Using the CryptoAPI in your Applications

Each of the five functional areas contains functions that fall into different task-oriented categories. The following list explains the functional areas.

• Certificate encode/decode functional area. The functions in this functional area fall into the single category of encoding and decoding certificates and related data. (See Certificate Encoding/Decoding and CryptEncodeObject/CryptDecodeObject Functions.)
• Certificate Store functional area. All of these functions fall into the single category of certificate management. (See Authentication Using Certificates, Managing Certificates, and Certificate Store Functions.)
• Base cryptography functional area. This area includes the following types of functions:
  • Context functions. These functions are used by applications to connect to a CSP. These functions enable applications to choose a specific CSP by name, or get one with a needed class of functionality. (See Interfacing with a Cryptographic Service Provider (CSP), and Cryptographic Functions.)
  • Key generation functions. These functions are used by applications to generate and customize cryptographic keys. Full support is included for changing chaining modes, initialization vectors, and other encryption features. (See Generating Cryptographic Keys, and Cryptographic Functions.)
  • Key exchange functions. These functions are used by applications to exchange or transmit keys. These functions can also be used to implement fully authenticated three-leg key exchanges. (See Exchanging Cryptographic Keys, and Cryptographic Functions.)
  • Data encryption functions. These functions are used by applications to encrypt or decrypt data. Support is also included for simultaneously encrypting and hashing data. (See Encrypting and Decrypting Data, and Cryptographic Functions).
  • Hashing and signature functions. These functions are used by applications to compute cryptographically secure data hashes and to digital sign data. (See Hashes and Digital Signatures, and Cryptographic Functions).

Note  Throughout this document, except for instances relating directly to messages, the term hash or hashing will be used rather than digest or digesting. In most cases, the terms could be used interchangeably.

• The low-level message functional area. This area includes all the low-level message functions. They provide more flexibility than the simplified message functions, but usually require more function calls. (See Using Low-Level Message Functions, and Low-Level Message Functions).
• The simplified message functional area. This area includes the following types of functions:
  • Encryption and decryption functions. These functions are used to encode and encrypt, and decode and decrypt messages and data. (See Using Simplified Message Functions, and Simplified Message Functions).
  • Message signing functions. These functions are used to sign messages and data. (See Using Simplified Message Functions, and Simplified Message Functions.)
  • Signature and data verification functions. These functions are used both to sign out-going messages and to verify the authenticity of signatures that have been applied to received messages and related data. (See Using Simplified Message Functions, and Simplified Message Functions.)