Windows CE 3.0

This function is used to specify either the current user default cryptographic service provider (CSP) or the machine default CSP.

A current user default CSP takes precedence over the machine default. If the current user default CSP is specified, then after this function has been called, any calls this user subsequently makes to CryptAcquireContext specifying the dwProvType provider type but not a provider name result in the pszProvName provider being used. In the case where the machine default is specified, subsequent calls to CryptAcquireContext by a user with no default CSP as described above result in the pszProvName provider being used.

BOOL WINAPI CryptSetProviderEx( 
LPCTSTR pszProvName, 
DWORD dwProvType, 
DWORD *pdwReserved, 
DWORD dwFlags);


[in] Pointer to the null-terminated string that contains the name of the new default CSP. This CSP should have already been installed on the computer.
[in] Specifies the provider type of the CSP specified by the pszProvName parameter.
[in] Reserved for future use ; set to NULL.
[in] Specifies a bitmask of flags. It is one of the following values:
Value Description
CRYPT_MACHINE_DEFAULT Causes the machine default CSP of the given type to be set.
CRYPT_USER_DEFAULT Causes the user default CSP of the given type to be set.
CRYPT_DELETE_DEFAULT Can be used in conjunction with CRYPT_MACHINE_DEFAULT or CRYPT_USER_DEFAULT to delete the default.

Return Values

TRUE indicates success. FALSE indicates failure. To get extended error information, call GetLastError. Common values for GetLastError are described in the following table. The error values prefaced by "NTE" are generated by the particular CSP you are using.

Value Description
ERROR_INVALID_PARAMETER One of the parameters contains an invalid value. This is most often an illegal pointer.
ERROR_NOT_ENOUGH_MEMORY The operating system ran out of memory.


Most applications will not specify a CSP name when calling the CryptAcquireContext function. This gives the users a certain amount of freedom in that they can select a CSP that has an appropriate level of security.

This means that calls to CryptSetProviderEx will often determine the CSP of a given type used by all applications from that point on. With this being the case, CryptSetProviderEx should never be called without the user's consent.

Windows CE does not support the ANSI version of this function.



// Specify the default PROV_RSA_SIG provider for the machine. Note that this assumes that a
// CSP with a type of PROV_RSA_SIG and named "Joe's Provider" has already been installed.
if (!CryptSetProviderEx(TEXT("Joe's Provider"), PROV_RSA_SIG, NULL,
 {printf("Error %x during CryptSetProviderEx!\n", GetLastError);

// Get a handle to the provider you just made default
if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_SIG, 0)) 
 {printf("Error %x during CryptAcquireContext!\n", GetLastError);


// Release the provider handle.
if (!CryptReleaseContext(hProv, 0)) 
 {printf("Error %x during CryptReleaseContext!\n", GetLastError);


Runs On Versions Defined in Include Link to
Windows CE OS 2.10 and later Wincrypt.h   Cryptapi.lib
Note   This API is part of the complete Windows CE OS package as provided by Microsoft. The functionality of a particular platform is determined by the original equipment manufacturer (OEM) and some devices may not support this API.

See Also

CryptAcquireContext, CryptSetProvider

 Last updated on Tuesday, July 13, 2004

© 1992-2000 Microsoft Corporation. All rights reserved.