Skip navigation
Menu
Software Development>Development Techniques and Management

Introducing CAPICOM

Summary: CAPICOM is a new security technology from Microsoft that allows Microsoft Visual Basic, Visual Basic Script, ASP, and C++ programmers to easily incorporate digital signing and encryption into their application.

Contents

Introduction
What Is CAPICOM?
What Can CAPICOM Do?
Signing Data with CAPICOM
Safe from Prying Eyes
A Message for Only Alice and Bob
Minding the Store
Platform Availability
Where to Get It
Feedback and Questions

Introduction

This article introduces CAPICOM, a new security technology from Microsoft. It covers the basic features of CAPICOM. This article is recommended reading for anyone building applications involving digital certificates, digital signatures, encryption, or public key cryptography.

What Is CAPICOM?

CAPICOM is a Microsoft ActiveX control that provides a COM interface to Microsoft CryptoAPI. It exposes a select set of CryptoAPI functions to enable application developers to easily incorporate digital signing and encryption functionality into their applications. Because it uses COM, application developers can access this functionality in a number of programming environments such as Microsoft Visual Basic, Visual Basic Script, Active Server Pages, Microsoft JScript, C++, and others. CAPICOM is packaged as an ActiveX control, allowing Web developers to utilize it in Web based applications as well.

What Can CAPICOM Do?

CAPICOM can be used to enable the following tasks:

Digitally sign data with a smart card or software key

Verify digitally signed data

Graphically display certificate information

Inspect certificate properties such as subject name or expiration date

Add and remove certificates from the certificate stores

Encrypt and decrypt data with a password

Encrypt and decrypt data using public keys and certificates

Signing Data with CAPICOM

CAPICOM can sign data whether it is binary or text. CAPICOM can digitally sign data with a certificate issued from a commercial Certificate Authority (CA) such as Verisign, a certificate issued from a Microsoft Windows 2000 PKI, or a self-signed certificate. CAPICOM use a certificate whose private key is stored in software, on a smart card, or on a USB token device. The application developer can either pre-select the certificate needed during the signing operation or allow the user to choose, if he or she has more than one certificate. Figure 1 shows the dialog presented to the user when he or she has more than one certificate.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
Microsoft's GitHub offices
Microsoft’s AI Copilot Is Starting to Automate the Coding Industry
Apr 17, 2024
digital world map on warehouse background
How To Build an International Shipping Software System
Jan 30, 2024
artificial intelligence concept art
Top 10 AI Stories of 2023
Dec 19, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023