The following functions manage the set of certificates in an image file. Routines are provided to add, remove, and query certificates. There is also a function available for obtaining the byte stream of an image file required to calculate a message digest of the image file. This is needed to create signature certificates.
Every certificate in a file has an index which can change as certificates are removed. New certificates will always be added "at the end" of the list of existing certificates. That is, they will be assigned indices that are greater than any index currently in use. In general, an application should not assume that a given certificate has the same index it had the last time it was referenced.
At the time of the release of Windows NT 4.0, full support for creating or verifying certificates was not in place. Full support will be provided in a future release.
Unless otherwise noted, all the functions return TRUE on success and FALSE on failure. The GetLastError function can be called for more detailed error information.