Writing Extension Handlers

The policy module interface for specifying certificate properties and extensions provides a simple means of controlling the information in a certificate using Microsoft® Visual Basic®. This interface allows the Visual Basic developer to avoid the complexities of ASN encoding but is limited to the default data types of BSTR, long and DATE. Support for more complex data types is included in the default extension handler, CertEnc.dll. CertEnc.dll is a COM object that is instantiated by the policy module and exports a number of ICertEncodeXXX interfaces. Developers who want to create custom extensions or need to encode a complex extension can write their own extension handlers that export custom interfaces.

Developers can refer to the source code provided for the ICertEncodeSampleStructure1 and ICertEncodeSampleStructure2 interfaces exported by CertEnc.dll as examples of interfaces for custom extension handlers. The sample structures provided demonstrate how to create a custom ASN structure that can be encoded and decoded by any callers of CryptEncodeObject and CryptDecodeObject in the CryptoAPI 2.0.

For more information about extension handlers, please see the following topics: