These Win32® functions help you to manipulate certificates. You can use these functions to perform such tasks as comparing, converting, signing, hashing, and verifying certificate data.
The following functions are included in this category and can also be found in Wincrypt.h.
| Function | Description |
|---|---|
| CertAddEnhancedKeyUsageIdentifier | Adds the usage identifier to the certificate's enhanced key usage property. |
| CertAlgIdToOID | Converts the CSP algorithm identifier to the ASN.1 Object Identifier string. |
| CertCompareCertificate | Compares two certificates to determine whether they are identical. |
| CertCompareCertificateName | Compares two certificate names to determine whether they are identical. |
| CertCompareIntegerBlob | Compares two integer blobs. |
| CertComparePublicKeyInfo | Compares two public keys to determine whether they are identical. |
| CertFindAttribute | Finds the first attribute identified by its Object Identifier. |
| CertFindExtension | Finds the first extension identified by its Object Identifier. |
| CertFindRDNAttr | Finds the first RDN attribute identified by its Object Identifier in the name list of the Relative Distinguished Names. |
| CertFindSubjectInCTL | Attempts to find the specified subject in the CTL. |
| CertGetEnhancedKeyUsage | Gets the intended key usage extension or property from the certificate. |
| CertGetIntendedKeyUsage | Gets the intended key usage bytes from the certificate. |
| CertGetNameString | Gets the subject or issuer name from the certificate and converts it to a null terminated character string. |
| CertGetPublicKeyLength | Gets the public/private key's bit length from the public key blob. |
| CertIsRDNAttrsInCertificateName | Compares the attributes in the certificate name with the specified RDN's array of attributes to determine whether all attributes are included there. |
| CertNameToStr | Converts a certificate name blob to a zero-terminated character string. |
| CertOIDToAlgId | Converts the ASN.1 Object Identifier string to the CSP algorithm identifier. |
| CertRDNValueToStr | Converts a Name Value to a zero-terminated character string. |
| CertRemoveEnhancedKeyUsageIdentifier | Removes the usage identifier from the certificate's enhanced key usage property. |
| CertSetEnhancedKeyUsage | Sets the intended key usage property for the certificate. |
| CertStrToName | Converts a NULL-terminated X500 string to an encoded certificate name. |
| CertVerifyCRLRevocation | Verifies that the subject certificate is not on the CRL. |
| CertVerifyCRLTimeValidity | Verifies the time validity of a CRL. |
| CertVerifyCTLUsage | Verifies that a subject is trusted for the specified usage by finding a signed and time valid CTL with the usage identifiers and containing the subject. |
| CertVerifyRevocation | Verifies the array of contexts for revocation. |
| CertVerifyTimeValidity | Verifies the time validity of a certificate. |
| CertVerifyValidityNesting | Verifies that the subject's time validity nests within the issuer's time validity. |
| CryptAcquireCertificatePrivateKey | Acquires a HCRYPTPROV handle and dwKeySpec for the specified certificate context. |
| CryptExportPublicKeyInfo | Exports the public key information associated with the provider's corresponding private key. |
| CryptExportPublicKeyInfoEx | Exports the public key information associated with the provider's corresponding private key. The main difference from CryptExportPublicKeyInfo is that the user can specify the public key algorithm, overriding the default provided by the CSP. |
| CryptFindCertificateKeyProvInfo | Enumerates the cryptographic providers and their containers to find the private key corresponding to the certificate's public key. |
| CryptFindLocalizedName | Finds the localized name for the specified name, such as the "Root" system store name. |
| CryptHashCertificate | Hashes the encoded content. |
| CryptHashPublicKeyInfo | Computes the hash of the encoded public key information. |
| CryptHashToBeSigned | Computes the hash of the "to be signed" information in the encoded signed content (CERT_SIGNED_CONTENT_INFO). |
| CryptImportPublicKeyInfo | Converts and imports the public key information into the provider and returns a handle to the public key. |
| CryptImportPublicKeyInfoEx | Converts and imports the public key information into the provider and returns a handle to the public key. Additional parameters (over those specified by CryptImportPublicKeyInfo) that can be used to override defaults are provided to supplement the CERT_PUBLIC_KEY_INFO. |
| CryptSignAndEncodeCertificate | Encodes the "to be signed" information. Signs this encoded information. Encodes the resulting signed encoded information. |
| CryptSignCertificate | Signs the "to be signed" information in the encoded signed content. |
| CryptVerifyCertificateSignature | Verifies the signature of a subject certificate, certificate request list (CRL), or certificate request by using the public key information. |