using System;
using System.Runtime.InteropServices;
using Vanara.InteropServices;
using FILETIME = System.Runtime.InteropServices.ComTypes.FILETIME;
namespace Vanara.PInvoke
{
/// Methods and data types found in Crypt32.dll.
public static partial class Crypt32
{
/// Set this flag to ignore any store provider write errors and always update the cached context's property.
[PInvokeData("wincrypt.h")]
public const uint CERT_SET_PROPERTY_IGNORE_PERSIST_ERROR_FLAG = 0x80000000;
/// Set this flag to inhibit the persisting of this property.
[PInvokeData("wincrypt.h")]
public const uint CERT_SET_PROPERTY_INHIBIT_PERSIST_FLAG = 0x40000000;
/// Property identifiers.
[PInvokeData("wincrypt.h")]
public enum CertPropId : uint
{
///
/// Gets or sets a DWORD value indicating whether write operations to the certificate are persisted. The DWORD value is not set
/// if the certificate is in a memory store or in a registry-based store that is opened as read-only.
///
[CorrespondingType(typeof(uint), CorrespondingAction.GetSet)]
CERT_ACCESS_STATE_PROP_ID = 14,
/// Reserved.
CERT_AIA_URL_RETRIEVED_PROP_ID = 67,
/// This property saves an encrypted key hash for the certificate context.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_ARCHIVED_KEY_HASH_PROP_ID = 65,
///
/// Indicates the certificate is skipped during enumerations. A certificate with this property set is found with explicit search
/// operations, such as those used to find a certificate with a specific hash or a serial number. No data in pvData is
/// associated with this property. This property can be set to the empty BLOB, {0,NULL}.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_ARCHIVED_PROP_ID = 19,
///
CERT_AUTH_ROOT_SHA256_HASH_PROP_ID = 98,
/// Reserved.
CERT_AUTHORITY_INFO_ACCESS_PROP_ID = 68,
///
/// Gets or sets a null-terminated Unicode string naming the certificate type for which the certificate has been auto enrolled.
///
[CorrespondingType(typeof(string), CorrespondingAction.GetSet)]
CERT_AUTO_ENROLL_PROP_ID = 21,
/// Reserved.
CERT_AUTO_ENROLL_RETRY_PROP_ID = 66,
/// Reserved.
CERT_BACKED_UP_PROP_ID = 69,
///
/// Disables certificate revocation list (CRL) retrieval for certificates used by the certification authority (CA). If the CA
/// certificate contains this property, it must also include the CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID property.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_CA_DISABLE_CRL_PROP_ID = 82,
///
/// Contains the list of online certificate status protocol (OCSP) URLs to use for certificates issued by the CA certificate.
/// The array contents are the Abstract Syntax Notation One (ASN.1)-encoded bytes of an X509_AUTHORITY_INFO_ACCESS structure
/// where pszAccessMethod is set to szOID_PKIX_OCSP.
///
[CorrespondingType(typeof(byte[]), CorrespondingAction.GetSet)]
CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID = 81,
///
CERT_CEP_PROP_ID = 87,
///
CERT_CLR_DELETE_KEY_PROP_ID = 125,
///
/// Location of the cross certificates. Currently, this identifier is only applicable to certificates and not to CRLs or
/// certificate trust lists (CTLs). The BYTE array contains an ASN.1-encoded CROSS_CERT_DIST_POINTS_INFO structure decoded by
/// using the CryptDecodeObject function with a X509_CROSS_CERT_DIST_POINTS value for the lpszStuctType parameter.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_CROSS_CERT_DIST_POINTS_PROP_ID = 23,
/// An array of bytes containing an Abstract Syntax Notation One (ASN.1) encoded CTL_USAGE structure.
[CorrespondingType(typeof(byte[]), CorrespondingAction.GetSet)]
CERT_CTL_USAGE_PROP_ID = CERT_ENHKEY_USAGE_PROP_ID,
/// Time when the certificate was added to the store.
[CorrespondingType(typeof(FILETIME), CorrespondingAction.GetSet)]
CERT_DATE_STAMP_PROP_ID = 27,
///
/// Gets or sets the property displayed by the certificate UI. This property allows the user to describe the certificate's use.
///
[CorrespondingType(typeof(byte[]), CorrespondingAction.GetSet)]
CERT_DESCRIPTION_PROP_ID = 13,
///
CERT_DISALLOWED_ENHKEY_USAGE_PROP_ID = 122,
///
CERT_DISALLOWED_FILETIME_PROP_ID = 104,
/// Reserved
CERT_EFS_PROP_ID = 17,
/// An array of bytes containing an ASN.1 encoded CERT_ENHKEY_USAGE structure.
[CorrespondingType(typeof(byte[]), CorrespondingAction.GetSet)]
CERT_ENHKEY_USAGE_PROP_ID = 9,
///
///
/// Enrollment information of the pending request that contains RequestID, CADNSName, CAName, and DisplayName. The data format
/// is defined as follows.
///
///
///
/// Bytes
/// Contents
///
/// -
/// First 4 bytes
/// Pending request ID
///
/// -
/// Next 4 bytes
///
/// CADNSName size, in characters, including the terminating null character, followed by CADNSName string with terminating null character
///
///
/// -
/// Next 4 bytes
///
/// CAName size, in characters, including the terminating null character, followed by CAName string with terminating null character
///
///
/// -
/// Next 4 bytes
///
/// DisplayName size, in characters, including the terminating null character, followed by DisplayName string with terminating
/// null character
///
///
///
///
[CorrespondingType(typeof(byte[]), CorrespondingAction.GetSet)]
CERT_ENROLLMENT_PROP_ID = 26,
///
/// Returns a null-terminated Unicode character string that contains extended error information for the certificate context.
///
[CorrespondingType(typeof(byte[]), CorrespondingAction.GetSet)]
CERT_EXTENDED_ERROR_INFO_PROP_ID = 30,
/// Reserved
CERT_FORTEZZA_DATA_PROP_ID = 18,
/// A null-terminated Unicode character string that contains the display name for the CRL.
[CorrespondingType(typeof(string), CorrespondingAction.GetSet)]
CERT_FRIENDLY_NAME_PROP_ID = 11,
/// Returns the SHA1 hash. If the hash does not exist, it is computed by using the CryptHashCertificate function.
[CorrespondingType(typeof(byte[]), CorrespondingAction.GetSet)]
CERT_HASH_PROP_ID = CERT_SHA1_HASH_PROP_ID,
/// Returns either the HCRYPTPROV or NCRYPT_KEY_HANDLE choice.
[CorrespondingType(typeof(HCRYPTPROV), CorrespondingAction.GetSet)]
[CorrespondingType(typeof(NCrypt.NCRYPT_KEY_HANDLE), CorrespondingAction.GetSet)]
CERT_HCRYPTPROV_OR_NCRYPT_KEY_HANDLE_PROP_ID = 79,
///
/// The Cryptography API (CAPI) key handle associated with the certificate. The caller is responsible for freeing the handle. It
/// will not be freed when the context is freed. The property value is removed after after it is returned. If you call this
/// property on a context that has a CNG key, CRYPT_E_NOT_FOUND is returned.
///
[CorrespondingType(typeof(HANDLE), CorrespondingAction.GetSet)]
CERT_HCRYPTPROV_TRANSFER_PROP_ID = 100,
/// Rerserved.
CERT_IE30_RESERVED_PROP_ID = 7,
///
CERT_ISOLATED_KEY_PROP_ID = 118,
///
///
/// A string containing a set of L"<PUBKEY>/<BITLENGTH>" public key algorithm and bit length pairs. The semicolon,
/// L";", is used as the delimiter.
///
/// The <PUBKEY> value identifies the CNG public key algorithm. The following algorithms are supported:
///
/// - L"RSA" (BCRYPT_RSA_ALGORITHM)
/// - L"DSA" (BCRYPT_DSA_ALGORITHM)
/// - L"ECDSA" (SSL_ECDSA_ALGORITHM)
///
///
/// A <PUBKEY>/<BITLENGTH> pair is set for each certificate in the CRL issuer chain excluding the leaf. This
/// property can be set when an OCSP response with an independent signer chain is converted to a CRL.
///
/// This property should not be set for a delegated OCSP signer certificate. A delegated signer certificate is
/// signed with the same key used to sign the subject certificate and is checked there.
/// The following is an example:
/// : L"RSA/2048;RSA/4096"
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_ISSUER_CHAIN_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID = 96,
///
///
/// A string that contains a set of L"<SIGNATURE>/<HASH>" algorithm pairs. The semicolon, L";", is used as the
/// delimiter between pairs.
///
///
/// This property is set only when an OCSP response is converted to a CRL. For a delegated OCSP signer certificate, only the
/// algorithm pair for the signer certificate is returned. For an independent OCSP signer certificate chain, an algorithm pair
/// is returned for each certificate in the chain excluding the root.
///
/// The <SIGNATURE> value identifies the CNG public key algorithm. The following algorithms are supported:
///
/// - L"RSA" (BCRYPT_RSA_ALGORITHM)
/// - L"DSA" (BCRYPT_DSA_ALGORITHM)
/// - L"ECDSA" (SSL_ECDSA_ALGORITHM)
///
/// The <HASH> value identifies the CNG hash algorithm. The following algorithms are supported:
///
/// - L"MD5" (BCRYPT_MD5_ALGORITHM)
/// - L"SHA1" (BCRYPT_SHA1_ALGORITHM)
/// - L"SHA256" (BCRYPT_SHA256_ALGORITHM)
/// - L"SHA384" (BCRYPT_SHA384_ALGORITHM)
/// - L"SHA512" (BCRYPT_SHA512_ALGORITHM)
///
/// The following is an example:
/// L"RSA/SHA256;RSA/SHA256"
/// This property is explicitly set by the verify revocation functions.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_ISSUER_CHAIN_SIGN_HASH_CNG_ALG_PROP_ID = 95,
///
///
/// The length, in bits, of the public key in the CRL issuer certificate. This property is also applicable to an OCSP that has
/// been converted to a CRL.
///
/// This property is explicitly set by the verify revocation functions.
/// Windows 8 and Windows Server 2012: Support for this property begins.
///
[CorrespondingType(typeof(uint), CorrespondingAction.GetSet)]
CERT_ISSUER_PUB_KEY_BIT_LENGTH_PROP_ID = 94,
/// This property sets the MD5 hash of the public key associated with the private key used to sign this certificate.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID = 24,
/// The CRYPT_DATA_BLOB structure contains the MD5 hash of the issuer name and serial number from this certificate.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID = 28,
///
CERT_KEY_CLASSIFICATION_PROP_ID = 120,
///
/// The structure specifies the certificate's private key. It contains both the HCRYPTPROV and key specification for the private
/// key. For more information about the hCryptProv member and dwFlags settings, see CERT_KEY_PROV_HANDLE_PROP_ID, later in this topic.
///
[CorrespondingType(typeof(CERT_KEY_CONTEXT), CorrespondingAction.GetSet)]
CERT_KEY_CONTEXT_PROP_ID = 5,
///
/// If nonexistent, searches for the szOID_SUBJECT_KEY_IDENTIFIER extension. If that fails, a SHA1 hash is done on the
/// certificate's SubjectPublicKeyInfo member to produce the identifier values.
