CRYPT_KEY_PROV_INFO structure (wincrypt.h)
The CRYPT_KEY_PROV_INFO structure contains information about a key container within a cryptographic service provider (CSP).
Syntax
typedef struct _CRYPT_KEY_PROV_INFO {
LPWSTR pwszContainerName;
LPWSTR pwszProvName;
DWORD dwProvType;
DWORD dwFlags;
DWORD cProvParam;
PCRYPT_KEY_PROV_PARAM rgProvParam;
DWORD dwKeySpec;
} CRYPT_KEY_PROV_INFO, *PCRYPT_KEY_PROV_INFO;
Members
pwszContainerName
A pointer to a null-terminated Unicode string that contains the name of the key container.
When the dwProvType member is zero, this string contains the name of a key within a CNG key storage provider. This string is passed as the pwszKeyName parameter to the NCryptOpenKey function.
pwszProvName
A pointer to a null-terminated Unicode string that contains the name of the CSP.
When the dwProvType member is zero, this string contains the name of a CNG key storage provider. This string is passed as the pwszProviderName parameter to the NCryptOpenStorageProvider function.
dwProvType
Specifies the CSP type. This can be zero or one of the Cryptographic Provider Types.
If this member is zero, the key container is one of the CNG key storage providers.
dwFlags
A set of flags that indicate additional information about the provider. This can be zero or one of the following values.
The cryptographic functions CryptDecryptMessage, CryptSignMessage, CryptDecryptAndVerifyMessageSignature, and CryptSignAndEncryptMessage internally perform CryptAcquireContext operations using the CRYPT_KEY_PROV_INFO from a certificate. When the CERT_SET_KEY_CONTEXT_PROP_ID or CERT_SET_KEY_PROV_HANDLE_PROP_ID flag is set, these cryptographic functions then can call CertSetCertificateContextProperty with CERT_KEY_CONTEXT_PROP_ID. This call enables the handle to the key provider to be kept open for subsequent calls to the cryptographic functions mentioned that use that same certificate, which eliminates the need to perform additional calls to CryptAcquireContext, improving efficiency. Also, because some providers can require that a password be entered for calls to CryptAcquireContext, it is desirable for applications to minimize the number of CryptAcquireContext calls made. Handles to key providers that were kept open are automatically released when the store is closed.
For example, consider an email application where five encrypted messages have been received, all encrypted with the public key from the same certificate. If the handle to the key provider is kept open after the first message is processed, calls to CryptAcquireContext are not required for the four remaining messages.
cProvParam
The number of elements in the rgProvParam array.
When the dwProvType member is zero, this member is not used and must be zero.
rgProvParam
An array of CRYPT_KEY_PROV_PARAM structures that contain the parameters for the key container. The cProvParam member contains the number of elements in this array.
When the dwProvType member is zero, this member is not used and must be NULL.
dwKeySpec
The specification of the private key to retrieve.
The following values are defined for the default provider.
When the dwProvType member is zero, this value is passed as the dwLegacyKeySpec parameter to the NCryptOpenKey function.
| Value | Meaning |
|---|---|
|
Keys used to encrypt/decrypt session keys. |
|
Keys used to create and verify digital signatures. |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Header | wincrypt.h |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for