Expand Minimize

CRYPT_KEY_PROV_INFO structure

The CRYPT_KEY_PROV_INFO structure contains information about a key container within a cryptographic service provider (CSP).

Syntax


typedef struct _CRYPT_KEY_PROV_INFO {
  LPWSTR                pwszContainerName;
  LPWSTR                pwszProvName;
  DWORD                 dwProvType;
  DWORD                 dwFlags;
  DWORD                 cProvParam;
  PCRYPT_KEY_PROV_PARAM rgProvParam;
  DWORD                 dwKeySpec;
} CRYPT_KEY_PROV_INFO, *PCRYPT_KEY_PROV_INFO;

Members

pwszContainerName

A pointer to a null-terminated Unicode string that contains the name of the key container.

When the dwProvType member is zero, this string contains the name of a key within a CNG key storage provider. This string is passed as the pwszKeyName parameter to the NCryptOpenKey function.

pwszProvName

A pointer to a null-terminated Unicode string that contains the name of the CSP.

When the dwProvType member is zero, this string contains the name of a CNG key storage provider. This string is passed as the pwszProviderName parameter to the NCryptOpenStorageProvider function.

dwProvType

Specifies the CSP type. This can be zero or one of the Cryptographic Provider Types. If this member is zero, the key container is one of the CNG key storage providers.

dwFlags

A set of flags that indicate additional information about the provider. This can be zero or one of the following values.

ValueMeaning
CERT_SET_KEY_PROV_HANDLE_PROP_ID / CERT_SET_KEY_CONTEXT_PROP_ID

Enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions.

CRYPT_MACHINE_KEYSET / NCRYPT_MACHINE_KEY_FLAG

The key container contains machine keys. If this flag is not present, the key container contains user keys.

CRYPT_SILENT / NCRYPT_SILENT_FLAG

The key container will attempt to open any keys silently without any user interface prompts.

 

The cryptographic functions CryptDecryptMessage, CryptSignMessage, CryptDecryptAndVerifyMessageSignature, and CryptSignAndEncryptMessage internally perform CryptAcquireContext operations using the CRYPT_KEY_PROV_INFO from a certificate. When the CERT_SET_KEY_CONTEXT_PROP_ID or CERT_SET_KEY_PROV_HANDLE_PROP_ID flag is set, these cryptographic functions then can call CertSetCertificateContextProperty with CERT_KEY_CONTEXT_PROP_ID. This call enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions mentioned that use that same certificate, which eliminates the need to perform additional calls to CryptAcquireContext, improving efficiency. Also, because some providers can require that a password be entered for calls to CryptAcquireContext, it is desirable for applications to minimize the number of CryptAcquireContext calls made. Handles to key providers that were kept open are automatically released when the store is closed.

For example, consider an email application where five encrypted messages have been received, all encrypted with the public key from the same certificate. If the handle to the key provider is kept open after the first message is processed, calls to CryptAcquireContext are not required for the four remaining messages.

cProvParam

The number of elements in the rgProvParam array.

When the dwProvType member is zero, this member is not used and must be zero.

rgProvParam

An array of CRYPT_KEY_PROV_PARAM structures that contain the parameters for the key container. The cProvParam member contains the number of elements in this array.

When the dwProvType member is zero, this member is not used and must be NULL.

dwKeySpec

The specification of the private key to retrieve. The following values are defined for the default provider.

When the dwProvType member is zero, this value is passed as the dwLegacyKeySpec parameter to the NCryptOpenKey function.

ValueMeaning
AT_KEYEXCHANGE

Keys used to encrypt/decrypt session keys.

AT_SIGNATURE

Keys used to create and verify digital signatures.

 

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Wincrypt.h

See also

CRYPT_KEY_PROV_PARAM
CertGetCertificateContextProperty
CertSetCertificateContextProperty

 

 

Community Additions

ADD
Show:
© 2014 Microsoft