AspEncrypt.com - Object Reference: CryptoCert

Main Menu:	Home \| Tasks \| Object Reference \| Crypto 101 \| FAQ \| Download & Buy \| Clients \| Live Demo \| Contact
Navigator:	Home \| Object Reference \| CryptoCert Object

CryptoCert Object

The CryptoCert object represents a X.509 digital certificate. For more information on how to use the properties and methods described below, see the task Manage Certificates and Certificate Stores.

Properties Methods

Issuer
Subject
NotBefore
NotAfter
PrivateKeyExists
PrivateKeyContext
IssuerCert
PublicKey
PublicKeyLength
SerialNumber
SignatureAlgID
SignatureAlgorithm
StoreName
Version
Sha1Hash
KeyUsage
BasicConstraints
VerifySignature
ExportToFile
ExportToFilePKCS7
ExportToPFX
SetPrivateKeyContext
TransferToLocalMachine

CryptoCert Properties

Issuer As CryptoName (Read-Only)

Returns the certificate's issuer information in the form of a CryptoName object.

Subject As CryptoName (Read-Only)

Returns the certificate's subject information in the form of a CryptoName object.

NotBefore As Date (Read-Only)

Returns a date which marks the beginning of this certificate's validity period.

NotAfter As Date (Read-Only)

Returns a date which marks the end of this certificate's validity period.

PrivateKeyExists As Boolean (Read-Only)

Returns True is this certificate has an associated private key installed on this machine.

PrivateKeyContext As CryptoContext (Read-Only)

If this certificate has an associated private key installed on this machine, this property returns the corresponding CryptoContext object. Otherwise it returns Nothing.
For a usage sample, see the file Samples\issue_certs\SignedCert.asp of the installation.

IssuerCert As CryptoCert (Read-Only)

Returns a CryptoCert object representing this certificate's issuer certificate. It looks for an issuer certificate in the stores MY, CA, ROOT, TRUST, REQUEST, and ADDRESSBOOK, in this order. If no certificate can be found, of this certificate is a self-signed one, this property returns Nothing. You can use this property to reconstruct a certificate's certification path.
For a usage sample, see the file Samples\cert_stores\CertProp.asp of the installation.

PublicKey As CryptoBlob (Read-Only)

Returns a blob containing this certificate's public key in a DER-encoded form.

PublicKeyLength As Long (Read-Only)

Returns the bit size of this certificate's public key.

SerialNumber As String (Read-Only)

Returns this certificate's serial number in the form of a Hex-encoded string.

SignatureAlgID As CryptoAlgorithms (Read-Only)

Returns this certificate's signature algorithm. Can be one of the following values: calgMD2, calgMD4, calgMD5 or calgSHA.

SignatureAlgorithm As String (Read-Only)

Returns this certificate's signature algorithm Object Identifier string. Can be one of the following values: "1.2.840.113549.2.2" (MD2), "1.2.840.113549.2.4" (MD4), "1.2.840.113549.2.5" (MD5) or "1.2.840.113549.1.1.5" (SHA).

StoreName As String (Read-Only)

Returns this certificate's store name. This property is only meaningful if this certificate object was obtained using CryptoStore's Certificates collection. Otherwise it returns an empty string.

Version As Long (Read-Only)

Returns this certificate's version (1, 2, or 3).

Sha1Hash As CryptoBlob (Read-Only)

Returns this certificate's SHA1 hash value in the form of a blob object.

KeyUsage As Integer (Read-Only)

Returns a combination of flags designating the intended usage of this certificate's key. Currently, the following flags are defined:
&H10 (CERT_DATA_ENCIPHERMENT_KEY_USAGE)
&H80 (CERT_DIGITAL_SIGNATURE_KEY_USAGE)
&H08 (CERT_KEY_AGREEMENT_KEY_USAGE)
&H04 (CERT_KEY_CERT_SIGN_KEY_USAGE)
&H20 (CERT_KEY_ENCIPHERMENT_KEY_USAGE)
&H40 (CERT_NON_REPUDIATION_KEY_USAGE)
&H02 (CERT_OFFLINE_CRL_SIGN_KEY_USAGE)

BasicConstraints As Integer (Read-Only)

Returns a combination of flags indicating whether the certificate can act as a certification authority, an end-entity, or both. The following flags are defined:
&H80 (CERT_CA_SUBJECT_FLAG)
&H40 (CERT_END_ENTITY_SUBJECT_FLAG)

CryptoCert Methods

Function VerifySignature ( IssuerCert As CryptoCert ) As Boolean
Verifies this certificate's signature against IssuerCert's public key. Returns True if verification succeeds or False otherwise.
Use this method to verify that the certificate is really issued by who it claims it is.
Usage:
If Not Cert.VerifySignature( IssuerCert ) Then ...

Sub ExportToFile ( Path As String, Base64 As Boolean )
Exports the certificate to a file in the DER-encoded X.509 format (.cer). If Base64 is True the file will be in the Base64-encoded form.
Usage:
Cert.ExportToFile "c:\mycert.cer", False

Sub ExportToFilePKCS7 ( Path As String, IncludePath As Boolean )
Exports the certificate to a file in the PKCS#7 format (.spc). If IncludePath is True all certificates in the certification path will be exported to that file as well.
Usage:
Cert.ExportToFilePKCS7 "c:\mycert.spc", True
Related Task: Issue Certificates.

Sub ExportToPFX ( Path As String, Password As String )
Exports the certificate to a file in the PKCS#12 format (.pfx, or .p12) along with its private key encrypted with a user-defined Password.
Usage:
Cert.ExportToPFX "c:\mycert.pfx", "secret word"
Related Task: Issue Certificates.

Sub SetPrivateKeyContext ( Context As CryptoContext )
Set a certificate's private key context to Context. This method may be useful when transferring certificates and their corresponding private keys to a different machine.
Usage:
Cert.SetPrivateKeyContext Context
Related Task: Manage Certificates and Certificate Stores.

Sub TransferToLocalMachine ( Store As String )
Copies this certificate from a HKEY_CURRENT_USER-based store to the specified HKEY_LOCAL_MACHINE-based store together with its private key. This may be necessary to use a certificate to send signed email using AspEmail in an ASP environment.
A VB sample application that uses this method can be found in the directory \Samples\cert_stores\CertMover of the installation.
Usage:
Cert.TransferToLocalMachine "MY"
Related Tasks: Manage Certificates and Certificate Stores, Send Secure Mail


	Search this Site