CardProcessEncryptedData function
CardProcessEncryptedData processes a set of encrypted data BLOBs by sending them to the card where the data BLOBs are decrypted.
Syntax
DWORD WINAPI CardProcessEncryptedData(
_In_ PCARD_DATA pCardData,
_In_ CARD_KEY_HANDLE hKey,
_In_ LPCWSTR pwszSecureFunction,
_In_ PCARD_ENCRYPTED_DATA pEncryptedData,
_In_ DWORD cEncryptedData,
_Out_opt_ PBYTE pbOutput,
_In_ DWORD cbOutput,
_Out_opt_ PDWORD pdwOutputLen,
_In_ DWORD dwFlags
);
Parameters
pCardData [in]
Context information for the call. For more information, see CardAcquireContext.hKey [in]
The handle of the cryptographic key to be used to decrypt the data.pwszSecureFunction [in]
A pointer to a null-terminated Unicode string that contains the name of the function to be executed.pEncryptedData [in]
Pointer to an array of CARD_ENCRYPTED_DATA structures that contain encrypted data BLOBs.cEncryptedData [in]
The number of CARD_ENCRYPTED_DATA structures in the array pointed to by pEncryptedData.pbOutput [out, optional]
A byte pointer to the data buffer that receives the decrypted data that is returned from the card minidriver.cbOutput [in]
The maximum length, in bytes, of the buffer to which pbOutput points.pdwOutputLen [out, optional]
A pointer to a variable that receives the returned length, in bytes, of the data in the buffer to which pbOutput points.dwFlags [in]
A set of flags that specify options for the operation.
Return value
Zero on success; nonzero on failure.
Remarks
If the card minidriver does not support processing secure data BLOBs, the function should return SCARD_E_UNSUPPORTED_FEATURE.
The dwFlags parameter is used to specify flag settings for optional parameters for the decryption operation. Currently, the only valid flag is CARD_BLOCK_PADDING, which specifies that the encrypted data was padded by using PKCS #5. For more information, see the description of CP_PADDING_SCHEMES in CardGetProperty.
If dwFlags contains an invalid or undefined value, the function should return SCARD_E_INVALID_PARAMETER.
If an unsupported pwszSecureFunction value is passed to CardProcessEncryptedData, the function should return SCARD_E_INVALID_PARAMETER.
Note The minidriver may choose to define and support optional custom secure functions that are not defined in the specification.
The format of the data to which pEncryptedData points is card-dependent. The value of the pwszSecureFunction parameter specifies the context to which the decryption operation is performed.
This function can be called when CardAcquireContext is called in No_Card mode. This mode allows the application that receives data that the card encrypts to decrypt the data. In this situation, the hKey parameter is set to the value of a handle for a key that the minidriver manages.
The format of pbOutput depends on the value of the pwszSecureFunction parameter. The following table describes the different supported values for pwszSecureFunction along with the corresponding format for pbOutput.
pwszSecureFunction value | pbOutput type | pbOutput value |
---|---|---|
CSF_CHANGE_AUTHENTICATOR | STRUCT | The data contains a structure of type CARD_CHANGE_AUTHENTICATOR_RESPONSE. |
CSF_AUTHENTICATE | STRUCT | The data contains a structure of type CARD_AUTHENTICATE_RESPONSE. |
CSF_IMPORT_KEY PAIR | None | None |
To determine the length of the buffer to allocate for pbOutput, a caller can first call CardProcessEncryptedData with pbOutput set to NULL. The required buffer length is returned in pdwOutputLen.
Requirements
Target platform |
Desktop |
Header |
Cardmod.h (include Cardmod.h) |