CertificateStorage Class

Properties   Methods   Events   Config Settings   Errors  

The CertificateStorage class works with collections of certificates.

Syntax

CertificateStorage

Remarks

CertificateStorage can work with certificates residing on a variety of media. Among others, it can access certificates residing in files, Windows and macOS system stores, and PKCS#11 devices. All such kinds of media can be accessed via a simple, unified interface, which makes CertificateStorage a handy certificate access option. Most users of SecureBlackbox use this component to access certificates residing on hardware devices. CertificateStorage is also a good alternative to CertificateManager where the certificate file contains more than one certificate.

To access certificates stored on certain type of media, start with the Open method. Provide the location of your certificates via a uniform URI-like specifier. Once the storage has been opened, you can access the certificates contained in it via the Certificates property.

Iterate over certificates by using the Certificates property, or use filtering facilities such as Select and SelectChain. You can add certificates to the storage with the Add, AddFromFile, and AddPinned methods. In the latter case please assign the certificate object to be imported to the PinnedCert property.

Use CreateNew method to create a new storage. Note that not all storage kinds can be created.

When you have finished working with the certificate storage, close it with the Close method.

Certain types of stores must be kept open for the certificates to continue to be usable. This means that while you can copy a certificate to a different storage, or assign it to a different component, you still must keep the storage it originates from open for as long as you intend to use that certificate in your code. This is because the storage is often a bridge between a certificate and its private key, and by closing the storage early you are destroying this bridge prematurely. See the code example below: // This code, although syntactically correct, will fail because the storage is closed too early: storage.Open("pkcs11://user:12345@localhost/C:/Windows/System32/asepkcs.dll"); pdfSigner.SigningCertificate = storage.Certificates[0]; storage.Close(false); // the private key of the SigningCertificate gets lost after this call pdfSigner.Sign(); // returns an error // This code will work as expected storage.Open("pkcs11://user:12345@localhost/C:/Windows/System32/asepkcs.dll"); pdfSigner.SigningCertificate = storage.Certificates[0]; pdfSigner.Sign(); storage.Close(false);

Property List

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

Method List

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

Event List

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

Config Settings

The following is a list of config settings for the class with short descriptions. Click on the links for further details.

CertCount Property (CertificateStorage Class)

The number of records in the Cert arrays.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertCount();

Unicode (Windows)
INT GetCertCount();

int secureblackbox_certificatestorage_getcertcount(void* lpObj);

int GetCertCount();

Default Value

0

Remarks

This property controls the size of the following arrays:

• CertBytes
• CertCA
• CertCAKeyID
• CertCRLDistributionPoints
• CertCurve
• CertFingerprint
• CertFriendlyName
• CertHandle
• CertHashAlgorithm
• CertIssuer
• CertIssuerRDN
• CertKeyAlgorithm
• CertKeyBits
• CertKeyFingerprint
• CertKeyUsage
• CertKeyValid
• CertOCSPLocations
• CertOCSPNoCheck
• CertOrigin
• CertPolicyIDs
• CertPrivateKeyBytes
• CertPrivateKeyExists
• CertPrivateKeyExtractable
• CertPublicKeyBytes
• CertQualifiedStatements
• CertSelfSigned
• CertSerialNumber
• CertSigAlgorithm
• CertSubject
• CertSubjectAlternativeName
• CertSubjectKeyID
• CertSubjectRDN
• CertValidFrom
• CertValidTo

The array indices start at 0 and end at CertCount - 1.

This property is read-only and not available at design time.

Data Type

Integer

CertBytes Property (CertificateStorage Class)

Returns raw certificate data in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertBytes(int iCertIndex, char* &lpCertBytes, int &lenCertBytes);

Unicode (Windows)
INT GetCertBytes(INT iCertIndex, LPSTR &lpCertBytes, INT &lenCertBytes);

int secureblackbox_certificatestorage_getcertbytes(void* lpObj, int certindex, char** lpCertBytes, int* lenCertBytes);

QByteArray GetCertBytes(int iCertIndex);

Remarks

Returns raw certificate data in DER format.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertCA Property (CertificateStorage Class)

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertCA(int iCertIndex);

Unicode (Windows)
BOOL GetCertCA(INT iCertIndex);

int secureblackbox_certificatestorage_getcertca(void* lpObj, int certindex);

bool GetCertCA(int iCertIndex);

Default Value

FALSE

Remarks

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

CertCAKeyID Property (CertificateStorage Class)

A unique identifier (fingerprint) of the CA certificate's private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertCAKeyID(int iCertIndex, char* &lpCertCAKeyID, int &lenCertCAKeyID);

Unicode (Windows)
INT GetCertCAKeyID(INT iCertIndex, LPSTR &lpCertCAKeyID, INT &lenCertCAKeyID);

int secureblackbox_certificatestorage_getcertcakeyid(void* lpObj, int certindex, char** lpCertCAKeyID, int* lenCertCAKeyID);

QByteArray GetCertCAKeyID(int iCertIndex);

Remarks

A unique identifier (fingerprint) of the CA certificate's private key.

Authority Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates produced by the same issuer, but with different public keys.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertCRLDistributionPoints Property (CertificateStorage Class)

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertCRLDistributionPoints(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertCRLDistributionPoints(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertcrldistributionpoints(void* lpObj, int certindex);

QString GetCertCRLDistributionPoints(int iCertIndex);

Default Value

""

Remarks

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertCurve Property (CertificateStorage Class)

Specifies the elliptic curve of the EC public key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertCurve(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertCurve(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertcurve(void* lpObj, int certindex);

QString GetCertCurve(int iCertIndex);

Default Value

""

Remarks

Specifies the elliptic curve of the EC public key.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertFingerprint Property (CertificateStorage Class)

Contains the fingerprint (a hash imprint) of this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertFingerprint(int iCertIndex, char* &lpCertFingerprint, int &lenCertFingerprint);

Unicode (Windows)
INT GetCertFingerprint(INT iCertIndex, LPSTR &lpCertFingerprint, INT &lenCertFingerprint);

int secureblackbox_certificatestorage_getcertfingerprint(void* lpObj, int certindex, char** lpCertFingerprint, int* lenCertFingerprint);

QByteArray GetCertFingerprint(int iCertIndex);

Remarks

Contains the fingerprint (a hash imprint) of this certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertFriendlyName Property (CertificateStorage Class)

Contains an associated alias (friendly name) of the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertFriendlyName(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertFriendlyName(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertfriendlyname(void* lpObj, int certindex);

QString GetCertFriendlyName(int iCertIndex);

Default Value

""

Remarks

Contains an associated alias (friendly name) of the certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertHandle Property (CertificateStorage Class)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int64 GetCertHandle(int iCertIndex);

Unicode (Windows)
LONG64 GetCertHandle(INT iCertIndex);

int64 secureblackbox_certificatestorage_getcerthandle(void* lpObj, int certindex);

qint64 GetCertHandle(int iCertIndex);

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Long64

CertHashAlgorithm Property (CertificateStorage Class)

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing) SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN .

