IX509PublicKey interface (certenroll.h)

The IX509PublicKey interface represents a public key in a public/private key pair. The public key is included in the certificate request sent to a certification authority (CA) and in the certificate received from the CA. For more information, see Public/Private Key Pairs.

The Certificate Enrollment Control passes public and private keys in byte arrays. The following certificate example shows a 1024-bit public key created by using the RSA signing algorithm, XCN_OID_RSA_RSA (1.2.840.113549.1.1.1).


...
Public Key Algorithm:
    Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
    Algorithm Parameters:
    05 00
Public Key Length: 1024 bits
Public Key: UnusedBits = 0
    0000  30 81 89 02 81 81 00 8f  e2 41 2a 08 e8 51 a8 8c
    0010  b3 e8 53 e7 d5 49 50 b3  27 8a 2b cb ea b5 42 73
    0020  ea 02 57 cc 65 33 ee 88  20 61 a1 17 56 c1 24 18
    0030  e3 a8 08 d3 be d9 31 f3  37 0b 94 b8 cc 43 08 0b
    0040  70 24 f7 9c b1 8d 5d d6  6d 82 d0 54 09 84 f8 9f
    0050  97 01 75 05 9c 89 d4 d5  c9 1e c9 13 d7 2a 6b 30
    0060  91 19 d6 d4 42 e0 c4 9d  7c 92 71 e1 b2 2f 5c 8d
    0070  ee f0 f1 17 1e d2 5f 31  5b b1 9c bc 20 55 bf 3a
    0080  37 42 45 75 dc 90 65 02  03 01 00 01
...

The public key consists of a 1024-bit modulus created by multiplying two large prime numbers and a 96-bit exponent. The RSA algorithm uses the exponent and the prime numbers in the standard Euclidian formula to create a private key. The modulus and exponent can be more clearly identified by examining the following ASN.1 output of the same public key. Because the modulus begins with a byte (0x8F) for which the sign bit is set, 0x00 is prepended to ensure that the integer remains unsigned. Other public key algorithms create public keys that are made up from different constituent parts.


30 81 89                                  ; SEQUENCE (89 Bytes)
   02 81 81                               ; INTEGER (81 Bytes)
   |  00                                 // Modulus 
   |  8f e2 41 2a 08 e8 51 a8  8c b3 e8 53 e7 d5 49 50
   |  b3 27 8a 2b cb ea b5 42  73 ea 02 57 cc 65 33 ee
   |  88 20 61 a1 17 56 c1 24  18 e3 a8 08 d3 be d9 31
   |  f3 37 0b 94 b8 cc 43 08  0b 70 24 f7 9c b1 8d 5d
   |  d6 6d 82 d0 54 09 84 f8  9f 97 01 75 05 9c 89 d4
   |  d5 c9 1e c9 13 d7 2a 6b  30 91 19 d6 d4 42 e0 c4
   |  9d 7c 92 71 e1 b2 2f 5c  8d ee f0 f1 17 1e d2 5f
   |  31 5b b1 9c bc 20 55 bf  3a 37 42 45 75 dc 90 65
   02 03                                  ; INTEGER (3 Bytes)
      01 00 01                           // Exponent


Inheritance

The IX509PublicKey interface inherits from the IDispatch interface. IX509PublicKey also has these types of members:

Methods

The IX509PublicKey interface has these methods.

 
IX509PublicKey::ComputeKeyIdentifier

Creates an identifier from a 160-bit SHA-1 hash of the public key.
IX509PublicKey::get_Algorithm

Retrieves an object identifier (OID) for the public key algorithm.
IX509PublicKey::get_EncodedKey

Retrieves a byte array that contains the public key.
IX509PublicKey::get_EncodedParameters

Retrieves a byte array that contains the parameters associated with the public key algorithm.
IX509PublicKey::get_Length

Retrieves the length of the public key.
IX509PublicKey::Initialize

Initializes the object from a public key algorithm object identifier (OID) and from byte arrays that contain a public key and the associated parameters, if any.
IX509PublicKey::InitializeFromEncodedPublicKeyInfo

Initializes the object from a byte array that contains a public key.

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header certenroll.h

See also

CertEnroll Interfaces

IDispatch

IX509PrivateKey

Public/Private Key Pairs