///
[CorrespondingType(typeof(byte[]), CorrespondingAction.GetSet)]
CERT_KEY_IDENTIFIER_PROP_ID = 20,
///
/// The HCRYPTPROV handle for the certificate's private key is set. The hCryptProv member of the CERT_KEY_CONTEXT structure is
/// updated if it exists. If it does not exist, it is created with dwKeySpec and initialized by CERT_KEY_PROV_INFO_PROP_ID. If
/// CERT_STORE_NO_CRYPT_RELEASE_FLAG is not set, the hCryptProv value is implicitly released either when the property is set to
/// NULL or on the final freeing of the CERT_CONTEXT structure.
///
[CorrespondingType(typeof(HCRYPTPROV), CorrespondingAction.GetSet)]
CERT_KEY_PROV_HANDLE_PROP_ID = 1,
/// The structure specifies the certificate's private key.
[CorrespondingType(typeof(CRYPT_KEY_PROV_INFO), CorrespondingAction.GetSet)]
CERT_KEY_PROV_INFO_PROP_ID = 2,
///
CERT_KEY_REPAIR_ATTEMPTED_PROP_ID = 103,
///
/// A DWORD value specifying the private key obtained from CERT_KEY_CONTEXT_PROP_ID property if it exists. Otherwise, if
/// CERT_KEY_PROV_INFO_PROP_ID exists, it is the source of the dwKeySpec.
///
[CorrespondingType(typeof(uint), CorrespondingAction.GetSet)]
CERT_KEY_SPEC_PROP_ID = 6,
/// The MD5 hash. You can compute the hash by using the CryptHashCertificate function.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_MD5_HASH_PROP_ID = 4,
/// This property sets the NCRYPT_KEY_HANDLE for the certificate private key and sets the dwKeySpec to CERT_NCRYPT_KEY_SPEC.
[CorrespondingType(typeof(NCrypt.NCRYPT_KEY_HANDLE), CorrespondingAction.GetSet)]
CERT_NCRYPT_KEY_HANDLE_PROP_ID = 78,
/// Sets the handle of the CNG key associated with the certificate.
[CorrespondingType(typeof(HANDLE), CorrespondingAction.GetSet)]
CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID = 99,
/// Reserved
CERT_NEW_KEY_PROP_ID = 74,
/// The ASN.1 encoded CERT_ALT_NAME_INFO structure on a CTL.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_NEXT_UPDATE_LOCATION_PROP_ID = 10,
/// Reserved
CERT_NO_AUTO_EXPIRE_CHECK_PROP_ID = 77,
///
CERT_NO_EXPIRE_NOTIFICATION_PROP_ID = 97,
///
CERT_NONCOMPLIANT_ROOT_URL_PROP_ID = 123,
///
CERT_NOT_BEFORE_ENHKEY_USAGE_PROP_ID = 127,
///
CERT_NOT_BEFORE_FILETIME_PROP_ID = 126,
/// Reserved
CERT_OCSP_CACHE_PREFIX_PROP_ID = 75,
///
CERT_OCSP_MUST_STAPLE_PROP_ID = 121,
///
/// This property sets the encoded online certificate status protocol (OCSP) response from a CERT_SERVER_OCSP_RESPONSE_CONTEXT
/// for this certificate.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_OCSP_RESPONSE_PROP_ID = 70,
///
CERT_PIN_SHA256_HASH_PROP_ID = 124,
///
/// This property is implicitly set by calling the CertGetCertificateContextProperty function.
///
/// Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This identifier
/// is not supported.
///
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID = 93,
///
/// This property is used with public keys that support algorithm parameter inheritance. The data BLOB contains the
/// ASN.1-encoded PublicKey Algorithm parameters. For DSS, these are parameters encoded by using the CryptEncodeObject function.
/// This is used only if CMS_PKCS7 is defined.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_PUBKEY_ALG_PARA_PROP_ID = 22,
/// Reserved
CERT_PUBKEY_HASH_RESERVED_PROP_ID = 8,
///
/// The CRYPT_DATA_BLOB structure specifies the name of a file that contains the private key associated with the certificate's
/// public key. Inside the CRYPT_DATA_BLOB structure, the pbData member is a pointer to a null-terminated Unicode wide-character
/// string, and the cbData member indicates the length of the string.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_PVK_FILE_PROP_ID = 12,
/// This property specifies the hash of the renewed certificate.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_RENEWAL_PROP_ID = 64,
///
/// The CRYPT_DATA_BLOB structure contains a null-terminated Unicode string that contains the DNS computer name for the
/// origination of the certificate context request.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_REQUEST_ORIGINATOR_PROP_ID = 71,
///
/// Returns a pointer to an encoded CERT_POLICIES_INFO structure that contains the application policies of the root certificate
/// for the context. This property can be decoded by using the CryptDecodeObject function with the lpszStructType parameter set
/// to X509_CERT_POLICIES and the dwCertEncodingType parameter set to a combination of X509_ASN_ENCODING bitwise OR PKCS_7_ASN_ENCODING.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID = 83,
///
CERT_ROOT_PROGRAM_CHAIN_POLICIES_PROP_ID = 105,
/// Reserved
CERT_ROOT_PROGRAM_NAME_CONSTRAINTS_PROP_ID = 84,
///
CERT_SCARD_PIN_ID_PROP_ID = 90,
///
CERT_SCARD_PIN_INFO_PROP_ID = 91,
///
CERT_SCEP_CA_CERT_PROP_ID = 111,
///
CERT_SCEP_ENCRYPT_HASH_CNG_ALG_PROP_ID = 114,
///
CERT_SCEP_FLAGS_PROP_ID = 115,
///
CERT_SCEP_GUID_PROP_ID = 116,
///
CERT_SCEP_NONCE_PROP_ID = 113,
///
CERT_SCEP_RA_ENCRYPTION_CERT_PROP_ID = 110,
///
CERT_SCEP_RA_SIGNATURE_CERT_PROP_ID = 109,
///
CERT_SCEP_SERVER_CERTS_PROP_ID = 108,
///
CERT_SCEP_SIGNER_CERT_PROP_ID = 112,
///
CERT_SEND_AS_TRUSTED_ISSUER_PROP_ID = 102,
///
CERT_SERIAL_CHAIN_PROP_ID = 119,
///
CERT_SERIALIZABLE_KEY_CONTEXT_PROP_ID = 117,
/// The SHA1 hash. You can compute the hash by using CryptHashCertificate.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_SHA1_HASH_PROP_ID = 3,
///
CERT_SHA256_HASH_PROP_ID = 107,
///
///
/// The L”<SIGNATURE>/<HASH>” string representing the certificate signature. The <SIGNATURE> value identifies
/// the CNG public key algorithm. The following algorithms are supported:
///
///
/// - L"RSA" (BCRYPT_RSA_ALGORITHM)
/// - L"DSA" (BCRYPT_DSA_ALGORITHM)
/// - L"ECDSA" (SSL_ECDSA_ALGORITHM)
///
/// The <HASH> value identifies the CNG hash algorithm. The following algorithms are supported:
///
/// - L"MD5" (BCRYPT_MD5_ALGORITHM)
/// - L"SHA1" (BCRYPT_SHA1_ALGORITHM)
/// - L"SHA256" (BCRYPT_SHA256_ALGORITHM)
/// - L"SHA384" (BCRYPT_SHA384_ALGORITHM)
/// - L"SHA512" (BCRYPT_SHA512_ALGORITHM)
///
/// The following are common examples:
///
/// - L”RSA/SHA1”
/// - L”RSA/SHA256”
/// - L”ECDSA/SHA256”
///
/// This property is also applicable to an OCSP response that has been converted to a CRL.
/// This property is explicitly set by the verify revocation functions.
/// Windows 8 and Windows Server 2012: Support for this property begins.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_SIGN_HASH_CNG_ALG_PROP_ID = 89,
///
/// The signature hash. If the hash does not exist, it is computed with CryptHashToBeSigned. The length of the hash is 20 bytes
/// for SHA and 16 for MD5.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_SIGNATURE_HASH_PROP_ID = 15,
/// This property sets the smart card data property of a smart card certificate context.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_SMART_CARD_DATA_PROP_ID = 16,
///
CERT_SMART_CARD_READER_NON_REMOVABLE_PROP_ID = 106,
///
CERT_SMART_CARD_READER_PROP_ID = 101,
/// This property sets the information property of a smart card root certificate context.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_SMART_CARD_ROOT_INFO_PROP_ID = 76,
/// Reserved
CERT_SOURCE_LOCATION_PROP_ID = 72,
/// Reserved
CERT_SOURCE_URL_PROP_ID = 73,
/// Reserved
CERT_SUBJECT_DISABLE_CRL_PROP_ID = 86,
///
/// This property sets the subject information access extension of the certificate context as an encoded
/// CERT_SUBJECT_INFO_ACCESS structure.
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_SUBJECT_INFO_ACCESS_PROP_ID = 80,
/// Returns an MD5 hash of the encoded subject name of the certificate context.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_SUBJECT_NAME_MD5_HASH_PROP_ID = 29,
/// Reserved
CERT_SUBJECT_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID = 85,
///
/// This property is implicitly set by calling the CertGetCertificateContextProperty function.
///
/// Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This identifier
/// is not supported.
///
///
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_SUBJECT_PUB_KEY_BIT_LENGTH_PROP_ID = 92,
/// This property sets the MD5 hash of this certificate's public key.
[CorrespondingType(typeof(CRYPTOAPI_BLOB), CorrespondingAction.GetSet)]
CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID = 25,
}
///
/// The CertEnumCertificateContextProperties function retrieves the first or next extended property associated with a
/// certificate context. Used in a loop, this function can retrieve in sequence all of the extended properties associated with a
/// certificate context.
///
/// A pointer to the CERT_CONTEXT structure of the certificate containing the properties to be enumerated.
///
///
/// Property number of the last property enumerated. To get the first property, dwPropId is zero. To retrieve subsequent properties,
/// dwPropId is set to the property number returned by the last call to the function. To enumerate all the properties, function
/// calls continue until the function returns zero.
///
///
/// Applications can call CertGetCertificateContextProperty with the dwPropId returned by this function to retrieve that property's data.
///
///
///
/// The return value is a DWORD value that identifies a certificate context's property. The DWORD value returned by
/// one call of the function can be supplied as the dwPropId in a subsequent call to the function. If there are no more properties
/// to be enumerated or if the function fails, zero is returned.
///
///
///
/// CERT_KEY_PROV_HANDLE_PROP_ID and CERT_KEY_SPEC_PROP_ID properties are stored as members of the CERT_KEY_CONTEXT_PROP_ID
/// property. They are not enumerated individually.
///
/// Examples
/// See Example C Program: Listing the Certificates in a Store.
///
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certenumcertificatecontextproperties DWORD
// CertEnumCertificateContextProperties( PCCERT_CONTEXT pCertContext, DWORD dwPropId );
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wincrypt.h", MSDNShortId = "b7304ab2-432b-40c0-8014-7f8874fa36fa")]
public static extern uint CertEnumCertificateContextProperties([In] PCCERT_CONTEXT pCertContext, CertPropId dwPropId);
///
/// The CertEnumCRLContextProperties function retrieves the first or next extended property associated with a certificate
/// revocation list (CRL) context. Used in a loop, this function can retrieve in sequence all extended properties associated with a
/// CRL context.
