Re: CSP types

From: natush (natush_at_discussions.microsoft.com)
Date: 06/16/05

  • Next message: Alpar: "AddPrinter (Windows 2000 Terminal Server) with Manage Documents" 
    Date: Thu, 16 Jun 2005 14:47:01 -0700

    Hi,
    Just to make sure I understand your answer:

    I can write one CSP and one DLL and declare my self as supporting a few CSP
    types and then decide which function to call on each DLL entry according to
    the dwProvType value in PVTableProvStruc I got in CPAcquireContext?

    Thanks,
    Natush

    "Doug Barlow" wrote:

    > When your CSP is called through CPAcquireContext, it gets a pointer to a
    > PVTableProvStruc, which contains information about how your CSP was loaded.
    > It's evolved through several versions. Currently, it looks like this:
    >
    > typedef struct _VTableProvStruc {
    > // Version 1 fields: Windows 95 & Windows NT 4.0
    > DWORD Version;
    > CRYPT_VERIFY_IMAGE_A FuncVerifyImage;
    >
    > // Version 2 fields: Windows 98
    > CRYPT_RETURN_HWND FuncReturnhWnd;
    > DWORD dwProvType;
    > BYTE *pbContextInfo;
    > DWORD cbContextInfo;
    >
    > // Version 3 fields: Windows ME, Windows 2000, Windows XP, Windows 2003
    > LPSTR pszProvName;
    > } VTableProvStruc, *PVTableProvStruc;
    >
    > As the structure grew, it became possible to use one DLL for multiple CSPs,
    > based on the information obtained from this structure.
    >
    > So on Windows 95 and Windows NT 4.0, there's a one-to-one mapping between
    > CSPs and DLLs.
    >
    > On Windows 98, one DLL can support multiple CSPs, as long as each CSP is of
    > a different type.
    >
    > With the current structure, one DLL can support any number of CSPs and
    > types.
    >
    > Doug Barlow
    > The Soft Pedal Shop
    > CSP Design & Development Consulting
    >
    > --
    > http://www.SoftPedal.net
    > "natush" <natush@discussions.microsoft.com> wrote in message
    > news:B5D1DADC-999C-4A64-AFC4-63BC24957CEE@microsoft.com...
    > > Hello,
    > >
    > > I'm writing a CSP and my hardware supports various cryptographic
    > > algorithms
    > > so my CSP can match more than one type (for example I can support both
    > > PROV_DSS_DH and PROV_RSA_FULL). What am I suppose to do? Can I declare my
    > > CSP
    > > as supporting few types? Do I need a DLL for each type?
    > >
    > > Natush
    > >
    >
    >
    >

  • Next message: Alpar: "AddPrinter (Windows 2000 Terminal Server) with Manage Documents"

    Relevant Pages

    • RE: Debugging a CSP dll
      ... you are registring your CSP the right way. ... it's not sufficient for winlogon to load it. ... Actually, by default, Winlogon ... dll unless it appears as a PC/SC reader to the system, ...
      (microsoft.public.platformsdk.security)
    • RE: MSCAPI integrity checks of CSPs - Downgrade Attack
      ... One thing you can do is to go to the Registry, ... the CSP dll file name from the crypto provider entry the VERIFY the dll ... the advapi32.dll file to completely bypass CSP signature check so can install ... I configure certificate server templates or xenroll to only issue ...
      (microsoft.public.platformsdk.security)
    • Re: CSP error
      ... You get the dll name from the Registry ... This behavior have some security risks because you load a potentially ... "unknown" CSP which may or may not signed by Microsoft. ... > am trying to do it is to call back to the Crypto level which is not a very ...
      (microsoft.public.platformsdk.security)
    • Re: CSP types
      ... You can write one dll and expose/register it via different types of CSPs. ... > I can write one CSP and one DLL and declare my self as supporting a few> CSP ... >> So on Windows 95 and Windows NT 4.0, there's a one-to-one mapping between>> CSPs and DLLs. ... one DLL can support any number of CSPs and>> types. ...
      (microsoft.public.platformsdk.security)
    • Re: CSP types
      ... You'll probably end up using the same entry points within ... specific to the CSP selected, as most of the code will be the same for all ... Note that each CSP supported by the DLL must have a separate unique name. ... >> On Windows 98, one DLL can support multiple CSPs, as long as each CSP is ...
      (microsoft.public.platformsdk.security)
    Loading