CRYPT_KEY_PROV_INFO

A version of this page is also available for

Windows Embedded CE 6.0 R3

4/8/2010

This structure contains fields that are passed as arguments to the CryptAcquireContext function to acquire a handle to a particular key container within a particular cryptographic service provider (CSP) or to create or destroy a key container.

Syntax

typedef struct _CRYPT_KEY_PROV_INFO {
  LPWSTR pwszContainerName;
  LPWSTR pwszProvName;
  DWORD dwProvType;
  DWORD dwFlags;
  DWORD cProvParam;
  PCRYPT_KEY_PROV_PARAM rgProvParam;
  DWORD dwKeySpec;
} CRYPT_KEY_PROV_INFO, *PCRYPT_KEY_PROV_INFO;

Members

  • pwszContainerName
    String naming a key container within a particular CSP.
  • pwszProvName
    String that names a CSP.
  • dwProvType
    CSP type. This member can be set to the following values:

    • PROV_DH_SCHANNEL
    • PROV_DSS
    • PROV_DSS_DH
    • PROV_EC_ECDSA_FULL
    • PROV_EC_ECDSA_SIG
    • PROV_EC_ECNRA_FULL
    • PROV_EC_ENRA_SIG
    • PROV_FORTEZZA
    • PROV_INTEL_SEC
    • PROV_MS_EXCHANGE
    • PROV_RNG
    • PROV_RSA_FULL
    • PROV_RSA_SCHANNEL
    • PROV_RSA_SIG
    • PROV_SPYRUS_LYNKS
    • PROV_SSL
  • dwFlags
    Values indicating whether a key container is to be created or destroyed and whether an application is allowed access to a key container.

    The following table shows flags that are defined and must not collide with any CryptAcquireContext function dwFlags definitions.

    Flag value Description

    CERT_SET_KEY_PROV_HANDLE_PROP_ID

    Enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions.

    CERT_SET_KEY_CONTEXT_PROP_ID

    Enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions.

    See the CryptAcquireContext function for the list of the flags passed through. The flags listed in the previous table are cleared before the CryptAcquireContext function is called. The cryptographic functions CryptDecryptMessage, CryptSignMessage, CryptDecryptAndVerifyMessageSignature, and CryptSignAndEncryptMessage internally perform CryptAcquireContext operations using CRYPT_KEY_PROV_INFO from a certificate. When the CERT_SET_KEY_CONTEXT_PROP_ID or CERT_SET_KEY_PROV_HANDLE_PROP_ID flag is set, these cryptographic functions then can call CertSetCertificateContextProperty (CERT_KEY_CONTEXT_PROP_ID). This call enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions mentioned that use that same certificate, which eliminates the need to perform another CryptAcquireContext, improving efficiency. Also, because some providers can require that a password be entered for calls to CryptAcquireContext, it is desirable for applications to minimize the number of CryptAcquireContext calls made. Handles to key providers that were kept open are freed when the store is closed.

    For example, consider an e-mail application where five encrypted messages have been received, all encrypted with the public key from the same certificate. If the handle to the key provider is kept open after the first message is processed, calls to CryptAcquireContext are not required for the four remaining messages.

  • cProvParam
    Number of elements in the rgProvParam array.
  • dwKeySpec
    Specification of the private key to retrieve. The following table shows values for the dwKeySpec member that are defined for the default provider.

    Value Description

    AT_KEYEXCHANGE

    Keys used to encrypt/decrypt session keys.

    AT_SIGNATURE

    Keys used to create and verify digital signatures.

Requirements

Header wincrypt.h
Windows Embedded CE Windows CE 3.0 and later
Windows Mobile Windows Mobile Version 5.0 and later

See Also

Reference

CertGetCertificateContextProperty
CertSetCertificateContextProperty
CryptAcquireContext
CRYPT_KEY_PROV_PARAM