The CRYPT_DECODE_NOCOPY_FLAG can be set to enable the nocopy optimization. This optimization, where appropriate, updates the pvStructInfo fields to point to content residing within pbEncoded instead of making a copy of and appending to pvStructInfo. However, when this optimization is used, pbEncoded can't be freed until pvStructInfo is freed.
At the time of the SDR, there were 13 predefined data structures that could be used with CryptEncodeObject and CryptDecodeObject. We have added eight more.
The X509_SET_* data structures have been deleted. The X509_SPC_* data structures have been moved to the signcde.h file.
The following table maps the lpszStructTypes defined at the SDR to the corresponding current data structures:
SDR Structure | Current Structure |
---|---|
X509_CERT | CERT_SIGNED_CONTENT_INFO |
X509_CERT_TO_BE_SIGNED | CERT_INFO |
X509_CERT_CRL_TO_BE_SIGNED | CRL_INFO |
X509_CERT_REQUEST_TO_BE_SIGNED | CERT_REQUEST_INFO |
X509_EXTENSIONS | CERT_EXTENSIONS |
X509_NAME_VALUE | CERT_NAME_VALUE |
X509_NAME | CERT_NAME_INFO |
X509_PUBLIC_KEY_INFO | CERT_PUBLIC_KEY_INFO |
X509_AUTHORITY_KEY_ID | CERT_AUTHORITY_KEY_ID_INFO |
X509_KEY_ATTRIBUTES | CERT_KEY_ATTRIBUTES_INFO |
X509_KEY_USAGE_RESTRICTION | CERT_KEY_USAGE_RESTRICTION_INFO |
X509_ALTERNATE_NAME | CERT_ALT_NAME_INFO |
X509_BASIC_CONSTRAINTS | CERT_BASIC_CONSTRAINTS_INFO |
The following lpszStructTypes have been added:
X509_KEY_USAGE | CRYPT_BIT_BLOB |
X509_BASIC_CONSTRAINTS2 | CERT_BASIC_CONSTRAINTS2_INFO |
X509_CERT_POLICIES | CERT_POLICIES_INFO |
PKCS_UTC_TIME | FILETIME |
PKCS_TIME_REQUEST | CRYPT_TIME_STAMP_REQUEST_INFO |
RSA_CSP_PUBLICKEYBLOB | RSAPUBKEY |
X509_UNICODE_NAME | CERT_NAME_INFO |
PKCS7_SIGNER_INFO | CMSG_SIGNER_INFO |