Freigeben über


Microsoft Enhanced Cryptographic Provider

A version of this page is also available for

Windows Embedded CE 6.0 R3

4/8/2010

The Microsoft Enhanced Cryptographic Provider, called the Enhanced Provider, supports the same capabilities as the Microsoft Base Cryptographic Provider, called the Base Provider. The Enhanced Provider supports stronger security through longer keys and additional algorithms. It can be used with all versions of CryptoAPI.

Cryptography Services with High Encryption Provider is FIPS 140-2, level 1 certified.

For more information about FIPS certification for Windows Mobile, and Windows Mobile Version 5.0 with the Messaging and Security Feature Pack (MSFP), see this Web site.

Note

S/MIME works with defaults of Windows Server certificate authority: Template type: Email Protection Provider: "Microsoft Enhanced Cryptographic Provider"

To maintain backward compatibility with earlier provider versions, the provider name, as defined in the Wincrypt.h header file, retains the version 1.0 designation. However, version 2.0 of this provider is also shipping. To determine the version of the provider in use, call CryptGetProvParam with the dwParam argument set to PP_VERSION. Version 2.0 is in use if 0x0200 is returned.

Provider Type: PROV_RSA_FULL

Provider Name: Microsoft Enhanced Cryptographic Provider v1.

The following table shows the algorithms supported by the Microsoft Enhanced Cryptographic Provider.

Algorithm ID Description Comments

CALG_AES_128

AES block encryption algorithm

Key length: 128 bits.

CALG_AES_192

AES block encryption algorithm

Key length: 192 bits.

CALG_AES_256

AES block encryption algorithm

Key length: 256 bits.

CALG_MD2

MD2 hashing algorithm

No comment.

CALG_MD5

MD5 hashing algorithm

No comment.

CALG_SHA

SHA hashing algorithm

No comment.

CALG_SHA1

Same as CALG_SHA

No comment.

CALG_SHA_256

SHA-2 hashing algorithm

CALG_SHA_256, CALG_SHA_384, and CALG_SHA_512 are collectively referred to as the SHA-2 hashing algorithm

CALG_SHA_384

SHA-2 hashing algorithm

CALG_SHA_256, CALG_SHA_384, and CALG_SHA_512 are collectively referred to as the SHA-2 hashing algorithm

CALG_SHA_512

SHA-2 hashing algorithm

CALG_SHA_256, CALG_SHA_384, and CALG_SHA_512 are collectively referred to as the SHA-2 hashing algorithm

CALG_MAC

MAC keyed-hash algorithm

Block cipher MAC.

CALG_HMAC

MAC keyed-hash algorithm

HMAC computation.

CALG_SSL3_SHAMD5

SLL3 client authentication algorithm

No comment.

CALG_RSA_SIGN

RSA public-key signature algorithm

Key length: Can be set from 384 bits to 16,384 bits in 8-bit increments.

Default key length: 1,024 bits.

Signature conforms to PKCS #1.

CALG_RSA_KEYX

RSA public-key exchange algorithm

Key length: Can be set from 384 bits to 16,384 bits in 8-bit increments.

Default key length: 1,024 bits.

CALG_RC2

RC2 block encryption algorithm

Default Key length: 128 bits.

Default mode: Cipher block chaining.

Block size: 64 bits.

Salt length: 88 bits.

CALG_RC4

RC4 stream encryption algorithm

Default Key length: 128 bits.

Salt length: 88 bits.

CALG_RC5

RC5 block encryption algorithm

Key length: 128 bits.

No salt allowed.

CALG_DES

DES encryption

DES encryption Key Length: 56 bits.

Default mode: Cipher block chaining.

Block size: 64 bits.

No salt allowed.

CALG_3DES_112

Two-key triple DES encryption

Key Length: 112 bits.

Default mode: Cipher block chaining.

Block size: 64 bits.

No salt allowed.

CALG_3DES

Triple DES

Key Length: 168 bits.

Default mode: Cipher block chaining.

Block size: 64 bits.

No salt allowed.

See Also

Concepts

Microsoft Cryptographic System
Microsoft RSA Base Provider
Key Length Comparison

Other Resources

Cryptography
Certificates