Edit

Cryptographic Service Provider Functions

  • Article

Each of the following sections identifies a function exported by Xenroll.dll that can be used to manage a cryptographic provider. Each topic also discusses how to use CertEnroll.dll to replace the function or indicates that no mapping between the two libraries exists:

EnumAlgs

The EnumAlgs function in Xenroll.dll retrieves a cryptographic algorithm collection.

When using CertEnroll.dll, you can perform the following actions to retrieve information about the algorithms supported by a cryptographic service provider (CSP):

  1. Call the Request property on an existing IX509Enrollment object.
  2. Call the GetInnerRequest method on the request returned from step 1 to retrieve the innermost request.
  3. Call QueryInterface on the IX509CertificateRequest object returned from step 2 to cast to an IX509CertificateRequestPkcs10 object.
  4. Call the PrivateKey property on the PKCS #10 request.
  5. Call the CspInformations property on the IX509PrivateKey object retrieved from step 4.
  6. Call the CspAlgorithms property on a specific ICspInformation object in the ICspInformations collection retrieved in step 5.

enumContainersWStr

The enumContainersWStr function in Xenroll.dll retrieves a key container from the collection by index.

The CertEnroll.dll library does not directly implement this functionality.

enumProvidersWStr

The enumProvidersWStr function in Xenroll.dll retrieves a CSP from the collection by index.

When using CertEnroll.dll, you can perform the following actions to retrieve the collection of cryptographic containers:

  1. Call the Request property on an existing IX509Enrollment object.
  2. Call the GetInnerRequest method on the request returned from step 1 to retrieve the innermost request.
  3. Call QueryInterface on the IX509CertificateRequest object returned from step 2 to cast to an IX509CertificateRequestPkcs10 object.
  4. Call the PrivateKey property on the PKCS #10 request.
  5. Call the CspInformations property on the IX509PrivateKey object retrieved from step 4.

GetAlgNameWStr

The GetAlgNameWStr function in Xenroll.dll retrieves the name of a cryptographic algorithm.

When using CertEnroll.dll, you can perform the following actions to retrieve the algorithm name:

  1. Call the Request property on an existing IX509Enrollment object.
  2. Call the GetInnerRequest method on the request returned from step 1 to retrieve the innermost request.
  3. Call QueryInterface on the IX509CertificateRequest object returned from step 2 to cast to an IX509CertificateRequestPkcs10 object.
  4. Call the PrivateKey property on the PKCS #10 request.
  5. Call the Algorithm property on the IX509PrivateKey object to retrieve the algorithm object identifier.
  6. Call the FriendlyName property on the IObjectId interface to retrieve the algorithm display name.

getProviderTypeWStr

The getProviderTypeWStr function in Xenroll.dll retrieves the cryptographic provider type.

When using CertEnroll.dll, you can perform the following actions to retrieve the provider type:

  1. Call the Request property on an existing IX509Enrollment object.
  2. Call the GetInnerRequest method on the request returned from step 1 to retrieve the innermost request.
  3. Call QueryInterface on the IX509CertificateRequest object returned from step 2 to cast to an IX509CertificateRequestPkcs10 object.
  4. Call the PrivateKey property on the PKCS #10 request.
  5. Call the ProviderType property on the IX509PrivateKey object retrieved from step 4.

HashAlgID

The HashAlgID function in Xenroll.dll retrieves an integer value that contains the ID of the algorithm used to sign a request.

When using CertEnroll.dll, you can perform the following actions to retrieve the hashing algorithm:

HashAlgorithmWStr

The HashAlgorithmWStr function in Xenroll.dll specifies or retrieves a string value that identifies the hashing algorithm used to sign a request.

When using CertEnroll.dll, you can perform the following actions to retrieve the hashing algorithm:

ProviderFlags

The ProviderFlags function in Xenroll.dll specifies or retrieves the flags used when acquiring a handle to a CSP.

The CertEnroll.dll library does not map this function perfectly, but you can obtain rich property information from the enrollment object and the private key. For more information, examine the properties exposed by the IX509Enrollment and IX509PrivateKey interfaces.

ProviderNameWStr

The ProviderNameWStr function in Xenroll.dll specifies or retrieves the name of a CSP.

When using CertEnroll.dll, you can perform the following actions to retrieve the provider name:

  1. Call the Request property on an existing IX509Enrollment object.
  2. Call the GetInnerRequest method on the request returned from step 1 to retrieve the innermost request.
  3. Call QueryInterface on the IX509CertificateRequest object returned from step 2 to cast to an IX509CertificateRequestPkcs10 object.
  4. Call the PrivateKey property on the PKCS #10 request.
  5. Call the ProviderName property on the IX509PrivateKey object retrieved from step 4.

ProviderType

The ProviderType function in Xenroll.dll specifies or retrieves an integer value that identifies the type of the CSP.

When using CertEnroll.dll, you can perform the following actions to retrieve the provider type:

  1. Call the Request property on an existing IX509Enrollment object.
  2. Call the GetInnerRequest method on the request returned from step 1 to retrieve the innermost request.
  3. Call QueryInterface on the IX509CertificateRequest object returned from step 2 to cast to an IX509CertificateRequestPkcs10 object.
  4. Call the PrivateKey property on the PKCS #10 request.
  5. Call the ProviderType property on the IX509PrivateKey object retrieved from step 4.

Mapping Xenroll.dll to CertEnroll.dll

ICspAlgorithm

ICspAlgorithms

ICspInformation

ICspInformations

IX509Enrollment

IX509PrivateKey