关于微软的CAPICOM

（1）

CAPICOM Reference

The CAPICOM COM client provides services that enable application developers to add security based on cryptography（密码术） to applications. CryptoAPI includes functionality for authentication（认证） using digital signatures, for enveloping messages, and for encrypting （加密）and decrypting（解密） data.

• Certificate Store Objects 

         Objects available for using certificate stores and the    certificates in those stores.

        （1）  Certificate    

     ##When To Use##

    The Certificate object is used to perform the following tasks:

• Load certificate data, including the private key, from a file.
• Get information from the certificate.
• Return basic constraints, EKU, extended properties, extensions, key usage, public key, and template objects associated with the certificate.
• Determine whether the certificate is valid and check the access availability of the certificate subject's private key.
• Display the certificate.
• Import and export the certificate.
• Save the certificate to a file.
• Retrieve or set properties that describe the certificate.

    <a href src="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/certificate.asp"/>

        （2）PrivateKey  

          （3）PublicKey

         （4）Store

• Digital Signature Objects

     （1）SignedData   

    Object used to sign data and to verify the signature on signed data.

     （2）Signer    Information on a single data signer, including the signer's certificate