The Cryptographic Service Provider (CSP) Plug-In Architecture

CSPs use a separate API to plug into the Crypto API and provide cryptographic services to applications that need them. This API, the Crypto SPI (Service Provider Interface), allows applications to select one of many CSPs to perform their encryption needs, based on the specific needs of the applications, as illustrated in Figure A.1.

Figure A.1. Multiple CSPs can be accessed through the Crypto API.

How the CSP performs the cryptographic functions is up to the creator of the CSP. Several CSPs perform all their functions in software, whereas some CSPs use specialized hardware devices to ...

Get Developing Secure Applications with Visual Basic now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.