Microsoft Enhanced Cryptographic Provider
A version of this page is also available for
4/8/2010
The Microsoft Enhanced Cryptographic Provider, called the Enhanced Provider, supports the same capabilities as the Microsoft Base Cryptographic Provider, called the Base Provider. The Enhanced Provider supports stronger security through longer keys and additional algorithms. It can be used with all versions of CryptoAPI.
Cryptography Services with High Encryption Provider is FIPS 140-2, level 1 certified.
For more information about FIPS certification for Windows Mobile, and Windows Mobile Version 5.0 with the Messaging and Security Feature Pack (MSFP), see this Web site.
Note
S/MIME works with defaults of Windows Server certificate authority: Template type: Email Protection Provider: "Microsoft Enhanced Cryptographic Provider"
To maintain backward compatibility with earlier provider versions, the provider name, as defined in the Wincrypt.h header file, retains the version 1.0 designation. However, version 2.0 of this provider is also shipping. To determine the version of the provider in use, call CryptGetProvParam with the dwParam argument set to PP_VERSION. Version 2.0 is in use if 0x0200 is returned.
Provider Type: PROV_RSA_FULL
Provider Name: Microsoft Enhanced Cryptographic Provider v1.
The following table shows the algorithms supported by the Microsoft Enhanced Cryptographic Provider.
| Algorithm ID | Description | Comments |
|---|---|---|
CALG_AES_128 |
AES block encryption algorithm |
Key length: 128 bits. |
CALG_AES_192 |
AES block encryption algorithm |
Key length: 192 bits. |
CALG_AES_256 |
AES block encryption algorithm |
Key length: 256 bits. |
CALG_MD2 |
MD2 hashing algorithm |
No comment. |
CALG_MD5 |
MD5 hashing algorithm |
No comment. |
CALG_SHA |
SHA hashing algorithm |
No comment. |
CALG_SHA1 |
Same as CALG_SHA |
No comment. |
CALG_SHA_256 |
SHA-2 hashing algorithm |
CALG_SHA_256, CALG_SHA_384, and CALG_SHA_512 are collectively referred to as the SHA-2 hashing algorithm |
CALG_SHA_384 |
SHA-2 hashing algorithm |
CALG_SHA_256, CALG_SHA_384, and CALG_SHA_512 are collectively referred to as the SHA-2 hashing algorithm |
CALG_SHA_512 |
SHA-2 hashing algorithm |
CALG_SHA_256, CALG_SHA_384, and CALG_SHA_512 are collectively referred to as the SHA-2 hashing algorithm |
CALG_MAC |
MAC keyed-hash algorithm |
Block cipher MAC. |
CALG_HMAC |
MAC keyed-hash algorithm |
HMAC computation. |
CALG_SSL3_SHAMD5 |
SLL3 client authentication algorithm |
No comment. |
CALG_RSA_SIGN |
RSA public-key signature algorithm |
Key length: Can be set from 384 bits to 16,384 bits in 8-bit increments. Default key length: 1,024 bits. Signature conforms to PKCS #1. |
CALG_RSA_KEYX |
RSA public-key exchange algorithm |
Key length: Can be set from 384 bits to 16,384 bits in 8-bit increments. Default key length: 1,024 bits. |
CALG_RC2 |
RC2 block encryption algorithm |
Default Key length: 128 bits. Default mode: Cipher block chaining. Block size: 64 bits. Salt length: 88 bits. |
CALG_RC4 |
RC4 stream encryption algorithm |
Default Key length: 128 bits. Salt length: 88 bits. |
CALG_RC5 |
RC5 block encryption algorithm |
Key length: 128 bits. No salt allowed. |
CALG_DES |
DES encryption |
DES encryption Key Length: 56 bits. Default mode: Cipher block chaining. Block size: 64 bits. No salt allowed. |
CALG_3DES_112 |
Two-key triple DES encryption |
Key Length: 112 bits. Default mode: Cipher block chaining. Block size: 64 bits. No salt allowed. |
CALG_3DES |
Triple DES |
Key Length: 168 bits. Default mode: Cipher block chaining. Block size: 64 bits. No salt allowed. |
See Also
Concepts
Microsoft Cryptographic System
Microsoft RSA Base Provider
Key Length Comparison