Well a few words about the crypto architecture in windows. The architecture of windows crypto services is built of several levels. The highest level is the API known as CAPI (CryptoAPI). This API is quite simple and allows the most common and simple operations like: encrypt/decrypt, sign/verify, generate key, wrap session key in public key etc. Underneeth it are several components called CSPs (Crypto Service Providers) that all export the CAPI high level interface and implement the actual crypto operations. A CSP can implement everything as part of its code or it could direct calls to a crypto hardware device. The CAPI interface allows programmers to use the same code on different crypto devices.
