Edit

X509PrivateKeyUsageFlags enumeration (certenroll.h)

  • Article

The X509PrivateKeyUsageFlags enumeration specifies the permitted uses of a private key. It is the responsibility of the cryptographic provider. The enumeration value can be set and retrieved by using the KeyUsage property on the IX509PrivateKey interface.

Syntax

typedef enum X509PrivateKeyUsageFlags {
  XCN_NCRYPT_ALLOW_USAGES_NONE = 0,
  XCN_NCRYPT_ALLOW_DECRYPT_FLAG = 0x1,
  XCN_NCRYPT_ALLOW_SIGNING_FLAG = 0x2,
  XCN_NCRYPT_ALLOW_KEY_AGREEMENT_FLAG = 0x4,
  XCN_NCRYPT_ALLOW_KEY_IMPORT_FLAG = 0x8,
  XCN_NCRYPT_ALLOW_ALL_USAGES = 0xffffff
} ;

Constants

 
XCN_NCRYPT_ALLOW_USAGES_NONE
Value: 0
The permitted uses are not defined.
XCN_NCRYPT_ALLOW_DECRYPT_FLAG
Value: 0x1
The key can be used to decrypt content. This maps to the following X509KeyUsageFlags values:


  • XCN_CERT_DATA_ENCIPHERMENT_KEY_USAGE

  • XCN_CERT_DECIPHER_ONLY_KEY_USAGE

  • XCN_CERT_ENCIPHER_ONLY_KEY_USAGE

  • XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE
XCN_NCRYPT_ALLOW_SIGNING_FLAG
Value: 0x2
The key can be used for signing. This maps to the following X509KeyUsageFlags values:


  • XCN_CERT_CRL_SIGN_KEY_USAGE

  • XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE

  • XCN_CERT_KEY_CERT_SIGN_KEY_USAGE
XCN_NCRYPT_ALLOW_KEY_AGREEMENT_FLAG
Value: 0x4
The key can be used to establish key agreement between entities.
XCN_NCRYPT_ALLOW_KEY_IMPORT_FLAG
Value: 0x8
XCN_NCRYPT_ALLOW_ALL_USAGES
Value: 0xffffff
All of the uses defined for this enumeration are permitted.

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Header certenroll.h

See also

CertEnroll Enumerations

CertEnroll Interfaces

IX509PrivateKey