Provider Types

The field of cryptography is very large. There are dozens of different "standard" data formats and protocols. These are generally organized into groups or "families," each of which has its own set of data formats and way of doing things. Even if they use the same algorithm (for example, the RC2 block cipher), two families will often use a different padding scheme, different key lengths, and different default modes. CryptoAPI has been designed so each CSP type represents a particular family.

When an application connects to a CSP of a particular type, each of the CryptoAPI functions will, by default, operate in a way prescribed by the "family" that corresponds to the CSP type. Among other things, an application's choice of provider type specifies the following items:

  • Key exchange algorithm pics/WIN3200090001.gif Each provider type specifies one and only one key exchange algorithm. Every CSP of a particular type must implement this algorithm. The only way applications can specify which key exchange algorithm is used is by selecting a CSP of the appropriate provider type.

  • Digital signature algorithm pics/WIN3200090001.gif This is the same as with the key exchange algorithm. Each provider type specifies one and only one digital signature algorithm.

  • Key blob format pics/WIN3200090001.gif When a public key or session key is exported out of a CSP, the format of the resulting "key blob" is specified by the provider type.

  • Digital signature format pics/WIN3200090001.gif The provider type prescribes a particular digital signature format. This ensures that a signature produced by a CSP of a given provider type can be verified by any CSP of the same provider type.

  • Session key derivation scheme pics/WIN3200090001.gif When a key is derived from a hash, the method used is specified by the provider type.

  • Key length pics/WIN3200090001.gif Some provider types will specify that the public/private key pairs or the session keys be of a certain length.

  • Default modes pics/WIN3200090001.gif The provider type will often specify a default mode for various options, such as the block encryption cipher mode or the block encryption padding method.

Each application will generally work only with a single type of CSP. (However, an ambitious application can connect to more than one CSP at a time.) When writing an application, you will often need to obtain all the documentation that relates to the CSP type you are using. For example, it is not recommended that you try to write an application using the PROV_RSA_FULL provider type without obtaining the Public-Key Cryptographic Standards (PKCS) from RSA Data Security, Inc. The relevant third-party documentation for each provider type is listed later on in this section.

Software for developers
Delphi Components
.Net Components
Software for Android Developers
More information resources
Unix Manual Pages
Delphi Examples
Databases for Amazon shops developers
Amazon Categories Database
Browse Nodes Database