Cryptography Registry Settings (Windows Embedded CE 6.0)
1/6/2010
The registry stores information necessary to configure the system for applications and hardware devices. The registry also contains information that the operating system continually references during operation.
Note
The default registry values vary depending on which Catalog items are included in your OS design. For more information, see Default Registry Settings.
The HKEY_LOCAL_MACHINE\Comm\Security\Crypto\Defaults\Provider\Microsoft Base Cryptographic Provider v1.0 registry key specifies the Base cryptographic service provider. The following table shows the named values.
| Value : type | Description |
|---|---|
Image Path : REG_SZ |
Default setting is "\\Windows\\rsaenh.dll". Specifies the path to the DLL. |
Signature : REG_DWORD |
No default setting. Specifies the digital signature. This signature is provided in the resource file. Each microprocessor has its own specific signature. |
Type : REG_DWORD |
Default setting is 00000001. Specifies the service provider type. |
The HKEY_LOCAL_MACHINE\Comm\Security\Crypto\Defaults\Provider\Microsoft Enhanced Cryptographic Provider v1.0 registry key specifies the Enhanced cryptographic service provider. The following table shows the named values.
| Value : type | Description |
|---|---|
Image Path : REG_SZ |
Default setting is "\\Windows\\rsaenh.dll". Specifies the path to the DLL. |
Signature : REG_DWORD |
No default setting. Specifies the digital signature. This registry value is not required if the signature is provided in the resource file. Note that each microprocessor has its own specific signature. |
Type : REG_DWORD |
Default setting is 00000001. Specifies the service provider type. |
The HKEY_LOCAL_MACHINE\Comm\Security\Crypto\Defaults\Provider Types\Type 001 registry key specifies the default service provider name of Type 1 (PROV_RSA_FULL). The following table shows the named value.
| Value : type | Description |
|---|---|
Name : REG_SZ |
Default setting is "Microsoft Enhanced Cryptographic Provider v1.0". Specifies the name of the provider of the type given in the registry key. To specify the Base provider as the default provider, you can set this value to "Microsoft Base Cryptographic Provider v1.0". |
For Windows CE .NET 4.2 and later the HKEY_LOCAL_MACHINE\Comm\Security\SystemCertificates\Root subkey specifies the local machine system root store location. The following table shows the named value.
| Value | Description |
|---|---|
InitFile : REG_SZ |
Default setting is "\windows\sysroots.p7b". Specifies the local path and filename containing the list of certificate authority. The file is in PKCS #7 format. |
To initialize the other local machine system stores, replace the last path in the registry subkey with the name of the system store. For example, to intialize the MY system store, you add the following code to the project.reg file:
[HKEY_LOCAL_MACHINE\Comm\Security\SystemCertificates\MY]
"InitFile"="<Local Path><Filename>"
For more information about system stores, see System Store Locations.
See Also
Concepts
Microsoft Cryptographic System
Using Basic Cryptography Services
About Cryptographic Service Provider
Protected Store
Cryptography Security