CryptInstallDefaultContext function

Important  This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.

The CryptInstallDefaultContext function installs a specific provider to be the default context provider for the specified algorithm.


BOOL WINAPI CryptInstallDefaultContext(
  _In_        HCRYPTPROV           hCryptProv,
  _In_        DWORD                dwDefaultType,
  _In_  const void                 *pvDefaultPara,
  _In_        DWORD                dwFlags,
  _In_        void                 *pvReserved,
  _Out_       HCRYPTDEFAULTCONTEXT *phDefaultContext


hCryptProv [in]

The handle of the cryptographic service provider to be used as the default context. This handle is obtained by using the CryptAcquireContext function.

dwDefaultType [in]

Specifies the type of context to install. This must be one of the following values.


Installs the default provider used to verify a single certificate signature type.

The pvDefaultPara parameter is the address of a null-terminated ANSI string that contains the object identifier of the certificate signature algorithm to install the provider for, for example, szOID_OIWSEC_md5RSA. If the pvDefaultPara parameter is NULL, the specified provider is used to verify all certificate signatures. The pvDefaultPara parameter cannot be NULL when the CRYPT_DEFAULT_CONTEXT_PROCESS_FLAG flag is set.


Installs the default provider used to verify multiple certificate signature types.

The pvDefaultPara parameter is the address of a CRYPT_DEFAULT_CONTEXT_MULTI_OID_PARA structure that contains an array of object identifiers that identify the certificate signature algorithms to install the specified provider for.


pvDefaultPara [in]

Specifies the object or objects to install the default context provider for. The format of this parameter depends on the contents of the dwDefaultType parameter.

dwFlags [in]

A set of flags that modify the behavior of this function. This can be zero or a combination of one or more of the following values.


The provider handle specified by the hCryptProv parameter is released automatically when the process or thread ends. If this flag is not specified, it is the caller's responsibility to release the provider handle by using the CryptReleaseContext function when the handle is no longer needed. The provider handle is not released if the CryptUninstallDefaultContext function is called before the process or thread exits.


The provider applies to all threads in the process. If this flag is not specified, the provider only applies to the calling thread. The pvDefaultPara parameter cannot be NULL when this flag is set.


pvReserved [in]

This parameter is reserved for future use.

phDefaultContext [out]

The address of an HCRYPTDEFAULTCONTEXT variable that receives the default context handle. This handle is passed to the CryptUninstallDefaultContext function to uninstall the default context provider.

Return value

If the function succeeds, the return value is nonzero (TRUE). If the function fails, the return value is zero (FALSE). For extended error information, call GetLastError.


The installed default context providers are stack ordered, thus when searching for a default context provider, the system starts with the most recently installed provider. The per-thread list of providers is searched before the per-process list of providers. After a match is found, the system does not continue to search for other matches.

The installed provider handle must remain available for use until CryptUninstallDefaultContext is called, or the thread or process exits.


Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]







See also