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertHashAlgorithm(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertHashAlgorithm(INT iCertIndex);

char* secureblackbox_certificatestorage_getcerthashalgorithm(void* lpObj, int certindex);

QString GetCertHashAlgorithm(int iCertIndex);

Default Value

""

Remarks

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing)

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertIssuer Property (CertificateStorage Class)

The common name of the certificate issuer (CA), typically a company name.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertIssuer(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertIssuer(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertissuer(void* lpObj, int certindex);

QString GetCertIssuer(int iCertIndex);

Default Value

""

Remarks

The common name of the certificate issuer (CA), typically a company name.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertIssuerRDN Property (CertificateStorage Class)

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertIssuerRDN(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertIssuerRDN(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertissuerrdn(void* lpObj, int certindex);

QString GetCertIssuerRDN(int iCertIndex);

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertKeyAlgorithm Property (CertificateStorage Class)

Specifies the public key algorithm of this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertKeyAlgorithm(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertKeyAlgorithm(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertkeyalgorithm(void* lpObj, int certindex);

QString GetCertKeyAlgorithm(int iCertIndex);

Default Value

"0"

Remarks

Specifies the public key algorithm of this certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertKeyBits Property (CertificateStorage Class)

Returns the length of the public key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertKeyBits(int iCertIndex);

Unicode (Windows)
INT GetCertKeyBits(INT iCertIndex);

int secureblackbox_certificatestorage_getcertkeybits(void* lpObj, int certindex);

int GetCertKeyBits(int iCertIndex);

Default Value

0

Remarks

Returns the length of the public key.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Integer

CertKeyFingerprint Property (CertificateStorage Class)

Returns a fingerprint of the public key contained in the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertKeyFingerprint(int iCertIndex, char* &lpCertKeyFingerprint, int &lenCertKeyFingerprint);

Unicode (Windows)
INT GetCertKeyFingerprint(INT iCertIndex, LPSTR &lpCertKeyFingerprint, INT &lenCertKeyFingerprint);

int secureblackbox_certificatestorage_getcertkeyfingerprint(void* lpObj, int certindex, char** lpCertKeyFingerprint, int* lenCertKeyFingerprint);

QByteArray GetCertKeyFingerprint(int iCertIndex);

Remarks

Returns a fingerprint of the public key contained in the certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertKeyUsage Property (CertificateStorage Class)

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertKeyUsage(int iCertIndex);

Unicode (Windows)
INT GetCertKeyUsage(INT iCertIndex);

int secureblackbox_certificatestorage_getcertkeyusage(void* lpObj, int certindex);

int GetCertKeyUsage(int iCertIndex);

Default Value

0

Remarks

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

This value is a bit mask of the following values:

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Integer

CertKeyValid Property (CertificateStorage Class)

Returns True if the certificate's key is cryptographically valid, and False otherwise.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertKeyValid(int iCertIndex);

Unicode (Windows)
BOOL GetCertKeyValid(INT iCertIndex);

int secureblackbox_certificatestorage_getcertkeyvalid(void* lpObj, int certindex);

bool GetCertKeyValid(int iCertIndex);

Default Value

FALSE

Remarks

Returns True if the certificate's key is cryptographically valid, and False otherwise.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

CertOCSPLocations Property (CertificateStorage Class)

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertOCSPLocations(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertOCSPLocations(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertocsplocations(void* lpObj, int certindex);

QString GetCertOCSPLocations(int iCertIndex);

Default Value

""

Remarks

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertOCSPNoCheck Property (CertificateStorage Class)

Accessor to the value of the certificates ocsp-no-check extension.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertOCSPNoCheck(int iCertIndex);

Unicode (Windows)
BOOL GetCertOCSPNoCheck(INT iCertIndex);

int secureblackbox_certificatestorage_getcertocspnocheck(void* lpObj, int certindex);

bool GetCertOCSPNoCheck(int iCertIndex);

Default Value

FALSE

Remarks

Accessor to the value of the certificates ocsp-no-check extension.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

CertOrigin Property (CertificateStorage Class)

Returns the origin of this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertOrigin(int iCertIndex);

Unicode (Windows)
INT GetCertOrigin(INT iCertIndex);

int secureblackbox_certificatestorage_getcertorigin(void* lpObj, int certindex);

int GetCertOrigin(int iCertIndex);

Default Value

0

Remarks

Returns the origin of this certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Integer

CertPolicyIDs Property (CertificateStorage Class)

Contains identifiers (OIDs) of the applicable certificate policies.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertPolicyIDs(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertPolicyIDs(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertpolicyids(void* lpObj, int certindex);

QString GetCertPolicyIDs(int iCertIndex);

Default Value

""

Remarks

Contains identifiers (OIDs) of the applicable certificate policies.

The Certificate Policies extension identifies a sequence of policies under which the certificate has been issued, and which regulate its usage.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertPrivateKeyBytes Property (CertificateStorage Class)

Contains the certificate's private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertPrivateKeyBytes(int iCertIndex, char* &lpCertPrivateKeyBytes, int &lenCertPrivateKeyBytes);

Unicode (Windows)
INT GetCertPrivateKeyBytes(INT iCertIndex, LPSTR &lpCertPrivateKeyBytes, INT &lenCertPrivateKeyBytes);

int secureblackbox_certificatestorage_getcertprivatekeybytes(void* lpObj, int certindex, char** lpCertPrivateKeyBytes, int* lenCertPrivateKeyBytes);

QByteArray GetCertPrivateKeyBytes(int iCertIndex);

Remarks

Contains the certificate's private key. It is normal for this property to be empty if the private key is non-exportable.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertPrivateKeyExists Property (CertificateStorage Class)

Indicates whether the certificate has an associated private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertPrivateKeyExists(int iCertIndex);

Unicode (Windows)
BOOL GetCertPrivateKeyExists(INT iCertIndex);

int secureblackbox_certificatestorage_getcertprivatekeyexists(void* lpObj, int certindex);

bool GetCertPrivateKeyExists(int iCertIndex);

Default Value

FALSE

Remarks

Indicates whether the certificate has an associated private key.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

CertPrivateKeyExtractable Property (CertificateStorage Class)

Indicates whether the private key is extractable.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertPrivateKeyExtractable(int iCertIndex);

Unicode (Windows)
BOOL GetCertPrivateKeyExtractable(INT iCertIndex);

int secureblackbox_certificatestorage_getcertprivatekeyextractable(void* lpObj, int certindex);

bool GetCertPrivateKeyExtractable(int iCertIndex);

Default Value

FALSE

Remarks

Indicates whether the private key is extractable

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

CertPublicKeyBytes Property (CertificateStorage Class)

Contains the certificate's public key in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertPublicKeyBytes(int iCertIndex, char* &lpCertPublicKeyBytes, int &lenCertPublicKeyBytes);

Unicode (Windows)
INT GetCertPublicKeyBytes(INT iCertIndex, LPSTR &lpCertPublicKeyBytes, INT &lenCertPublicKeyBytes);

int secureblackbox_certificatestorage_getcertpublickeybytes(void* lpObj, int certindex, char** lpCertPublicKeyBytes, int* lenCertPublicKeyBytes);

QByteArray GetCertPublicKeyBytes(int iCertIndex);

Remarks

Contains the certificate's public key in DER format.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertQualifiedStatements Property (CertificateStorage Class)

