The X500 component is a general component which provides services for the handling of X500 distinguished names. It implements
the Distinguished Name as defined in the X.500 standard. An X.500 Distinguished Name consists of a sequence of AttributeTypeAndValue
objects, as defined in the X.520 standard. Thus the two public classes implemented in this DLL are CX520AttributeTypeAndValue
and CX500DistinguishedName
.
The X509 component provides classes for handling X509 certificates. It provides an implementation of the X.509 certificate and its components. In fact X500 also includes structures from X.520, but for simplicity they are considered to be part of X.500
For the most part these DLLs simply represent data which the PKIXCert
DLL operates on: they are the primary input to certificate validation.
In the X.500, X.509 and X.520 standards the structures are specified with Abstract Syntax Notation 1 (ASN.1) and are encoded for transport using the Basic Encoding Rules (BER) which encode ASN.1 as 8-bit binary data.
In addition, when they represent data to be signed, as they do within certificate management, the signature is calculated on the data encoded using Distinguished Encoding Rules (DER: a subset of BER which has the property that the same data always encodes to the same binary representation).