CryptSetProviderEx

The CryptSetProviderEx function is used to specify either the current user default CSP or the machine default CSP.

A current user default takes precedence over the machine default. If the current user default CSP is specified, then after this function has been called, any calls this user subsequently makes to CryptAcquireContext specifying the dwProvType provider type but not a provider name, will result in the pszProvName provider being used. In the case where the machine default is specified, subsequent calls to CryptAcquireContext by a user with no default CSP as described above will result in the pszProvName provider being used.

#include <wincrypt.h>
BOOL WINAPI CryptSetProviderEx(
  LPCTSTR pszProvName, // in
  DWORD dwProvType,    // in
  DWORD *pdwReserved,  // in
  DWORD dwFlags        // in
);

Parameters

pszProvName
The name of the new default CSP. This CSP should have already been installed on the computer.
dwProvType
The provider type of the CSP specified by the pszProvName parameter.
pdwReserved
This parameter is reserved for future use and must be NULL.
dwFlags
The flag values.
Flag value Description
CRYPT_MACHINE_DEFAULT Causes the machine default CSP of the given type to be set.
CRYPT_USER_DEFAULT Causes the user default CSP of the given type to be set.
CRYPT_DELETE_DEFAULT Can be used in conjunction with CRYPT_MACHINE_DEFAULT or CRYPT_USER_DEFAULT to delete the default.

Return Values

If the function succeeds, the return value is TRUE. If it fails, the return value is FALSE. To retrieve extended error information, use the GetLastError function.

The following table lists the error codes most commonly returned by the GetLastError function. The error codes prefaced by "NTE" are generated by the particular CSP you are using.

Error code Description
ERROR_INVALID_PARAMETER One of the parameters contains an invalid value. This is most often an illegal pointer.
ERROR_NOT_ENOUGH_MEMORY The operating system ran out of memory.

Remarks

Most applications will not specify a CSP name when calling the CryptAcquireContext function. This gives the users a certain amount of freedom in that they can select a CSP that has an appropriate level of security.

This means that calls to CryptSetProviderEx will often determine the CSP of a given type used by all applications from that point on. With this being the case, CryptSetProviderEx should never be called without the user's consent.

Example

HCRYPTPROV     hProv = 0;

// Specify the default PROV_RSA_SIG provider for the machine.  Note that this assumes that a
// CSP with a type of PROV_RSA_SIG and named "Joe's Provider" has already been installed.
if (!CryptSetProviderEx(TEXT("Joe's Provider"), PROV_RSA_SIG, NULL,
        CRYPT_MACHINE_DEFAULT)) 
   {printf("Error %x during CryptSetProviderEx!\n", GetLastError);
    return;
   }

// Get a handle to the provider you just made default
if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_SIG, 0)) 
   {printf("Error %x during CryptAcquireContext!\n", GetLastError);
    return;
   }

...

// Release the provider handle.
if (!CryptReleaseContext(hProv, 0)) 
   {printf("Error %x during CryptReleaseContext!\n", GetLastError);
    return;
   }

QuickInfo

  Windows NT: Requires version 5.0 or later.
  Windows: Unsupported.
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use advapi32.lib.
  Unicode: Defined as Unicode and ANSI prototypes.

See Also

CryptAcquireContext, CryptSetProvider