Returns the qualified status of the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertQualifiedStatements(int iCertIndex);

Unicode (Windows)
INT GetCertQualifiedStatements(INT iCertIndex);

QST_NON_QUALIFIED(0), 
QST_QUALIFIED_HARDWARE(1), 
QST_QUALIFIED_SOFTWARE(2)

int secureblackbox_certificatestorage_getcertqualifiedstatements(void* lpObj, int certindex);

int GetCertQualifiedStatements(int iCertIndex);

Default Value

0

Remarks

Returns the qualified status of the certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Integer

CertSelfSigned Property (CertificateStorage Class)

Indicates whether the certificate is self-signed (root) or signed by an external CA.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertSelfSigned(int iCertIndex);

Unicode (Windows)
BOOL GetCertSelfSigned(INT iCertIndex);

int secureblackbox_certificatestorage_getcertselfsigned(void* lpObj, int certindex);

bool GetCertSelfSigned(int iCertIndex);

Default Value

FALSE

Remarks

Indicates whether the certificate is self-signed (root) or signed by an external CA.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

CertSerialNumber Property (CertificateStorage Class)

Returns the certificate's serial number.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertSerialNumber(int iCertIndex, char* &lpCertSerialNumber, int &lenCertSerialNumber);

Unicode (Windows)
INT GetCertSerialNumber(INT iCertIndex, LPSTR &lpCertSerialNumber, INT &lenCertSerialNumber);

int secureblackbox_certificatestorage_getcertserialnumber(void* lpObj, int certindex, char** lpCertSerialNumber, int* lenCertSerialNumber);

QByteArray GetCertSerialNumber(int iCertIndex);

Remarks

Returns the certificate's serial number.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertSigAlgorithm Property (CertificateStorage Class)

Indicates the algorithm that was used by the CA to sign this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertSigAlgorithm(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertSigAlgorithm(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertsigalgorithm(void* lpObj, int certindex);

QString GetCertSigAlgorithm(int iCertIndex);

Default Value

""

Remarks

Indicates the algorithm that was used by the CA to sign this certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertSubject Property (CertificateStorage Class)

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertSubject(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertSubject(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertsubject(void* lpObj, int certindex);

QString GetCertSubject(int iCertIndex);

Default Value

""

Remarks

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertSubjectAlternativeName Property (CertificateStorage Class)

Returns or sets the value of the Subject Alternative Name extension of the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertSubjectAlternativeName(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertSubjectAlternativeName(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertsubjectalternativename(void* lpObj, int certindex);

QString GetCertSubjectAlternativeName(int iCertIndex);

Default Value

""

Remarks

Returns or sets the value of the Subject Alternative Name extension of the certificate.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertSubjectKeyID Property (CertificateStorage Class)

Contains a unique identifier (fingerprint) of the certificate's private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetCertSubjectKeyID(int iCertIndex, char* &lpCertSubjectKeyID, int &lenCertSubjectKeyID);

Unicode (Windows)
INT GetCertSubjectKeyID(INT iCertIndex, LPSTR &lpCertSubjectKeyID, INT &lenCertSubjectKeyID);

int secureblackbox_certificatestorage_getcertsubjectkeyid(void* lpObj, int certindex, char** lpCertSubjectKeyID, int* lenCertSubjectKeyID);

QByteArray GetCertSubjectKeyID(int iCertIndex);

Remarks

Contains a unique identifier (fingerprint) of the certificate's private key.

Subject Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates containing a particular public key. In SecureBlackbox, the unique identifier is represented with a SHA1 hash of the bit string of the subject public key.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

CertSubjectRDN Property (CertificateStorage Class)

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertSubjectRDN(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertSubjectRDN(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertsubjectrdn(void* lpObj, int certindex);

QString GetCertSubjectRDN(int iCertIndex);

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertValidFrom Property (CertificateStorage Class)

The time point at which the certificate becomes valid, in UTC.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertValidFrom(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertValidFrom(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertvalidfrom(void* lpObj, int certindex);

QString GetCertValidFrom(int iCertIndex);

Default Value

""

Remarks

The time point at which the certificate becomes valid, in UTC.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

CertValidTo Property (CertificateStorage Class)

The time point at which the certificate expires, in UTC.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetCertValidTo(int iCertIndex);

Unicode (Windows)
LPWSTR GetCertValidTo(INT iCertIndex);

char* secureblackbox_certificatestorage_getcertvalidto(void* lpObj, int certindex);

QString GetCertValidTo(int iCertIndex);

Default Value

""

Remarks

The time point at which the certificate expires, in UTC.

The CertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.

This property is read-only and not available at design time.

Data Type

String

FIPSMode Property (CertificateStorage Class)

Reserved.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetFIPSMode();
int SetFIPSMode(int bFIPSMode);

Unicode (Windows)
BOOL GetFIPSMode();
INT SetFIPSMode(BOOL bFIPSMode);

int secureblackbox_certificatestorage_getfipsmode(void* lpObj);
int secureblackbox_certificatestorage_setfipsmode(void* lpObj, int bFIPSMode);

bool GetFIPSMode();
int SetFIPSMode(bool bFIPSMode);

Default Value

FALSE

Remarks

This property is reserved for future use.

Data Type

Boolean

Opened Property (CertificateStorage Class)

Indicates whether the storage is in the open state.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetOpened();

Unicode (Windows)
BOOL GetOpened();

int secureblackbox_certificatestorage_getopened(void* lpObj);

bool GetOpened();

Default Value

FALSE

Remarks

Use this property to check if the storage has been 'opened.' Different kinds of certificate storages imply different meanings for 'being opened', but generally a storage is open if it is available for operations.

Use Open method to open a storage.

This property is read-only and not available at design time.

Data Type

Boolean

PinnedCertBytes Property (CertificateStorage Class)

Returns raw certificate data in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetPinnedCertBytes(char* &lpPinnedCertBytes, int &lenPinnedCertBytes);

Unicode (Windows)
INT GetPinnedCertBytes(LPSTR &lpPinnedCertBytes, INT &lenPinnedCertBytes);

int secureblackbox_certificatestorage_getpinnedcertbytes(void* lpObj, char** lpPinnedCertBytes, int* lenPinnedCertBytes);

QByteArray GetPinnedCertBytes();

Remarks

Returns raw certificate data in DER format.

This property is read-only and not available at design time.

Data Type

Byte Array

PinnedCertHandle Property (CertificateStorage Class)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int64 GetPinnedCertHandle();
int SetPinnedCertHandle(int64 lPinnedCertHandle);

Unicode (Windows)
LONG64 GetPinnedCertHandle();
INT SetPinnedCertHandle(LONG64 lPinnedCertHandle);

int64 secureblackbox_certificatestorage_getpinnedcerthandle(void* lpObj);
int secureblackbox_certificatestorage_setpinnedcerthandle(void* lpObj, int64 lPinnedCertHandle);

qint64 GetPinnedCertHandle();
int SetPinnedCertHandle(qint64 lPinnedCertHandle);

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

This property is not available at design time.