///
/// A pointer to a CRL_CONTEXT structure.
///
///
/// Property number of the last property enumerated. To get the first property, dwPropId is zero. To retrieve subsequent properties,
/// dwPropId is set to the property number returned by the last call to the function. To enumerate all the properties, function
/// calls continue until the function returns zero.
///
///
/// Applications can call CertGetCRLContextProperty with the dwPropId returned by this function to retrieve that property's data.
///
///
///
/// The return value is a DWORD value that identifies a CRL context's property. The DWORD value returned by one call
/// of the function can be supplied as the dwPropId in a subsequent call to the function. If there are no more properties to be
/// enumerated or if the function fails, zero is returned.
///
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certenumcrlcontextproperties DWORD
// CertEnumCRLContextProperties( PCCRL_CONTEXT pCrlContext, DWORD dwPropId );
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wincrypt.h", MSDNShortId = "330808ef-9b39-4bd4-ba0b-9e70ec516f33")]
public static extern uint CertEnumCRLContextProperties([In] PCCRL_CONTEXT pCrlContext, CertPropId dwPropId);
///
/// The CertEnumCTLContextProperties function retrieves the first or next extended property associated with a certificate
/// trust list (CTL) context. Used in a loop, this function can retrieve in sequence all extended properties associated with a CTL context.
///
/// A pointer to a CTL_CONTEXT structure.
///
///
/// Property number of the last property enumerated. To get the first property, dwPropId is zero. To retrieve subsequent properties,
/// dwPropId is set to the property number returned by the last call to the function. To enumerate all the properties, function
/// calls continue until the function returns zero.
///
///
/// Applications can call CertGetCTLContextProperty with the dwPropId returned by this function to retrieved that property's data.
///
///
///
/// The return value is a DWORD value that identifies a CTL context's property. The DWORD value returned by one call
/// of the function can be supplied as the dwPropId in a subsequent call to the function. If there are no more properties to be
/// enumerated or if the function fails, zero is returned.
///
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certenumctlcontextproperties DWORD
// CertEnumCTLContextProperties( PCCTL_CONTEXT pCtlContext, DWORD dwPropId );
[DllImport(Lib.Crypt32, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wincrypt.h", MSDNShortId = "f5c9c4cd-bf99-41bf-b13e-f1921b011039")]
public static extern uint CertEnumCTLContextProperties([In] PCCTL_CONTEXT pCtlContext, CertPropId dwPropId);
///
/// The CertGetCertificateContextProperty function retrieves the information contained in an extended property of a
/// certificate context.
///
/// A pointer to the CERT_CONTEXT structure of the certificate that contains the property to be retrieved.
///
///
/// The property to be retrieved. Currently defined identifiers and the data type to be returned in pvData are listed in the
/// following table.
///
/// CERT_ACCESS_STATE_PROP_ID
/// Data type of pvData: A pointer to a DWORD value.
///
/// Returns a DWORD value that indicates whether write operations to the certificate are persisted. The DWORD value is
/// not set if the certificate is in a memory store or in a registry-based store that is opened as read-only.
///
/// CERT_AIA_URL_RETRIEVED_PROP_ID
/// This identifier is reserved.
/// CERT_ARCHIVED_KEY_HASH_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns a previously saved encrypted key hash for the certificate context.
/// CERT_ARCHIVED_PROP_ID
///
/// Data type of pvData: NULL. If the CertGetCertificateContextProperty function returns true, then the specified
/// property ID exists for the CERT_CONTEXT.
///
///
/// Indicates the certificate is skipped during enumerations. A certificate with this property set is found with explicit search
/// operations, such as those used to find a certificate with a specific hash or a serial number. No data in pvData is associated
/// with this property.
///
/// CERT_AUTHORITY_INFO_ACCESS_PROP_ID
/// This identifier is reserved.
/// CERT_AUTO_ENROLL_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns a null-terminated Unicode string that names the certificate type for which the certificate has been auto enrolled.
/// CERT_AUTO_ENROLL_RETRY_PROP_ID
/// This identifier is reserved.
/// CERT_BACKED_UP_PROP_ID
/// This identifier is reserved.
/// CERT_CA_DISABLE_CRL_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Disables certificate revocation list (CRL) retrieval for certificates used by the certification authority (CA). If the CA
/// certificate contains this property, it must also include the CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID property.
///
/// CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Contains the list of online certificate status protocol (OCSP) URLs to use for certificates issued by the CA certificate. The
/// array contents are the Abstract Syntax Notation One (ASN.1)-encoded bytes of an X509_AUTHORITY_INFO_ACCESS structure
/// where pszAccessMethod is set to szOID_PKIX_OCSP.
///
/// CERT_CROSS_CERT_DIST_POINTS_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Location of the cross certificates. Currently, this identifier is only applicable to certificates and not to CRLs or certificate
/// trust lists (CTLs). The BYTE array contains an ASN.1-encoded CROSS_CERT_DIST_POINTS_INFO structure decoded by using the
/// CryptDecodeObject function with a X509_CROSS_CERT_DIST_POINTS value for the lpszStuctType parameter.
///
/// CERT_CTL_USAGE_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns an array of bytes that contain an ASN.1-encoded structure.
/// CERT_DATE_STAMP_PROP_ID
/// Data type of pvData: A pointer to a FILETIME structure.
/// Time when the certificate was added to the store.
/// CERT_DESCRIPTION_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns the property displayed by the certificate UI. This property allows the user to describe the certificate's use.
/// CERT_EFS_PROP_ID
/// This identifier is reserved.
/// CERT_ENHKEY_USAGE_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Returns an array of bytes that contain an ASN.1-encoded CERT_ENHKEY_USAGE structure. This structure contains an array of
/// Enhanced Key Usage object identifiers (OIDs), each of which specifies a valid use of the certificate.
///
/// CERT_ENROLLMENT_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Enrollment information of the pending request that contains RequestID, CADNSName, CAName, and DisplayName. The data format is
/// defined as follows.
///
///
///
/// Bytes
/// Contents
///
/// -
/// First 4 bytes
/// Pending request ID
///
/// -
/// Next 4 bytes
///
/// CADNSName size, in characters, including the terminating null character, followed by CADNSName string with terminating null character
///
///
/// -
/// Next 4 bytes
///
/// CAName size, in characters, including the terminating null character, followed by CAName string with terminating null character
///
///
/// -
/// Next 4 bytes
///
/// DisplayName size, in characters, including the terminating null character, followed by DisplayName string with terminating null character
///
///
///
/// CERT_EXTENDED_ERROR_INFO_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns a null-terminated Unicode character string that contains extended error information for the certificate context.
/// CERT_FORTEZZA_DATA_PROP_ID
/// This identifier is reserved.
/// CERT_FRIENDLY_NAME_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns a null-terminated Unicode character string that contains the display name for the certificate.
/// CERT_HASH_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns the SHA1 hash. If the hash does not exist, it is computed by using the CryptHashCertificate function.
/// CERT_HCRYPTPROV_OR_NCRYPT_KEY_HANDLE_PROP_ID
/// Data type of pvData: A pointer to an HCRYPTPROV_OR_NCRYPT_KEY_HANDLE data type.
/// Returns either the HCRYPTPROV or NCRYPT_KEY_HANDLE choice.
/// CERT_HCRYPTPROV_TRANSFER_PROP_ID
///
/// Returns the Cryptography API (CAPI) key handle associated with the certificate. The caller is responsible for freeing the
/// handle. It will not be freed when the context is freed. The property value is removed after after it is returned. If you call
/// this property on a context that has a CNG key, CRYPT_E_NOT_FOUND is returned.
///
/// CERT_IE30_RESERVED_PROP_ID
/// This identifier is reserved.
/// CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// MD5 hash of the public key associated with the private key used to sign this certificate.
/// CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// MD5 hash of the issuer name and serial number from this certificate.
/// CERT_KEY_CONTEXT_PROP_ID
/// Data type of pvData: A pointer to a CERT_KEY_CONTEXT structure.
/// Returns a CERT_KEY_CONTEXT structure.
/// CERT_KEY_IDENTIFIER_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// If nonexistent, searches for the szOID_SUBJECT_KEY_IDENTIFIER extension. If that fails, a SHA1 hash is done on the certificate's
/// SubjectPublicKeyInfo member to produce the identifier values.
///
/// CERT_KEY_PROV_HANDLE_PROP_ID
/// Data type of pvData: A pointer to an HCRYPTPROV value.
/// Returns the provider handle obtained from CERT_KEY_CONTEXT_PROP_ID.
/// CERT_KEY_PROV_INFO_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_KEY_PROV_INFO structure.
/// Returns a pointer to a CRYPT_KEY_PROV_INFO structure.
/// CERT_KEY_SPEC_PROP_ID
/// Data type of pvData: A pointer to a DWORD value.
///
/// Returns a DWORD value that specifies the private key obtained from CERT_KEY_CONTEXT_PROP_ID if it exists. Otherwise, if
/// CERT_KEY_PROV_INFO_PROP_ID exists, it is the source of the dwKeySpec.
///
/// CERT_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns the MD5 hash. If the hash does not exist, it is computed by using the CryptHashCertificate function.
/// CERT_NCRYPT_KEY_HANDLE_PROP_ID
/// Data type of pvData: A pointer to an NCRYPT_KEY_HANDLE data type.
/// Returns a CERT_NCRYPT_KEY_SPEC choice where applicable.
/// CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID
///
/// Returns the CNG key handle associated with the certificate. The caller is responsible for freeing the handle. It will not be
/// freed when the context is freed. The property value is removed after after it is returned. If you call this property on a
/// context that has a legacy (CAPI) key, CRYPT_E_NOT_FOUND is returned.
///
/// CERT_NEW_KEY_PROP_ID
/// This identifier is reserved.
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns the ASN.1-encoded CERT_ALT_NAME_INFO structure.
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID is currently used only with CTLs.
/// CERT_NO_AUTO_EXPIRE_CHECK_PROP_ID
/// This identifier is reserved.
/// CERT_OCSP_CACHE_PREFIX_PROP_ID
/// This identifier is reserved.
/// CERT_OCSP_RESPONSE_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns an encoded OCSP response for this certificate.
/// CERT_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID
/// Data type of pvData: Pointer to a null-terminated Unicode string.
///
/// Returns an L”<PUBKEY>/<BITLENGTH>” string representing the certificate’s public key algorithm and bit length. The
/// following <PUBKEY> algorithms are supported:
///
///
/// -
/// L"RSA" (BCRYPT_RSA_ALGORITHM)
///
/// -
/// L"DSA" (BCRYPT_DSA_ALGORITHM)
///
/// -
/// L"ECDSA" (SSL_ECDSA_ALGORITHM)
///
///
/// Windows 8 and Windows Server 2012:
/// Support for this property begins.
/// CERT_PUBKEY_ALG_PARA_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// For public keys that support algorithm parameter inheritance, returns the ASN.1-encoded PublicKey Algorithm parameters. For
/// Digital Signature Standard (DSS), returns the parameters encoded by using the CryptEncodeObject function. This property is used
/// only if CMS_PKCS7 is defined.
///
/// CERT_PUBKEY_HASH_RESERVED_PROP_ID
/// This identifier is reserved.
/// CERT_PVK_FILE_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Returns a null-terminated Unicode wide character string that contains the file name that contains the private key associated
/// with the certificate's public key.
