Windows Mobile 6.5
A version of this page is also available for

This function customizes the operations of a cryptographic service provider (CSP). This function is commonly used to set a security descriptor on the key container associated with a CSP to control access to the private keys in that key container.

BOOL CRYPTFUNC CryptSetProvParam( 
  DWORD dwParam, 
  BYTE* pbData, 
  DWORD dwFlags


[in] HCRYPTPROV handle to the CSP on which to set parameters. A call to the CryptAcquireContext function created the handle.


[in] Specifies the parameter value to set.

The following table shows values that are currently defined.

Value Description


Specifies that pbData contains a window handle.


Specifies that pbData contains the security descriptor on the entry where the stored key set is being assigned.

Microsoft CSPs do not support the PP_CLIENT_HWND or PP_KEYSET_SEC_DESCR flags.


[in] Pointer to the parameter data buffer. The value in this buffer must be set before calling the CryptSetProvParam function. The form of this data varies depending on the parameter value.


[in] Bitmask of flags. When dwParam isPP_KEYSET_SEC_DESCR, dwFlags contains the SECURITY_INFORMATION, as defined in the Win32 Programmer's Reference.

These bit flags can be combined with a bitwise OR operator. For more information, see CryptGetProvParam.

TRUE indicates success. FALSE indicates failure. To get extended error information, call the GetLastError function.

The following table shows the common values for the GetLastError function. The error values prefaced by NTE are generated by the particular CSP you are using.

Value Description


One of the parameters specifies an invalid handle.


The CSP context is currently being used by another process.


One of the parameters contains an invalid value. This is most often an illegal pointer.


The dwFlags parameter is nonzero or the pbData buffer contains an invalid value.


The dwParam parameter specifies an unknown parameter.


The CSP context that was specified when the hKey key was created cannot be found.


The function failed in some unexpected way.

If dwParam is PP_CLIENT_HWND, the pbData buffer contains a DWORD value specifying the window handle that the provider uses when interacting directly with the user. The CryptSetProvParam function must be called before calling the CryptAcquireContext function because many CSPs display a user interface during the CryptAcquireContext function call. Use zero for the hProv parameter in the call to the CryptSetProvParam function. If this is done, the parameter is set for all cryptographic contexts subsequently acquired within this process.

Windows Embedded CEWindows CE 2.10 and later
Windows MobileWindows Mobile Version 5.0 and later

Community Additions