Data Type

Long64

SelectedCertCount Property (CertificateStorage Class)

The number of records in the SelectedCert arrays.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertCount();

Unicode (Windows)
INT GetSelectedCertCount();

int secureblackbox_certificatestorage_getselectedcertcount(void* lpObj);

int GetSelectedCertCount();

Default Value

0

Remarks

This property controls the size of the following arrays:

• SelectedCertBytes
• SelectedCertCA
• SelectedCertCAKeyID
• SelectedCertCRLDistributionPoints
• SelectedCertCurve
• SelectedCertFingerprint
• SelectedCertFriendlyName
• SelectedCertHandle
• SelectedCertHashAlgorithm
• SelectedCertIssuer
• SelectedCertIssuerRDN
• SelectedCertKeyAlgorithm
• SelectedCertKeyBits
• SelectedCertKeyFingerprint
• SelectedCertKeyUsage
• SelectedCertKeyValid
• SelectedCertOCSPLocations
• SelectedCertOCSPNoCheck
• SelectedCertOrigin
• SelectedCertPolicyIDs
• SelectedCertPrivateKeyBytes
• SelectedCertPrivateKeyExists
• SelectedCertPrivateKeyExtractable
• SelectedCertPublicKeyBytes
• SelectedCertQualifiedStatements
• SelectedCertSelfSigned
• SelectedCertSerialNumber
• SelectedCertSigAlgorithm
• SelectedCertSubject
• SelectedCertSubjectAlternativeName
• SelectedCertSubjectKeyID
• SelectedCertSubjectRDN
• SelectedCertValidFrom
• SelectedCertValidTo

The array indices start at 0 and end at SelectedCertCount - 1.

This property is read-only and not available at design time.

Data Type

Integer

SelectedCertBytes Property (CertificateStorage Class)

Returns raw certificate data in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertBytes(int iSelectedCertIndex, char* &lpSelectedCertBytes, int &lenSelectedCertBytes);

Unicode (Windows)
INT GetSelectedCertBytes(INT iSelectedCertIndex, LPSTR &lpSelectedCertBytes, INT &lenSelectedCertBytes);

int secureblackbox_certificatestorage_getselectedcertbytes(void* lpObj, int selectedcertindex, char** lpSelectedCertBytes, int* lenSelectedCertBytes);

QByteArray GetSelectedCertBytes(int iSelectedCertIndex);

Remarks

Returns raw certificate data in DER format.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

SelectedCertCA Property (CertificateStorage Class)

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertCA(int iSelectedCertIndex);

Unicode (Windows)
BOOL GetSelectedCertCA(INT iSelectedCertIndex);

int secureblackbox_certificatestorage_getselectedcertca(void* lpObj, int selectedcertindex);

bool GetSelectedCertCA(int iSelectedCertIndex);

Default Value

FALSE

Remarks

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

SelectedCertCAKeyID Property (CertificateStorage Class)

A unique identifier (fingerprint) of the CA certificate's private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertCAKeyID(int iSelectedCertIndex, char* &lpSelectedCertCAKeyID, int &lenSelectedCertCAKeyID);

Unicode (Windows)
INT GetSelectedCertCAKeyID(INT iSelectedCertIndex, LPSTR &lpSelectedCertCAKeyID, INT &lenSelectedCertCAKeyID);

int secureblackbox_certificatestorage_getselectedcertcakeyid(void* lpObj, int selectedcertindex, char** lpSelectedCertCAKeyID, int* lenSelectedCertCAKeyID);

QByteArray GetSelectedCertCAKeyID(int iSelectedCertIndex);

Remarks

A unique identifier (fingerprint) of the CA certificate's private key.

Authority Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates produced by the same issuer, but with different public keys.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

SelectedCertCRLDistributionPoints Property (CertificateStorage Class)

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertCRLDistributionPoints(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertCRLDistributionPoints(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertcrldistributionpoints(void* lpObj, int selectedcertindex);

QString GetSelectedCertCRLDistributionPoints(int iSelectedCertIndex);

Default Value

""

Remarks

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertCurve Property (CertificateStorage Class)

Specifies the elliptic curve of the EC public key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertCurve(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertCurve(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertcurve(void* lpObj, int selectedcertindex);

QString GetSelectedCertCurve(int iSelectedCertIndex);

Default Value

""

Remarks

Specifies the elliptic curve of the EC public key.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertFingerprint Property (CertificateStorage Class)

Contains the fingerprint (a hash imprint) of this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertFingerprint(int iSelectedCertIndex, char* &lpSelectedCertFingerprint, int &lenSelectedCertFingerprint);

Unicode (Windows)
INT GetSelectedCertFingerprint(INT iSelectedCertIndex, LPSTR &lpSelectedCertFingerprint, INT &lenSelectedCertFingerprint);

int secureblackbox_certificatestorage_getselectedcertfingerprint(void* lpObj, int selectedcertindex, char** lpSelectedCertFingerprint, int* lenSelectedCertFingerprint);

QByteArray GetSelectedCertFingerprint(int iSelectedCertIndex);

Remarks

Contains the fingerprint (a hash imprint) of this certificate.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

SelectedCertFriendlyName Property (CertificateStorage Class)

Contains an associated alias (friendly name) of the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertFriendlyName(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertFriendlyName(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertfriendlyname(void* lpObj, int selectedcertindex);

QString GetSelectedCertFriendlyName(int iSelectedCertIndex);

Default Value

""

Remarks

Contains an associated alias (friendly name) of the certificate.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertHandle Property (CertificateStorage Class)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int64 GetSelectedCertHandle(int iSelectedCertIndex);

Unicode (Windows)
LONG64 GetSelectedCertHandle(INT iSelectedCertIndex);

int64 secureblackbox_certificatestorage_getselectedcerthandle(void* lpObj, int selectedcertindex);

qint64 GetSelectedCertHandle(int iSelectedCertIndex);

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Long64

SelectedCertHashAlgorithm Property (CertificateStorage Class)

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing) SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN .

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertHashAlgorithm(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertHashAlgorithm(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcerthashalgorithm(void* lpObj, int selectedcertindex);

QString GetSelectedCertHashAlgorithm(int iSelectedCertIndex);

Default Value

""

Remarks

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing)

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertIssuer Property (CertificateStorage Class)

The common name of the certificate issuer (CA), typically a company name.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertIssuer(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertIssuer(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertissuer(void* lpObj, int selectedcertindex);

QString GetSelectedCertIssuer(int iSelectedCertIndex);

Default Value

""

Remarks

The common name of the certificate issuer (CA), typically a company name.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertIssuerRDN Property (CertificateStorage Class)

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertIssuerRDN(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertIssuerRDN(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertissuerrdn(void* lpObj, int selectedcertindex);

QString GetSelectedCertIssuerRDN(int iSelectedCertIndex);

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertKeyAlgorithm Property (CertificateStorage Class)

Specifies the public key algorithm of this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertKeyAlgorithm(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertKeyAlgorithm(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertkeyalgorithm(void* lpObj, int selectedcertindex);

QString GetSelectedCertKeyAlgorithm(int iSelectedCertIndex);

Default Value

"0"

Remarks

Specifies the public key algorithm of this certificate.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertKeyBits Property (CertificateStorage Class)

Returns the length of the public key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertKeyBits(int iSelectedCertIndex);

