The routines in an application's cryptographic module make up the lowest level of functionality in the certification mechanism. Each module consists of a set of (at most) five routines, the most important of which are its sign( ) and verify( ) routines. (Note, however, that the sign( ) routine is not mandatory.)
More:
Contents of a Cryptographic Module
Accessing a Registered Cryptographic Module
Signature Algorithms Provided by DCE Certification
Registering a Cryptographic Module