3.1.4.1.3.20 PrivateKeyAttributes
The <PrivateKeyAttributes> complex type contains the attributes for the private key that will be associated with any certificate request for the corresponding CertificateEnrollmentPolicy object.
-
<xs:complexType name="PrivateKeyAttributes"> <xs:sequence> <xs:element name="minimalKeyLength" type="xs:unsignedInt" /> <xs:element name="keySpec" type="xs:unsignedInt" nillable="true" /> <xs:element name="keyUsageProperty" type="xs:unsignedInt" nillable="true" /> <xs:element name="permissions" type="xs:string" nillable="true" /> <xs:element name="algorithmOIDReference" type="xs:int" nillable="true" /> <xs:element name="cryptoProviders" type="xcep:CryptoProviders" nillable="true" /> </xs:sequence> </xs:complexType>
minimalKeyLength: An integer specifying the minimum key length in bits for the private key. The value of the <minimalKeyLength> element MUST be a positive nonzero number.
keySpec: This element has identical semantics for the <pKIDefaultKeySpec> attribute specified in [MS-WCCE] section 3.1.2.4.2.2.1.5.
keyUsageProperty: This element has identical semantics to the <pKIKeyUsage> attribute specified in [MS-WCCE] section 3.1.2.4.2.2.1.3.
permissions: Used to specify a Security Descriptor Definition Language (SDDL) representation of the permissions when a private key is created.
algorithmOIDReference: An integer reference to an <oIDReferenceID> element of an existing OID (section 3.1.4.1.3.16) object in a GetPoliciesResponse message. The OID object that is referenced corresponds to the asymmetric algorithm of the private key.
cryptoProviders: An instance of the CryptoProviders object as specified in section 3.1.4.1.3.10. If there are no cryptographic providers to be specified, the <cryptoProviders> element MUST be nil.