Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.
A version of this page is also available for
4/8/2010

After you have decided which cryptographic algorithms and data formats to include in your CSP and you have obtained implementations for each of them, putting together a CSP is relatively straightforward.

To create a CSP
  1. Create a DLL that exports all of the CSPI functions.

    If your CSP has hardware elements, this might also involve writing a smart-card device driver and/or the embedded code that runs on the card.

  2. Write a setup application for the CSP that creates the appropriate registry entries.

    A CSP setup application must copy the CSP DLL to the \Windows\ directory and must create the appropriate registry entries.

    Note:
    To test and debug the CSP prior to obtaining a digital signature, you can run the Platform Builder Kernel Debugger. This tool automatically disables signature verification. For more information, see Testing the CSP.
  3. Have the CSP signed by Microsoft.

    Your CSP must be signed by Microsoft in order to be loaded by CryptoAPI. This procedure is described in Getting a CSP Signed.

  4. Test the CSP, as described in Testing the CSP.

  5. To add the CSP to the OS design, make sure that the module is reflected in the FILES section of the DLL. If it is in the MODULES section, CryptoAPI cannot verify the signature on the file. Additionally, if the OEM adaptation layer (OAL) has enabled signature checking on all executable files, additional steps might be needed to exempt the CSP from those checks.

See Also