CertGetEnhancedKeyUsage

The CertGetEnhancedKeyUsage function gets the enhanced key usage extension or property from the certificate.

#include <wincrypt.h>
BOOL WINAPI CertGetEnhancedKeyUsage(
  PCCERT_CONTEXT pCertContext,    // in
  DWORD dwFlags                   // in
  PCERT_ENHKEY_USAGE pUsage       // out
  DWORD *pcbUsage                 // in/out
);

Parameters

pCertContext: A pointer to the specified certificate.
dwFlags: If the CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG is set, then, only get the extension.
If the CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG is set, then, only get the property.
pUsage: Pointer to a buffer that receives the enhanced key usage.
This parameter can be NULL to set the size of the key usage for memory allocation purposes. For more information, see the "Common In/Out Parameter Conventions" section at the beginning of this Reference.
pcbUsage: Pointer to a variable that specifies the size, in bytes, of the buffer pointed to by the pUsage parameter. When the function returns, the variable pointed to by the pcbUsage parameter contains the number of bytes stored in the buffer. This parameter can be NULL, only if pUsage is NULL.

Return Values

TRUE if the function succeeded, FALSE if the function failed.

Call GetLastError to see the reason for any failures.

Example

// EXAMPLE CODE FOR USING CertGetEnhancedKeyUsage.
// To get and print the intended key usage bytes from
// a certificate. Assume that the pointer to the
// certificate (pCertContext) is already known.

// Set up the variables.
PCCERT_CONTEXT pCertContext;// Initialized elsewhere
DWORD dwFlags = CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG;
                            // Extension only
PCERT_ENHKEY_USAGE pUsage;  // Initialized elsewhere
DWORD cbUsage = 0;          // Size of key (in bytes)
BOOL fResult;               // Returns TRUE if function succeeded
                            //   FALSE if function failed


// Function called the first time to get
// the size of cbUsage - allocate memory
fResult = CertGetEnhancedKeyUsage(
            pCertContext,  
            dwFlags,       
            NULL,          // NULL on first call
            &cbUsage);     // in/out - Size of enhanced key usage

if (!fResult) {            // FALSE
  cout<< "first call to CertGetEnhancedKeyUsage failed"<< endl;
}
else {                     // TRUE
  cout<< "first call to CertGetEnhancedKeyUsage successful"<< endl;
  pUsage = (PCERT_ENHKEY_USAGE)malloc(cbUsage);
  cout<< "memory allocated"<< endl;
}

// Function call to get usage extension or property.
fResult = CertGetEnhancedKeyUsage(
            pCertContext,  // in - Pointer to the certificate
            dwFlags,       // in - Extension only flag
            pUsage,        // out- Pointer to enhanced key usage
            &cbUsage);     // in/out - Size of enhanced key usage

if (!fResult) {            // FALSE
  cout<< "function failed "<< endl
      << "error code = "<< GetLastError()<< endl;
}
else {                     // TRUE
  cout<< "function succeeded "<< endl
      << "extension/ property = "<< dwFlags<< endl
      << "enhanced key usage size = "<< &cbUsage<< endl;
}
free (pUsage);

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
  Windows: Requires Windows 98 (or Windows 95 with IE 3.02 or later).
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.

CertGetEnhancedKeyUsage

Parameters

Return Values

Example

QuickInfo

See Also