Persits Software, Inc. Web Site
Main Menu:  Home |  News |  Manual |  Object Reference |  Crypto 101 |  Download & Buy |  Live Demo |  Support |  Contact
 Navigator:  Home |  Object Reference |  CryptoManager Object
CryptoContext
  CryptoManager Object
CryptoManager is the main AspEncrypt object which is creatable via the CreateObject or New statement. This object serves as an "object factory" for the other AspEncrypt objects

Properties Methods
Expires
IncludeErrorCode
RegKey
Version
CreateBlob
DeleteKeySet
ImportCertFromBlob
ImportCertFromFile
ImportCrlFromFile
ImportStoreFromBlob
ImportStoreFromFile
LogonUser
OpenContext
OpenContextEx
OpenStore
OpenStoreFromPFX
OpenStoreFromPFXBlob
RevertToSelf
SetDefaultProvider

  CryptoManager Properties

Expires As Date (Read-only)

Returns the component's expiration date. If a valid registration key is installed this property returns 9/9/9999. If the expiration value in the registry is missing or currupt, it returns 0 (displayed as 12:00:00 AM).

IncludeErrorCode As Boolean (Read/Write)

If set to True, instructs CryptoManager to prepend all system error descriptions with the genuine NT error codes in the Hex format. False by default.

RegKey As String (Write-only)

Specifies the registration key. If this property is not set, AspEncrypt will look for a registration key in the system registry under HKLM\Software\Persits Software\AspEncrypt\RegKey.

This property was added in Version 2.4.


Version As String (Read-only)

Returns the component's current version as a string in the following format:

"2.5.0.0" (Double quotes are not part of the returned value.)


  CryptoManager Methods


Function CreateBlob
Creates an empty CryptoBlob object which can be used to export, store, convert and import binary data.

Return value: an empty CryptoBlob object.

Usage:

Set Blob = CM.CreateBlob


Sub DeleteKeySet ( Container As String, MachineKey As Boolean )
Permanently deletes all keys from a key container specified by Container and MachineKey.

Usage:

CM.DeleteKeySet "mycontainer", True


Function ImportCertFromBlob ( Blob As CryptoBlob ) As CryptoCert
Imports a DER-encoded X.509 certificate (.cer) from a Blob. This method is useful when accessing a client certificate received through ASP's Request.ClientCertificate("Certificate") object.

Return value: a CryptoCert object representing the imported certificate.

Usage:

Set Blob = CM.CreateBlob
Blob.Binary = Request.ClientCertificate("Certificate").Item
Set Cert = CM.ImportCertFromBlob(Blob)

Relevant Section: 4.3 Certificate Exporting and Importing.


Function ImportCertFromFile ( Path As String ) As CryptoCert
Imports a DER-encoded X.509 certificate (.cer) from a file specified by Path into a CryptoCert object. The file may be either in the binary or Base64-encoded form.

Return value: a CryptoCert object representing the newly opened certificate.

Usage:

Set Cert = CM.ImportCertFromFile("d:\path\somecert.cer")

Relevant Section: 4.3 Certificate Exporting and Importing.


Function ImportCrlFromFile ( Path As String ) As CryptoCrl
Imports a certificate revocation list (CRL) in the .crl format from a file specified by Path into a CryptoCrl object.

Return value: a CryptoCrl object representing the newly opened CRL.

Usage:

Set CRL = CM.ImportCrlFromFile("d:\path\list.crl")


Function ImportStoreFromBlob ( Blob As CryptoBlob ) As CryptoStore
Imports a collection of certificates in the PKCS#7 format (.spc) from binary data specified by Blob into a CryptoStore object. This method was added in Version 2.4.

Return value: a CryptoStore object representing the newly opened certificate store.

Usage:

Set Store = CM.ImportStoreFromBlob( Blob )

Relevant Section: 4.3 Certificate Exporting and Importing.


Function ImportStoreFromFile ( Path As String ) As CryptoStore
Imports a collection of certificates in the PKCS#7 format (.spc) from a file specified by Path into a CryptoStore object.

Return value: a CryptoStore object representing the newly opened certificate store.

Usage:

Set Store = CM.ImportStoreFromFile("d:\path\store.cer")

Relevant Section: 4.3 Certificate Exporting and Importing.


Sub LogonUser ( Domain As String, Username As String, Password As String, Optional Flags = LOGON_INTERACTIVE )
Impersonates an arbitrary user account. Use this method to avoid an "Access Denied" error caused by the current user (such as IUSR_MACHINENAME) lacking permissions to perform a sensitive operation such as opening a certificate store.

