X509_UNICODE_NAME

When X509_UNICODE_NAME is used for the lpszStructType with CryptEncodeObject, CryptEncodeObjectEx, CryptDecodeObject, or CryptDecodeObjectEx the following details apply.

Object Identifier String

N/A

Corresponding Data Structure being encoded or decoded

pvStructInfo points to a CERT_NAME_INFO.

Additional Details

For CryptDecodeObject and CryptDecodeObjectEx:

The RDN attribute values are UNICODE strings except for the dwValueTypes of CERT_RDN_ENCODED_BLOB or CERT_RDN_OCTET_STRING. These dwValueTypes are the same as for a X509_NAME. These values aren't converted to UNICODE.

The RDN attribute value's pbData points to a NULL terminated UNICODE string. The RDN attribute value's cbData contains the byte count of the UNICODE string excluding the NULL terminator. The RDN attribute value's dwValueType contains the type used in the encoded object. It is not forced to CERT_RDN_UNICODE_STRING. The encoded value is converted to the UNICODE string according to the dwValueType.

For CryptEncodeObject and CryptEncodeObjectEx:

The RDN attribute values are UNICODE strings except for the dwValueTypes of CERT_RDN_ENCODED_BLOB or CERT_RDN_OCTET_STRING. These dwValueTypes are the same as for a X509_NAME. These values aren't expected to be UNICODE.

For the remaining string dwValueTypes, the RDN attribute value's pbData points to the UNICODE string.

If the RDN attribute value's cbData = 0, then, the UNICODE string is NULL terminated.

Otherwise, the RDN attribute value's cbData is the UNICODE string byte count. The byte count is twice the character count, and it excludes the NULL terminator.

If the RDN attribute value's dwValueType = 0 (CERT_RDN_ANY_TYPE), the pszObjId is used to find an acceptable dwValueType. If the UNICODE string contains an invalid character for the found or specified dwValueType, then, *pcbEncoded is updated with the error location of the invalid character. See below for details. For an invalid character, LastError is set to:

CRYPT_E_INVALID_NUMERIC_STRING,
CRYPT_E_INVALID_PRINTABLE_STRING, or
CRYPT_E_INVALID_IA5_STRING.

The UNICODE string is converted before being encoded according to the specified dwValueType or the object identifier's dwValueType.

The CryptEncodeObject and CryptEncodeObjectEx error location indices are returned in *pcbEncoded as follows:

The VALUE_INDEX of the error is located in bits 0 through 15.

The ATTR_INDEX of the error is located in bits 16 through 21.

The RDN_INDEX of the error is located in bits 22 through 31.

Note that bit 0 is the least significant bit of the double word.

The following macros are defined to provide for easy reading of the bit mapped fields for VALUE_INDEX, ATTR_INDEX, and RDN_INDEX from the double word that contains them:

GET_CERT_UNICODE_RDN_ERR_INDEX(X)
GET_CERT_UNICODE_ATTR_ERR_INDEX(X)
GET_CERT_UNICODE_VALUE_ERR_INDEX(X)