System::Security::Cryptography::X509Certificates Namespace Reference

Namespaces

 Details
 

Classes

class  PublicKey
 
class  X500DistinguishedName
 
class  X509Certificate
 
class  X509Certificate2
 
class  X509Certificate2Collection
 
class  X509Certificate2CollectionPtr
 
class  X509CertificateCollection
 
class  X509CertificateCollectionPtr
 
class  X509Chain
 
class  X509ChainPolicy
 
class  X509ChainStatus
 
class  X509Extension
 
class  X509ExtensionCollection
 
class  X509ExtensionCollectionPtr
 
class  X509ExtensionEnumerator
 
class  X509KeyUsageExtension
 

Enumerations

enum  X500DistinguishedNameFlags {
  X500DistinguishedNameFlags::None = 0, X500DistinguishedNameFlags::Reversed = 1, X500DistinguishedNameFlags::UseSemicolons = 16, X500DistinguishedNameFlags::DoNotUsePlusSign = 32,
  X500DistinguishedNameFlags::DoNotUseQuotes = 64, X500DistinguishedNameFlags::UseCommas = 128, X500DistinguishedNameFlags::UseNewLines = 256, X500DistinguishedNameFlags::UseUTF8Encoding = 4096,
  X500DistinguishedNameFlags::UseT61Encoding = 8192, X500DistinguishedNameFlags::ForceUTF8Encoding = 16384
}
 X509 certificate distinguished name formatting rules. More...
 
enum  X509ChainStatusFlags {
  X509ChainStatusFlags::NoError = 0x00000000, X509ChainStatusFlags::NotTimeValid = 0x00000001, X509ChainStatusFlags::NotTimeNested = 0x00000002, X509ChainStatusFlags::Revoked = 0x00000004,
  X509ChainStatusFlags::NotSignatureValid = 0x00000008, X509ChainStatusFlags::NotValidForUsage = 0x00000010, X509ChainStatusFlags::UntrustedRoot = 0x00000020, X509ChainStatusFlags::RevocationStatusUnknown = 0x00000040,
  X509ChainStatusFlags::Cyclic = 0x00000080, X509ChainStatusFlags::InvalidExtension = 0x00000100, X509ChainStatusFlags::InvalidPolicyConstraints = 0x00000200, X509ChainStatusFlags::InvalidBasicConstraints = 0x00000400,
  X509ChainStatusFlags::InvalidNameConstraints = 0x00000800, X509ChainStatusFlags::HasNotSupportedNameConstraint = 0x00001000, X509ChainStatusFlags::HasNotDefinedNameConstraint = 0x00002000, X509ChainStatusFlags::HasNotPermittedNameConstraint = 0x00004000,
  X509ChainStatusFlags::HasExcludedNameConstraint = 0x00008000, X509ChainStatusFlags::PartialChain = 0x00010000, X509ChainStatusFlags::CtlNotTimeValid = 0x00020000, X509ChainStatusFlags::CtlNotSignatureValid = 0x00040000,
  X509ChainStatusFlags::CtlNotValidForUsage = 0x00080000, X509ChainStatusFlags::OfflineRevocation = 0x01000000, X509ChainStatusFlags::NoIssuanceChainPolicy = 0x02000000, X509ChainStatusFlags::ExplicitDistrust = 0x04000000,
  X509ChainStatusFlags::HasNotSupportedCriticalExtension = 0x08000000, X509ChainStatusFlags::HasWeakSignature = 0x00100000
}
 
enum  X509ContentType {
  X509ContentType::Unknown = 0, X509ContentType::Cert = 1, X509ContentType::SerializedCert = 2, X509ContentType::Pkcs12 = 3,
  X509ContentType::Pfx = 3, X509ContentType::SerializedStore = 4, X509ContentType::Pkcs7 = 5, X509ContentType::Authenticode = 6
}
 Format of X.509 certificate. More...
 
enum  X509IncludeOption { X509IncludeOption::None = 0, X509IncludeOption::ExcludeRoot = 1, X509IncludeOption::EndCertOnly = 2, X509IncludeOption::WholeChain = 3 }
 Specifies what certificates in chain to include. More...
 
enum  X509KeyStorageFlags : int32_t {
  X509KeyStorageFlags::DefaultKeySet = 0, X509KeyStorageFlags::UserKeySet = 1, X509KeyStorageFlags::MachineKeySet = 2, X509KeyStorageFlags::Exportable = 4,
  X509KeyStorageFlags::UserProtected = 8, X509KeyStorageFlags::PersistKeySet = 16
}
 Defines how to store key. More...
 
enum  X509KeyUsageFlags : int32_t {
  X509KeyUsageFlags::None = 0x0000, X509KeyUsageFlags::EncipherOnly = 0x0001, X509KeyUsageFlags::CrlSign = 0x0002, X509KeyUsageFlags::KeyCertSign = 0x0004,
  X509KeyUsageFlags::KeyAgreement = 0x0008, X509KeyUsageFlags::DataEncipherment = 0x0010, X509KeyUsageFlags::KeyEncipherment = 0x0020, X509KeyUsageFlags::NonRepudiation = 0x0040,
  X509KeyUsageFlags::DigitalSignature = 0x0080, X509KeyUsageFlags::DecipherOnly = 0x8000
}
 Defines how the certificate key can be used. More...
 
enum  X509NameType {
  X509NameType::SimpleName = 0, X509NameType::EmailName = 1, X509NameType::UpnName = 2, X509NameType::DnsName = 3,
  X509NameType::DnsFromAlternativeName = 4, X509NameType::UrlName = 5
}
 Type of X.509 certificate-contained name which relates to either issuer or subject of the certificate. More...
 
