYPT_SEQUENCE_OF_ANY

Contains an arbitrary list of encoded BLOBs.
CRYPT_SIGN_MESSAGE_PARA

The CRYPT_SIGN_MESSAGE_PARA structure contains information for signing messages using a specified signing certificate context.
CRYPT_SMART_CARD_ROOT_INFO

Contains the smart card and session IDs associated with a certificate context.
CRYPT_SMIME_CAPABILITIES

Contains a prioritized array of supported capabilities.
CRYPT_SMIME_CAPABILITY

The CRYPT_SMIME_CAPABILITY structure specifies a single capability and its associated parameters. Single capabilities are grouped together into a list of CRYPT_SMIME_CAPABILITIES which can specify a prioritized list of capability preferences.
CRYPT_TIME_STAMP_REQUEST_INFO

Used for time stamping.
CRYPT_TIMESTAMP_ACCURACY

Is used by the CRYPT_TIMESTAMP_INFO structure to represent the accuracy of the time deviation around the UTC time at which the time stamp token was created by the Time Stamp Authority (TSA).
CRYPT_TIMESTAMP_CONTEXT

Contains both the encoded and decoded representations of a time stamp token.
CRYPT_TIMESTAMP_INFO

Contains a signed data content type in Cryptographic Message Syntax (CMS) format.
CRYPT_TIMESTAMP_PARA

Defines additional parameters for the time stamp request.
CRYPT_TIMESTAMP_REQUEST

Defines a time stamp request structure that corresponds to the Abstract Syntax Notation One (ASN.1) definition of a TimeStampReq type.
CRYPT_TIMESTAMP_RESPONSE

Is used internally to encapsulate an Abstract Syntax Notation One (ASN.1) Distinguished Encoding Rules (DER) encoded response.
CRYPT_URL_INFO

Contains information about groupings of URLs.
CRYPT_VERIFY_CERT_SIGN_STRONG_PROPERTIES_INFO

Contains the length, in bits, of the public key and the names of the signing and hashing algorithms used for strong signing.
CRYPT_VERIFY_MESSAGE_PARA

The CRYPT_VERIFY_MESSAGE_PARA structure contains information needed to verify signed messages.
CRYPT_X942_OTHER_INFO

The CRYPT_X942_OTHER_INFO structure contains additional key generation information.
CRYPTNET_URL_CACHE_FLUSH_INFO

Contains expiry information used by the Cryptnet URL Cache (CUC) service to maintain a URL cache entry.
CRYPTNET_URL_CACHE_PRE_FETCH_INFO

Contains update information used by the Cryptnet URL Cache (CUC) service to maintain a URL cache entry.
CRYPTNET_URL_CACHE_RESPONSE_INFO

Contains response information used by the Cryptnet URL Cache (CUC) service to maintain a URL cache entry.
CTL_ANY_SUBJECT_INFO

Contains a SubjectAlgorithm to be matched in the certificate trust list (CTL) and the SubjectIdentifier to be matched in one of the CTL entries in calls to CertFindSubjectInCTL.
CTL_CONTEXT

The CTL_CONTEXT structure contains both the encoded and decoded representations of a CTL.
CTL_ENTRY

An element of a certificate trust list (CTL).
CTL_FIND_SUBJECT_PARA

Contains data used by CertFindCTLInStore with a dwFindType parameter of CTL_FIND_SUBJECT to find a Certificate Trust List (CTL).
CTL_FIND_USAGE_PARA

A member of the CTL_FIND_SUBJECT_PARA structure and it is used by CertFindCTLInStore.
CTL_INFO

Contains the information stored in a Certificate Trust List (CTL).
CTL_USAGE

Contains an array of object identifiers (OIDs) for Certificate Trust List (CTL) extensions.
CTL_USAGE_MATCH

Provides parameters for finding certificate trust lists (CTL) used to build a certificate chain.
CTL_VERIFY_USAGE_PARA

The CTL_VERIFY_USAGE_PARA structure contains parameters used by CertVerifyCTLUsage to establish the validity of a CTL's usage.
CTL_VERIFY_USAGE_STATUS

Contains information about a Certificate Trust List (CTL) returned by CertVerifyCTLUsage.
DHPRIVKEY_VER3

Contains information specific to the particular private key contained in the key BLOB.
DHPUBKEY

Contains information specific to the particular Diffie-Hellman public key contained in the key BLOB.
DHPUBKEY_VER3

Contains information specific to the particular public key contained in the key BLOB.
DSSSEED

Holds the seed and counter values that can be used to verify the primes of the DSS public key.
EV_EXTRA_CERT_CHAIN_POLICY_PARA

Specifies the parameters that are passed in for EV policy validation. Applications use this structure to pass hints to the API that indicate which of the policy qualifier flags of the extended validation certificates are important to the application.
EV_EXTRA_CERT_CHAIN_POLICY_STATUS

Contains policy flags returned from a call to the CertVerifyCertificateChainPolicy function.
HMAC_INFO

The HMAC_INFO structure specifies the hash algorithm and the inner and outer strings that are to be used to calculate the HMAC hash.
HTTPSPolicyCallbackData

Holds policy information used in the verification of Secure Sockets Layer (SSL) client/server certificate chains.
OCSP_BASIC_RESPONSE_ENTRY

Contains the current certificate status for a single certificate.
OCSP_BASIC_RESPONSE_INFO

Contains a basic online certificate status protocol (OCSP) response as specified by RFC 2560.
OCSP_BASIC_REVOKED_INFO

Contains the reason a certificate was revoked.
OCSP_BASIC_SIGNED_RESPONSE_INFO

Contains a basic online certificate status protocol (OCSP) response with a signature.
OCSP_CERT_ID

Contains information to identify a certificate in an online certificate status protocol (OCSP) request or response.
OCSP_REQUEST_ENTRY

Contains information about a single certificate in an online certificate status protocol (OCSP) request.
OCSP_REQUEST_INFO

Contains information for an online certificate status protocol (OCSP) request as specified by RFC 2560.
OCSP_RESPONSE_INFO

Indicates the success or failure of the corresponding online certificate status protocol (OCSP) request. For successful requests, it contains the type and value of response information.
OCSP_SIGNATURE_INFO

Contains a signature for an online certificate status protocol (OCSP) request or response.
OCSP_SIGNED_REQUEST_INFO

Contains information for an online certificate status protocol (OCSP) request with optional signature information.
PROV_ENUMALGS

Used with the CryptGetProvParam function when the PP_ENUMALGS parameter is retrieved to contain information about an algorithm supported by a cryptographic service provider (CSP).
PROV_ENUMALGS_EX

Used with the CryptGetProvParam function when the PP_ENUMALGS_EX parameter is retrieved to contain information about an algorithm supported by a cryptographic service provider (CSP).
ROOT_INFO_LUID

Contains a locally unique identifier (LUID) for Cryptographic Smart Card Root Information.
RSAPUBKEY

The RSAPUBKEY structure contains information specific to the particular public key contained in the key BLOB.
SCHANNEL_ALG

The SCHANNEL_ALG structure contains algorithm and key size information. It is used as the structure passed as pbData in CryptSetKeyParam when dwParam is set to KP_SCHANNEL_ALG.
SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS

The SSL_F12_EXTRA_CERT_CHAIN_POLICY_STATUS structure checks if any certificates in the chain have weak cryptography and checks if a third party root certificate is compliant with the Microsoft Root Program requirements.