///
/// CERT_RENEWAL_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns the hash of the renewed certificate.
/// CERT_REQUEST_ORIGINATOR_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Returns a null-terminated Unicode string that contains the DNS computer name for the origination of the certificate context request.
///
/// CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Returns a pointer to an encoded CERT_POLICIES_INFO structure that contains the application policies of the root certificate for
/// the context. This property can be decoded by using the CryptDecodeObject function with the lpszStructType parameter set to
/// X509_CERT_POLICIES and the dwCertEncodingType parameter set to a combination of X509_ASN_ENCODING bitwise ORPKCS_7_ASN_ENCODING.
///
/// CERT_ROOT_PROGRAM_NAME_CONSTRAINTS_PROP_ID
/// This identifier is reserved.
/// CERT_SHA1_HASH_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns the SHA1 hash. If the hash does not exist, it is computed by using the CryptHashCertificate function.
/// CERT_SIGN_HASH_CNG_ALG_PROP_ID
/// Data type of pvData: Pointer to a null-terminated Unicode string.
///
/// Returns the L”<SIGNATURE>/<HASH>” string representing the certificate signature. The <SIGNATURE> value
/// identifies the CNG public key algorithm. The following algorithms are supported:
///
///
/// -
/// L"RSA" (BCRYPT_RSA_ALGORITHM)
///
/// -
/// L"DSA" (BCRYPT_DSA_ALGORITHM)
///
/// -
/// L"ECDSA" (SSL_ECDSA_ALGORITHM)
///
///
/// The
/// <HASH>
/// value identifies the CNG hash algorithm. The following algorithms are supported:
///
/// -
/// L"MD5" (BCRYPT_MD5_ALGORITHM)
///
/// -
/// L"SHA1" (BCRYPT_SHA1_ALGORITHM)
///
/// -
/// L"SHA256" (BCRYPT_SHA256_ALGORITHM)
///
/// -
/// L"SHA384" (BCRYPT_SHA384_ALGORITHM)
///
/// -
/// L"SHA512" (BCRYPT_SHA512_ALGORITHM)
///
///
/// The following are common examples:
///
/// -
/// L"RSA/SHA1"
///
/// -
/// L"RSA/SHA256"
///
/// -
/// L"ECDSA/SHA256"
///
///
/// Windows 7 and Windows Server 2008 R2:
/// Support for this property begins.
/// CERT_SIGNATURE_HASH_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Returns the signature hash. If the hash does not exist, it is computed by using the CryptHashToBeSigned function. The length of
/// the hash is 20 bytes for SHA and 16 for MD5.
///
/// CERT_SMART_CARD_DATA_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
///
/// Returns a pointer to encoded smart card data. Prior to calling CertGetCertificateContextProperty, you can use this
/// constant to retrieve a smart card certificate by using the CertFindCertificateInStore function with the pvFindPara parameter set
/// to CERT_SMART_CARD_DATA_PROP_ID and the dwFindType parameter set to CERT_FIND_PROPERTY.
///
/// CERT_SMART_CARD_ROOT_INFO_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns a pointer to an encoded CRYPT_SMART_CARD_ROOT_INFO structure.
/// CERT_SOURCE_LOCATION_PROP_ID
/// This identifier is reserved.
/// CERT_SOURCE_URL_PROP_ID
/// This identifier is reserved.
/// CERT_SUBJECT_DISABLE_CRL_PROP_ID
/// This identifier is reserved.
/// CERT_SUBJECT_INFO_ACCESS_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns the subject information access extension of the certificate context as an encoded CERT_SUBJECT_INFO_ACCESS structure.
/// CERT_SUBJECT_NAME_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns an MD5 hash of the encoded subject name of the certificate context.
/// CERT_SUBJECT_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID
/// This identifier is reserved.
/// CERT_SUBJECT_PUB_KEY_BIT_LENGTH_PROP_ID
/// Data type of pvData: Pointer to a DWORD value.
/// Returns the length, in bits, of the public key in the certificate.
/// Windows 8 and Windows Server 2012: Support for this property begins.
/// CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to an array of BYTE values. The size of this array is specified in the pcbData parameter.
/// Returns the MD5 hash of this certificate's public key.
/// For all user-defined property identifiers, pvData points to an array of BYTE values.
/// For more information about each property identifier, see the documentation on the dwPropId parameter in CertSetCertificateContextProperty.
///
///
///
/// A pointer to a buffer to receive the data as determined by dwPropId. Structures pointed to by members of a structure returned
/// are also returned following the base structure. Therefore, the size contained in pcbData often exceeds the size of the base structure.
///
///
/// This parameter can be NULL to set the size of the information for memory allocation purposes. For more information, see
/// Retrieving Data of Unknown Length.
///
///
///
///
/// A pointer to a DWORD value that specifies the size, in bytes, of the buffer pointed to by the pvData parameter. When the
/// function returns, the DWORD value contains the number of bytes to be stored in the buffer.
///
///
/// To obtain the required size of a buffer at run time, pass NULL for the pvData parameter, and set the value pointed to by
/// this parameter to zero. If the pvData parameter is not NULL and the size specified in pcbData is less than the number of
/// bytes required to contain the data, the function fails, GetLastError returns ERROR_MORE_DATA, and the required size is
/// placed in the variable pointed to by the pcbData parameter.
///
///
/// Note When processing the data returned in the buffer, applications must use the actual size of the data returned. The
/// actual size can be slightly smaller than the size of the buffer specified on input. (On input, buffer sizes are usually
/// specified large enough to ensure that the largest possible output data fits in the buffer.) On output, the variable pointed to
/// by this parameter is updated to reflect the actual size of the data copied to the buffer.
///
///
///
/// If the function succeeds, the function returns TRUE.
/// If the function fails, it returns FALSE. For extended error information, call GetLastError.
/// Some possible error codes follow.
///
///
/// Return code
/// Description
///
/// -
/// CRYPT_E_NOT_FOUND
/// The certificate does not have the specified property.
///
/// -
/// ERROR_MORE_DATA
///
/// If the buffer specified by the pvData parameter is not large enough to hold the returned data, the function sets the
/// ERROR_MORE_DATA code and stores the required buffer size, in bytes, in the variable pointed to by pcbData.
///
///
///
/// Errors from the called function CryptHashCertificate can be propagated to this function.
///
///
///
/// Properties are not stored inside a certificate. Typically, they are associated with a certificate after the certificate response
/// is received and then saved with the certificate in the store. For security reasons, we recommend that you validate property
/// values before saving them and that you save only informational properties such as the CERT_FRIENDLY_NAME_PROP_ID value in
/// user stores. All other property types should be saved in local computer stores.
///
/// Your code can use a macro to evaluate the class of hash for a certificate context. For more information, see CertSetCertificateContextProperty.
/// Examples
///
/// For examples that use this function, see Example C Program: Getting and Setting Certificate Properties and Example C Program:
/// Listing the Certificates in a Store.
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetcertificatecontextproperty BOOL
// CertGetCertificateContextProperty( PCCERT_CONTEXT pCertContext, DWORD dwPropId, void *pvData, DWORD *pcbData );
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("wincrypt.h", MSDNShortId = "f766db64-3121-4f70-ac83-ce25ee634efa")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CertGetCertificateContextProperty([In] PCCERT_CONTEXT pCertContext, CertPropId dwPropId, [In, Out] IntPtr pvData, ref uint pcbData);
///
/// The CertGetCRLContextProperty function gets an extended property for the specified certificate revocation list (CRL) context.
///
/// A pointer to the CRL_CONTEXT structure.
///
///
/// Identifies the property to be retrieved. Currently defined identifiers and the data type to be returned in pvData are listed in
/// the following table.
///
///
///
/// Value
/// Meaning
///
/// -
/// CERT_ACCESS_STATE_PROP_ID
///
/// Data type for pvData: pointer to a DWORD Returns a DWORD value indicating whether write operations to the certificate are
/// persisted. The DWORD value is not set if the certificate is in a memory store or in a registry-based store that is opened as read-only.
///
///
/// -
/// CERT_ARCHIVED_PROP_ID
///
/// Data type for pvData: NULL Indicates the certificate is skipped during enumerations. A certificate with this property set is
/// found with explicit search operations, such as those used to find a certificate with a specific hash or a serial number. No data
/// in pvData is associated with this property.
///
///
/// -
/// CERT_AUTO_ENROLL_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns a null-terminated Unicode string naming the certificate type for which the
/// certificate has been auto enrolled.
///
///
/// -
/// CERT_CTL_USAGE_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns an array of bytes containing an Abstract Syntax Notation One (ASN.1)
/// encoded CTL_USAGE structure.
///
///
/// -
/// CERT_DESCRIPTION_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns the property displayed by the certificate UI. This property allows the
/// user to describe the certificate's use.
///
///
/// -
/// CERT_ENHKEY_USAGE_PROP_ID
/// Data type for pvData: Returns an array of bytes containing an ASN.1 encoded CERT_ENHKEY_USAGE structure.
///
/// -
/// CERT_FRIENDLY_NAME_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns a null-terminated Unicode character string that contains the display name
/// for the CRL.
///
///
/// -
/// CERT_ISSUER_CHAIN_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID
///
/// Data type for pvData: Pointer to a null-terminated Unicode string. Returns a string containing a set of
/// L"<PUBKEY>/<BITLENGTH>" public key algorithm and bit length pairs. The semicolon, L";", is used as the delimiter.
/// The <PUBKEY> value identifies the CNG public key algorithm. The following algorithms are supported: An
/// <PUBKEY>/<BITLENGTH> pair is returned for each certificate in the CRL issuer chain excluding the leaf. This property
/// is only set when an OCSP response with an independent signer chain is converted to a CRL. The following is an example: : L"RSA/2048;RSA/4096"
///
///
/// -
/// CERT_ISSUER_CHAIN_SIGN_HASH_CNG_ALG_PROP_ID
///
/// Data type for pvData: Pointer to a null-terminated Unicode string. Returns a string that contains a set of
/// L"<SIGNATURE>/<HASH>" algorithm pairs. The semicolon, L";", is used as the delimiter between pairs. This property is
/// set only when an OCSP response is converted to a CRL. For a delegated OCSP signer certificate, only the algorithm pair for the
/// signer certificate is returned. For an independent OCSP signer certificate chain, an algorithm pair is returned for each
/// certificate in the chain excluding the root. The <SIGNATURE> value identifies the CNG public key algorithm. The following
/// algorithms are supported: The <HASH> value identifies the CNG hash algorithm. The following algorithms are supported: The
/// following shows an example:
///
///
/// -
/// CERT_ISSUER_PUB_KEY_BIT_LENGTH_PROP_ID
///
/// Data type for pvData: Pointer to a DWORD value. Returns the length, in bits, of the public key in the CRL issuer certificate.
/// This property is also applicable to an OCSP response that has been converted to a CRL. Windows 8 and Windows Server 2012:
/// Support for this property begins.
///
///
/// -
/// CERT_KEY_CONTEXT_PROP_ID
/// Data type for pvData: pointer to a CERT_KEY_CONTEXT Returns a CERT_KEY_CONTEXT structure.
