Hash specifies a hash algorithm this HMAC is based on. Valid values are: calgMD4, calgMD5, calgSHA, calgSHA256, calgSHA384 and calgSHA512. The last three hash algorithms require the Microsoft Enhanced RSA and AES Cryptographic Provider.

To generate a self-signed certificate, Context must be set to Nothing. To sign the new certificate with another certificate, the signer certificate's PrivateKeyContetx property must be used to obtain its private key context.

NotBefore and NotAfter specify the certificate's validity period.

IncludePrivateKey specifies whether the corresponding private key context must be saved with the certificate when the latter is copied to a certificate store. You must set this argument to True if you are to use the certificate being created for signing other certificates.

See the description of Subject in the comments to the GenerateCertificateRequest method.

Request is a Base64-encoded PKCS#10 certificate request string.

See the comments to the CreateCertificate method for the description of the other arguments.

If SignerContext is set to Nothing, this context's private key will be used to sign the new certificate.

ThisUpdate specifies when the CRL is created. NextUpdate specifies when the next CRL update is scheduled to be issued.

Returns an empty CryptoCrl object. You must call the AddRevocation method on that object one or several times to add revocation entities to the CRL. After that, the ExportToFile method must be called on the object to save the newly created CRL to a file.

See the comments to the GenerateKey method for the description of the arguments.

Algorithm specifies the hash algorithm to be used. It must be set to one of the following values: calgSHA (default), calgMD2, calgMD4 and calgMD5 for the SHA, MD2, MD4 and MD5 hash algorithms, respectively.

On Windows 2003 with the Microsoft Enhanced RSA and AES Cryptographic Provider, you can also use the values calgSHA256, calgSHA384 and calgSHA512 for the SHA-256, SHA-384 and SHA-512, respectively (version 2.3.0.3 or higher of AspEncrypt is required).

TripleDES, if present and set to True, specifies that the message is to be encrypted using the Triple DES algorithm (168-bit encryption).

If the current CSP is the Microsoft Base Cryptographic Provider, Algorithm can be set to one of the following values: calgRC2 (default) and calgRC4 for the RC2 and RC4 algorithms, respectively. If the current CSP is the Microsoft Enhanced Cryptographic Provider, Algorithm can also be set to one of the following values: calgDES, calg3DES and calg3DES2 for the DES, Triple DES, and Triple DES with 2 Keys algorithms, respectively. If the current CSP is the "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)" (XP) or "Microsoft Enhanced RSA and AES Cryptographic Provider" (Windows 2003), Algorithm can also be set to calgAES128, calgAES192 and calgAES256 for 128-bit, 192-bit and 256-bit AES keys, respectively (AspEncrypt 2.3+ is required for AES support).

A key is derived by computing a one-way hash function from the specified password. HashAlgorithm specifies the hash algorithm to be used. It can be set to one of the following values: calgSHA (default), calgSHA256, calgMD2, calgMD4, calgMD5 for the SHA, SHA256, MD2, MD4 and MD5 hash algorithms, respectively.

See the comments to the GenerateKey method for the description of the other arguments.

ExchangeKey specifies a key to be used to decrypt the key if it was encrypted during exporting. If a symmetric key is being imported, ExchnageKey must be a key pair. If a key pair is being imported, ExchangeKey must be a symmetric key. If a public key is being imported no decryption is necessary and the argument should be set to Nothing.

Path specifies the path to the file containing the key being imported.

BlobType specifies what type of key blob is being imported. It can be set to one of the following values: cbtSimpleBlob, cbtPrivateKeyBlob, or 0 (if a public key alone is being imported).

This method was introduced in version 2.6.

ReverseBytes (introduced by AspEncrypt 2.1.0.2) is an optional parameter which is set to False by default. If set to True, causes the byte order of the key to be reversed. This is useful if a 3rd party encryption package supplies its keys with the byte order opposite to the order CryptoAPI (and AspEncrypt) use. Whether you should use this parameter can usually be determined by trial and error.

Version 2.1 or higher of AspEncrypt is required to avoid concurrency problems. Use the "containerless" mode of operation when using this method by passing an empty string to OpenContext.