The CERT_RDN_ATTR structure are attributes that make up a Relative Distinguished Name (RDN). The interpretation of the data member Value depends on the dwValueType.
typedef struct _CERT_RDN_ATTR {
LPSTR pszObjId;
DWORD dwValueType;
CERT_RDN_VALUE_BLOB Value;
} CERT_RDN_ATTR, *PCERT_RDN_ATTR;
CERT_RDN attribute object identifier | Value | Comments |
---|---|---|
// Labeling attribute types: | ||
szOID_COMMON_NAME | "2.5.4.3" | case-ignore string |
szOID_SUR_NAME | "2.5.4.4" | case-ignore string |
szOID_DEVICE_SERIAL_NUMBER | "2.5.4.5" | printable string |
// Geographic attribute types: | ||
szOID_COUNTRY_NAME | "2.5.4.6" | printable 2char string |
szOID_LOCALITY_NAME | "2.5.4.7" | case-ignore string |
szOID_STATE_OR_PROVINCE_NAME | "2.5.4.8" | case-ignore string |
szOID_STREET_ADDRESS | "2.5.4.9" | case-ignore string |
// Organizational attribute types: | ||
szOID_ORGANIZATION_NAME | "2.5.4.10" | case-ignore string |
szOID_ORGANIZATIONAL_UNIT_NAME | "2.5.4.11" | case-ignore string |
szOID_TITLE | "2.5.4.12" | case-ignore string |
// Explanatory attribute types: | ||
szOID_DESCRIPTION | "2.5.4.13" | case-ignore string |
szOID_SEARCH_GUIDE | "2.5.4.14" | |
szOID_BUSINESS_CATEGORY | "2.5.4.15" | case-ignore string |
// Postal addressing attribute types: | ||
szOID_POSTAL_ADDRESS | "2.5.4.16" | |
szOID_POSTAL_CODE | "2.5.4.17" | case-ignore string |
szOID_POST_OFFICE_BOX | "2.5.4.18" | case-ignore string |
szOID_PHYSICAL_DELIVERY_OFFICE_NAME | "2.5.4.19" | case-ignore string |
// Telecommunications addressing attribute types: | ||
szOID_TELEPHONE_NUMBER | "2.5.4.20" | telephone number |
szOID_TELEX_NUMBER | "2.5.4.21" | |
szOID_TELETEXT_TERMINAL_IDENTIFIER | "2.5.4.22" | |
szOID_FACSIMILE_TELEPHONE_NUMBER | "2.5.4.23" | |
szOID_X21_ADDRESS | "2.5.4.24" | numeric string |
szOID_INTERNATIONAL_ISDN_NUMBER | "2.5.4.25" | numeric string |
szOID_REGISTERED_ADDRESS | "2.5.4.26" | |
szOID_DESTINATION_INDICATOR | "2.5.4.27" | printable string |
// Preference attribute types: | ||
szOID_PREFERRED_DELIVERY_METHOD | "2.5.4.28" | |
// OSI application attribute types: | ||
szOID_PRESENTATION_ADDRESS | "2.5.4.29" | |
szOID_SUPPORTED_APPLICATION_CONTEXT | "2.5.4.30" | |
// Relational application attribute types: | ||
szOID_MEMBER | "2.5.4.31" | |
szOID_OWNER | "2.5.4.32" | |
szOID_ROLE_OCCUPANT | "2.5.4.33" | |
szOID_SEE_ALSO | "2.5.4.34" | |
// Security attribute types: | ||
szOID_USER_PASSWORD | "2.5.4.35" | |
szOID_USER_CERTIFICATE | "2.5.4.36" | |
szOID_CA_CERTIFICATE | "2.5.4.37" | |
szOID_AUTHORITY_REVOCATION_LIST | "2.5.4.38" | |
szOID_CERTIFICATE_REVOCATION_LIST | "2.5.4.39" | |
szOID_CROSS_CERTIFICATE_PAIR | "2.5.4.40" | |
// Name attribute types: | ||
szOID_GIVEN_NAME | "2.5.4.42" | case-ignore string |
szOID_INITIALS | "2.5.4.43" | case-ignore string |
// Email: | ||
szOID_RSA_emailAddr | "1.2.840. 113549.1. 9.1" |
IA5 string |
szOID_DOMAIN_COMPONENT | "0.9.2342. 19200300. 100.1.25" |
IA5 string |
//Pilot user attribute types: | ||
szOID_DOMAIN_COMPONENT | "0.9.2342. 19200300. 100.1.25" |
IA5 string |
//Used for PKCS 12 attributes | ||
szOID_PKCS_12_FRIENDLY_NAME_ATTR | "1.2.840. 113549.1. 9.20" |
|
szOID_PKCS_12_LOCAL_KEY_ID | "1.2.840. 113549.1. 9.21" |
For all CERT_RDN types, Value.cbData is always the number of bytes, not necessarily the number of elements in the string. For instance, CERT_RDN_UNIVERSAL_STRING is an array of ints (cbData == intCnt * 4) and CERT_RDN_BMP_STRING is an array of unsigned
shorts (cbData == ushortCnt * 2).