///
/// -
/// CERT_KEY_IDENTIFIER_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array If nonexistent, searches for the szOID_SUBJECT_KEY_IDENTIFIER extension. If that
/// fails, a SHA1 hash is done on the certificate's SubjectPublicKeyInfo member to produce the identifier values.
///
///
/// -
/// CERT_KEY_PROV_HANDLE_PROP_ID
/// Data type for pvData: pointer to an HCRYPTPROV Returns the provider handle obtained from the CERT_KEY_CONTEXT_PROP_ID.
///
/// -
/// CERT_KEY_PROV_INFO_PROP_ID
/// Data type for pvData: pointer to a CRYPT_KEY_PROV_INFO Returns a pointer to a CRYPT_KEY_PROV_INFO.
///
/// -
/// CERT_KEY_SPEC_PROP_ID
///
/// Data type for pvData: pointer to a DWORD Returns a DWORD value specifying the private key obtained from CERT_KEY_CONTEXT_PROP_ID
/// property if it exists. Otherwise, if CERT_KEY_PROV_INFO_PROP_ID exists, it is the source of the dwKeySpec.
///
///
/// -
/// CERT_MD5_HASH_PROP_ID
/// Data type for pvData: pointer to a BYTE array Returns the MD5 hash. If the hash does not exist, it is computed using CryptHashCertificate.
///
/// -
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns the ASN.1 encoded CERT_ALT_NAME_INFO structure.
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID is currently used only with CTLs.
///
///
/// -
/// CERT_PVK_FILE_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns a null-terminated Unicode, wide character string specifying the file name
/// containing the private key associated with the certificate's public key.
///
///
/// -
/// CERT_SHA1_HASH_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns the SHA1 hash. If the hash does not exist, it is computed using CryptHashCertificate.
///
///
/// -
/// CERT_SIGN_HASH_CNG_ALG_PROP_ID
///
/// Data type of pvData: Pointer to a null-terminated Unicode string. Returns the L”<SIGNATURE>/<HASH>” string
/// representing the certificate signature. The <SIGNATURE> value identifies the CNG public key algorithm. The following
/// algorithms are supported: The <HASH> value identifies the CNG hash algorithm. The following algorithms are supported: The
/// following are common examples: This property is also applicable to an OCSP response that has been converted to a CRL. Windows 8
/// and Windows Server 2012: Support for this property begins.
///
///
/// -
/// CERT_SIGNATURE_HASH_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns the signature hash. If the hash does not exist, it is computed with
/// CryptHashToBeSigned. The length of the hash is 20 bytes for SHA and 16 for MD5.
///
///
///
///
/// For many property identifiers, pvData points to an array of bytes and not a CRYPT_DATA_BLOB as pointed to by the pvData
/// parameter in CertSetCRLContextProperty.
///
/// For more information about each property identifier, see the documentation on the dwPropId parameter in CertSetCertificateContextProperty.
///
///
///
/// A pointer to a buffer to receive the data as determined by dwPropId. Structures pointed to by members of a structure returned
/// are also returned following the base structure. Therefore, the size contained in pcbData often exceed the size of the base structure.
///
///
/// This parameter can be NULL to set the size of the information for memory allocation purposes. For more information, see
/// Retrieving Data of Unknown Length.
///
///
///
///
/// A pointer to a DWORD value specifying the size, in bytes, of the buffer pointed to by the pvData parameter. When the
/// function returns, the DWORD value contains the number of bytes to be stored in the buffer.
///
///
/// Note When processing the data returned in the buffer, applications must use the actual size of the data returned. The
/// actual size can be slightly smaller than the size of the buffer specified on input. (On input, buffer sizes are usually
/// specified large enough to ensure that the largest possible output data fits in the buffer.) On output, the variable pointed to
/// by this parameter is updated to reflect the actual size of the data copied to the buffer.
///
///
///
/// If the function succeeds, the return value is TRUE.
/// If the function fails, the return value is FALSE.
///
/// Note that errors from the called function CryptHashCertificate can be propagated to this function. For extended error
/// information, call GetLastError. Some possible error codes follow.
///
///
///
/// Return code
/// Description
///
/// -
/// CRYPT_E_NOT_FOUND
/// The CRL does not have the specified property.
///
/// -
/// ERROR_MORE_DATA
///
/// If the buffer specified by the pvData parameter is not large enough to hold the returned data, the function sets the
/// ERROR_MORE_DATA code and stores the required buffer size, in bytes, in the variable pointed to by pcbData.
///
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetcrlcontextproperty BOOL CertGetCRLContextProperty(
// PCCRL_CONTEXT pCrlContext, DWORD dwPropId, void *pvData, DWORD *pcbData );
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("wincrypt.h", MSDNShortId = "16c2cc06-28fd-42d9-a377-0df2eaeeae56")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CertGetCRLContextProperty([In] PCCRL_CONTEXT pCrlContext, CertPropId dwPropId, [In, Out] IntPtr pvData, ref uint pcbData);
/// The CertGetCTLContextProperty function retrieves an extended property of a certificate trust list (CTL) context.
/// A pointer to the CTL_CONTEXT structure.
///
///
/// Identifies the property to be retrieved. Currently defined identifiers and the data type to be returned in pvData are listed in
/// the following table.
///
///
///
/// Value
/// Meaning
///
/// -
/// CERT_ACCESS_STATE_PROP_ID
///
/// Data type for pvData: pointer to a DWORD Returns a DWORD value indicating whether write operations to the certificate are
/// persisted. The DWORD value is not set if the certificate is in a memory store or in a registry-based store that is opened as read-only.
///
///
/// -
/// CERT_ARCHIVED_PROP_ID
///
/// Data type for pvData: NULL Indicates the certificate is skipped during enumerations. A certificate with this property set is
/// found with explicit search operations, such as those used to find a certificate with a specific hash or a serial number. No data
/// in pvData is associated with this property.
///
///
/// -
/// CERT_AUTO_ENROLL_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns a null-terminated Unicode string naming the certificate type for which the
/// certificate has been auto enrolled.
///
///
/// -
/// CERT_CTL_USAGE_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns an array of bytes containing an Abstract Syntax Notation One (ASN.1)
/// encoded CTL_USAGE structure.
///
///
/// -
/// CERT_DESCRIPTION_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns the property displayed by the certificate UI. This property allows the
/// user to describe the certificate's use.
///
///
/// -
/// CERT_ENHKEY_USAGE_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns an array of bytes containing an ASN.1 encoded CERT_ENHKEY_USAGE structure.
///
///
/// -
/// CERT_FRIENDLY_NAME_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns a null-terminated Unicode character string that contains the display name
/// for the CTL.
///
///
/// -
/// CERT_HASH_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns the SHA1 hash. If the hash does not exist, it is computed using CryptHashCertificate.
///
///
/// -
/// CERT_KEY_CONTEXT_PROP_ID
/// Data type for pvData: pointer to a CERT_KEY_CONTEXT Returns a CERT_KEY_CONTEXT structure.
///
/// -
/// CERT_KEY_IDENTIFIER_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array If nonexistent, searches for the szOID_SUBJECT_KEY_IDENTIFIER extension. If that
/// fails, a SHA1 hash is done on the certificate's SubjectPublicKeyInfo member to produce the identifier values.
///
///
/// -
/// CERT_KEY_PROV_HANDLE_PROP_ID
/// Data type for pvData: pointer to an HCRYPTPROV Returns the provider handle obtained from the CERT_KEY_CONTEXT_PROP_ID.
///
/// -
/// CERT_KEY_PROV_INFO_PROP_ID
/// Data type for pvData: pointer to a CRYPT_KEY_PROV_INFO structure Returns a pointer to a CRYPT_KEY_PROV_INFO.
///
/// -
/// CERT_KEY_SPEC_PROP_ID
///
/// Data type for pvData: pointer to a DWORD Returns a DWORD value specifying the private key obtained from CERT_KEY_CONTEXT_PROP_ID
/// property if it exists. Otherwise, if CERT_KEY_PROV_INFO_PROP_ID exists, it is the source of the dwKeySpec.
///
///
/// -
/// CERT_MD5_HASH_PROP_ID
/// Data type for pvData: pointer to a BYTE array Returns the MD5 hash. If the hash does not exist, it is computed using CryptHashCertificate.
///
/// -
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns the ASN.1 encoded CERT_ALT_NAME_INFO structure.
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID is currently used only with CTLs.
///
///
/// -
/// CERT_PVK_FILE_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns a null-terminated Unicode, wide character string specifying the file name
/// containing the private key associated with the certificate's public key.
///
///
/// -
/// CERT_SHA1_HASH_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns the SHA1 hash. If the hash does not exist, it is computed using CryptHashCertificate.
///
///
/// -
/// CERT_SIGNATURE_HASH_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Returns the signature hash. If the hash does not exist, it is computed with
/// CryptHashToBeSigned. The length of the hash is 20 bytes for SHA and 16 for MD5.
///
///
///
///
/// For all other property identifiers, pvData points to an array of bytes and not a CRYPT_DATA_BLOB as pointed to by the pvData
/// parameter in CertSetCertificateContextProperty.
///
///
/// For more information about each property identifier, see the documentation on the dwPropId parameter in
/// CertSetCertificateContextProperty. CERT_SHA1_HASH_PROP_ID and CERT_NEXT_UPDATE_LOCATION_PROP_ID are the predefined properties of
/// most interest.
///
///
///
///
/// A pointer to a buffer to receive the data as determined by dwPropId. Structures pointed to by members of a structure returned
/// are also returned following the base structure. Therefore, the size contained in pcbData often exceed the size of the base structure.
///
///
/// This parameter can be NULL to set the size of the information for memory allocation purposes. For more information, see
/// Retrieving Data of Unknown Length.
///
///
///
///
/// A pointer to a DWORD value specifying the size, in bytes, of the buffer pointed to by the pvData parameter. When the
/// function returns, the DWORD value contains the number of bytes to be stored in the buffer.
///
///
/// Note When processing the data returned in the buffer, applications must use the actual size of the data returned. The
/// actual size can be slightly smaller than the size of the buffer specified on input. (On input, buffer sizes are usually
/// specified large enough to ensure that the largest possible output data fits in the buffer.) On output, the variable pointed to
/// by this parameter is updated to reflect the actual size of the data copied to the buffer.
///
///
///
/// If the function succeeds, the return value is TRUE.
/// If the function fails, the return value is FALSE.
///
/// Errors from the called function, CryptHashCertificate, can be propagated to this function. For extended error information, call GetLastError.
///
/// Some possible error codes follow.
///
///
/// Return code
/// Description
///
/// -
/// CRYPT_E_NOT_FOUND
/// The CTL does not have the specified property.
///
/// -
/// ERROR_MORE_DATA
///
/// If the buffer specified by the pvData parameter is not large enough to hold the returned data, the function sets the
/// ERROR_MORE_DATA code and stores the required buffer size, in bytes, in the variable pointed to by pcbData.
///
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetctlcontextproperty BOOL CertGetCTLContextProperty(
// PCCTL_CONTEXT pCtlContext, DWORD dwPropId, void *pvData, DWORD *pcbData );
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("wincrypt.h", MSDNShortId = "16e45fe1-2710-4fa1-82da-c298645d7379")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CertGetCTLContextProperty([In] PCCTL_CONTEXT pCtlContext, CertPropId dwPropId, [In, Out] IntPtr pvData, ref uint pcbData);
/// The CertSetCertificateContextProperty function sets an extended property for a specified certificate context.
