ICertPropertyArchivedKeyHash interface (certenroll.h)
The ICertPropertyArchivedKeyHash interface represents a SHA-1 hash of an encrypted private key submitted to a certification authority for archival.
To archive a private key, a client first encrypts the key by using the public key from a CA exchange certificate. The client then places the encrypted private key into a PKCS #7 EnvelopedData structure and hashes the structure by using a SHA-1 hash algorithm. The resulting hash is used to initialize an ICertPropertyArchivedKeyHash object and is included in a CMC certificate request. The property value is typically associated with the certificate after the certificate response is received from the CA and before the response is placed in a store.
This property is initialized by the enrollment process and associated with the dummy certificate that is temporarily copied to the request store. If the CA denies the certificate request, the dummy certificate in the request store and all properties associated with it are deleted. If the CA issues the certificate and it is installed in the certificate store, this property is associated with the new certificate in the personal store and the dummy certificate is deleted.
Inheritance
The ICertPropertyArchivedKeyHash interface inherits from ICertProperty. ICertPropertyArchivedKeyHash also has these types of members:
Methods
The ICertPropertyArchivedKeyHash interface has these methods.
| ICertPropertyArchivedKeyHash::get_ArchivedKeyHash Retrieves a SHA-1 hash of the private key. |
| ICertPropertyArchivedKeyHash::Initialize Initializes the object from a byte array that contains the hash. |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | certenroll.h |