CryptoManager is the main AspEncrypt object which is creatable via the CreateObject or New statement. This object serves as an "object factory" for the other AspEncrypt objects

Properties	Methods
Expires IncludeErrorCode RegKey Version	CreateBlob DeleteKeySet ImportCertFromBlob ImportCertFromFile ImportCrlFromFile ImportStoreFromBlob ImportStoreFromFile LogonUser OpenContext OpenContextEx OpenStore OpenStoreFromPFX OpenStoreFromPFXBlob RevertToSelf SetDefaultProvider

---

Function CreateBlob

Creates an empty CryptoBlob object which can be used to export, store, convert and import binary data.

Return value: an empty CryptoBlob object.

Usage:

Set Blob = CM.CreateBlob

---

Sub DeleteKeySet ( Container As String, MachineKey As Boolean )

Permanently deletes all keys from a key container specified by Container and MachineKey.

Usage:

CM.DeleteKeySet "mycontainer", True

---

Function ImportCertFromBlob ( Blob As CryptoBlob ) As CryptoCert

Imports a DER-encoded X.509 certificate (.cer) from a Blob. This method is useful when accessing a client certificate received through ASP's Request.ClientCertificate("Certificate") object.

Return value: a CryptoCert object representing the imported certificate.

Usage:

Set Blob = CM.CreateBlob
Blob.Binary = Request.ClientCertificate("Certificate").Item
Set Cert = CM.ImportCertFromBlob(Blob)

Relevant Section: 4.3 Certificate Exporting and Importing.

---

Function ImportCertFromFile ( Path As String ) As CryptoCert

Imports a DER-encoded X.509 certificate (.cer) from a file specified by Path into a CryptoCert object. The file may be either in the binary or Base64-encoded form.

Return value: a CryptoCert object representing the newly opened certificate.

Usage:

Set Cert = CM.ImportCertFromFile("d:\path\somecert.cer")

Relevant Section: 4.3 Certificate Exporting and Importing.

---

Function ImportCrlFromFile ( Path As String ) As CryptoCrl

Imports a certificate revocation list (CRL) in the .crl format from a file specified by Path into a CryptoCrl object.

Return value: a CryptoCrl object representing the newly opened CRL.

Usage:

Set CRL = CM.ImportCrlFromFile("d:\path\list.crl")

---

Function ImportStoreFromBlob ( Blob As CryptoBlob ) As CryptoStore

Imports a collection of certificates in the PKCS#7 format (.spc) from binary data specified by Blob into a CryptoStore object. This method was added in Version 2.4.

Return value: a CryptoStore object representing the newly opened certificate store.

Usage:

Set Store = CM.ImportStoreFromBlob( Blob )

Relevant Section: 4.3 Certificate Exporting and Importing.

---

Function ImportStoreFromFile ( Path As String ) As CryptoStore

Imports a collection of certificates in the PKCS#7 format (.spc) from a file specified by Path into a CryptoStore object.

Return value: a CryptoStore object representing the newly opened certificate store.

Usage:

Set Store = CM.ImportStoreFromFile("d:\path\store.cer")

Relevant Section: 4.3 Certificate Exporting and Importing.

---

Sub LogonUser ( Domain As String, Username As String, Password As String, Optional Flags = LOGON_INTERACTIVE )

Impersonates an arbitrary user account. Use this method to avoid an "Access Denied" error caused by the current user (such as IUSR_MACHINENAME) lacking permissions to perform a sensitive operation such as opening a certificate store.

If Domain is empty the local computer will be used to validate the specified username/password.

Flags may be set to values 2 (LOGON_INTERACTIVE, default), 3 (LOGON_NETWORK), 4 (LOGON_BATCH) and 5 (LOGON_SERVICE).

Usage:

CM.LogonUser "mydomain", "admin", "xxx"

---

Function OpenContext ( Container As String, MachineKey As Boolean, Optional CreateNew = False ) As CryptoContext

Opens a cryptographic context. Container specifies the key container name. MachineKey specifies whether the container is located under the HKEY_LOCAL_MACHINE (if True) or HKEY_CURRENT_USER (if False) section of the system registry. Use True if AspEncrypt is used in an ASP environment, or False otherwise.

If the specified container is empty a key-exchange and signature key pairs will be created automatically. If CreateNew is specified and set to True the key container will be populated by a new set of key pairs.

As of Version 2.5, Container may contain public-key length separated from the container name with "##", e.g. "mycontainer##2048". By default, the key length is 1024.

This method uses the default cryptographic service provider. To specify a provider name explicitly, use OpenContextEx instead.

When a container name is not specified, AspEncrypt does not attempt to access private keys, which results in a significant improvement in performance and eliminates certain concurrency problems. You should not use the containerless mode if you call the method Context.GetUserKey . You must use this mode if you call the methods Context.CreateExponentOneKey and Context.ImportRawKey.

Return value: a CryptoContext object representing the newly opened cryptographic context.

Usage:

Set Context = CM.OpenContext("mycontainer", True) (key length: 1024)

or

Set Context = CM.OpenContext("", True)

or

Set Context = CM.OpenContext("mycontainer##2048", True) (key length: 2048, requires version 2.5+).

Relevant Section: 2.2 OpenContext and OpenContextEx Methods.

---

Function OpenContextEx ( Provider As String, Container As String, MachineKey As Boolean, Optional CreateNew = False ) As CryptoContext

Same as OpenContext, but allows you to specify a Cryptographic Service Provider explicitly rather than relying on the default provider.

Usage:

Set Context = CM.OpenContextEx("Microsoft Enhanced RSA and AES Cryptographic Provider", "", False)

Relevant Section: 2.2 OpenContext and OpenContextEx Methods.

---

Function OpenStore ( Name As String, MachineKey As Boolean ) As CryptoStore

Opens a certificate store. Name specifies the store name. MachineKey specifies whether the store is located under the HKEY_LOCAL_MACHINE (if True) or HKEY_CURRENT_USER (if False) section of the system registry.

Return value: a CryptoStore object representing the newly opened certificate store.

Usage:

Set Store = CM.OpenStore("MY", True)

Relevant Section: 4.2 Working with Certificate Stores.

---

Function OpenStoreFromPFX ( Path As String, Password As String ) As CryptoStore

Opens a Personal Information Exchange (a.k.a. PKCS#12) file containing a certificate together with its private key. Path specifies the location of the file. Password specifies the password used to encrypt private key information in the file. A certificate obtained this way can be used to generate digital signatures and send signed mail.

Return value: a CryptoStore object representing the newly opened certificate store.

Usage:

Set Store = CM.OpenStoreFromPFX("c:\path\myfile.pfx", "password")
Set Cert = Store.Certificates(1)
Set SignerContext = Cert.PrivateKeyContext

Relevant Task: 4.4 Support for PKCS#12 (PFX) Format.

---

Function OpenStoreFromPFXBlob ( Blob As CryptoBlob, Password As String ) As CryptoStore

Same as OpenStoreFromPFX but opens the PFX file from a memory buffer contained in Blob as opposed to a disk file.

This method was introduced in Version 2.8.

Relevant Task: 4.4 Support for PKCS#12 (PFX) Format.

---

Sub RevertToSelf

Ends impersonation begun by LogonUser.

Usage:

CM.RevertToSelf

---

Sub SetDefaultProvider ( Name As String )

Specifies the default cryptographic service provider for the current user.

This method is obsolete on Windows 2003 and later.

---