X500 and X509

X500 provides services for the handling of X500 distinguished names. It implements the Distinguished Name as defined in the X.500 standard. An X.500 Distinguished Name consists of a sequence of AttributeTypeAndValue objects, as defined in the X.520 standard. Thus the two public classes implemented in this DLL are CX520AttributeTypeAndValue and CX500DistinguishedName .

X509 provides classes for handling X509 certificates. It provides an implementation of the X.509 certificate and its components. In fact X500 also includes structures from X.520, but for simplicity they are considered to be part of X.500.

For the most part these DLLs simply represent data which the PKIXCert DLL operates on: they are the primary input to certificate validation.

In the X.500, X.509 and X.520 standards the structures are specified with Abstract Syntax Notation 1 (ASN.1) and are encoded for transport using the Basic Encoding Rules (BER) which encode ASN.1 as 8-bit binary data.

In addition, when they represent data to be signed, the signature is calculated on the data encoded using Distinguished Encoding Rules (DER: a subset of BER which has the property that the same data always encodes to the same binary representation).