IX509Attribute interface (certenroll.h)

The IX509Attribute interface can be used to represent an attribute in a PKCS #7, PKCS #10, or CMC certificate request. For more information, see the following topics:

• Attributes
• PKCS #7 Attributes
• PKCS #10 Attributes
• CMC Attributes

Attributes are added to a certificate request to provide a certification authority with additional information that it can use when creating and issuing a certificate. Each attribute is a Distinguished Encoding Rules (DER) encoded Abstract Syntax Notation One (ASN.1) structure that contains an object identifier (OID) and zero or more values as shown by the following syntax.

Attributes ::= SET OF Attribute

Attribute ::= SEQUENCE 
{
   type       EncodedObjectID,
   values     AttributeSetValue
}

The IX509Attribute interface can be used to initialize and retrieve an attribute value. It also serves as the base for the following common attribute interfaces.

Interface/OID	Description
IX509AttributeClientId (XCN_OID_REQUEST_CLIENT_INFO)	Represents an attribute that can be used to identify the client that generated a certificate request.
IX509AttributeExtensions (XCN_OID_RSA_certExtensions)	Represents an attribute that contains certificate extensions in a certificate request.
IX509AttributeArchiveKey (XCN_OID_ARCHIVED_KEY_ATTR)	Represents an attribute that contains an encrypted private key to be archived by a certification authority.
IX509AttributeArchiveKeyHash (XCN_OID_ENCRYPTED_KEY_HASH)	Represents an attribute that contains a SHA-1 hash of the encrypted private key to be archived by a certification authority.
IX509AttributeCspProvider (XCN_OID_ENROLLMENT_CSP_PROVIDER)	Represents an attribute that identifies the cryptographic service provider (CSP) used by the entity requesting the certificate.
IX509AttributeOSVersion (XCN_OID_OS_VERSION)	Represents an attribute that contains version information about the client operating system on which the certificate request was generated.
IX509AttributeRenewalCertificate (XCN_OID_RENEWAL_CERTIFICATE)	Represents an attribute that contains the certificate being renewed.

Inheritance

The IX509Attribute interface inherits from the IDispatch interface. IX509Attribute also has these types of members:

Methods

The IX509Attribute interface has these methods.

IX509Attribute::get_ObjectId Retrieves the object identifier (OID) for the attribute. (IX509Attribute.get_ObjectId)
IX509Attribute::get_RawData Retrieves the attribute value.
IX509Attribute::Initialize Initializes the object from an object identifier (OID) and a value.

Requirements

Requirement	Value
Minimum supported client	Windows Vista [desktop apps only]
Minimum supported server	Windows Server 2008 [desktop apps only]
Target Platform	Windows
Header	certenroll.h

See also

CertEnroll Interfaces

ICryptAttribute

IDispatch

IX509Attribute

IX509Attributes