The field of cryptography is very large. There are dozens of different
"standard" data formats and protocols. These are generally organized into groups or
"families," each of which has its own set of data formats and way of doing
things. Even if they use the same algorithm (for example, the RC2 block cipher), two
families will often use a different padding scheme, different key lengths, and
different default modes. CryptoAPI has been designed so each CSP type
represents a particular family.
When an application connects to a CSP of a particular type, each of the
CryptoAPI functions will, by default, operate in a way prescribed by the "family"
that corresponds to the CSP type. Among other things, an application's choice of
provider type specifies the following items:
- Key exchange algorithm Each provider type specifies one and only one key exchange algorithm. Every
CSP of a particular type must implement this algorithm. The only way
applications can specify which key exchange algorithm is used is by selecting a CSP of the
appropriate provider type.
- Digital signature algorithm This is the same as with the key exchange algorithm. Each provider type
specifies one and only one digital signature algorithm.
- Key blob format When a public key or session key is exported out of a CSP, the format of the
resulting "key blob" is specified by the provider type.
- Digital signature format The provider type prescribes a particular digital signature format. This
ensures that a signature produced by a CSP of a given provider type can be verified
by any CSP of the same provider type.
- Session key derivation scheme When a key is derived from a hash, the method used is specified by the
- Key length Some provider types will specify that the public/private key pairs or the
session keys be of a certain length.
- Default modes The provider type will often specify a default mode for various options, such
as the block encryption cipher mode or the block encryption padding method.
Each application will generally work only with a single type of CSP. (However,
an ambitious application can connect to more than one CSP at a time.) When
writing an application, you will often need to obtain all the documentation that
relates to the CSP type you are using. For example, it is not recommended that
you try to write an application using the PROV_RSA_FULL provider type without
obtaining the Public-Key Cryptographic Standards (PKCS) from RSA Data Security,
Inc. The relevant third-party documentation for each provider type is listed
later on in this section.
- Software for developers
Software for Android Developers
- More information resources
Unix Manual Pages
- Databases for Amazon shops developers
Amazon Categories Database
Browse Nodes Database