CardCreateContainer function

This topic is not current. For the most current information about the Smart Card API, see Smart Card Minidriver Specification.

The CardCreateContainer function, defined by a smart card module, creates a new key container on a smart card.

Syntax

DWORD WINAPI CardCreateContainer(
  _In_ PCARD_DATA pCardData,
  _In_ BYTE       bContainerIndex,
  _In_ DWORD      dwFlags,
  _In_ DWORD      dwKeySpec,
  _In_ DWORD      dwKeySize,
  _In_ PBYTE      pbKeyData
);

Parameters

pCardData [in]

A pointer to the CARD_DATA structure received from the CardAcquireContext function.

bContainerIndex [in]

The index number for the new key container. The Microsoft Base Smart Card Cryptographic Service Provider (CSP) and smart card key storage provider (KSP) use this index value to identify the key container.

If a key container with the specified index exists on the smart card, it is overwritten by this function.

dwFlags [in]

A DWORD value that specifies the source of the keys in the new container. This parameter can be one of the following values.

Value Meaning
CARD_CREATE_CONTAINER_KEY_GEN
1
The keys are generated on the smart card.
CARD_CREATE_CONTAINER_KEY_IMPORT
2
The pbKeyData parameter points to the imported keys.

dwKeySpec [in]

The purpose or type of the keys in the new container. This parameter can be one of the following values.

Value Meaning
AT_KEYEXCHANGE
1
The keys are used to encrypt and decrypt session keys.
AT_SIGNATURE
2
The keys in the new container are used to create and verify digital signatures.
AT_ECDSA_P256
3
The keys in the new container use the 256-bit Elliptic Curve Digital Signature Algorithm (ECDSA) protocol.
AT_ECDSA_P384
4
The keys in the new container use the 384-bit ECDSA protocol.
AT_ECDSA_P521
5
The keys in the new container use the 521-bit ECDSA protocol.
AT_ECDHE_P256
6
The keys in the new container use the 256-bit Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) protocol.
AT_ECDHE_P384
7
The keys in the new container use the 384-bit ECDHE protocol.
AT_ECDHE_P521
8
The keys in the new container use the 521-bit ECDHE protocol.

dwKeySize [in]

The size, in bits, of the key in the pbKeyData buffer.

This parameter is used only if the CARD_CREATE_CONTAINER_KEY_IMPORT flag is set in the dwFlags parameter. Otherwise, this parameter is ignored.

For Elliptic Curve Cryptography (ECC) keys, the value of this parameter must be zero.

pbKeyData [in]

A pointer to a buffer that contains the key to import to the new container. The key data is in the form of a private key BLOB returned from a call to the CryptExportKey function.

This parameter is used only if the CARD_CREATE_CONTAINER_KEY_IMPORT flag is set in the dwFlags parameter. Otherwise, this parameter is ignored.

Return value

If the function succeeds, it returns zero.

If the function fails, it returns a nonzero error value or one of the following possible error values.

Return code/value Description
SCARD_E_INVALID_PARAMETER
2148532228 (0x80100004)
The smart card does not support importing the key type specified by the dwKeySpec parameter.

Requirements

Minimum supported client
Windows XP [desktop apps only]
Minimum supported server
Windows Server 2003 [desktop apps only]
Header
Cardmod.h

See also

Base Provider Key BLOBs

Microsoft Base Smart Card Cryptographic Service Provider

CARD_DATA

CardAcquireContext

CryptExportKey