CARD_IMPORT_KEYPAIR structure

  • Article

This structure is used by the minidriver to define the attributes of the key BLOB to be processed by secure key injection calls.

Syntax

typedef struct _CARD_IMPORT_KEYPAIR {
  DWORD  dwVersion;
  BYTE   bContainerIndex;
  PIN_ID PinId;
  DWORD  dwKeySpec;
  DWORD  dwKeySize;
  DWORD  cbInput;
  BYTE   pbInput[];
} CARD_IMPORT_KEYPAIR, *PCARD_IMPORT_KEYPAIR;

Members

dwVersion

The version of this structure. Set to CARD_IMPORT_KEYPAIR_CURRENT_VERSION.

bContainerIndex

Index number for the container to be created.

PinId

PIN Identifier for the key to be imported.

dwKeySpec

Key type specifier. Set to one of the following for ECC keys.

AT_ECDHE_P256

AT_ECDHE_P384

AT_ECDHE_P521

AT_ECDSA_P256

AT_ECDSA_P384

AT_ECDSA_P521

The AT_SIGNATURE or AT_KEYEXCHANGE types specify RSA keys and are usable on dual-mode cards.

dwKeySize

The size, in bits, of the key material.

cbInput

The size, in bytes, of the key BLOB in the pbInput buffer.

pbInput

Zero-sized byte array that points to the end of the structure. The key BLOB that is to be imported should be appended at this address. The cbInput member contains the size of this key BLOB byte array.

Remarks

If the target container already exists, it is overwritten by the new one. The new container always contains a valid key if the call succeeds. If a wrong value for bContainerIndex is passed (invalid or nonexistent), a SCARD_E_NO_KEY_CONTAINER return value should be returned.

Imported key material is passed in a “private key BLOB,” which is typically returned from CryptExportKey. See Base Provider Key BLOBs for further information. RSA keys comply with CAPI key BLOB format.

If a dwKeySpec member is invalid or undefined, a return value of SCARD_E_INVALID_PARAMETER should be returned. If the dwKeySpec value is defined but not supported, a return value of SCARD_E_UNSUPPORTED_FEATURE should be returned.

Only users can create containers. Both administrators and users should be able to obtain information and delete containers. If an administrator attempts to create a container, the function should return SCARD_W_SECURITY_VIOLATION.

When this data structure is passed to any of the secure key injection functions as input buffer, the size of the buffer that the function call specifies should include both structure and key BLOB buffer.

Requirements

Header

 Cardmod.h (include Cardmod.h)

See also

CardCreateContainer

 

 

Send comments about this topic to Microsoft