CAPICOM Reference

[CAPICOM is a 32-bit only component that is available for use in the following operating systems: Windows Server 2008, Windows Vista and Windows XP. Instead, use the .NET Framework to implement security features. For more information, see Alternatives to Using CAPICOM.]

The CAPICOM COM client provides services that enable application developers to add security based on cryptography to applications. CryptoAPI includes functionality for authentication using digital signatures, for enveloping messages, and for encrypting and decrypting data.

Category Description
Certificate Store Objects Objects available for using certificate stores and the certificates in those stores.
Digital Signature Objects Objects used to digitally sign data and to verify digital signatures.
Enveloped Data Objects Objects used to create enveloped data messages for privacy and to decrypt data in enveloped messages.
Data Encryption Objects Objects used to encrypt data and to decrypt encrypted data.
Auxiliary Objects Objects used to change default behaviors and to manage certificates, certificate stores, and user interface (UI) messages.
Interoperability Interfaces Interfaces that allow derivations of CryptoAPI to work together with CAPICOM 2.0.
Enumeration Types Enumeration types used with CAPICOM.

 

Certificate Store Objects

The following objects work with certificate stores and the certificates in those stores. CAPICOM supports the use of Current User, Local Machine, Memory, and Active Directory certificate stores.

Object Description
Certificate A single digital certificate.
CertificatePolicies A collection of PolicyInformation objects.
Certificates Collection of Certificate objects.
CertificateStatus Provides status information on a certificate.
Chain Creates and checks a certificate validation chain based on a digital certificate.
ExtendedProperties Represents a collection of ExtendedProperty objects.
ExtendedProperty Represents a Microsoft-extended property.
Extension Represents a single certificate extension.
Extensions Represents a collection of Extension objects.
PrivateKey Represents a private key.
PublicKey Represents a public key in a Certificate object.
Store Provides the properties and methods to choose, manage, and use certificate stores and the certificates in those stores.
Template Represents the certificate extension template of the certificate.

 

Digital Signature Objects

The following objects are exported to digitally sign data and to verify digital signatures.

Object Description
SignedCode Provides functionality for signing content with an Authenticode digital signature.
SignedData Object used to sign data and to verify the signature on signed data.
Signer Information on a single data signer, including the signer's certificate.
Signers Collection of Signer objects.

 

Enveloped Data Objects

The following objects are exported to create enveloped data messages for privacy and to decrypt data in enveloped messages.

Object Description
EnvelopedData Objects used to create, send, and receive enveloped data. Enveloped data is encrypted so that only the intended recipients can decrypt it.
Recipients Collection of the Certificate objects of the intended recipients of an enveloped message.

 

Data Encryption Objects

The following object is exported to encrypt arbitrary data for privacy and to decrypt encrypted data.

Object Description
EncryptedData Objects used to encrypt data. Encrypted data in an EncryptedData object can be decrypted.

 

Auxiliary Objects

The following objects are exported to change default behaviors of other objects and to manage certificates, certificate stores, and messages.

Object Description
Algorithm Sets the algorithm and key length to be used in cryptographic operations.
Attribute Provides a single piece of added information about a signature, such as the time of signing.
Attributes Collection of Attribute objects.
BasicConstraints Provides read-only access to basic constraints on the uses of a certificate.
EKU Provides access to EKU properties of certificates.
EKUs Collection of EKU objects.
EncodedData Represents a block of encoded data.
ExtendedKeyUsage Provides read-only access to the extended key usage properties of certificates.
HashedData Provides functionality for applying a hash algorithm to a string.
KeyUsage Provides read-only access to key usage properties of certificates.
OID Represents an object identifier that is used by several CAPICOM properties.
OIDs Represents a collection of OID objects.
PolicyInformation Provides access to the policy OIDs of an extension.
Qualifier Represents a Certification Practice Statement (CPS) pointer or user notice qualifier.
Qualifiers Represents a collection of qualifiers.
Settings Enables or disables dialog boxes to prompt for signer or sender identity if that identity is not specified.
Utilities Provides functionality for common tasks.

 

Interoperability Interfaces

The following interfaces allow derivations of CryptoAPI to work together with CAPICOM 2.0.

Interface Description
ICertContext Provides access to the context of a CAPICOM X.509v3 Certificate object. This context allows the CAPICOM certificate to be used in other derivations of CryptoAPI.
ICertStore Provides access to the context of a CAPICOM Store object. This context allows the CAPICOM certificate store to be used in other derivations of CryptoAPI.
IChainContext Provides access to the context of a CAPICOM Chain object. This context allows the CAPICOM certificate trust chain to be used in other derivations of CryptoAPI.

 

Enumeration Types

CAPICOM defines the following enumeration types: