Prev Next

WinTrustSubjectEnumCertificates info

The WinTrustSubjectEnumCertificates function determines the types of certificates bundled within a subject. You can retrieve a list of all the certificate types that the subject contains, or you can determine whether the subject contains a specified certificate type.

BOOL WinTrustSubjectEnumCertificates(

    LPWIN_TRUST_SIP_SUBJECT  lpSubject,

// pointer to description of the subject

    DWORD dwTypeFilter,

// type of certificate to enumerate

    LPDWORD lpCertificateCount,

// receives number of certificates of the specified type

    LPDWORD lpIndices,

// pointer to an array that receives the certificate types

    DWORD dwIndexCount

// size of the array

   );

Parameters

lpSubject
Pointer to a WIN_TRUST_SIP_SUBJECT structure that identifies the subject from which to get certificate information.
dwTypeFilter
Specifies the type of certificate to list. This parameter can be zero to list certificates of all types, or it can be one of the following values.

Value

Meaning

WIN_CERT_TYPE_X509

The certificate contains an X.509 Certificate.

WIN_CERT_TYPE_PKCS_SIGNED_DATA

The certificate contains a PKCS SignedData structure.

WIN_CERT_TYPE_RESERVED_1

Reserved.

lpCertificateCount
Pointer to a DWORD that receives the number of certificates of the specified type in the subject identified by lpSubject. This value indicates the number that could be returned even if the lpIndices array is not large enough to hold them all.
lpIndices
Pointer to an array of DWORD values that receives a list of WIN_CERT_TYPE_xxx values indicating the types of certificates bundled within the subject. You can use these certificate type values in the WinTrustSubjectGetCertificate function to retrieve the actual certificates.

The value returned in lpCertificateCount indicates the number of valid entries returned in the array. If dwIndexCount is less than the value returned in lpCertificateCount, the array contains garbage, and you need to call WinTrustSubjectEnumCertificates again with a larger array.

dwIndexCount
Indicates the number of entries that can be returned in the lpIndices array.

Return Values

If the function succeeds, the return value is a nonzero value.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

A trust provider calls the WinTrustSubjectEnumCertificates function to retrieve the types of certificates in the specified subject. The trust provider calls the WinTrust implementation of this function. WinTrust then calls the WinTrustSubjectEnumCertificates implementation of the appropriate Subject Interface Package (SIP). The appropriate SIP is the one registered to handle the type of subject specified by the lpSubject parameter.

Each Subject Interface Package (SIP) DLL must implement the WinTrustSubjectEnumCertificates function. WinTrust gets a pointer to the SIP’s WinTrustSubjectEnumCertificates implementation when WinTrust calls the SIP’s WinTrustSipInitialize initialization function.

The LPWINTRUST_SUBJECT_ENUM_CERTIFICATES type is a pointer to a WinTrustSubjectEnumCertificates function.

See Also

WIN_TRUST_SIP_SUBJECT, WinTrustSipInitialize