Minidriver Version 5.07 Features
The following features are introduced in this version.
Changes to the CARD_DATA structure
CARD_DATA structure changes including the following:
- The dwVersion member, as input, is taken as the desired version to be returned from the CardAcquireContext function. Older card minidrivers may only support version 4 entry points, however. All card minidrivers will set the version returned, which is <= the version passed in. Existing Base CSP- and SC KSP-based card minidrivers will be updated to have this behavior as well.
- The pfnCardPrivateKeyDecrypt member is replaced with the pfnCardRSADecrypt member. Associated structures and function types were modified to reflect this.
- The pfnCardSign member is added. This takes only unpadded input and will perform a cryptographic sign based on the indicated key. For ECC card minidrivers, this will be an ECDSA operation.
- The pfnCardConstructDHAgreement member is added. This performs Diffie-Helman key agreement. For ECC card minidrivers, this will be an ECDHE operation.
- The pfnCspPadData entry point is added so that cards that do not support on-card padding can call back to the CSP/KSP to have their data padded.
Expanded meaning of the dwKeySpec parameter
The meaning of the dwKeySpec member or parameter (present in various structures and entry points) is expanded.
- AT_KEYEXCHANGE and AT_SIGNATURE indicate RSA keys and their intended purpose. Sizes of RSA keys follow a regular progression.
- ECC keys will come in very few sizes and do not follow a regular progression. The ECC dwKeySpec will indicate exact sizes, such as AT_ECDHA_P521 for a P-curve 521-bit key for ECDHA. See CardCreateContainer for a full listing of the new dwKeySpec constants.
Registration of a recognized card ATRs is now handled through the manifest, not with DllRegisterServer and DllUnRegisterServer.
Interfaces for Secret Agreement Changes
Interfaces for Secret Agreement Changes to ECDH are updated.