Unicode (Windows)
INT GetSelectedCertKeyBits(INT iSelectedCertIndex);

int secureblackbox_certificatestorage_getselectedcertkeybits(void* lpObj, int selectedcertindex);

int GetSelectedCertKeyBits(int iSelectedCertIndex);

Default Value

0

Remarks

Returns the length of the public key.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

SelectedCertKeyFingerprint Property (CertificateStorage Class)

Returns a fingerprint of the public key contained in the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertKeyFingerprint(int iSelectedCertIndex, char* &lpSelectedCertKeyFingerprint, int &lenSelectedCertKeyFingerprint);

Unicode (Windows)
INT GetSelectedCertKeyFingerprint(INT iSelectedCertIndex, LPSTR &lpSelectedCertKeyFingerprint, INT &lenSelectedCertKeyFingerprint);

int secureblackbox_certificatestorage_getselectedcertkeyfingerprint(void* lpObj, int selectedcertindex, char** lpSelectedCertKeyFingerprint, int* lenSelectedCertKeyFingerprint);

QByteArray GetSelectedCertKeyFingerprint(int iSelectedCertIndex);

Remarks

Returns a fingerprint of the public key contained in the certificate.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

SelectedCertKeyUsage Property (CertificateStorage Class)

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertKeyUsage(int iSelectedCertIndex);

Unicode (Windows)
INT GetSelectedCertKeyUsage(INT iSelectedCertIndex);

int secureblackbox_certificatestorage_getselectedcertkeyusage(void* lpObj, int selectedcertindex);

int GetSelectedCertKeyUsage(int iSelectedCertIndex);

Default Value

0

Remarks

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

This value is a bit mask of the following values:

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

SelectedCertKeyValid Property (CertificateStorage Class)

Returns True if the certificate's key is cryptographically valid, and False otherwise.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertKeyValid(int iSelectedCertIndex);

Unicode (Windows)
BOOL GetSelectedCertKeyValid(INT iSelectedCertIndex);

int secureblackbox_certificatestorage_getselectedcertkeyvalid(void* lpObj, int selectedcertindex);

bool GetSelectedCertKeyValid(int iSelectedCertIndex);

Default Value

FALSE

Remarks

Returns True if the certificate's key is cryptographically valid, and False otherwise.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

SelectedCertOCSPLocations Property (CertificateStorage Class)

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertOCSPLocations(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertOCSPLocations(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertocsplocations(void* lpObj, int selectedcertindex);

QString GetSelectedCertOCSPLocations(int iSelectedCertIndex);

Default Value

""

Remarks

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertOCSPNoCheck Property (CertificateStorage Class)

Accessor to the value of the certificates ocsp-no-check extension.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertOCSPNoCheck(int iSelectedCertIndex);

Unicode (Windows)
BOOL GetSelectedCertOCSPNoCheck(INT iSelectedCertIndex);

int secureblackbox_certificatestorage_getselectedcertocspnocheck(void* lpObj, int selectedcertindex);

bool GetSelectedCertOCSPNoCheck(int iSelectedCertIndex);

Default Value

FALSE

Remarks

Accessor to the value of the certificates ocsp-no-check extension.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

SelectedCertOrigin Property (CertificateStorage Class)

Returns the origin of this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertOrigin(int iSelectedCertIndex);

Unicode (Windows)
INT GetSelectedCertOrigin(INT iSelectedCertIndex);

int secureblackbox_certificatestorage_getselectedcertorigin(void* lpObj, int selectedcertindex);

int GetSelectedCertOrigin(int iSelectedCertIndex);

Default Value

0

Remarks

Returns the origin of this certificate.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

SelectedCertPolicyIDs Property (CertificateStorage Class)

Contains identifiers (OIDs) of the applicable certificate policies.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertPolicyIDs(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertPolicyIDs(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertpolicyids(void* lpObj, int selectedcertindex);

QString GetSelectedCertPolicyIDs(int iSelectedCertIndex);

Default Value

""

Remarks

Contains identifiers (OIDs) of the applicable certificate policies.

The Certificate Policies extension identifies a sequence of policies under which the certificate has been issued, and which regulate its usage.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertPrivateKeyBytes Property (CertificateStorage Class)

Contains the certificate's private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertPrivateKeyBytes(int iSelectedCertIndex, char* &lpSelectedCertPrivateKeyBytes, int &lenSelectedCertPrivateKeyBytes);

Unicode (Windows)
INT GetSelectedCertPrivateKeyBytes(INT iSelectedCertIndex, LPSTR &lpSelectedCertPrivateKeyBytes, INT &lenSelectedCertPrivateKeyBytes);

int secureblackbox_certificatestorage_getselectedcertprivatekeybytes(void* lpObj, int selectedcertindex, char** lpSelectedCertPrivateKeyBytes, int* lenSelectedCertPrivateKeyBytes);

QByteArray GetSelectedCertPrivateKeyBytes(int iSelectedCertIndex);

Remarks

Contains the certificate's private key. It is normal for this property to be empty if the private key is non-exportable.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

SelectedCertPrivateKeyExists Property (CertificateStorage Class)

Indicates whether the certificate has an associated private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertPrivateKeyExists(int iSelectedCertIndex);

Unicode (Windows)
BOOL GetSelectedCertPrivateKeyExists(INT iSelectedCertIndex);

int secureblackbox_certificatestorage_getselectedcertprivatekeyexists(void* lpObj, int selectedcertindex);

bool GetSelectedCertPrivateKeyExists(int iSelectedCertIndex);

Default Value

FALSE

Remarks

Indicates whether the certificate has an associated private key.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

SelectedCertPrivateKeyExtractable Property (CertificateStorage Class)

Indicates whether the private key is extractable.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertPrivateKeyExtractable(int iSelectedCertIndex);

Unicode (Windows)
BOOL GetSelectedCertPrivateKeyExtractable(INT iSelectedCertIndex);

int secureblackbox_certificatestorage_getselectedcertprivatekeyextractable(void* lpObj, int selectedcertindex);

bool GetSelectedCertPrivateKeyExtractable(int iSelectedCertIndex);

Default Value

FALSE

Remarks

Indicates whether the private key is extractable

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

SelectedCertPublicKeyBytes Property (CertificateStorage Class)

Contains the certificate's public key in DER format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertPublicKeyBytes(int iSelectedCertIndex, char* &lpSelectedCertPublicKeyBytes, int &lenSelectedCertPublicKeyBytes);

Unicode (Windows)
INT GetSelectedCertPublicKeyBytes(INT iSelectedCertIndex, LPSTR &lpSelectedCertPublicKeyBytes, INT &lenSelectedCertPublicKeyBytes);

int secureblackbox_certificatestorage_getselectedcertpublickeybytes(void* lpObj, int selectedcertindex, char** lpSelectedCertPublicKeyBytes, int* lenSelectedCertPublicKeyBytes);

QByteArray GetSelectedCertPublicKeyBytes(int iSelectedCertIndex);

Remarks

Contains the certificate's public key in DER format.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

SelectedCertQualifiedStatements Property (CertificateStorage Class)

Returns the qualified status of the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertQualifiedStatements(int iSelectedCertIndex);

