About Cryptographic Service Provider
A version of this page is also available for
4/8/2010
A cryptographic service provider (CSP) contains implementations of cryptographic standards and algorithms. At a minimum, a CSP consists of a dynamic-link library (DLL) that implements the functions in CryptoSPI. Most CSPs contain the implementation of all of their own functions; however, some CSPs implement their functions mainly in a service program based on Microsoft Win32 and managed by the Win32 service control manager. Others implement functions in hardware, such as a smart card or secure coprocessor. If a CSP does not implement its own functions, the DLL acts as a pass-through layer, facilitating the communication between the operating system and the actual CSP implementation.
Applications do not communicate directly with a CSP. Instead, applications call the CryptoAPI functions exposed by the operating system's Coredll.dll and Crypt32.dll files. The operating system filters these functions calls and passes them on to the appropriate CSP functions through CryptoSPI.
All custom CSPs must support all of the following DLL entry points. Each function in the table corresponds directly to a CryptoAPI function with the prefix of Crypt instead of CP. For example, CPCreateHash is the same as CryptCreateHash.
Function | Description |
---|---|
Acquires a handle to a particular key container within the CSP. |
|
Creates a hash object and returns a handle to it. |
|
Decrypts a section of ciphertext using the specified encryption key. |
|
Creates a key from a password. |
|
Destroys a hash object. |
|
Destroys a key. |
|
Makes an exact copy of a hash object and the state the hash is in. |
|
Makes an exact copy of a key, including the state of a key. |
|
Encrypts a section of plaintext using the specified encryption key. |
|
Transfers a key from the CSP into a key BLOB in the application's memory. |
|
Creates a random key. |
|
Generates random data. |
|
Retrieves a hash object parameter. |
|
Retrieves a key's parameters. |
|
Retrieves attributes of the CSP. |
|
Gets a handle to the key exchange or signature key. |
|
Hashes a block of data and adds it to the specified hash object. |
|
Hashes a session key and adds it to the specified hash object. |
|
Transfers a key from a key BLOB to a CSP. |
|
Frees the handle acquired by CPAcquireContext. |
|
Sets a hash object parameter. |
|
Specifies a key's parameters. |
|
Sets specific attributes of a CSP. |
|
Signs the specified hash object. |
|
Verifies a digital signature. |
See Also
Concepts
Microsoft Cryptographic System
Using Basic Cryptography Services
Protected Store
Cryptography Security
Cryptography Registry Settings