The CertIsRDNAttrsInCertificateName function compares the attributes in the certificate name with the specified CERT_RDN to determine whether all attributes are included there. The comparison iterates through the CERT_RDN and looks for an attribute match in any of the certificate name's CERT_RDNs.
#include <wincrypt.h>
BOOL WINAPI CertIsRDNAttrsInCertificateName(
DWORD dwCertEncodingType, // in
DWORD dwFlags, // in
PCERT_NAME_BLOB pCertName, // in
PCERT_RDN pRDN // in
);
Encoding type | Value |
---|---|
X509_ASN_ENCODING | 0x00000001 |
CERT_RDN_ATTR | Comments |
---|---|
If pszObjId = NULL | Ignore the attribute Object Identifier. |
If dwValueType = CERT_RDN_ANY_TYPE | Ignore the value type. |
If Value.pbData = NULL | Match any value. |
Returns TRUE if all attributes are found and match. Returns FALSE if an error occurred.
Call GetLastError to see the reason for any failures. This function has the following error codes.
Error code | Description |
---|---|
CRYPT_E_NO_MATCH | Not all the attributes were found and match. |
CRYPT_E_OSS_ERROR | ASN.1 decoding error. Note: To get the OSS error, subtract CRYPT_E_OSS_ERROR from the returned error and see asn1code.h for details on the error. |
ERROR_FILE_NOT_FOUND | Invalid certificate encoding type. Currently only X509_ASN_ENCODING is supported. |
Currently, only an exact, case-sensitive match is supported.
// EXAMPLE CODE FOR USING CertIsRDNAttrsInCertificateName.
// Compares the attributes in the certificate name with the specified
// CERT_RDN to determine whether all attributes are included there.
// Assume that a pointer to the subject (pCertName) for which
// the intended attributes are being compared and a pointer to the
// array of attributes (pRDN) is already known
// Set up the variables.
DWORD dwCertEncodingType = X509_ASN_ENCODING;
// Type of encoding
DWORD dwFlags = CERT_UNICODE_IS_RDN_ATTRS_FLAG;
// Initialized with UNICODE strings
PCERT_NAME_BLOB pCertName; // Initialized elsewhere
PCERT_RDN pRDN; // Initialized elsewhere
BOOL fResult; // Returned TRUE if all attributes match
// FALSE if an error occurs
fResult = CertIsRDNAttrsInCertificateName(
dwCertEncodingType, // in - X509_ASN_ENCODING
dwFlags, // in - Flag set for X509 UNICODE_NAME
pCertName, // in - Pointer to subject
pRDN); // in - Pointer to array of attributes
if (!fResult) { // FALSE
cout<< "function failed "<< endl
<< "not all attributes match "<< endl
<< "error code = "<< GetLastError()<< endl;
}
else { // TRUE
cout<< "all attributes match "<< endl;
}
Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
Windows: Requires Windows 98 (or Windows 95 with IE 3.02 or later).
Windows CE: Unsupported.
Header: Declared in wincrypt.h.
Import Library: Use crypt32.lib.