IX509CertificateRequestPkcs7::InitializeDecode method (certenroll.h)
The InitializeDecode method decodes an existing signed or unsigned PKCS #7 request object and uses it to initialize the new PKCS #7 object. The existing request is contained in a byte array that has been encoded by using Distinguished Encoding Rules (DER) as defined by the Abstract Syntax Notation One (ASN.1) standard. The byte array is represented by a string that is either a pure binary sequence or is Unicode encoded.
HRESULT InitializeDecode( [in] BSTR strEncodedData, [in] EncodingType Encoding );
A BSTR variable that contains the DER-encoded request.
An EncodingType enumeration value that specifies the type of Unicode encoding applied to the input string that contains the DER-encoded request. The default value is XCN_CRYPT_STRING_BASE64.
If the function succeeds, the function returns S_OK.
If the function fails, it returns an HRESULT value that indicates the error. Possible values include, but are not limited to, those in the following table. For a list of common error codes, see Common HRESULT Values.
||The request object has already been initialized.|
The InitializeDecode method:
- Decodes the PKCS #7 request specified on input.
- Uses the decoded object to create an inner PKCS #10 request with the following collections:
- Adds the decoded extensions to the IX509Extensions collection.
- Adds the decoded attributes to the ICryptAttributes collection
- Sets the ClientId property.
- Sets the TemplateObjectId property.
- Uses the signature on the original PKCS #7 request to create a new ISignerCertificate object.
- Retrieves an IX509SignatureInformation object from the ISignerCertificate object.
- Initializes the new IX509SignatureInformation object by using the original signature and hash algorithms.
- Sets the PKCS #10 request as the inner request object.
By default, the InitializeDecode method assumes that the certificate request to be decoded is for an end user. Beginning with Windows 8 and Windows Server 2012, you can change this default behavior. After creating an instance of the IX509CertificateRequestPkcs7 interface, call InitializeDecode by setting the Encoding parameter to XCN_CRYPT_STRING_BINARY and the strEncodedData parameter to one of the following values:
|L"ContextMachine"||The encoded certificate request is for a computer.|
|L"ContextUser"||The encoded certificate request is for an end user.|
|L"ContextAdministratorForceMachine"||The encoded certificate is being requested by an administrator acting on the behalf of a computer.|
Then, call the InitializeDecode method again with the encoded certificate set in the strEncodedData argument.
|Minimum supported client||Windows Vista [desktop apps only]|
|Minimum supported server||Windows Server 2008 [desktop apps only]|