/// A pointer to a CERT_CONTEXT structure.
///
///
/// The property to be set. The value of dwPropId determines the type and content of the pvData parameter. Currently defined
/// identifiers and their related pvData types are as follows.
///
/// Note CRYPT_HASH_BLOB and CRYPT_DATA_BLOB are described in the CRYPT_INTEGER_BLOB topic.
/// CERT_ACCESS_STATE_PROP_ID
/// Data type of pvData: A pointer to a DWORD value.
///
/// Returns a DWORD value that indicates whether write operations to the certificate are persisted. The DWORD value is
/// not set if the certificate is in a memory store or in a registry-based store that is opened as read-only.
///
/// CERT_AIA_URL_RETRIEVED_PROP_ID
/// This identifier is reserved.
/// CERT_ARCHIVED_KEY_HASH_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_HASH_BLOB structure.
/// This property saves an encrypted key hash for the certificate context.
/// CERT_ARCHIVED_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// Indicates that the certificate is skipped during enumerations. A certificate with this property set is still found with explicit
/// search operations, such as finding a certificate with a specific hash or a specific serial number. This property can be set to
/// the empty BLOB, .
///
/// CERT_AUTHORITY_INFO_ACCESS_PROP_ID
/// This identifier is reserved.
/// CERT_AUTO_ENROLL_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// A property that is set after a certificate has been enrolled by using Auto Enroll. The CRYPT_DATA_BLOB structure pointed to by
/// pvData includes a null-terminated Unicode name of the certificate type for which the certificate has been auto enrolled. Any
/// subsequent calls to Auto Enroll for the certificate checks for this property to determine whether the certificate has been enrolled.
///
/// CERT_AUTO_ENROLL_RETRY_PROP_ID
/// This identifier is reserved.
/// CERT_BACKED_UP_PROP_ID
/// This identifier is reserved.
/// CERT_CA_DISABLE_CRL_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// Disables certificate revocation list (CRL) retrieval for certificates used by the certification authority (CA). If the CA
/// certificate contains this property, it must also include the CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID property.
///
/// CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// Contains the list of online certificate status protocol (OCSP) URLs to use for certificates issued by the CA certificate. The
/// array contents are the Abstract Syntax Notation One (ASN.1)-encoded bytes of an X509_AUTHORITY_INFO_ACCESS structure
/// where pszAccessMethod is set to szOID_PKIX_OCSP.
///
/// CERT_CROSS_CERT_DIST_POINTS_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// Sets the location of the cross certificates. This value is only applicable to certificates and not to certificate revocation
/// lists (CRLs) or certificate trust lists (CTLs). The CRYPT_DATA_BLOB structure contains an Abstract Syntax Notation One
/// (ASN.1)-encoded CROSS_CERT_DIST_POINTS_INFO structure that is encoded by using the CryptEncodeObject function with a
/// X509_CROSS_CERT_DIST_POINTS value for the lpszStuctType parameter.
///
/// CERT_CTL_USAGE_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// The CRYPT_DATA_BLOB structure contains an ASN.1-encoded CTL_USAGE structure. This structure is encoded by using the
/// CryptEncodeObject function with the X509_ENHANCED_KEY_USAGE value set.
///
/// CERT_DATE_STAMP_PROP_ID
/// Data type of pvData: A pointer to a FILETIME structure.
/// This property sets the time that the certificate was added to the store.
/// CERT_DESCRIPTION_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// A property that is set and displayed by the certificate UI. This property allows the user to describe the certificate's use.
///
/// CERT_EFS_PROP_ID
/// This identifier is reserved.
/// CERT_ENHKEY_USAGE_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// A property that indicates that the pvData parameter points to a CRYPT_DATA_BLOB structure that contains an ASN.1-encoded
/// CERT_ENHKEY_USAGE structure. This structure is encoded by using the CryptEncodeObject function with the X509_ENHANCED_KEY_USAGE
/// value set.
///
/// CERT_ENROLLMENT_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// Enrollment information of the pending request that contains RequestID, CADNSName, CAName, and DisplayName. The data format is
/// defined as follows.
///
///
///
/// Bytes
/// Contents
///
/// -
/// First 4 bytes
/// Pending request ID
///
/// -
/// Next 4 bytes
///
/// CADNSName size, in characters, including the terminating null character, followed by CADNSName string with terminating null character
///
///
/// -
/// Next 4 bytes
///
/// CAName size, in characters, including the terminating null character, followed by CAName string with terminating null character
///
///
/// -
/// Next 4 bytes
///
/// DisplayName size, in characters, including the terminating null character, followed by DisplayName string with terminating null character
///
///
///
/// CERT_EXTENDED_ERROR_INFO_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// This property sets a string that contains extended error information for the certificate context.
/// CERT_FORTEZZA_DATA_PROP_ID
/// This identifier is reserved.
/// CERT_FRIENDLY_NAME_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// The CRYPT_DATA_BLOB structure contains the display name of the certificate.
/// CERT_HASH_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// This property is implicitly set by a call to the CertGetCertificateContextProperty function.
/// CERT_HCRYPTPROV_OR_NCRYPT_KEY_HANDLE_PROP_ID
/// Data type of pvData: A pointer to an HCRYPTPROV_OR_NCRYPT_KEY_HANDLE data type.
///
/// This property calls NCryptIsKeyHandle to determine whether this is an NCRYPT_KEY_HANDLE. For an NCRYPT_KEY_HANDLE,
/// sets CERT_NCRYPT_KEY_HANDLE_PROP_ID; otherwise, it sets CERT_KEY_PROV_HANDLE_PROP_ID.
///
/// CERT_HCRYPTPROV_TRANSFER_PROP_ID
/// Sets the handle of the CAPI key associated with the certificate.
/// CERT_IE30_RESERVED_PROP_ID
/// This identifier is reserved.
/// CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// This property sets the MD5 hash of the public key associated with the private key used to sign this certificate.
/// CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// The CRYPT_DATA_BLOB structure contains the MD5 hash of the issuer name and serial number from this certificate.
/// CERT_KEY_CONTEXT_PROP_ID
/// Data type of pvData: A pointer to a CERT_KEY_CONTEXT structure.
///
/// The structure specifies the certificate's private key. It contains both the HCRYPTPROV and key specification for the private
/// key. For more information about the hCryptProv member and dwFlags settings, see CERT_KEY_PROV_HANDLE_PROP_ID, later in
/// this topic.
///
///
/// Note More CERT_KEY_CONTEXT structure members can be added for this property. If so, the cbSize member value will
/// be adjusted accordingly. The cbSize member must be set to the size of the CERT_KEY_CONTEXT structure.
///
/// CERT_KEY_IDENTIFIER_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// This property is typically implicitly set by a call to the CertGetCertificateContextProperty function.
/// CERT_KEY_PROV_HANDLE_PROP_ID
/// Data type of pvData: A HCRYPTPROV value.
///
/// The HCRYPTPROV handle for the certificate's private key is set. The hCryptProv member of the CERT_KEY_CONTEXT structure
/// is updated if it exists. If it does not exist, it is created with dwKeySpec and initialized by
/// CERT_KEY_PROV_INFO_PROP_ID. If CERT_STORE_NO_CRYPT_RELEASE_FLAG is not set, the hCryptProv value is implicitly released
/// either when the property is set to NULL or on the final freeing of the CERT_CONTEXT structure.
///
/// CERT_KEY_PROV_INFO_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_KEY_PROV_INFO structure.
/// The structure specifies the certificate's private key.
/// CERT_KEY_SPEC_PROP_ID
/// Data type of pvData: A pointer to a DWORD value.
///
/// The DWORD value that specifies the private key. The dwKeySpec member of the CERT_KEY_CONTEXT structure is updated
/// if it exists. If it does not, it is created with hCryptProv set to zero.
///
/// CERT_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_HASH_BLOB structure.
/// This property is implicitly set by a call to the CertGetCertificateContextProperty function.
/// CERT_NCRYPT_KEY_HANDLE_PROP_ID
/// Data type of pvData: A pointer to an NCRYPT_KEY_HANDLE data type.
/// This property sets the NCRYPT_KEY_HANDLE for the certificate private key and sets the dwKeySpec to CERT_NCRYPT_KEY_SPEC.
/// CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID
/// Sets the handle of the CNG key associated with the certificate.
/// CERT_NEW_KEY_PROP_ID
/// This identifier is reserved.
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// The CRYPT_DATA_BLOB structure contains an ASN.1-encoded CERT_ALT_NAME_INFO structure that is encoded by using the
/// CryptEncodeObject function with the X509_ALTERNATE_NAME value set.
///
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID is currently used only with CTLs.
/// CERT_NO_AUTO_EXPIRE_CHECK_PROP_ID
/// This identifier is reserved.
/// CERT_OCSP_CACHE_PREFIX_PROP_ID
/// This identifier is reserved.
/// CERT_OCSP_RESPONSE_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// This property sets the encoded online certificate status protocol (OCSP) response from a CERT_SERVER_OCSP_RESPONSE_CONTEXT for
/// this certificate.
///
/// CERT_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID
/// Data type of pvData: Pointer to a CRYPT_DATA_BLOB structure.
/// This property is implicitly set by calling the CertGetCertificateContextProperty function.
///
/// Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This
/// identifier is not supported.
///
/// CERT_PUBKEY_ALG_PARA_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// This property is used with public keys that support algorithm parameter inheritance. The data BLOB contains the ASN.1-encoded
/// PublicKey Algorithm parameters. For DSS, these are parameters encoded by using the CryptEncodeObject function. This is used only
/// if CMS_PKCS7 is defined.
///
/// CERT_PUBKEY_HASH_RESERVED_PROP_ID
/// This identifier is reserved.
/// CERT_PVK_FILE_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// The CRYPT_DATA_BLOB structure specifies the name of a file that contains the private key associated with the certificate's
/// public key. Inside the CRYPT_DATA_BLOB structure, the pbData member is a pointer to a null-terminated Unicode
/// wide-character string, and the cbData member indicates the length of the string.
///
/// CERT_RENEWAL_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// This property specifies the hash of the renewed certificate.
/// CERT_REQUEST_ORIGINATOR_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// The CRYPT_DATA_BLOB structure contains a null-terminated Unicode string that contains the DNS computer name for the origination
/// of the certificate context request.
///
/// CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// Returns a pointer to an encoded CERT_POLICIES_INFO structure that contains the application policies of the root certificate for
/// the context. This property can be decoded by using the CryptDecodeObject function with the lpszStructType parameter set to
/// X509_CERT_POLICIES and the dwCertEncodingType parameter set to a combination of X509_ASN_ENCODING bitwise ORPKCS_7_ASN_ENCODING.
///
/// CERT_ROOT_PROGRAM_NAME_CONSTRAINTS_PROP_ID
/// This identifier is reserved.
/// CERT_SIGN_HASH_CNG_ALG_PROP_ID
/// Data type of pvData: Pointer to a CRYPT_DATA_BLOB structure.
/// This property is implicitly set by calling the CertGetCertificateContextProperty function.
///
/// Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This
/// identifier is not supported.
///
/// CERT_SHA1_HASH_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_HASH_BLOB structure.
/// This property is implicitly set by a call to the CertGetCertificateContextProperty function.