Unicode (Windows)
INT GetSelectedCertQualifiedStatements(INT iSelectedCertIndex);

QST_NON_QUALIFIED(0), 
QST_QUALIFIED_HARDWARE(1), 
QST_QUALIFIED_SOFTWARE(2)

int secureblackbox_certificatestorage_getselectedcertqualifiedstatements(void* lpObj, int selectedcertindex);

int GetSelectedCertQualifiedStatements(int iSelectedCertIndex);

Default Value

0

Remarks

Returns the qualified status of the certificate.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

SelectedCertSelfSigned Property (CertificateStorage Class)

Indicates whether the certificate is self-signed (root) or signed by an external CA.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertSelfSigned(int iSelectedCertIndex);

Unicode (Windows)
BOOL GetSelectedCertSelfSigned(INT iSelectedCertIndex);

int secureblackbox_certificatestorage_getselectedcertselfsigned(void* lpObj, int selectedcertindex);

bool GetSelectedCertSelfSigned(int iSelectedCertIndex);

Default Value

FALSE

Remarks

Indicates whether the certificate is self-signed (root) or signed by an external CA.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

SelectedCertSerialNumber Property (CertificateStorage Class)

Returns the certificate's serial number.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertSerialNumber(int iSelectedCertIndex, char* &lpSelectedCertSerialNumber, int &lenSelectedCertSerialNumber);

Unicode (Windows)
INT GetSelectedCertSerialNumber(INT iSelectedCertIndex, LPSTR &lpSelectedCertSerialNumber, INT &lenSelectedCertSerialNumber);

int secureblackbox_certificatestorage_getselectedcertserialnumber(void* lpObj, int selectedcertindex, char** lpSelectedCertSerialNumber, int* lenSelectedCertSerialNumber);

QByteArray GetSelectedCertSerialNumber(int iSelectedCertIndex);

Remarks

Returns the certificate's serial number.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

SelectedCertSigAlgorithm Property (CertificateStorage Class)

Indicates the algorithm that was used by the CA to sign this certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertSigAlgorithm(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertSigAlgorithm(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertsigalgorithm(void* lpObj, int selectedcertindex);

QString GetSelectedCertSigAlgorithm(int iSelectedCertIndex);

Default Value

""

Remarks

Indicates the algorithm that was used by the CA to sign this certificate.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertSubject Property (CertificateStorage Class)

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertSubject(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertSubject(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertsubject(void* lpObj, int selectedcertindex);

QString GetSelectedCertSubject(int iSelectedCertIndex);

Default Value

""

Remarks

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertSubjectAlternativeName Property (CertificateStorage Class)

Returns or sets the value of the Subject Alternative Name extension of the certificate.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertSubjectAlternativeName(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertSubjectAlternativeName(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertsubjectalternativename(void* lpObj, int selectedcertindex);

QString GetSelectedCertSubjectAlternativeName(int iSelectedCertIndex);

Default Value

""

Remarks

Returns or sets the value of the Subject Alternative Name extension of the certificate.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertSubjectKeyID Property (CertificateStorage Class)

Contains a unique identifier (fingerprint) of the certificate's private key.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int GetSelectedCertSubjectKeyID(int iSelectedCertIndex, char* &lpSelectedCertSubjectKeyID, int &lenSelectedCertSubjectKeyID);

Unicode (Windows)
INT GetSelectedCertSubjectKeyID(INT iSelectedCertIndex, LPSTR &lpSelectedCertSubjectKeyID, INT &lenSelectedCertSubjectKeyID);

int secureblackbox_certificatestorage_getselectedcertsubjectkeyid(void* lpObj, int selectedcertindex, char** lpSelectedCertSubjectKeyID, int* lenSelectedCertSubjectKeyID);

QByteArray GetSelectedCertSubjectKeyID(int iSelectedCertIndex);

Remarks

Contains a unique identifier (fingerprint) of the certificate's private key.

Subject Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates containing a particular public key. In SecureBlackbox, the unique identifier is represented with a SHA1 hash of the bit string of the subject public key.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

SelectedCertSubjectRDN Property (CertificateStorage Class)

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertSubjectRDN(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertSubjectRDN(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertsubjectrdn(void* lpObj, int selectedcertindex);

QString GetSelectedCertSubjectRDN(int iSelectedCertIndex);

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertValidFrom Property (CertificateStorage Class)

The time point at which the certificate becomes valid, in UTC.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertValidFrom(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertValidFrom(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertvalidfrom(void* lpObj, int selectedcertindex);

QString GetSelectedCertValidFrom(int iSelectedCertIndex);

Default Value

""

Remarks

The time point at which the certificate becomes valid, in UTC.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

SelectedCertValidTo Property (CertificateStorage Class)

The time point at which the certificate expires, in UTC.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetSelectedCertValidTo(int iSelectedCertIndex);

Unicode (Windows)
LPWSTR GetSelectedCertValidTo(INT iSelectedCertIndex);

char* secureblackbox_certificatestorage_getselectedcertvalidto(void* lpObj, int selectedcertindex);

QString GetSelectedCertValidTo(int iSelectedCertIndex);

Default Value

""

Remarks

The time point at which the certificate expires, in UTC.

The SelectedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the SelectedCertCount property.

This property is read-only and not available at design time.

Data Type

String

StorageID Property (CertificateStorage Class)

A unique identifier of this storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetStorageID();

Unicode (Windows)
LPWSTR GetStorageID();

char* secureblackbox_certificatestorage_getstorageid(void* lpObj);

QString GetStorageID();

Default Value

""

Remarks

Use this property to get a unique ID of this storage. The format of ID may differ for different kinds of certificate storages, and may range from a file path for a file storage, to a URI-like ID for a PKCS#11 storage, to an empty value for an in-memory storage.

This property is read-only.

Data Type

String

StorageLocation Property (CertificateStorage Class)

Specifies the location of the currently opened storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetStorageLocation();

Unicode (Windows)
LPWSTR GetStorageLocation();

char* secureblackbox_certificatestorage_getstoragelocation(void* lpObj);

QString GetStorageLocation();

Default Value

""

Remarks

Use this property to get the location of the active storage. The location indicates the nature of the storage and can be assigned with one of the below values (more values may be added in future):

This property is read-only.

