X.509 Certificate Extension Data Structures

The structures contained in this section are associated with X.509 CERT_EXTENSION structures. They are created when an encoded Value member of an CERT_EXTENSION structure is decoded using a call to CryptDecodeObject. The type of structure that is created depends on the string value residing in the CERT_EXTENSION structure's pszObjId member at the time of the call.

Currently defined extension object identifiers are shown in the following table.

Predefined Constant Object identifier Value Data structure
X509_AUTHORITY_INFO_ACCESS szOID_AUTHORITY_INFO_ACCESS "1.3.6.1.5.5.7.1.1" CERT_AUTHORITY_INFO_ACCESS
X509_AUTHORITY_KEY_ID szOID_AUTHORITY_KEY_IDENTIFIER "2.5.29.1" CERT_AUTHORITY_KEY_ID_INFO
X509_KEY_ATTRIBUTES szOID_KEY_ATTRIBUTES "2.5.29.2" CERT_KEY_ATTRIBUTES_INFO
X509_KEY_USAGE_RESTRICTION szOID_KEY_USAGE_RESTRICTION "2.5.29.4" CERT_KEY_USAGE_RESTRICTION_INFO
None szOID_POLICY_MAPPINGS "2.5.29.5" Not implemented
X509_ALTERNATE_NAME szOID_SUBJECT_ALT_NAME "2.5.29.7" CERT_ALT_NAME_INFO
X509_ALTERNATE_NAME szOID_ISSUER_ALT_NAME "2.5.29.8" CERT_ALT_NAME_INFO
None szOID_SUBJECT_DIR_ATTRS "2.5.29.9" Not implemented
X509_BASIC_CONSTRAINTS szOID_BASIC_CONSTRAINTS "2.5.29.10" CERT_BASIC_CONSTRAINTS_INFO
X509_KEY_USAGE szOID_KEY_USAGE "2.5.29.15" CRYPT_BIT_BLOB
X509_BASIC_CONSTRAINTS2 szOID_BASIC_CONSTRAINTS2 "2.5.29.19" CERT_BASIC_CONSTRAINTS2_INFO
X509_CERT_POLICIES szOID_CERT_POLICIES "2.5.29.32" CERT_POLICIES_INFO