| Platform SDK: Certificate Enrollment Control |
The LimitExchangeKeyToEncipherment property controls whether an AT_KEYEXCHANGE request contains digital signature and non-repudiation key usages. The default value is FALSE. This property has no effect on AT_SIGNATURE requests.
[Visual Basic] objEnroll.LimitExchangeKeyToEncipherment [ = bValue ] [C++] HRESULT put_LimitExchangeKeyToEncipherment(BOOL bValue); HRESULT get_LimitExchangeKeyToEncipherment(BOOL * pbValue);
This property is a Boolean value and effects only AT_KEYEXCHANGE requests; it has no impact on AT_SIGNATURE requests.
If the value for this property is FALSE, an AT_KEYEXCHANGE request will contain the following key usages:
If the value for this property is TRUE, an AT_KEYEXCHANGE request will contain the following key usages:
// Get the LimitExchangeKeyToEncipherment value.
BOOL bLimitKey;
HRESULT hr;
// pEnroll is previously instantiated ICEnroll interface pointer.
hr = pEnroll->get_LimitExchangeKeyToEncipherment(&bLimitKey);
if (FAILED(hr))
printf("Failed get_LimitExchangeKeyToEncipherment - %x\n", hr );
else
printf("LimitExchangeKeyToEncipherment: %s\n",
( bLimitKey ? "TRUE" : "FALSE"));
// Set the LimitExchangeKeyToEncipherment value.
hr = pEnroll->put_LimitExchangeKeyToEncipherment( TRUE );
if ( FAILED ( hr ) )
printf("Failed put_LimitExchangeKeyToEncipherment - %x\n", hr );
else
printf( "LimitExchangeKeyToEncipherment was set to TRUE\n" );
' Declare Certificate Enrollment Control object.
Dim objXen As Object
Dim bLimitKey As Boolean
' Instantiate the object.
Set objXen = CreateObject("CEnroll.CEnroll.1")
' Retrieve the LimitExchangeKeyToEncipherment value.
bLimitKey = objXen.LimitExchangeKeyToEncipherment
MsgBox bLimitKey, vbOKOnly, "LimitExchangeKeyToEncipherment"
' Set the LimitExchangeKeyToEncipherment value.
objXen.LimitExchangeKeyToEncipherment = True
Windows NT/2000: Requires Windows 2000.
Header: Declared in Xenroll.h.
Library: Use Uuid.lib.