This function is used to specify either the current user default cryptographic service provider (CSP) or the machine default CSP.
A current user default CSP takes precedence over the machine default. If the current user default CSP is specified, then after this function has been called, any calls this user subsequently makes to CryptAcquireContext specifying the dwProvType provider type but not a provider name result in the pszProvName provider being used. In the case where the machine default is specified, subsequent calls to CryptAcquireContext by a user with no default CSP as described above result in the pszProvName provider being used.
At a Glance
| Header file: | Wincrypt.h |
| Windows CE versions: | 2.10 and later |
Syntax
BOOL WINAPI CryptSetProviderEx( LPCTSTR pszProvName,
DWORD dwProvType, DWORD *pdwReserved, DWORD dwFlags );
Parameters
pszProvName
[in] Pointer to the null-terminated string that contains the name of the new default CSP. This CSP should have already been installed on the computer.
dwProvType
[in] Specifies the provider type of the CSP specified by the pszProvName parameter.
pdwReserved
[in] Reserved for future use ; set to NULL.
dwFlags
[in] Specifies a bitmask of flags. It is one of the following values:
| Value | Description |
| CRYPT_MACHINE_DEFAULT | Causes the machine default CSP of the given type to be set. |
| CRYPT_USER_DEFAULT | Causes the user default CSP of the given type to be set. |
| CRYPT_DELETE_DEFAULT | Can be used in conjunction with CRYPT_MACHINE_DEFAULT or CRYPT_USER_DEFAULT to delete the default. |
Return Values
TRUE indicates success. FALSE indicates failure. To get extended error information, call GetLastError. Common values for GetLastError are described in the following table. The error values prefaced by "NTE" are generated by the particular CSP you are using.
| Value | Description |
| ERROR_INVALID_PARAMETER | One of the parameters contains an invalid value. This is most often an illegal pointer. |
| ERROR_NOT_ENOUGH_MEMORY | The operating system ran out of memory. |
Remarks
Most applications will not specify a CSP name when calling the CryptAcquireContext function. This gives the users a certain amount of freedom in that they can select a CSP that has an appropriate level of security.
This means that calls to CryptSetProviderEx will often determine the CSP of a given type used by all applications from that point on. With this being the case, CryptSetProviderEx should never be called without the user's consent.
Windows CE does not support the ANSI version of this function.
Example
HCRYPTPROV hProv = 0;
// Specify the default PROV_RSA_SIG provider for the machine. Note that this assumes that a
// CSP with a type of PROV_RSA_SIG and named "Joe's Provider" has already been installed.
if (!CryptSetProviderEx(TEXT("Joe's Provider"), PROV_RSA_SIG, NULL,
CRYPT_MACHINE_DEFAULT))
{printf("Error %x during CryptSetProviderEx!\n", GetLastError);
return;
}
// Get a handle to the provider you just made default
if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_SIG, 0))
{printf("Error %x during CryptAcquireContext!\n", GetLastError);
return;
}
...
// Release the provider handle.
if (!CryptReleaseContext(hProv, 0))
{printf("Error %x during CryptReleaseContext!\n", GetLastError);
return;
}
See Also