Key Databases (Windows CE 5.0)
Each cryptographic service provider (CSP) has a key database in which it stores persistent cryptographic keys. Each key database contains one or more key containers, each of which contains all the key pairs belonging to a specific user. The following illustration shows the relationship between CSPs, key databases, and key containers.
.gif "ms925926.keydb(en-us,MSDN.10).gif")
The CSP stores each key container from session to session, including all of the public/private key pairs that it contains. However, session keys are not automatically persisted to any permanent storage media.
Generally, a default key container is created for each user. Default key containers have a default name.
An application can create its own key container and key pairs, and assign a name to the key container. A key is created for each user and each machine. For each user, the key container is located in the HKEY_CURRENT_USER\Comm\Security\Crypto registry key. For each machine, the key container is located in the HKEY_LOCAL_MACHINE\Comm\Security\Crypto registry key.
CryptoAPI encrypts the contents of the key container using the CryptProtectData function.
See Also
Cryptography | Microsoft Cryptographic System | Certificates
Send Feedback on this topic to the authors