| ||||
| ||||
| Не могу понять, что нужно писать при вызове CreatePKSC10 на месте OID-а. Где можно найти исчерпывающую информацию по этому поводу? Спасибо. | ||||
| Ответы: | ||||
| ||||
| Wincrypt.h //+------------------------------------------------------------------------- // CERT_RDN attribute Object Identifiers //-------------------------------------------------------------------------- Либо MSDN. CERT_RDN_ATTR Value Meaning szOID_COMMON_NAME Case-insensitive string. Labeling attribute. szOID_SUR_NAME Case-insensitive string. Labeling attribute. szOID_DEVICE_SERIAL_NUMBER Printable string. Labeling attribute. szOID_COUNTRY_NAME Two-character printable string. Geographic attribute. szOID_LOCALITY_NAME Case-insensitive string. Geographic attribute. szOID_STATE_OR_PROVINCE_NAME Case-insensitive string. Geographic attribute. szOID_STREET_ADDRESS Case-insensitive string. Geographic attribute. szOID_ORGANIZATION_NAME Case-insensitive string. Organizational attribute. szOID_ORGANIZATIONAL_UNIT_NAME Case-insensitive string. Organizational attribute. szOID_TITLE Case-insensitive string. Organizational attribute. szOID_DESCRIPTION Case-insensitive string. Explanatory attribute. szOID_SEARCH_GUIDE Explanatory attribute. szOID_BUSINESS_CATEGORY Case-insensitive string. Explanatory attribute. szOID_POSTAL_ADDRESS Printable string. Postal addressing attribute. szOID_POSTAL_CODE Case-insensitive string. Postal addressing attribute. szOID_POST_OFFICE_BOX Case-insensitive string. Postal addressing attribute. szOID_PHYSICAL_DELIVERY_OFFICE_NAME Case-insensitive string. Postal addressing attribute. szOID_TELEPHONE_NUMBER Telecommunications addressing attribute. szOID_TELEX_NUMBER Telecommunications addressing attribute. szOID_TELETEXT_TERMINAL_IDENTIFIER Telecommunications addressing attribute. szOID_FACSIMILE_TELEPHONE_NUMBER Telecommunications addressing attribute. szOID_X21_ADDRESS Numeric string. Telecommunications addressing attribute. szOID_INTERNATIONAL_ISDN_NUMBER Numeric string. Telecommunications addressing attribute. szOID_REGISTERED_ADDRESS Telecommunications addressing attribute. szOID_DESTINATION_INDICATOR Printable string. Telecommunications addressing attribute. szOID_PREFERRED_DELIVERY_METHOD Preference attribute. szOID_PRESENTATION_ADDRESS OSI application attribute. szOID_SUPPORTED_APPLICATION_CONTEXT OSI application attribute. szOID_MEMBER Relational application attribute. szOID_OWNER Relational application attribute. szOID_ROLE_OCCUPANT Relational application attribute. szOID_SEE_ALSO Relational application attribute. szOID_USER_PASSWORD Security attribute. szOID_USER_CERTIFICATE Security attribute. szOID_CA_CERTIFICATE Security attribute. szOID_AUTHORITY_REVOCATION_LIST Security attribute. szOID_CERTIFICATE_REVOCATION_LIST Security attribute. szOID_CROSS_CERTIFICATE_PAIR Security attribute. szOID_GIVEN_NAME Case-insensitive string. Name attribute. szOID_INITIALS Case-insensitive string. Name attribute. szOID_RSA_emailAddr IA5 string. E-mail attribute. szOID_DOMAIN_COMPONENT IA5 string. DNS name component such as "com". szOID_PKCS_12_FRIENDLY_NAME_ATTR PKCS 12 attribute. szOID_PKCS_12_LOCAL_KEY_ID PKCS 12 attribute. dwValueType Indicates the interpretation of the Value member. The following table identifies defined dwValueType values and describes the structure of the Value member that corresponds to that type. Value Meaning CERT_RDN_ANY_TYPE The pszObjId member determines the assumed type and length. CERT_RDN_ENCODED_BLOB An encoded data BLOB. CERT_RDN_OCTET_STRING An arbitrary string of octets (8-bit). CERT_RDN_GRAPHIC_STRING Currently not used. CERT_RDN_GENERAL_STRING Currently not used. CERT_RDN_NUMERIC_STRING Only the characters 0 through 9 and the space character (8-bit). CERT_RDN_PRINTABLE_STRING An arbitrary string of printable characters (8-bit). CERT_RDN_TELETEX_STRING An arbitrary string of T.61 characters (8-bit) CERT_RDN_T61_STRING An arbitrary string of T.61 characters (8-bit). CERT_RDN_VIDEOTEX_STRING An arbitrary string of videotext characters. CERT_RDN_IA5_STRING An arbitrary string of IA5 (ASCII) characters. CERT_RDN_VISIBLE_STRING A 95-character set (8-bit). CERT_RDN_ISO646_STRING A 128-character set (8-bit). CERT_RDN_UNIVERSAL_STRING An array of INT4 elements (32-bit). CERT_RDN_INT4_STRING An array of INT4 elements (32-bit). CERT_RDN_BMP_STRING An array of Unicode characters (16-bit). CERT_RDN_UNICODE_STRING An array of Unicode characters (16-bit). CERT_RDN_UTF8_STRING An array of 16 bit Unicode characters UTF8 encoded on the wire as a sequence of one, two, or three eight-bit characters. The following flags can be combined with a bitwise-OR operation into the dwValueType member. Value Meaning CERT_RDN_ENABLE_T61_UNICODE_FLAG For encoding. When set, if all the Unicode characters are <= 0xFF, the CERT_RDN_T61_STRING is selected instead of the CERT_ RDN_UNICODE_STRING. CERT_RDN_DISABLE_CHECK_TYPE_FLAG For encoding. When set, the characters are not checked to see if they are valid for the value type. CERT_RDN_DISABLE_IE4_UTF8_FLAG For decoding. By default, CERT_RDN_T61_STRING encoded values are initially decoded as UTF8. If the UTF8 decoding fails, the value is decoded as 8-bit characters. If this flag is set, it skips the initial attempt to decode as UTF8 and decodes the value as 8-bit characters. | ||||
| ||||
| OID сообщает о назначении сертификата в поле расширенного использования ключа в сертификате. //1.3.6.1.5.5.7.3.1 TLS Web server authentication //1.3.6.1.5.5.7.3.2 TLS Web client authentication //1.3.6.1.5.5.7.3.3 Signing of downloadable executable code //1.3.6.1.5.5.7.3.4 E-mail protection //1.3.6.1.5.5.7.3.5 IP security end system (host or router) //1.3.6.1.5.5.7.3.6 IP security tunnel termination //1.3.6.1.5.5.7.3.7 IP security user //1.3.6.1.5.5.7.3.8 Time Stamp Signing Это простейшие, ещё есть OID-ы для Exchange, для других систем. В общем, можно регистрировать свои OID-ы для своих целей. | ||||
Максим