Share via

CardCreateContainer Function

  • Article

The CardCreateContainer function, defined by a smart card module, creates a new key container on a smart card.

Syntax

DWORD WINAPI CardCreateContainer(
  __in  PCARD_DATA pCardData,
  __in  BYTE bContainerIndex,
  __in  DWORD dwFlags,
  __in  DWORD dwKeySpec,
  __in  DWORD dwKeySize,
  __in  PBYTE pbKeyData
);

Parameters

  • pCardData [in]
    A pointer to the CARD_DATA structure received from the CardAcquireContext function.

  • bContainerIndex [in]
    The index number for the new key container. The Microsoft Base Smart Card Cryptographic Service Provider (CSP) and smart card key storage provider (KSP) use this index value to identify the key container.

    If a key container with the specified index exists on the smart card, it is overwritten by this function.

  • dwFlags [in]
    A DWORD value that specifies the source of the keys in the new container. This parameter can be one of the following values.

    Value Meaning
    CARD_CREATE_CONTAINER_KEY_GEN 1

    The keys are generated on the smart card.
    CARD_CREATE_CONTAINER_KEY_IMPORT 2

    The pbKeyData parameter points to the imported keys.

  • dwKeySpec [in]
    The purpose or type of the keys in the new container. This parameter can be one of the following values.

    Value Meaning
    AT_KEYEXCHANGE 1

    The keys are used to encrypt and decrypt session keys.
    AT_SIGNATURE 2

    The keys in the new container are used to create and verify digital signatures.
    AT_ECDSA_P256 3

    The keys in the new container use the 256-bit Elliptic Curve Digital Signature Algorithm (ECDSA) protocol.
    AT_ECDSA_P384 4

    The keys in the new container use the 384-bit ECDSA protocol.
    AT_ECDSA_P521 5

    The keys in the new container use the 521-bit ECDSA protocol.
    AT_ECDHE_P256 6

    The keys in the new container use the 256-bit Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) protocol.
    AT_ECDHE_P384 7

    The keys in the new container use the 384-bit ECDHE protocol.
    AT_ECDHE_P521 8

    The keys in the new container use the 521-bit ECDHE protocol.

  • dwKeySize [in]
    The size, in bits, of the key in the pbKeyData buffer.

    This parameter is used only if the CARD_CREATE_CONTAINER_KEY_IMPORT flag is set in the dwFlags parameter. Otherwise, this parameter is ignored.

    For Elliptic Curve Cryptography (ECC) keys, the value of this parameter must be zero.

  • pbKeyData [in]
    A pointer to a buffer that contains the key to import to the new container. The key data is in the form of a private key BLOB returned from a call to the CryptExportKey function.

    This parameter is used only if the CARD_CREATE_CONTAINER_KEY_IMPORT flag is set in the dwFlags parameter. Otherwise, this parameter is ignored.

Return Value

If the function succeeds, it returns zero.

If the function fails, it returns a nonzero error value or one of the following possible error values.

Return code/value Description
SCARD_E_INVALID_PARAMETER 21485322280x80100004

The smart card does not support importing the key type specified by the dwKeySpec parameter.

Requirements

Minimum supported client Windows XP, Windows 2000 Professional with SP4
Minimum supported server Windows Server 2003, Windows 2000 Server with SP4
Header Cardmod.h

See Also

Base Provider Key Blobs

Microsoft Base Smart Card Cryptographic Service Provider

CARD_DATA

CardAcquireContext

CryptExportKey

Send comments about this topic to Microsoft

Build date: 3/5/2009