Writing a CSP

Once you have decided which cryptographic algorithms and data formats are to be included in your CSP and obtained implementations for each of them, putting together a CSP is comparatively straightforward.

The procedure for creating a CSP is outlined as follows:

  1. Create a DLL that exports all of the CryptoSPI functions.

    If your CSP has hardware components, this might also involve writing a smart card device driver and/or the embedded code that runs on the card, but you are on your own with regard to generating the hardware-specific components.

  2. Write a setup program for the CSP that creates the appropriate Registry entries.
  3. Test the CSP. This can only be done using the CSP Developer's Kit, and involves the following sub-steps:
    1. Sign the CSP with the Sign.exe utility, producing a debug signature (.SIG) file.
    2. Install the CSP using the setup program mentioned in step 2.
    3. Run test code that makes calls to the CSP via CryptoAPI.
  4. Have the CSP signed by Microsoft®. This will enable the CSP to be used with the released versions of Microsoft Windows NT® or Microsoft Windows® 95. This procedure is described in Getting CSPs Signed.
  5. Test the CSP again. This is the same as step 3, except that the "real" signature and the release version of Windows NT are used.