none
Implementing custom Cryptographic Service Provider (CSP) entry point in DLL file RRS feed

  • Question

  • We followed the steps described in the msdn website.

    We also carried out the following steps:

    1. Created a DLL (custom CSP) which is exposing the CryptoAPI entry function in DLL.
    2. Custom CSP dll file was signed using Microsoft Code Signing Certificate.
    3. We made the appropriate changes in registry settings to add custom CSP and placed the dll in /windows32/ folder.
    4. We made self-signed digital certificate using MakeCert tool and this certificate is linked to the custom CSP dll by changing the property of certificate using Cryptography functions (CertSetCertificateContextProperty)                     Refer Code:                                                                                                                                                                

                  key_prov_info.pwszContainerName = L"xxxx"; 
      
                  key_prov_info.pwszProvName = L"xxxx Provider";
      
                  key_prov_info.dwProvType = PROV_RSA_FULL;
      
                  key_prov_info.dwFlags = CERT_SET_KEY_PROV_HANDLE_PROP_ID;
      
                  key_prov_info.cProvParam = 0;
      
                  key_prov_info.rgProvParam = NULL;
      
                  key_prov_info.dwKeySpec = AT_SIGNATURE; 
      
                  printf("Trying to set new property");
      
                  if (!CertSetCertificateContextProperty(pCertCon1, CERT_KEY_PROV_INFO_PROP_ID, 0, &key_prov_info))
                  {
                  goto Exit;
                  }

    5. We also have a hardware token which has the private key stored in it.

    6. Now as a trial run, we made a trial CSP dll to ascertain the function calls being made by MS Word by writing into a log file. On trying to create a Digital Signature it is only calling the following functions: 

              o CPAcquireContext

              o CPGetUserKey and

               o CPDestroyKey

       7. We are unable to access the other functions as given below:

               o CPEncrypt

               o CPCreateHash and

               o CPSignHash

    We solicit anyone help in providing any inputs to implement a fully working custom CSP DLL.

    Thursday, January 4, 2018 9:18 AM

Answers