X.509 Certificate Length

In the Microsoft CryptoAPI, there's a key parameter known as KP_CERTIFICATE.  When implemented in a CSP, it stores a certificate associated with the key.  This certificate can then be retrieved from the CSP for use with things like WinLogon.

X.09 certificates are encoded in a binary format known as ASN.1 DER.  This format contains imbedded length information.  Hence no length parameter is needed when providing the certificate to the CSP via CryptSetKeyParam.

asnLength.cpp provides a simple routine to determine the length of a memory resident ASN.1 DER or BER encoded object.  This works nicely with certificates, PKCS-7 blobs, etc.  This code was originally released to the public by Microsoft at a CSP Developers' Conference in 1997.

The relevant routine is:

Asn1Length:

DWORD Asn1Length(IN LPCBYTE pbAsn1) throw(DWORD);

This routine parses a given ASN.1 buffer and returns the complete length of the encoding, including the leading tag and length bytes.

Arguments:

pbData supplies the buffer to be parsed.

Return Value:

The length of the entire ASN.1 buffer.

Throws:

Overflow errors are thrown as DWORD status codes.