Share via


CARD_DERIVE_KEY structure

This topic is not current. For the most current information about the Smart Card API, see Smart Card Minidriver Specification.

The CARD_DERIVE_KEY structure contains the key derivation function (KDF) that the CardDeriveKey function uses to derive a session key and receives the derived key on output.

Syntax

typedef struct _CARD_DERIVE_KEY {
  DWORD   dwVersion;
  DWORD   dwFlags;
  LPCWSTR pwszKDF;
  BYTE    bSecretAgreementIndex;
  PVOID   pParameterList;
  PUCHAR  pbDerivedKey;
  DWORD   cbDerivedKey;
} CARD_DERIVE_KEY, *PCARD_DERIVE_KEY;

Members

dwVersion

The version number of this structure, defined in Cardmod.h by the CARD_DERIVE_KEY_VERSION constant. The current version number is 1.

dwFlags

If CARD_BUFFER_SIZE_ONLY is specified, the smart card module returns only the size of the resulting key in the cbDerivedKey member and is not required to return the key in the pbDerivedKey member.

pwszKDF

A pointer to a null-terminated Unicode string that contains an object identifier (OID). The OID identifies the KDF that derives the key. The pwszKDF member can be one of the following strings.

Value Meaning
BCRYPT_KDF_HASH
L"HASH"
Use the hash key derivation function. The parameters identified by the pParameterList parameter can contain the following parameters.
KDF_HASH_ALGORITHM
KDF_SECRET_PREPEND
KDF_SECRET_APPEND
BCRYPT_KDF_HMAC
L"HMAC"
Use the Hash-Based Message Authentication Code (HMAC) key derivation function. The parameters identified by the pParameterList parameter can or must contain the following parameters.
KDF_HASH_ALGORITHM The default algorithm is SHA1.
KDF_HMAC_KEY
KDF_SECRET_PREPEND
KDF_SECRET_APPEND
BCRYPT_KDF_TLS_PRF
L"TLS_PRF"
Use the transport layer security (TLS) pseudo-random function (PRF) key derivation function. The parameters identified by the pParameterList parameter can or must contain the following parameters.
KDF_TLS_PRF_LABEL
KDF_TLS_PRF_SEED

bSecretAgreementIndex

The index of the key container that holds the secret agreement. The CardDeriveKey function creates the session key from this agreement.

pParameterList

A pointer to a BCryptBufferDesc structure that contains the KDF parameters. This member is optional and can be NULL if it is not needed.

pbDerivedKey

The address of a buffer that receives the key. The cbDerivedKey member contains the size of this buffer. The buffer should be allocated by the CardDeriveKey function by calling the PFN_CSP_ALLOC function, and is freed by the smart card key storage provider (KSP).

cbDerivedKey

The size, in bytes, of the pbDerivedKey buffer.

Requirements

Minimum supported client
Windows Vista [desktop apps only]
Minimum supported server
Windows Server 2008 [desktop apps only]
Header
Cardmod.h