WinTrustSubjectEnumCertificates

[New - Windows NT]

The WinTrustSubjectEnumCertificates function determines the types of certificates bundled within a subject. You can retrieve a list of all the certificate types that the subject contains, or you can determine whether the subject contains a specified certificate type.

BOOL WinTrustSubjectEnumCertificates(

LPWIN_TRUST_SIP_SUBJECT lpSubject, // pointer to description of the subject
DWORD dwTypeFilter, // type of certificate to enumerate
LPDWORD lpCertificateCount, // receives number of certificates of the specified type
LPDWORD lpIndices, // pointer to an array that receives the certificate types
DWORD dwIndexCount // size of the array
);  

Parameters

lpSubject

Pointer to a WIN_TRUST_SIP_SUBJECT structure that identifies the subject from which to get certificate information.

dwTypeFilter

Specifies the type of certificate to list. This parameter can be zero to list certificates of all types, or it can be one of the following values.

Value Meaning
WIN_CERT_TYPE_X509 The certificate contains an X.509 Certificate.
WIN_CERT_TYPE_PKCS_SIGNED_DATA The certificate contains a PKCS SignedData structure.
WIN_CERT_TYPE_RESERVED_1 Reserved.

lpCertificateCount

Pointer to a DWORD that receives the number of certificates of the specified type in the subject identified by lpSubject. This value indicates the number that could be returned even if the lpIndices array is not large enough to hold them all.

lpIndices

Pointer to an array of DWORD values that receives a list of WIN_CERT_TYPE_xxx values indicating the types of certificates bundled within the subject. You can use these certificate type values in the WinTrustSubjectGetCertificate function to retrieve the actual certificates.

The value returned in lpCertificateCount indicates the number of valid entries returned in the array. If dwIndexCount is less than the value returned in lpCertificateCount, the array contains garbage, and you need to call WinTrustSubjectEnumCertificates again with a larger array.

dwIndexCount

Indicates the number of entries that can be returned in the lpIndices array.

Return Values

If the function succeeds, the return value is a nonzero value.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

A trust provider calls the WinTrustSubjectEnumCertificates function to retrieve the types of certificates in the specified subject. The trust provider calls the WinTrust implementation of this function. WinTrust then calls the WinTrustSubjectEnumCertificates implementation of the appropriate Subject Interface Package (SIP). The appropriate SIP is the one registered to handle the type of subject specified by the lpSubject parameter.

Each Subject Interface Package (SIP) DLL must implement the WinTrustSubjectEnumCertificates function. WinTrust gets a pointer to the SIP's WinTrustSubjectEnumCertificates implementation when WinTrust calls the SIP's WinTrustSipInitialize initialization function.

The LPWINTRUST_SUBJECT_ENUM_CERTIFICATES type is a pointer to a WinTrustSubjectEnumCertificates function.

See Also

WIN_TRUST_SIP_SUBJECT, WinTrustSipInitialize