Cryptography Objects
Cryptography objects are categorized according to usage as follows:
- Certificate Store Objects
- Digital Signature Objects
- Enveloped Data Objects
- Data Encryption Objects
- Auxiliary Objects
- Certificate Enrollment Objects
Certificate Store Objects
The following objects work with certificate stores and the certificates in those stores. CAPICOM supports the use of Current User, Local Machine, memory, and Active Directory certificate stores.
| Object | Description |
|---|---|
| Certificate | A single digital certificate. |
| CertificatePolicies | A collection of PolicyInformation objects. |
| Certificates | Collection of Certificate objects. |
| CertificateStatus | Provides status information on a certificate. |
| Chain | Creates and checks a certificate validation chain based on a digital certificate. |
| ExtendedProperties | Represents a collection of ExtendedProperty objects. |
| ExtendedProperty | Represents a Microsoft-extended property. |
| Extension | Represents a single certificate extension. |
| Extensions | Represents a collection of Extension objects. |
| PrivateKey | Represents a private key. |
| PublicKey | Represents a public key in a Certificate object. |
| Store | Provides the properties and methods to choose, manage, and use certificate stores and the certificates in those stores. |
| Template | Represents the certificate extension template of the certificate. |
Digital Signature Objects
The following objects are exported to digitally sign data and to verify digital signatures.
| Object | Description |
|---|---|
| SignedCode | Object used to sign code with an Authenticode digital signature and to verify the signature on signed code. |
| SignedData | Object used to sign data and to verify the signature on signed data. |
| Signer | Information on a single data signer, including the signer's certificate. |
| Signers | Collection of Signer objects. |
Enveloped Data Objects
The following objects are exported to create enveloped data messages for privacy and to decrypt data in enveloped messages.
| Object | Description |
|---|---|
| EnvelopedData | Objects used to create, send, and receive enveloped data. Enveloped data is encrypted so that only the intended recipients can decrypt it. |
| Recipients | Collection of the Certificate objects of the intended recipients of an enveloped message. |
Data Encryption Objects
The following object is exported to encrypt arbitrary data for privacy and to decrypt encrypted data.
| Object | Description |
|---|---|
| EncryptedData | Objects used to encrypt data. Encrypted data in an EncryptedData object can be decrypted. |
Auxiliary Objects
The following objects are exported to change default behaviors of other objects and to manage certificates, certificate stores, and messages.
| Object | Description |
|---|---|
| Algorithm | Sets the algorithm and key length to be used in cryptographic operations. |
| Attribute | Provides a single piece of added information about a signature, such as the time of signing. |
| Attributes | Collection of Attribute objects. |
| BasicConstraints | Provides read-only access to basic constraints on the uses of a certificate. |
| EKU | Provides access to EKU properties of certificates. |
| EKUs | Collection of EKU objects. |
| EncodedData | Represents a block of encoded data. |
| ExtendedKeyUsage | Provides read-only access to the extended key usage properties of certificates. |
| HashedData | Provides functionality for applying a hash algorithm to a string. |
| KeyUsage | Provides read-only access to key usage properties of certificates. |
| NoticeNumbers | Represents a collection of Extension objects. |
| OID | Represents an object identifier that is used by several CAPICOM properties. |
| OIDs | Represents a collection of OID objects. |
| PolicyInformation | Provides access to the policy OIDs of an extension. |
| Qualifier | Represents a Certification Practice Statement (CPS) pointer or user notice qualifier. |
| Qualifiers | Represents a collection of qualifiers. |
| Settings | Enables or disables dialog boxes to prompt for signer or sender identity if that identity is not specified. |
| Utilities | Provides functionality for common tasks. |
Certificate Enrollment Objects
The following object is used for certificate enrollment.
| Object | Description |
|---|---|
| CEnroll | Object that represents the Certificate Enrollment Control. It is primarily used when programming in Visual Basic or another Automation language. |