Cryptographic Service Providers (CSPs)
As mentioned above, CSPs are independent modules that perform the real
cryptographic work. Ideally, they are written to be completely independent of any
particular application, so that any given application will run with a variety of
CSPs. In reality however, some applications may have very specific requirements
that require a custom CSP.
The physical manifestation of a CSP consists of, at a minimum, a dynamic-link
library (DLL) and a signature file. The signature file is necessary to ensure
that the operating system recognizes the CSP. The operating system validates
this signature periodically to ensure that the CSP has not been tampered with.
Some CSPs may implement a fraction of their functionality either in an address
separated service called through local RPC, or in hardware called through a
system device driver. Isolating global key state and central cryptographic
operations in hardware or in a service keeps keys and operations safe from tampering
within the application data space.
Applications should not take advantage of attributes particular to a specific
CSP. For example, the Microsoft RSA Base Provider currently uses 40-bit session
keys and 512-bit public keys. When applications manipulate these, they should
be careful not to make assumptions about the amount of memory needed to store
them. Otherwise, the application is likely to fail when the user loads a
different CSP onto the system. You should take care to write applications that are as
well-behaved and flexible as possible.
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