Data Type

String

Add Method (CertificateStorage Class)

Adds a certificate to the storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int Add(const char* lpData, int lenData);

Unicode (Windows)
INT Add(LPCSTR lpData, INT lenData);

int secureblackbox_certificatestorage_add(void* lpObj, const char* lpData, int lenData);

int Add(QByteArray qbaData);

Remarks

Use this method to add a certificate supplied in its raw DER representation via the Data parameter.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

AddFromFile Method (CertificateStorage Class)

Adds a certificate to the storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int AddFromFile(const char* lpszFilename);

Unicode (Windows)
INT AddFromFile(LPCWSTR lpszFilename);

int secureblackbox_certificatestorage_addfromfile(void* lpObj, const char* lpszFilename);

int AddFromFile(const QString& qsFilename);

Remarks

Use this method to add a certificate stored in a file.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

AddFromStream Method (CertificateStorage Class)

Adds a certificate to the storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int AddFromStream(SecureBlackboxStream* sStream);

Unicode (Windows)
INT AddFromStream(SecureBlackboxStream* sStream);

int secureblackbox_certificatestorage_addfromstream(void* lpObj, SecureBlackboxStream* sStream);

int AddFromStream(SecureBlackboxStream* sStream);

Remarks

Use this method to add a certificate contained in a stream.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

AddPinned Method (CertificateStorage Class)

Adds the pinned certificate to the storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int AddPinned();

Unicode (Windows)
INT AddPinned();

int secureblackbox_certificatestorage_addpinned(void* lpObj);

int AddPinned();

Remarks

This method adds a certificate attached to the PinnedCert property to the storage. This method is a handy way of adding certificates generated/returned by other components.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

Clear Method (CertificateStorage Class)

Removes all certificates from the storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int Clear();

Unicode (Windows)
INT Clear();

int secureblackbox_certificatestorage_clear(void* lpObj);

int Clear();

Remarks

Use this method to empty the storage.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

Close Method (CertificateStorage Class)

Closes the certificate storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int Close(int bSave);

Unicode (Windows)
INT Close(BOOL bSave);

int secureblackbox_certificatestorage_close(void* lpObj, int bSave);

int Close(bool bSave);

Remarks

Use this method to close the storage component and clean up any resources associated with it.

This method releases all memory objects and handles associated with the certificates contained in the storage. Any certificate objects originating from the storage become invalid as soon as the storage is closed, and should not be used.

Save parameter only applies to certain types of stores, such as file stores. Set it to True to commit any changes to the underlying media. Note that PKCS#11 and Win32 storage types are of transactional nature and commit any changes immediately, so the value of the Save parameter does not make any difference with them.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

Config Method (CertificateStorage Class)

Sets or retrieves a configuration setting.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* Config(const char* lpszConfigurationString);

Unicode (Windows)
LPWSTR Config(LPCWSTR lpszConfigurationString);

char* secureblackbox_certificatestorage_config(void* lpObj, const char* lpszConfigurationString);

QString Config(const QString& qsConfigurationString);

Remarks

Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

Error Handling (C++)

This method returns a String value; after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.

CreateNew Method (CertificateStorage Class)

Creates a new storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int CreateNew(const char* lpszStorageLocation, const char* lpszStorageID);

Unicode (Windows)
INT CreateNew(LPCWSTR lpszStorageLocation, LPCWSTR lpszStorageID);

int secureblackbox_certificatestorage_createnew(void* lpObj, const char* lpszStorageLocation, const char* lpszStorageID);

int CreateNew(const QString& qsStorageLocation, const QString& qsStorageID);

Remarks

Use this method to create new certificate storage.

StorageLocation specifies where the new storage should be created, and StorageID contains a unique storage identifier.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

DoAction Method (CertificateStorage Class)

Performs an additional action.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* DoAction(const char* lpszActionID, const char* lpszActionParams);

Unicode (Windows)
LPWSTR DoAction(LPCWSTR lpszActionID, LPCWSTR lpszActionParams);

char* secureblackbox_certificatestorage_doaction(void* lpObj, const char* lpszActionID, const char* lpszActionParams);

QString DoAction(const QString& qsActionID, const QString& qsActionParams);

Remarks

DoAction is a generic method available in every class. It is used to perform an additional action introduced after the product major release. The list of actions is not fixed, and may be flexibly extended over time.

The unique identifier (case insencitive) of the action is provided in the ActionID parameter.

ActionParams contains the value of a single parameter, or a list of multiple parameters for the action in the form of PARAM1=VALUE1;PARAM2=VALUE2;....

Error Handling (C++)

This method returns a String value; after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.

ExportBytes Method (CertificateStorage Class)

Exports the certificates in the chosen format.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* ExportBytes(const char* lpszPassword, int iFormat, int *lpSize = NULL);

Unicode (Windows)
LPSTR ExportBytes(LPCWSTR lpszPassword, INT iFormat, LPINT lpSize = NULL);

char* secureblackbox_certificatestorage_exportbytes(void* lpObj, const char* lpszPassword, int iFormat, int *lpSize);

QByteArray ExportBytes(const QString& qsPassword, int iFormat);

Remarks

Use this method to save the certificates in one of the formats defined below.

Pass the encryption password via the Password parameter if needed.

Note that not all formats support encryption, and some (like PEM) only support partial encryption (key only). Keep this in mind when considering which format to choose for storing your certificates.

Error Handling (C++)

This method returns a Byte Array value (with length lpSize); after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.

ExportToFile Method (CertificateStorage Class)

Exports the certificates to a file.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int ExportToFile(const char* lpszCertFile, const char* lpszPassword, int iFormat);

Unicode (Windows)
INT ExportToFile(LPCWSTR lpszCertFile, LPCWSTR lpszPassword, INT iFormat);

int secureblackbox_certificatestorage_exporttofile(void* lpObj, const char* lpszCertFile, const char* lpszPassword, int iFormat);

int ExportToFile(const QString& qsCertFile, const QString& qsPassword, int iFormat);

Remarks

Use this method to save the certificates to a file in one of the formats given below. Pass the encryption password via the Password parameter.

Note that not all formats support encryption, and some (like PEM) only support partial encryption (key only). Keep this in mind when considering which format to choose for storing your certificates.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

ExportToStream Method (CertificateStorage Class)

Exports the certificate to a stream.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int ExportToStream(SecureBlackboxStream* sCertStream, const char* lpszPassword, int iFormat);

Unicode (Windows)
INT ExportToStream(SecureBlackboxStream* sCertStream, LPCWSTR lpszPassword, INT iFormat);

int secureblackbox_certificatestorage_exporttostream(void* lpObj, SecureBlackboxStream* sCertStream, const char* lpszPassword, int iFormat);

int ExportToStream(SecureBlackboxStream* sCertStream, const QString& qsPassword, int iFormat);

Remarks

Use this method to save the certificate to a stream in one of the formats given below. Pass the encryption password via the Password parameter.

Note that not all formats support encryption, and some (like PEM) only support partial encryption (key only). Keep this in mind when considering which format to choose for storing your certificates.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

GetStorageProperty Method (CertificateStorage Class)

Returns the value of a custom certificate storage property.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* GetStorageProperty(const char* lpszName);

Unicode (Windows)
LPWSTR GetStorageProperty(LPCWSTR lpszName);

char* secureblackbox_certificatestorage_getstorageproperty(void* lpObj, const char* lpszName);

QString GetStorageProperty(const QString& qsName);

Remarks

This method, together with SetStorageProperty, provides an extensible way of managing the certificate storage's settings that are not available through the primary properties of the component. The list of settings may be extended in future, in response to emergence of new storage variants and recognition of non-obvious storage usage scenarios.

The following certificate storage properties can be read using this method:

Error Handling (C++)

This method returns a String value; after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.

