For the CRYPT_ENHKEY_USAGE_OID_GROUP_ID, the following predefined entries exist. Note that the varying members of the CRYPT_OID_INFO structure for this group are shown in the table. These correspond to the find criteria that should be used for this group when making calls to CryptFindOIDInfo. The values for members that do not vary for entries in this group are typically set to zero, or NULL, except that cbSize which always is set to the size of CRYPT_OID_INFO, and the dwGroupId always is set to this group.
| pszOID | pwszName |
|---|---|
| szOID_PKIX_KP_SERVER_AUTH | L"Server Authentication" |
| szOID_PKIX_KP_CLIENT_AUTH | L"Client Authentication" |
| szOID_PKIX_KP_CODE_SIGNING | L"Code Signing" |
| szOID_PKIX_KP_EMAIL_PROTECTION | L"Email Protection" |
| szOID_KP_CTL_USAGE_SIGNING | L"Trust List Signing" |
The C code used to populate the table (an array of CCRYPT_OID_INFO structures) is shown below.
//+-------------------------------------------------------------------------
// Enhanced Key Usage Table
//--------------------------------------------------------------------------
#define ENHKEY_ENTRY(pszOID, pwszName) \
OID_INFO_LEN, pszOID, pwszName, CRYPT_ENHKEY_USAGE_OID_GROUP_ID, 0, 0, NULL
static CCRYPT_OID_INFO EnhKeyTable[] = {
ENHKEY_ENTRY(szOID_PKIX_KP_SERVER_AUTH, L"Server Authentication"),
ENHKEY_ENTRY(szOID_PKIX_KP_CLIENT_AUTH, L"Client Authentication"),
ENHKEY_ENTRY(szOID_PKIX_KP_CODE_SIGNING, L"Code Signing"),
ENHKEY_ENTRY(szOID_PKIX_KP_EMAIL_PROTECTION, L"Email Protection"),
ENHKEY_ENTRY(szOID_KP_CTL_USAGE_SIGNING, L"Trust List Signing")
};
#define ENHKEY_CNT (sizeof(EnhKeyTable) / sizeof(EnhKeyTable[0]))