/// CERT_SIGNATURE_HASH_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_HASH_BLOB structure.
///
/// If a signature hash does not exist, it is computed by using the CryptHashToBeSigned function. pvData points to an existing or
/// computed hash. Usually, the length of the hash is 20 bytes for SHA and 16 for MD5.
///
/// CERT_SMART_CARD_DATA_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// This property sets the smart card data property of a smart card certificate context.
/// CERT_SMART_CARD_ROOT_INFO_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// This property sets the information property of a smart card root certificate context.
/// CERT_SOURCE_LOCATION_PROP_ID
/// This identifier is reserved.
/// CERT_SOURCE_URL_PROP_ID
/// This identifier is reserved.
/// CERT_SUBJECT_DISABLE_CRL_PROP_ID
/// This identifier is reserved.
/// CERT_SUBJECT_INFO_ACCESS_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
///
/// This property sets the subject information access extension of the certificate context as an encoded CERT_SUBJECT_INFO_ACCESS structure.
///
/// CERT_SUBJECT_NAME_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// Returns an MD5 hash of the encoded subject name of the certificate context.
/// CERT_SUBJECT_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID
/// This identifier is reserved.
/// CERT_SUBJECT_PUB_KEY_BIT_LENGTH_PROP_ID
/// Data type of pvData: Pointer to a CRYPT_DATA_BLOB structure.
/// This property is implicitly set by calling the CertGetCertificateContextProperty function.
///
/// Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This
/// identifier is not supported.
///
/// CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID
/// Data type of pvData: A pointer to a CRYPT_DATA_BLOB structure.
/// This property sets the MD5 hash of this certificate's public key.
/// pvData is a pointer to a CRYPT_DATA_BLOB structure.
///
/// The user can define additional dwPropId types by using DWORD values from CERT_FIRST_USER_PROP_ID to
/// CERT_LAST_USER_PROP_ID. For all user-defined dwPropId types, pvData points to an encoded CRYPT_DATA_BLOB structure.
///
///
///
///
/// CERT_STORE_NO_CRYPT_RELEASE_FLAG can be set for the CERT_KEY_PROV_HANDLE_PROP_ID or CERT_KEY_CONTEXT_PROP_ID dwPropId properties.
///
///
/// If the CERT_SET_PROPERTY_IGNORE_PERSIST_ERROR_FLAG value is set, any provider-write errors are ignored and the cached context's
/// properties are always set.
///
/// If CERT_SET_PROPERTY_INHIBIT_PERSIST_FLAG is set, any context property set is not persisted.
///
///
/// A pointer to a data type determined by the value of dwPropId.
/// Note For any dwPropId, setting pvData to NULL deletes the property.
///
///
/// If the function succeeds, the function returns TRUE.
///
/// If the function fails, the function returns FALSE. For extended error information, call GetLastError. One possible error
/// code is the following.
///
///
///
/// Return code
/// Description
///
/// -
/// E_INVALIDARG
///
/// The property is not valid. The identifier specified was greater than 0x0000FFFF, or, for the CERT_KEY_CONTEXT_PROP_ID property,
/// a cbSize member that is not valid was specified in the CERT_KEY_CONTEXT structure.
///
///
///
///
///
/// If a property already exists, its old value is replaced.
///
/// Your code can use a macro to evaluate the class of hash for a certificate context. The Wincrypt.h header defines the following
/// macros for this purpose. These macros are used internally by the CertSetCertificateContextProperty function.
///
///
/// IS_CERT_HASH_PROP_ID(X)IS_PUBKEY_HASH_PROP_ID(X)IS_CHAIN_HASH_PROP_ID(X) Each macro takes the dwPropId (X)
/// value as input and evaluates to a Boolean value. The following table shows the dwPropId values that evaluate to TRUE for
/// each macro.
///
///
///
/// Macro
/// Evaluates to TRUE if dwPropId is
///
/// -
/// IS_CERT_HASH_PROP_ID(dwPropId)
/// CERT_SHA1_HASH_PROP_ID, CERT_MD5_HASH_PROP_ID, or CERT_SIGNATURE_HASH_PROP_ID
///
/// -
/// IS_PUBKEY_HASH_PROP_ID(dwPropId)
/// CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID or CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID
///
/// -
/// IS_CHAIN_HASH_PROP_ID(dwPropId)
///
/// CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID, CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID, CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID,
/// or CERT_SUBJECT_NAME_MD5_HASH_PROP_ID
///
///
///
///
/// The IS_STRONG_SIGN_PROP_ID(x) macro evaluates to TRUE if the CERT_SIGN_HASH_CNG_ALG_PROP_ID,
/// CERT_SUBJECT_PUB_KEY_BIT_LENGTH_PROP_ID, or CERT_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID properties are set in the
/// dwPropId parameter.
///
/// Examples
/// For an example that uses this function, see Example C Program: Getting and Setting Certificate Properties.
///
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certsetcertificatecontextproperty BOOL
// CertSetCertificateContextProperty( PCCERT_CONTEXT pCertContext, DWORD dwPropId, DWORD dwFlags, const void *pvData );
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("wincrypt.h", MSDNShortId = "b4a0c66d-997f-49cb-935a-9187320037f1")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CertSetCertificateContextProperty([In] PCCERT_CONTEXT pCertContext, CertPropId dwPropId, uint dwFlags, [In, Optional] IntPtr pvData);
///
/// The CertSetCRLContextProperty function sets an extended property for the specified certificate revocation list (CRL) context.
///
/// A pointer to the CRL_CONTEXT structure.
///
///
/// Identifies the property to be set. The value of dwPropId determines the type and content of the pvData parameter. Currently
/// defined identifiers and the data type to be returned in pvData are listed in the following table.
///
/// Usually, only the following properties are set:
///
/// -
/// CERT_HASH_PROP_ID
///
/// -
/// CERT_SHA1_HASH_PROP_ID
///
/// -
/// CERT_MD5_HASH_PROP_ID
///
/// -
/// CERT_SIGNATURE_HASH_PROP_ID
///
///
///
///
/// Value
/// Meaning
///
/// -
/// CERT_ACCESS_STATE_PROP_ID
///
/// Data type for pvData: pointer to a DWORD Sets a DWORD value indicating whether write operations to the certificate are
/// persisted. The DWORD value is not set if the certificate is in a memory store or in a registry-based store that is opened as read-only.
///
///
/// -
/// CERT_ARCHIVED_PROP_ID
///
/// Data type for pvData: NULL Indicates the certificate is skipped during enumerations. A certificate with this property set is
/// found with explicit search operations, such as those used to find a certificate with a specific hash or a serial number. No data
/// in pvData is associated with this property.
///
///
/// -
/// CERT_AUTO_ENROLL_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Sets a null-terminated Unicode string naming the certificate type for which the
/// certificate has been auto enrolled.
///
///
/// -
/// CERT_CTL_USAGE_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Sets an array of bytes containing an Abstract Syntax Notation One (ASN.1) encoded
/// CTL_USAGE structure.
///
///
/// -
/// CERT_DESCRIPTION_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Sets the property displayed by the certificate UI. This property allows the user
/// to describe the certificate's use.
///
///
/// -
/// CERT_ENHKEY_USAGE_PROP_ID
/// Data type for pvData: Sets an array of bytes containing an ASN.1 encoded CERT_ENHKEY_USAGE structure.
///
/// -
/// CERT_FRIENDLY_NAME_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Sets a null-terminated Unicode character string that contains the display name for
/// the CRL.
///
///
/// -
/// CERT_ISSUER_CHAIN_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID
///
/// Data type for pvData: Pointer to a CRYPT_DATA_BLOB structure. Sets a string containing a set of
/// L"<PUBKEY>/<BITLENGTH>" public key algorithm and bit length pairs. The semicolon, L";", is used as the delimiter.
/// The <PUBKEY> value identifies the CNG public key algorithm. The following algorithms are supported: A
/// <PUBKEY>/<BITLENGTH> pair is set for each certificate in the CRL issuer chain excluding the leaf. This property can
/// be set when an OCSP response with an independent signer chain is converted to a CRL. The following is an example: : L"RSA/2048;RSA/4096"
///
///
/// -
/// CERT_ISSUER_CHAIN_SIGN_HASH_CNG_ALG_PROP_ID
///
/// Data type for pvData: Pointer to a CRYPT_DATA_BLOB structure. Sets a string that contains a set of
/// L"<SIGNATURE>/<HASH>" algorithm pairs. The semicolon, L";", is used as the delimiter between pairs. This property is
/// set only when an OCSP response is converted to a CRL. For a delegated OCSP signer certificate, only the algorithm pair for the
/// signer certificate is returned. For an independent OCSP signer certificate chain, an algorithm pair is returned for each
/// certificate in the chain excluding the root. The <SIGNATURE> value identifies the CNG public key algorithm. The following
/// algorithms are supported: The <HASH> value identifies the CNG hash algorithm. The following algorithms are supported: The
/// following is an example: This property is explicitly set by the verify revocation functions.
///
///
/// -
/// CERT_ISSUER_PUB_KEY_BIT_LENGTH_PROP_ID
///
/// Data type for pvData: Pointer to a CRYPT_DATA_BLOB structure. Sets the length, in bits, of the public key in the CRL issuer
/// certificate. This property is also applicable to an OCSP that has been converted to a CRL. This property is explicitly set by
/// the verify revocation functions. Windows 8 and Windows Server 2012: Support for this property begins.
///
///
/// -
/// CERT_KEY_CONTEXT_PROP_ID
/// Data type for pvData: pointer to a CERT_KEY_CONTEXT Sets a CERT_KEY_CONTEXT structure.
///
/// -
/// CERT_KEY_IDENTIFIER_PROP_ID
/// Data type for pvData: pointer to a BYTE array
///
/// -
/// CERT_KEY_PROV_HANDLE_PROP_ID
/// Data type for pvData: pointer to an HCRYPTPROV Sets the provider handle obtained from the CERT_KEY_CONTEXT_PROP_ID.
///
/// -
/// CERT_KEY_PROV_INFO_PROP_ID
/// Data type for pvData: pointer to a CRYPT_KEY_PROV_INFO Sets a pointer to a CRYPT_KEY_PROV_INFO structure.
///
/// -
/// CERT_KEY_SPEC_PROP_ID
///
/// Data type for pvData: pointer to a DWORD Sets a DWORD value specifying the private key obtained from CERT_KEY_CONTEXT_PROP_ID
/// property if it exists. Otherwise, if CERT_KEY_PROV_INFO_PROP_ID exists, it is the source of the dwKeySpec.
///
///
/// -
/// CERT_MD5_HASH_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Sets the MD5 hash. You can compute the hash by using the CryptHashCertificate function.
///
///
/// -
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID
/// Data type for pvData: pointer to a BYTE array Sets the ASN.1 encoded CERT_ALT_NAME_INFO structure on a CTL.
///
/// -
/// CERT_PVK_FILE_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Sets a null-terminated Unicode, wide character string specifying the name of the
/// file that contains the private key associated with the certificate's public key.
///
///
/// -
/// CERT_SHA1_HASH_PROP_ID
/// Data type for pvData: pointer to a BYTE array Sets the SHA1 hash. You can compute the hash by using CryptHashCertificate.
