IX509CertificateRequestPkcs10::InitializeDecode method (certenroll.h)
The InitializeDecode method decodes an existing signed or unsigned PKCS #10 certificate request and uses it to initialize the new PKCS #10 request object. The existing request is contained in a byte array that has been encoded by using Distinguished Encoding Rules (DER) as defined by the Abstract Syntax Notation One (ASN.1) standard. The byte array is represented by a string that is either a pure binary sequence or is Unicode encoded.
HRESULT InitializeDecode( [in] BSTR strEncodedData, [in] EncodingType Encoding );
A BSTR variable that contains the DER-encoded request. For more information, see Remarks.
An EncodingType enumeration value that specifies the type of Unicode encoding applied to the input string that contains the DER-encoded request. The default value is XCN_CRYPT_STRING_BASE64.
If the function succeeds, the function returns S_OK.
If the function fails, it returns an HRESULT value that indicates the error. Possible values include, but are not limited to, those in the following table. For a list of common error codes, see Common HRESULT Values.
||The certificate request object has already been initialized.|
The InitializeDecode method decodes the existing PKCS #10 request and uses the information retrieved to initialize the following collections for the new request object:
- An empty ICryptAttributes collection.
- An empty IX509Extensions collection.
- An empty IObjectIds collection for attribute and extension OIDs to be suppressed from the new request.
The method also:
- Adds the decoded extensions to the IX509Extensions collection.
- Adds the decoded attributes to the ICryptAttributes collection.
- Sets the CriticalExtensions property with the decoded critical extensions.
- Sets the ClientId property.
- Sets the TemplateObjectId property.
By default, the InitializeDecode method assumes that the certificate request to be decoded is for an end user. Beginning with Windows 8 and Windows Server 2012, you can change this default behavior. After creating an instance of the IX509CertificateRequestPkcs10 interface, call InitializeDecode by setting the Encoding parameter to XCN_CRYPT_STRING_BINARY and the strEncodedData parameter to one of the following values:
|L"ContextMachine"||The encoded certificate request is for a computer.|
|L"ContextUser"||The encoded certificate request is for an end user.|
|L"ContextAdministratorForceMachine"||The encoded certificate is being requested by an administrator acting on the behalf of a computer.|
Then, call the InitializeDecode method again with the encoded certificate set in the strEncodedData argument.
|Minimum supported client||Windows Vista [desktop apps only]|
|Minimum supported server||Windows Server 2008 [desktop apps only]|