The following dwValueTypes are defined in Wincrypt.h:
#define CERT_RDN_ANY_TYPE 0
#define CERT_RDN_ENCODED_BLOB 1
#define CERT_RDN_OCTET_STRING 2
#define CERT_RDN_NUMERIC_STRING 3
#define CERT_RDN_PRINTABLE_STRING 4
#define CERT_RDN_TELETEX_STRING 5
#define CERT_RDN_T61_STRING 5
#define CERT_RDN_VIDEOTEX_STRING 6
#define CERT_RDN_IA5_STRING 7
#define CERT_RDN_GRAPHIC_STRING 8
#define CERT_RDN_VISIBLE_STRING 9
#define CERT_RDN_ISO646_STRING 9
#define CERT_RDN_GENERAL_STRING 10
#define CERT_RDN_UNIVERSAL_STRING 11
#define CERT_RDN_INT4_STRING 11
#define CERT_RDN_BMP_STRING 12
#define CERT_RDN_UNICODE_STRING 12
#define CERT_RDN_TYPE_MASK 0x000000FF
#define CERT_RDN_FLAGS_MASK ......... 0xff000000
#define CERT_RDN_ENABLE_T61_UNICODE_FLAG 0x80000000
#define CERT_RDN_DISABLE_CHECK_TYPE_FLAG 0x40000000
#define CERT_RDN_DISABLE_IE4_UTF8_FLAG 0x01000000
The following table describes the type of content that corresponds to various dwValueTypes.
dwValueType | Value/ description |
---|---|
CERT_RDN_OCTET_STRING | An arbitrary string of octets (8-bit) |
CERT_RDN_NUMERIC_STRING | Only the characters 0 through 9, and the space character (8-bit) |
CERT_RDN_PRINTABLE_STRING | An arbitrary string of printable characters (8-bit) |
CERT_RDN_TELETEX_STRING | An arbitrary string of T.61 (8-bit) characters |
CERT_RDN_T61_STRING | An arbitrary string of T.61 (8-bit) characters |
CERT_RDN_VIDEOTEX_STRING | An arbitrary string of VIDEOTEX characters |
CERT_RDN_IA5_STRING | An arbitrary string of IA5 (ASCII) characters |
CERT_RDN_VISIBLE_STRING | A 95-character set (8-bit) |
CERT_RDN_ISO646_STRING | A 128-character set (8-bit) |
CERT_RDN_UNIVERSAL_STRING | An array of INT4s (32-bit) |
CERT_RDN_INT4_STRING | An array of INT4s (32-bit) |
CERT_RDN_BMP_STRING | An array of Unicode characters (16-bit) |
CERT_RDN_UNICODE_STRING | An array of Unicode characters (16-bit) |
The following flags can be combined with a bitwise OR operation into CERT_RDN_ATTR data structure's dwValueType.
dwValueType | Value/ description |
---|---|
CERT_RDN_ENABLE_T61_ UNICODE_FLAG |
For encoding. When set, if all the UNICODE characters are <= 0xFF, the CERT_RDN_T61_STRING is selected instead of the CERT_ RDN_UNICODE_STRING. |
CERT_RDN_DISABLE_CHECK_ TYPE_FLAG |
For encoding. When set, the characters are not checked to see if they are valid for the Value Type. |
CERT_RDN_DISABLE_IE4_ UTF8_FLAG |
For decoding. By default, CERT_RDN_T61_STRING encoded values are initially decoded as UTF8. If the UTF8 decoding fails, then the value is decoded as 8 bit characters. If this flag is set, it skips the initial attempt to decode as UTF8 and decodes the value as 8 bit characters. |
BLOB Structure, CERT_RDN, CertIsRDNAttrsInCertificateName