Minidriver Version 5.07 Features

The following features are introduced in this version.

Changes to the CARD_DATA structure

CARD_DATA structure changes including the following:

  • The dwVersion member, as input, is taken as the desired version to be returned from the CardAcquireContext function. Older card minidrivers may only support version 4 entry points, however. All card minidrivers will set the version returned, which is <= the version passed in. Existing Base CSP- and SC KSP-based card minidrivers will be updated to have this behavior as well.
  • The pfnCardPrivateKeyDecrypt member is replaced with the pfnCardRSADecrypt member. Associated structures and function types were modified to reflect this.
  • The pfnCardSign member is added. This takes only unpadded input and will perform a cryptographic sign based on the indicated key. For ECC card minidrivers, this will be an ECDSA operation.
  • The pfnCardConstructDHAgreement member is added. This performs Diffie-Helman key agreement. For ECC card minidrivers, this will be an ECDHE operation.
  • The pfnCspPadData entry point is added so that cards that do not support on-card padding can call back to the CSP/KSP to have their data padded.

Expanded meaning of the dwKeySpec parameter

The meaning of the dwKeySpec member or parameter (present in various structures and entry points) is expanded.

  • AT_KEYEXCHANGE and AT_SIGNATURE indicate RSA keys and their intended purpose. Sizes of RSA keys follow a regular progression.
  • ECC keys will come in very few sizes and do not follow a regular progression. The ECC dwKeySpec will indicate exact sizes, such as AT_ECDHA_P521 for a P-curve 521-bit key for ECDHA. See CardCreateContainer for a full listing of the new dwKeySpec constants.

Manifest registration

Registration of a recognized card ATRs is now handled through the manifest, not with DllRegisterServer and DllUnRegisterServer.

Interfaces for Secret Agreement Changes

Interfaces for Secret Agreement Changes to ECDH are updated.

Send comments about this topic to Microsoft