CERT_BASIC_CONSTRAINTS_INFO (Windows CE 5.0)

Article
2012-09-14

This structure contains information indicating whether the certified subject can act as a certification authority (CA), an end entity, or both. If the subject can act as a CA, a certification path length constraint can also be specified, as can a set of subtrees that must contain all subject names of subsequent certificates in a certification chain. This extension is used in validating certificates used to sign other certificates.

The CryptDecodeObject function creates an instance of this structure when performed on a CERT_EXTENSION structure's Value member with the structure's pszObjId member set to szOID_BASIC_CONSTRAINTS.

typedef struct _CERT_BASIC_CONSTRAINTS_INFO {CRYPT_BIT_BLOBSubjectType;BOOLfPathLenConstraint;DWORDdwPathLenConstraint;DWORDcSubtreesConstraint;CERT_NAME_BLOB*rgSubtreesConstraint;} CERT_BASIC_CONSTRAINTS_INFO, *PCERT_BASIC_CONSTRAINTS_INFO;

Members

SubjectType
CRYPT_BIT_BLOB structure can contain a CERT_CA_SUBJECT_FLAG that when set indicates that the certificate's subject can act as a CA, a CERT_END_ENTITY_SUBJECT_FLAG that when set indicates that the certificate's subject can act as an end entity, or both combined using a bitwise OR operation.
fPathLenConstraint
Boolean value indicating whether the dwPathLenConstraint field sets the maximum length of the certification path.
dwPathLenConstraint
Maximum number of CA certificates that can follow this certificate in a certification validation path. A value of zero indicates that the subject of this certificate can issue certificates only to end entities and not to CAs.
cSubtreesConstraint
Number of elements in the rgSubtreesConstraint array.
rgSubtreesConstraint
Pointer to an array of CERT_NAME_BLOB structures establishing subtree constraints.

Requirements

OS Versions: Windows CE 3.0 and later.
Header: Wincrypt.h.

Share via

CERT_BASIC_CONSTRAINTS_INFO (Windows CE 5.0)

Members

Requirements

See Also

Additional resources