CRYPT_KEY_PROV_INFO

The CRYPT_KEY_PROV_INFO structure fields are passed as the arguments to CryptAcquireContext when attempting to acquire a handle to a particular key container within a particular cryptographic service provider (CSP), or to create or destroy key containers.

typedef struct _CRYPT_KEY_PROV_INFO {
    LPWSTR                 pwszContainerName;
    LPWSTR                 pwszProvName;
    DWORD                  dwProvType;
    DWORD                  dwFlags;
    DWORD                  cProvParam;
    PCRYPT_KEY_PROV_PARAM  rgProvParam;
    DWORD                  dwKeySpec;
} CRYPT_KEY_PROV_INFO,    *PCRYPT_KEY_PROV_INFO;

Members

pwszContainerName

A key container within a particular CSP.

pwszProvName

The name of the CSP.

dwProvType

The type of the CSP.

The following dwProvType values are defined in Wincrypt.h:

#define PROV_RSA_FULL              1
#define PROV_RSA_SIG               2
#define PROV_DSS                   3
#define PROV_FORTEZZA              4
#define PROV_MS_EXCHANGE           5
#define PROV_SSL                   6
#define PROV_RSA_SCHANNEL         12
#define PROV_DSS_DH               13
#define PROV_DH_SCHANNEL          18

dwFlags

Indicates whether a key container is to be created or destroyed, and whether an application is allowed access to a key container.

The following flags are defined and must not collide with any CryptAcquireContext dwFlags definitions.

Flag name Value Description

CERT_SET_KEY_PROV_HANDLE_PROP_ID 0x00000001 Enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions.

CERT_SET_KEY_CONTEXT_PROP_ID 0x00000001 Enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions.

Flag name	Value	Description
CERT_SET_KEY_PROV_HANDLE_PROP_ID	0x00000001	Enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions.
CERT_SET_KEY_CONTEXT_PROP_ID	0x00000001	Enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions.

See CryptAcquireContext for the list of flags passed through. The above flags are cleared before CryptAcquireContext is called. The cryptographic functions CryptDecryptMessage, CryptSignMessage, CryptDecryptAndVerifyMessageSignature, and CryptSignAndEncryptMessage, internally perform a CryptAcquireContext operation (using the CRYPT_KEY_PROV_INFO from a certificate). When the CERT_SET_KEY_CONTEXT_PROP_ID or CERT_SET_KEY_PROV_HANDLE_PROP_ID flag is set, these cryptographic functions then can call CertSetCertificateContextProperty (CERT_KEY_CONTEXT_PROP_ID) to enable the handle to the key provider to be kept open for subsequent calls to the cryptographic functions mentioned that use that same certificate, which eliminates the need to perform another CryptAcquireContext, improving efficiency. Also, since some providers may require that a password be entered for calls to CryptAcquireContext, it is desirable for applications to minimize the number of CryptAcquireContext calls made. Handles to key providers that were kept open are automatically released when the store is closed.

For example, consider an e-mail application where five encrypted messages have been received, all encrypted with the same certificate. If the handle to the key provider is kept open after the first message is processed, then calls to CryptAcquireContext are not required for the four remaining messages.

cProvParam

The number of elements in the array rgProvParam.

rgProvParam

An array of structures, each holding CRYPT_KEY_PROV_PARAM information.

dwKeySpec

The specification of the private key.

The following dwKeySpec values are defined in Wincrypt.h for the default provider:

#define AT_KEYEXCHANGE              1
#define AT_SIGNATURE                2

CRYPT_KEY_PROV_INFO

Members

See Also