If Domain is empty the local computer will be used to validate the specified username/password.

Flags may be set to values 2 (LOGON_INTERACTIVE, default), 3 (LOGON_NETWORK), 4 (LOGON_BATCH) and 5 (LOGON_SERVICE).

Usage:

CM.LogonUser "mydomain", "admin", "xxx"


Function OpenContext ( Container As String, MachineKey As Boolean, Optional CreateNew = False ) As CryptoContext
Opens a cryptographic context. Container specifies the key container name. MachineKey specifies whether the container is located under the HKEY_LOCAL_MACHINE (if True) or HKEY_CURRENT_USER (if False) section of the system registry. Use True if AspEncrypt is used in an ASP environment, or False otherwise.

If the specified container is empty a key-exchange and signature key pairs will be created automatically. If CreateNew is specified and set to True the key container will be populated by a new set of key pairs.

As of Version 2.5, Container may contain public-key length separated from the container name with "##", e.g. "mycontainer##2048". By default, the key length is 1024.

This method uses the default cryptographic service provider. To specify a provider name explicitly, use OpenContextEx instead.

When a container name is not specified, AspEncrypt does not attempt to access private keys, which results in a significant improvement in performance and eliminates certain concurrency problems. You should not use the containerless mode if you call the method Context.GetUserKey . You must use this mode if you call the methods Context.CreateExponentOneKey and Context.ImportRawKey.

Return value: a CryptoContext object representing the newly opened cryptographic context.

Usage:

Set Context = CM.OpenContext("mycontainer", True) (key length: 1024)

or

Set Context = CM.OpenContext("", True)

or

Set Context = CM.OpenContext("mycontainer##2048", True) (key length: 2048, requires version 2.5+).

Relevant Section: 2.2 OpenContext and OpenContextEx Methods.


Function OpenContextEx ( Provider As String, Container As String, MachineKey As Boolean, Optional CreateNew = False ) As CryptoContext
Same as OpenContext, but allows you to specify a Cryptographic Service Provider explicitly rather than relying on the default provider.

Usage:

Set Context = CM.OpenContextEx("Microsoft Enhanced RSA and AES Cryptographic Provider", "", False)

Relevant Section: 2.2 OpenContext and OpenContextEx Methods.


Function OpenStore ( Name As String, MachineKey As Boolean ) As CryptoStore
Opens a certificate store. Name specifies the store name. MachineKey specifies whether the store is located under the HKEY_LOCAL_MACHINE (if True) or HKEY_CURRENT_USER (if False) section of the system registry.

Return value: a CryptoStore object representing the newly opened certificate store.

Usage:

Set Store = CM.OpenStore("MY", True)

Relevant Section: 4.2 Working with Certificate Stores.


Function OpenStoreFromPFX ( Path As String, Password As String ) As CryptoStore
Opens a Personal Information Exchange (a.k.a. PKCS#12) file containing a certificate together with its private key. Path specifies the location of the file. Password specifies the password used to encrypt private key information in the file. A certificate obtained this way can be used to generate digital signatures and send signed mail.

Return value: a CryptoStore object representing the newly opened certificate store. This method uses an undocumented CryptoAPI function PFXImportCertStore from the library Crypt32.dll. For this method to work, you must call CM.LogonUser prior to calling OpenStoreFromPFX, and under IIS 5.0 your virtual directory's Application Protection option must be set to Low. Otherwise you will receive the error

Persits.CryptoManager.1 (0x800A0055)
The system cannot find the file specified.

Usage:

CM.LogonUser "domain", "account", "password"
Set Store = CM.OpenStoreFromPFX("c:\path\myfile.pfx", "password")
Set Cert = Store.Certificates(1)
Set SignerContext = Cert.PrivateKeyContext

Relevant Task: 4.4 Support for PKCS#12 (PFX) Format.


Function OpenStoreFromPFXBlob ( Blob As CryptoBlob, Password As String ) As CryptoStore
Same as OpenStoreFromPFX but opens the PFX file from a memory buffer contained in Blob as opposed to a disk file.

This method was introduced in Version 2.8.

Relevant Task: 4.4 Support for PKCS#12 (PFX) Format.


Sub RevertToSelf

Ends impersonation begun by LogonUser.

Usage:

CM.RevertToSelf


Sub SetDefaultProvider ( Name As String )
Specifies the default cryptographic service provider for the current user.

This method is obsolete on Windows 2003 and later.


CryptoContext

  This site is owned and maintained by Persits Software, Inc. Copyright © 2000 - 2010. All Rights Reserved.