enum  X509RevocationFlag { X509RevocationFlag::EndCertificateOnly = 0, X509RevocationFlag::EntireChain = 1, X509RevocationFlag::ExcludeRoot = 2 }
 
enum  X509VerificationFlags {
  X509VerificationFlags::NoFlag = 0x00000000, X509VerificationFlags::IgnoreNotTimeValid = 0x00000001, X509VerificationFlags::IgnoreCtlNotTimeValid = 0x00000002, X509VerificationFlags::IgnoreNotTimeNested = 0x00000004,
  X509VerificationFlags::IgnoreInvalidBasicConstraints = 0x00000008, X509VerificationFlags::AllowUnknownCertificateAuthority = 0x00000010, X509VerificationFlags::IgnoreWrongUsage = 0x00000020, X509VerificationFlags::IgnoreInvalidName = 0x00000040,
  X509VerificationFlags::IgnoreInvalidPolicy = 0x00000080, X509VerificationFlags::IgnoreEndRevocationUnknown = 0x00000100, X509VerificationFlags::IgnoreCtlSignerRevocationUnknown = 0x00000200, X509VerificationFlags::IgnoreCertificateAuthorityRevocationUnknown = 0x00000400,
  X509VerificationFlags::IgnoreRootRevocationUnknown = 0x00000800, X509VerificationFlags::AllFlags = 0x00000FFF
}
 

Enumeration Type Documentation

◆ X500DistinguishedNameFlags

X509 certificate distinguished name formatting rules.

Enumerator
None 

No special characteristics.

Reversed 

Name is reserved.

UseSemicolons 

Use semicolons.

DoNotUsePlusSign 

Name doesn't use plus sign.

DoNotUseQuotes 

Disables quotes in name.

UseCommas 

Enables using commas.

UseNewLines 

Enables using new lines.

UseUTF8Encoding 

Switches from using Unicode to using UTF-8 encoding.

UseT61Encoding 

Switches to T61 encoding.

ForceUTF8Encoding 

Forces using UTF-8 when encoding specific X500 keys.

◆ X509ChainStatusFlags

Enumerator
NoError 
NotTimeValid 
NotTimeNested 
Revoked 
NotSignatureValid 
NotValidForUsage 
UntrustedRoot 
RevocationStatusUnknown 
Cyclic 
InvalidExtension 
InvalidPolicyConstraints 
InvalidBasicConstraints 
InvalidNameConstraints 
HasNotSupportedNameConstraint 
HasNotDefinedNameConstraint 
HasNotPermittedNameConstraint 
HasExcludedNameConstraint 
PartialChain 
CtlNotTimeValid 
CtlNotSignatureValid 
CtlNotValidForUsage 
OfflineRevocation 
NoIssuanceChainPolicy 
ExplicitDistrust 
HasNotSupportedCriticalExtension 
HasWeakSignature 

◆ X509ContentType

Format of X.509 certificate.

Enumerator
Unknown 

Unknown certificate.

Cert 

Single certificate.

SerializedCert 

Serialized single certificate.

Pkcs12 

PKCS #12-formatted certificate.

Pfx 

PFX-formatted certificate.

SerializedStore 

Serialized cerificate store.

Pkcs7 

Serfificated PKCS #7-formatted certificate.

Authenticode 

Authenticode X.509 certificate.

◆ X509IncludeOption

Specifies what certificates in chain to include.

Enumerator
None 

Chain information only.

ExcludeRoot 

Whole chain excluding root certificate.

EndCertOnly 

Whole chain excluding end certificate.

WholeChain 

Whole chain.

◆ X509KeyStorageFlags

Defines how to store key.

Enumerator
DefaultKeySet 

Use default key set.

UserKeySet 

Use user-associated store instead of machine-local one.

MachineKeySet 

Use local machine store instead of user one.

Exportable 

Marks imported keys as exportable.

UserProtected 

Notify user that the key is being used.

PersistKeySet 

The key is persisted when importing certificate.

◆ X509KeyUsageFlags

Defines how the certificate key can be used.

Enumerator
None 

No key usage parameters.

EncipherOnly 

Key can be used only for encryption.

CrlSign 

Key can be used to sign a certificate revocation list.

KeyCertSign 

Key can be used to sign certificates.

KeyAgreement 

Key can be used to determine key agreement.

DataEncipherment 

Key can be used for data encryption.

KeyEncipherment 

Key can be used for key encryption.

NonRepudiation 

Key can be used for authentication.

DigitalSignature 

Key can be used as a digital signature.

DecipherOnly 

Key can be used only for decryption.

◆ X509NameType

Type of X.509 certificate-contained name which relates to either issuer or subject of the certificate.

Enumerator
SimpleName 

Simple name of subject or issuer.

EmailName 

Email address.

UpnName 

UPN name.

DnsName 

DNS name.

DnsFromAlternativeName 

Alternative DNS name equivalent to DNS name.

UrlName 

URL.

◆ X509RevocationFlag

Enumerator
EndCertificateOnly 
EntireChain 
ExcludeRoot 

◆ X509VerificationFlags

Enumerator
NoFlag 
IgnoreNotTimeValid 
IgnoreCtlNotTimeValid 
IgnoreNotTimeNested 
IgnoreInvalidBasicConstraints 
AllowUnknownCertificateAuthority 
IgnoreWrongUsage 
IgnoreInvalidName 
IgnoreInvalidPolicy 
IgnoreEndRevocationUnknown 
IgnoreCtlSignerRevocationUnknown 
IgnoreCertificateAuthorityRevocationUnknown 
IgnoreRootRevocationUnknown 
AllFlags