Using Basic Cryptography Services

A version of this page is also available for

Windows Embedded CE 6.0 R3

4/8/2010

Applications can use the CryptoAPI for the following tasks:

• Generating cryptographic keys
• Exporting cryptographic keys
• Encrypting and decrypting data
• Creating digital signatures
• Connecting to a CSP

All data encryption using CryptoAPI is performed with a symmetric algorithm, regardless of the installed CSP.

In This Section

The following topics describe the elements and tasks of basic cryptography services.

• Key Databases
  Explains what key databases are, and how Cryptographic Service Providers (CSPs) use them to persist cryptographic keys.

• Key BLOBs
  Explains what Key Binary Large Objects (key BLOBs) are, and how to use them.

• Generating Cryptographic Keys
  Explains how to generate cryptographic keys, and details the set the functions that an application can use to generate cryptographic keys.

• Connecting to a CSP
  Explains how to connect to a CSP, and details the set of functions an application can use to connect to a cryptographic service provider (CSP). These functions also enable applications to choose a specific CSP by name or get one with a specific set of properties.

• Exchanging Public Keys
  Explains why, when, and how to exchange public keys.

• Importing Raw Cryptographic Keys
  Explains how to import raw cryptographic keys. This topic includes a code example that demonstrates how to work with raw keys.

• Exporting Cryptographic Keys
  Explains why, when, and how to export cryptographic keys, and details the functions you can use to create, configure, and destroy cryptographic keys, and exchange them with other users.

• Storing Session Keys
  Explains how to store session key BLOBs, and describes an alternative method of storing session keys.

• Using a Backup Authority
  Describes what a Backup Authority is, and how to store a session key in one.

• Exchanging Session Keys
  Explains why, when, and how to exchange session keys.

• Encrypting and Decrypting Data
  Explains how to encrypt and decrypt data. This section also includes code samples that demonstrate how to encrypt and decrypt data.

• Encrypting and Decrypting Simultaneously
  Explains how to encrypt and decrypt information simultaneously. This section includes a code examples demonstrating how a copy of a session key can be obtained.

• Creating Digital Signatures
  Explains how to create digital signatures, and details the set of functions that applications can use to compute secure digests of data, and to create and verify digital signatures.

• Signing and Verifying Messages
  Explains how to digitally sign messages, and how to verify digitally signed messages.

• Hashing and Digital Signature Algorithms
  Describes several algorithms used to compute hashes and digital signatures. Each algorithm is supported by the Microsoft RSA Base Provider.

See Also

Concepts

Microsoft Cryptographic System
About Cryptographic Service Provider
Protected Store
Cryptography Security
Cryptography Registry Settings

Other Resources

Cryptography
Certificates