CardRSADecrypt function

This function performs an RSA decryption operation on the supplied buffer, by using the private key to which the container index refers.

Note that for ECC-only smart cards, this entry point is not defined, and is set to NULL in the returned CARD_DATA structure from CardAcquireContext. This operation is restricted to a single buffer of a size equal to the key modulus.


  _In_    PCARD_DATA             pCardData,


pCardData [in]

Context information for the call. For more information, see CardAcquireContext.

pInfo [in, out]

Structure that contains data to be decrypted, which the Base CSP/KSP allocates. On return, the buffer contains data that the card processed.

Return value

Zero on success; otherwise, nonzero.


Minidrivers that do not support OnCard padding removal to the card should call PFN_CSP_UNPAD_DATA to perform padding removal. Information about the padding can be retrieved from the pPaddingInfo and dwPaddingType members of the CARD_RSA_DECYPT_INFO structure to which pInfo points.

If the dwVersion member of the CARD_RSA_DECRYPT_INFO structure has a value that is less than CARD_RSA_KEY_DECRYPT_INFO_CURRENT_VERSION and the dwVersion member of pCardData is set to CARD_DATA_CURRENT_VERSION, this function should return ERROR_REVISION_MISMATCH.

Data to be processed by the card is passed in and received back in the following structure that is defined in Cardmod.h.



typedef struct _CARD_RSA_DECRYPT_INFO
    DWORD dwVersion;
    BYTE bContainerIndex;

    // For RSA operations, this should be AT_SIGNATURE or AT_KEYEXCHANGE.
    DWORD dwKeySpec;

    // This is the buffer and length that the caller expects to be decrypted.
    // For RSA operations, cbData is redundant since the length of the buffer
    // should always be equal to the length of the key modulus.
    PBYTE pbData;
    DWORD cbData;

    // The following parameters are new in version 2 of the
    // CARD_RSA_DECRYPT_INFO structure.
    // Currently supported values for dwPaddingType are
    // If dwPaddingType is set to CARD_PADDING_OAEP, then pPaddingInfo
    // will point to a BCRYPT_OAEP_PADDING_INFO structure.
    LPVOID  pPaddingInfo;
    DWORD   dwPaddingType;

The dwKeySpec member indicates the usage type for the key. For the allowed values, see CardCreateContainer.

The dwVersion member should be set by the caller.

The input data should be padded by the Base CSP/KSP to meet the requirements of the algorithm that the caller requested. For RSA decryption, the buffer size is always equal in length to the public modulus. This frees the card-specific layer from having to implement various padding schemes.

If the card does not support OnCard padding removal, the Base CSP/KSP validates the padding in the plain text. Therefore, this API should succeed except in a hardware error. If the card minidriver finds that the buffer size is insufficient, it should return SCARD_E_INSUFFICIENT_BUFFER.

The input data is passed in little-endian format.

In an RSA decrypt operation if bContainerIndex parameter is invalid or nonexistent, it should return the SCARD_E_NO_KEY_CONTAINER error.


Target platform



Cardmod.h (include Cardmod.h)



Send comments about this topic to Microsoft