[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    How does MS find out what certs a CSP has?
From:       Doug Hoover <doug () ARCOT ! COM>
Date:       2001-04-25 19:13:05
[Download RAW message or body]


I am writing a CSP and would like it to be able to handle its own cert
storage.  Now, CAPI allows one to store a cert in a key container by

        CryptSetKeyParam(hKey, KP_CERTIFICATE, pbCertEncoding, 0)

By default, it tries to do this when it imports a certificate for an
existing private key.

When CAPI needs to find out what certificates a CSP contains, it *could*
then do

        CryptAcquireContext(&hProv,  NULL, PROV_NAME, PROV_TYPE,
CRYPT_VERIFYCONTEXT)

then repeat

        CryptGetProvParam(hProv, PP_CONTAINER, pbContainerName, ...)
        CryptAcquireContext(&hProv1, pbContainerName, ...)
        CryptGetUserKey(hProv1, AT_KEYEXCHANGE, &hKey)
        CryptGetKeyParam(hKey, KP_CERTIFICATE, pbCertEncoding, ...)
        ...

until it gets all the certs.  It never does this, however.  How then, does
CAPI find out about certs that are not in its cert stores? e.g. certs that
are on a smart card.

- Does something I don't know about trigger a sequence of enquiries like
that above?
- Or is it necessary to install a cert store provider as well as the CSP?

Thanks in advance,

Doug

----------------------------------------------------------------
Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

[prev in list] [next in list] [prev in thread] [next in thread]