ImportBytes Method (CertificateStorage Class)

Imports a certificates.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int ImportBytes(const char* lpCertBytes, int lenCertBytes, const char* lpszPassword, int bClear);

Unicode (Windows)
INT ImportBytes(LPCSTR lpCertBytes, INT lenCertBytes, LPCWSTR lpszPassword, BOOL bClear);

int secureblackbox_certificatestorage_importbytes(void* lpObj, const char* lpCertBytes, int lenCertBytes, const char* lpszPassword, int bClear);

int ImportBytes(QByteArray qbaCertBytes, const QString& qsPassword, bool bClear);

Remarks

Use this method to load a certificates from a byte array. Provide the password via the Password parameter. This method supports certificates in DER, PEM, PFX, and SPC formats.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

ImportFromFile Method (CertificateStorage Class)

Loads a certificates from a file.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int ImportFromFile(const char* lpszPath, const char* lpszPassword, int bClear);

Unicode (Windows)
INT ImportFromFile(LPCWSTR lpszPath, LPCWSTR lpszPassword, BOOL bClear);

int secureblackbox_certificatestorage_importfromfile(void* lpObj, const char* lpszPath, const char* lpszPassword, int bClear);

int ImportFromFile(const QString& qsPath, const QString& qsPassword, bool bClear);

Remarks

This method can load certificates saved in one of the following formats: DER, PEM, PFX, SPC.

Use the Path parameter to provide a path to the certificate, and Password to specify the password.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

ImportFromStream Method (CertificateStorage Class)

Loads a certificates from a stream.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int ImportFromStream(SecureBlackboxStream* sCertStream, const char* lpszPassword, int bClear);

Unicode (Windows)
INT ImportFromStream(SecureBlackboxStream* sCertStream, LPCWSTR lpszPassword, BOOL bClear);

int secureblackbox_certificatestorage_importfromstream(void* lpObj, SecureBlackboxStream* sCertStream, const char* lpszPassword, int bClear);

int ImportFromStream(SecureBlackboxStream* sCertStream, const QString& qsPassword, bool bClear);

Remarks

This method can load certificates saved in one of the following formats: DER, PEM, PFX, SPC.

Use the CertStream parameter to provide a stream containing the certificate data, and Password to specify the password.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

ListStores Method (CertificateStorage Class)

Returns a list of individual stores available within the storage.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
char* ListStores();

Unicode (Windows)
LPWSTR ListStores();

char* secureblackbox_certificatestorage_liststores(void* lpObj);

QString ListStores();

Remarks

Use this method to query a list of individual stores available in the opened storage.

The contents of the list depends on the type of the store used and the parameters it is opened with. For system (CryptoAPI) stores the method returns a list of available system stores for the chosen access type, as returned by Windows (e.g. MY, ADDRESSBOOK, CA). For PKCS#11 stores the method returns a list of slot descriptions for all slots published by the driver.

The store names are separated from each other with a CRLF sequence.

Error Handling (C++)

This method returns a String value; after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.

Login Method (CertificateStorage Class)

Signs in to a session or elevates the session rights.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int Login(int iSessionType, const char* lpszPin, int bReadOnly);

Unicode (Windows)
INT Login(INT iSessionType, LPCWSTR lpszPin, BOOL bReadOnly);

int secureblackbox_certificatestorage_login(void* lpObj, int iSessionType, const char* lpszPin, int bReadOnly);

int Login(int iSessionType, const QString& qsPin, bool bReadOnly);

Remarks

Use this method to sign in to a session with a required access type. Note that in some cases you may call this method more than one time for a specific session to elevate your access rights, for example: // open an unauthenticated session storage.Login(stUnauthenticated, "", false); // elevate the access rights for the session storage.Login(stUser, "password", false); Sessions are currently supported for PKCS#11 storage types only.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

Logout Method (CertificateStorage Class)

Signs out of an opened session.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int Logout(int bCloseSesion);

Unicode (Windows)
INT Logout(BOOL bCloseSesion);

int secureblackbox_certificatestorage_logout(void* lpObj, int bCloseSesion);

int Logout(bool bCloseSesion);

Remarks

Use this method to sign out of a session. Pass true to CloseSession to shut the session down altogether.

This method is currently support for PKCS#11 storage type only.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

Open Method (CertificateStorage Class)

Opens existing storage or creates one in memory.

Syntax

• C++
• C
• Qt

ANSI (Cross Platform)
int Open(const char* lpszStorageID);

Unicode (Windows)
INT Open(LPCWSTR lpszStorageID);

int secureblackbox_certificatestorage_open(void* lpObj, const char* lpszStorageID);

int Open(const QString& qsStorageID);

Remarks

Use this method to open the storage with the given StorageID. Certificate storages can come from several different locations, detailed below.

Memory

A storage can be created in memory by passing an empty string ("").

File

A storage can be opened from a file using one of two syntaxes:

• C:\Certs\certs.pem
• file://C:/Certs/certs.pem

Windows System

A storage can be opened from the Windows System using this syntax: system://{user}@{host}/?{params}

user is one of these values:

• currentuser
• localmachine
• currentservice

params are chosen from this list:

• store (required), is the name of the Windows store to access (e.g. "MY")
• readonly, whether to access the store with only read permissions. Use 0 for false, and 1 for true.

PKCS#11 Device

A storage can be opened from a PKCS#11 device using this syntax: pkcs11://{user}:{pin}@/{driverpath}?{params}

user is the username used to access the device; typically it's either "user" or "admin".

pin is the pin code used to access the device.

driverpath is the path to the driver used to access the device.

params are chosen from this list:

• slot, the token slot to access on the device. If not provided, one will be chosen automatically. If set to -1, no session will be opened.
• readonly, whether to access the device with only read permissions. Use 0 for false, and 1 for true.
• login, whether to sign in to the device with a PIN. Use 0 or no to avoid signing in, or 1 or yes to enforce it. When not specified, the yes mode is used.

macOS

A keychain can be opened on macOS using this syntax: macos://:{password}@/{keychain}?{params}

This is the right way to perform cryptographic operations using private keys, including non-exportable private keys. By now, only certificates with RSA keys are supported, other certificates are not listed and are not used.

keychain is the path to a keychain file. If no keychain specified, the default keychain is opened.

password is the keychain access password. If no password is provided, it will be asked by macOS UI if necessary. To access a keychain in readonly mode, no password is needed usually.

params are chosen from this list:

• readonly, whether to access the keychain with only read permissions. Use 0 for false, and 1 for true.

iOS

A keychain can be opened on iOS using this syntax: ios:///?{params}

iOS doesn't support keychains located in files. By now, only certificates with RSA keys are supported, other certificates are not listed and are not used.

params are chosen from this list:

• readonly, whether to access the keychain with only read permissions. Use 0 for false, and 1 for true.

KMIP Server

A storage can be opened from a KMIP server using this syntax: mailto:{password}@{remotehost}:{remoteport}/?{params}

password is the password use to authenticate to the server.

remotehost is the FQDN to the server.

remoteport is the server port to connect to.

params are chosen from this list:

• encoder, the message encoding used to communicate with the server. Possible values are:
  • 1 (XML)
  • 2 (JSON)
  • 3 (TTLV)

Apple

A storage can be opened on macOS using this syntax: apple:///{path}/?{params}

This is a legacy way to work with keychains on macOS and iOS.

path is the path for storage file.

params are chosen from this list:

• keychainindex, key chain index. If not provided, one will be set to 0.
• readonly, whether to access the storage with only read permissions. Use 0 for false, and 1 for true.

params are chosen from this list:

• readonly, whether to access the storage with only read permissions. Use 0 for false, and 1 for true.