///
/// -
/// CERT_SIGN_HASH_CNG_ALG_PROP_ID
///
/// Data type of pvData: Pointer to a CRYPT_DATA_BLOB structure. Sets the L”<SIGNATURE>/<HASH>” string representing the
/// certificate signature. The <SIGNATURE> value identifies the CNG public key algorithm. The following algorithms are
/// supported: The <HASH> value identifies the CNG hash algorithm. The following algorithms are supported: The following are
/// common examples: This property is also applicable to an OCSP response that has been converted to a CRL. This property is
/// explicitly set by the verify revocation functions. Windows 8 and Windows Server 2012: Support for this property begins.
///
///
/// -
/// CERT_SIGNATURE_HASH_PROP_ID
///
/// Data type for pvData: pointer to a BYTE array Sets the signature hash. If the hash does not exist, it is computed with
/// CryptHashToBeSigned. The length of the hash is 20 bytes for SHA and 16 for MD5.
///
///
///
///
/// The user can define additional dwPropId types by using DWORD values from CERT_FIRST_USER_PROP_ID to
/// CERT_LAST_USER_PROP_ID. For all user-defined dwPropId types, pvData points to an encoded CRYPT_DATA_BLOB.
///
/// For all the other property identifiers, pvData points to an encoded CRYPT_DATA_BLOB structure.
///
///
///
/// CERT_STORE_NO_CRYPT_RELEASE_FLAG can be set for the CERT_KEY_PROV_HANDLE_PROP_ID or CERT_KEY_CONTEXT_PROP_ID dwPropId properties.
///
///
/// If the CERT_SET_PROPERTY_IGNORE_PERSIST_ERROR_FLAG value is set, any provider-write errors are ignored and the cached context's
/// properties are always set.
///
/// If the CERT_SET_PROPERTY_INHIBIT_PERSIST_FLAG is set, any property set is not persisted.
///
///
/// A pointer to a data type that is determined by the value passed in dwPropId.
/// Note For any dwPropId, setting pvData to NULL deletes the property.
///
///
/// If the function succeeds, the return value is TRUE.
///
/// If the function fails, the return value is FALSE. For extended error information, call GetLastError. One possible error
/// code is the following.
///
///
///
/// Return code
/// Description
///
/// -
/// E_INVALIDARG
///
/// The property is not valid. The identifier specified was greater than 0x0000FFFF, or, for the CERT_KEY_CONTEXT_PROP_ID property,
/// a cbSize member that is not valid was specified in the CERT_KEY_CONTEXT structure.
///
///
///
///
///
/// If a property already exists, its old value is replaced.
/// Examples
/// For an example that uses this function, see Example C Program: Getting and Setting Certificate Properties.
///
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certsetcrlcontextproperty BOOL CertSetCRLContextProperty(
// PCCRL_CONTEXT pCrlContext, DWORD dwPropId, DWORD dwFlags, const void *pvData );
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("wincrypt.h", MSDNShortId = "7e4a0a39-ce55-4171-9b66-31c1c28d895f")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CertSetCRLContextProperty([In] PCCRL_CONTEXT pCrlContext, CertPropId dwPropId, uint dwFlags, [In, Optional] IntPtr pvData);
///
/// The CertSetCTLContextProperty function sets an extended property for the specified certificate trust list (CTL) context.
///
/// A pointer to the CTL_CONTEXT structure.
///
///
/// Identifies the property to be set. The value of dwPropId determines the type and content of the pvData parameter. Currently
/// defined identifiers and their related pvData types are as follows.
///
///
///
/// Value
/// Meaning
///
/// -
/// CERT_ARCHIVED_PROP_ID
///
/// Data type of pvData: NULL Indicates the certificate is skipped during enumerations. A certificate with this property set is
/// still found with explicit search operations—such as finding a certificate with a specific hash or a specific serial number.
///
///
/// -
/// CERT_AUTO_ENROLL_PROP_ID
///
/// Data type of pvData: pointer to a CRYPT_DATA_BLOB Property set after a certificate has been enrolled using Auto Enroll. The
/// CRYPT_DATA_BLOB structure pointed to by pvData includes a null-terminated, Unicode name of the certificate type for which the
/// certificates has been auto enrolled. Any subsequent calls to Auto Enroll for the certificate checks for this property to
/// determine whether the certificate has been enrolled.
///
///
/// -
/// CERT_CTL_USAGE_PROP_ID
///
/// Data type of pvData: pointer to a CRYPT_DATA_BLOB pvData points to a CRYPT_DATA_BLOB structure containing an Abstract Syntax
/// Notation One (ASN.1) encoded CTL_USAGE structure. This structure was encoded using CryptEncodeObject with
/// X509_ENHANCED_KEY_USAGE value set.
///
///
/// -
/// CERT_DESCRIPTION_PROP_ID
///
/// Data type of pvData: pointer to a CRYPT_DATA_BLOB Property set and displayed by the certificate UI. This property allows the
/// user to describe the certificate's use.
///
///
/// -
/// CERT_ENHKEY_USAGE_PROP_ID
///
/// Data type of pvData: pointer to a CRYPT_DATA_BLOB The CRYPT_DATA_BLOB structure containing an ASN.1 encoded CERT_ENHKEY_USAGE
/// structure. This structure was encoded using CryptEncodeObject with X509_ENHANCED_KEY_USAGE value set.
///
///
/// -
/// CERT_FRIENDLY_NAME_PROP_ID
/// Data type of pvData: pointer to a CRYPT_DATA_BLOB The CRYPT_DATA_BLOB structure specifies the display name of the certificate.
///
/// -
/// CERT_HASH_PROP_ID
/// Data type of pvData: pointer to a CRYPT_HASH_BLOB This property is implicitly set by a call to CertGetCertificateContextProperty.
///
/// -
/// CERT_KEY_CONTEXT_PROP_ID
///
/// Data type of pvData: pointer to a CERT_KEY_CONTEXT The CERT_KEY_CONTEXT structure contains both the HCRYPTPROV value and the key
/// specification for the private key. For more information about the hCryptProv member and dwFlags settings, see
/// CERT_KEY_PROV_HANDLE_PROP_ID, following. Note that more CERT_KEY_CONTEXT structure members can be added for this property. If
/// so, the cbSize member value will be adjusted accordingly. The cbSize member must be set to the size of the CERT_KEY_CONTEXT structure
///
///
/// -
/// CERT_KEY_IDENTIFIER_PROP_ID
/// Data type of pvData: pointer to a CRYPT_DATA_BLOB This property is typically implicitly set by a call to CertGetCertificateContextProperty.
///
/// -
/// CERT_KEY_PROV_HANDLE_PROP_ID
///
/// Data type of pvData: pointer to a HCRYPTPROV An HCRYPTPROV handle for the certificate's private key is passed. The hCryptProv
/// member of the CERT_KEY_CONTEXT structure is updated if it exists. If it does not exist, it is created with dwKeySpec initialized
/// by CERT_KEY_PROV_INFO_PROP_ID. If CERT_STORE_NO_CRYPT_RELEASE_FLAG is not set, the hCryptProv value is implicitly released
/// either when the property is set to NULL or on the final freeing of the CERT_CONTEXT structure.
///
///
/// -
/// CERT_KEY_PROV_INFO_PROP_ID
///
/// Data type of pvData: pointer to a CRYPT_KEY_PROV_INFO The CRYPT_KEY_PROV_INFO structure specifies the certificate's private key.
///
///
/// -
/// CERT_KEY_SPEC_PROP_ID
///
/// Data type of pvData: pointer to a DWORD The DWORD value specifies the private key. The dwKeySpec member of the CERT_KEY_CONTEXT
/// structure is updated if it exists. If it does not, it is created with hCryptProv set to zero.
///
///
/// -
/// CERT_MD5_HASH_PROP_ID
/// Data type of pvData: pointer to a CRYPT_HASH_BLOB This property is implicitly set by a call to CertGetCertificateContextProperty.
///
/// -
/// CERT_NEXT_UPDATE_LOCATION_PROP_ID
///
/// Data type of pvData: pointer to a CRYPT_DATA_BLOB The CRYPT_DATA_BLOB structure contains an ASN.1 encoded CERT_ALT_NAME_INFO
/// structure encoded using CryptEncodeObject with the X509_ALTERNATE_NAME value set. CERT_NEXT_UPDATE_LOCATION_PROP_ID is currently
/// used only with CTLs.
///
///
/// -
/// CERT_PVK_FILE_PROP_ID
///
/// Data type of pvData: pointer to a CRYPT_DATA_BLOB The CRYPT_DATA_BLOB structure specifies the name of a file containing the
/// private key associated with the certificate's public key. Inside the CRYPT_DATA_BLOB structure, the pbData member is a pointer
/// to a null-terminated Unicode, wide-character string, and the cbData member indicates the length of the string.
///
///
/// -
/// CERT_SHA1_HASH_PROP_ID
/// Data type of pvData: pointer to a CRYPT_HASH_BLOB This property is implicitly set by a call to CertGetCertificateContextProperty.
///
/// -
/// CERT_SIGNATURE_HASH_PROP_ID CRYPT_HASH_BLOB
///
/// Data type of pvData: pointer to a CRYPT_HASH_BLOB If a signature hash does not exist, it is computed with CryptHashToBeSigned.
/// pvData points to an existing or computed hash. Usually, the length of the hash is 20 bytes for SHA and 16 for MD5.
///
///
///
/// Typically, only the CERT_NEXT_UPDATE_LOCATION_PROP_ID property is set.
///
/// Additional dwPropId types can be defined by the user using DWORD values from CERT_FIRST_USER_PROP_ID to
/// CERT_LAST_USER_PROP_ID. For all user-defined dwPropId types, pvData points to an encoded CRYPT_DATA_BLOB structure.
///
///
///
///
/// CERT_STORE_NO_CRYPT_RELEASE_FLAG can be set for the CERT_KEY_PROV_HANDLE_PROP_ID or CERT_KEY_CONTEXT_PROP_ID dwPropId properties.
///
///
/// If the CERT_SET_PROPERTY_IGNORE_PERSIST_ERROR_FLAG value is set, any provider-write errors are ignored and the cached context's
/// properties are always set.
///
/// If CERT_SET_PROPERTY_INHIBIT_PERSIST_FLAG is set, any property set is not persisted.
///
///
/// A pointer to a data type that is determined by the value passed in dwPropId.
/// Note For any dwPropId, setting pvData to NULL deletes the property.
///
///
/// If the function succeeds, the return value is TRUE.
///
/// If the function fails, the return value is FALSE. For extended error information, call GetLastError. One possible error
/// code is the following.
///
///
///
/// Return code
/// Description
///
/// -
/// E_INVALIDARG
/// Invalid property identifier. For details, see CertSetCertificateContextProperty.
///
///
///
///
/// If a property already exists, its old value is replaced.
/// Examples
/// See Example C Program: Getting and Setting Certificate Properties.
///
// https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certsetctlcontextproperty BOOL CertSetCTLContextProperty(
// PCCTL_CONTEXT pCtlContext, DWORD dwPropId, DWORD dwFlags, const void *pvData );
[DllImport(Lib.Crypt32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("wincrypt.h", MSDNShortId = "3af01ca6-6fa1-4510-872a-b5e13e07f49f")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CertSetCTLContextProperty([In] PCCTL_CONTEXT pCtlContext, CertPropId dwPropId, uint dwFlags, [In, Optional] IntPtr pvData);
}
}