IX509PublicKey interface (certenroll.h)
The IX509PublicKey interface represents a public key in a public/private key pair. The public key is included in the certificate request sent to a certification authority (CA) and in the certificate received from the CA. For more information, see Public/Private Key Pairs.
The Certificate Enrollment Control passes public and private keys in byte arrays. The following certificate example shows a 1024-bit public key created by using the RSA signing algorithm, XCN_OID_RSA_RSA (1.2.840.113549.1.1.1).
...
Public Key Algorithm:
Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
Algorithm Parameters:
05 00
Public Key Length: 1024 bits
Public Key: UnusedBits = 0
0000 30 81 89 02 81 81 00 8f e2 41 2a 08 e8 51 a8 8c
0010 b3 e8 53 e7 d5 49 50 b3 27 8a 2b cb ea b5 42 73
0020 ea 02 57 cc 65 33 ee 88 20 61 a1 17 56 c1 24 18
0030 e3 a8 08 d3 be d9 31 f3 37 0b 94 b8 cc 43 08 0b
0040 70 24 f7 9c b1 8d 5d d6 6d 82 d0 54 09 84 f8 9f
0050 97 01 75 05 9c 89 d4 d5 c9 1e c9 13 d7 2a 6b 30
0060 91 19 d6 d4 42 e0 c4 9d 7c 92 71 e1 b2 2f 5c 8d
0070 ee f0 f1 17 1e d2 5f 31 5b b1 9c bc 20 55 bf 3a
0080 37 42 45 75 dc 90 65 02 03 01 00 01
...
The public key consists of a 1024-bit modulus created by multiplying two large prime numbers and a 96-bit exponent. The RSA algorithm uses the exponent and the prime numbers in the standard Euclidian formula to create a private key. The modulus and exponent can be more clearly identified by examining the following ASN.1 output of the same public key. Because the modulus begins with a byte (0x8F) for which the sign bit is set, 0x00 is prepended to ensure that the integer remains unsigned. Other public key algorithms create public keys that are made up from different constituent parts.
30 81 89 ; SEQUENCE (89 Bytes)
02 81 81 ; INTEGER (81 Bytes)
| 00 // Modulus
| 8f e2 41 2a 08 e8 51 a8 8c b3 e8 53 e7 d5 49 50
| b3 27 8a 2b cb ea b5 42 73 ea 02 57 cc 65 33 ee
| 88 20 61 a1 17 56 c1 24 18 e3 a8 08 d3 be d9 31
| f3 37 0b 94 b8 cc 43 08 0b 70 24 f7 9c b1 8d 5d
| d6 6d 82 d0 54 09 84 f8 9f 97 01 75 05 9c 89 d4
| d5 c9 1e c9 13 d7 2a 6b 30 91 19 d6 d4 42 e0 c4
| 9d 7c 92 71 e1 b2 2f 5c 8d ee f0 f1 17 1e d2 5f
| 31 5b b1 9c bc 20 55 bf 3a 37 42 45 75 dc 90 65
02 03 ; INTEGER (3 Bytes)
01 00 01 // Exponent
Inheritance
The IX509PublicKey interface inherits from the IDispatch interface. IX509PublicKey also has these types of members:
Methods
The IX509PublicKey interface has these methods.
| IX509PublicKey::ComputeKeyIdentifier Creates an identifier from a 160-bit SHA-1 hash of the public key. |
| IX509PublicKey::get_Algorithm Retrieves an object identifier (OID) for the public key algorithm. |
| IX509PublicKey::get_EncodedKey Retrieves a byte array that contains the public key. |
| IX509PublicKey::get_EncodedParameters Retrieves a byte array that contains the parameters associated with the public key algorithm. |
| IX509PublicKey::get_Length Retrieves the length of the public key. |
| IX509PublicKey::Initialize Initializes the object from a public key algorithm object identifier (OID) and from byte arrays that contain a public key and the associated parameters, if any. |
| IX509PublicKey::InitializeFromEncodedPublicKeyInfo Initializes the object from a byte array that contains a public key. |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | certenroll.h |