Persits Software, Inc. Web Site
Main Menu:  Home |  News |  Manual |  Object Reference |  Crypto 101 |  Download & Buy |  Live Demo |  Support |  Contact
 Navigator:  Home |  Object Reference |  CryptoCert Object
CryptoCrl CryptoMessage
  CryptoCert Object
The CryptoCert object represents a X.509 digital certificate.

Properties Methods
BasicConstraints
Issuer
IssuerCert
KeyUsage
NotAfter
NotBefore
PrivateKeyContext
PrivateKeyExists
PublicKey
PublicKeyInfo
PublicKeyLength
SerialNumber
Sha1Hash
SignatureAlgID
SignatureAlgorithm
StoreName
Subject
Version
ExportToBlob
ExportToBlobPKCS7
ExportToFile
ExportToFilePKCS7
ExportToPFX
SetPrivateKeyContext
TransferToLocalMachine
VerifySignature

  CryptoCert Properties

BasicConstraints As Integer (Read-Only)

Returns a combination of flags indicating whether the certificate can act as a certification authority, an end-entity, or both. The following flags are defined:

&H80 (CERT_CA_SUBJECT_FLAG)
&H40 (CERT_END_ENTITY_SUBJECT_FLAG)


Issuer As CryptoName (Read-Only)

Returns the certificate's issuer information in the form of a CryptoName object.

IssuerCert As CryptoCert (Read-Only)

Returns a CryptoCert object representing this certificate's issuer certificate. It looks for an issuer certificate in the stores MY, CA, ROOT, TRUST, REQUEST, and ADDRESSBOOK, in this order. If no certificate can be found, of this certificate is a self-signed one, this property returns Nothing. You can use this property to reconstruct a certificate's certification path.

KeyUsage As Integer (Read-Only)

Returns a combination of flags designating the intended usage of this certificate's key. Currently, the following flags are defined:

&H10 (CERT_DATA_ENCIPHERMENT_KEY_USAGE)
&H80 (CERT_DIGITAL_SIGNATURE_KEY_USAGE)
&H08 (CERT_KEY_AGREEMENT_KEY_USAGE)
&H04 (CERT_KEY_CERT_SIGN_KEY_USAGE)
&H20 (CERT_KEY_ENCIPHERMENT_KEY_USAGE)
&H40 (CERT_NON_REPUDIATION_KEY_USAGE)
&H02 (CERT_OFFLINE_CRL_SIGN_KEY_USAGE)


NotAfter As Date (Read-Only)

Returns a date which marks the end of this certificate's validity period.

NotBefore As Date (Read-Only)

Returns a date which marks the beginning of this certificate's validity period.

PrivateKeyExists As Boolean (Read-Only)

Returns True is this certificate has an associated private key installed on this machine.

PrivateKeyContext As CryptoContext (Read-Only)

If this certificate has an associated private key installed on this machine, this property returns the corresponding CryptoContext object. Otherwise it returns Nothing.

PublicKey As CryptoBlob (Read-Only)

Returns a blob containing this certificate's public key in a DER-encoded form.

PublicKeyInfo As CryptoBlob (Read-Only)

Returns a blob containing this certificate's CERT_PUBLIC_KEY_INFO data which contains both the public key itself and its algorithm information. The public key data returned by this property is in a format used by Privacy Enhanced Mail (PEM) and DomainKeys Identified Mail (DKIM.) This property was introduced in version 2.7.

PublicKeyLength As Long (Read-Only)

Returns the bit size of this certificate's public key.

SerialNumber As String (Read-Only)

Returns this certificate's serial number in the form of a Hex-encoded string.

Sha1Hash As CryptoBlob (Read-Only)

Returns this certificate's SHA1 hash value in the form of a blob object.

SignatureAlgID As CryptoAlgorithms (Read-Only)

Returns this certificate's signature algorithm. Can be one of the following values: calgMD2, calgMD4, calgMD5 or calgSHA.

SignatureAlgorithm As String (Read-Only)

Returns this certificate's signature algorithm Object Identifier string. Can be one of the following values: "1.2.840.113549.2.2" (MD2), "1.2.840.113549.2.4" (MD4), "1.2.840.113549.2.5" (MD5) or "1.2.840.113549.1.1.5" (SHA).

StoreName As String (Read-Only)

Returns this certificate's store name. This property is only meaningful if this certificate object was obtained using CryptoStore's Certificates collection. Otherwise it returns an empty string.

Subject As CryptoName (Read-Only)

Returns the certificate's subject information in the form of a CryptoName object.

Version As Long (Read-Only)

Returns this certificate's version (1, 2, or 3).

  CryptoCert Methods


Function ExportToBlob ( Base64 As Boolean ) As CryptoBlob
Exports the certificate to a blob in the DER-encoded X.509 format (.cer). If Base64 is True the output will be in the Base64-encoded form.

This method was introduced in version 2.5.

Usage:

Set Blob = Cert.ExportToBlob( False )


Function ExportToBlobPKCS7 ( IncludePath As Boolean ) As CryptoBlob
Exports the certificate to a blob in the PKCS#7 format (.spc). If IncludePath is True all certificates in the certification path will be exported to that blob as well.

Usage:

Set Blob = Cert.ExportToBlobPKCS7( True )


Sub ExportToFile ( Path As String, Base64 As Boolean )
Exports the certificate to a file in the DER-encoded X.509 format (.cer). If Base64 is True the file will be in the Base64-encoded form.

Usage:

Cert.ExportToFile "c:\mycert.cer", False


Sub ExportToFilePKCS7 ( Path As String, IncludePath As Boolean )
Exports the certificate to a file in the PKCS#7 format (.spc). If IncludePath is True all certificates in the certification path will be exported to that file as well.

Usage:

Cert.ExportToFilePKCS7 "c:\mycert.spc", True

Related Section: 7.4 Exporting Certificates to a File.


Sub ExportToPFX ( Path As String, Password As String )
Exports the certificate to a file in the PKCS#12 format (.pfx, or .p12) along with its private key encrypted with a user-defined Password.

Usage:

Cert.ExportToPFX "c:\mycert.pfx", "secret word"


Sub SetPrivateKeyContext ( Context As CryptoContext )
Set a certificate's private key context to Context. This method may be useful when transferring certificates and their corresponding private keys to a different machine.

Usage:

Cert.SetPrivateKeyContext Context


Sub TransferToLocalMachine ( Store As String )
Copies this certificate from a HKEY_CURRENT_USER-based store to the specified HKEY_LOCAL_MACHINE-based store together with its private key. This may be necessary to use a certificate to send signed email using AspEmail in an ASP environment.

A VB sample application that uses this method can be found in the directory \Samples\cert_stores\CertMover of the installation.

Usage:

Cert.TransferToLocalMachine "MY"

Related Tasks: 4.6 Moving Certificates from HKEY_CURRENT_USER to HKEY_LOCAL_STORE.


Function VerifySignature ( IssuerCert As CryptoCert ) As Boolean
Verifies this certificate's signature against IssuerCert's public key. Returns True if verification succeeds or False otherwise.

Use this method to verify that the certificate is really issued by who it claims it is.

Usage:

If Not Cert.VerifySignature( IssuerCert ) Then ...


CryptoMessage CryptoCrl

  This site is owned and maintained by Persits Software, Inc. Copyright © 2000 - 2010. All Rights Reserved.