SlideShare a Scribd company logo
1 of 45
Download to read offline
DEKART CRYPTOGRAPHIC SERVICE PROVIDER




                       45




                2005
4..        5 0
       F,33;@ 24+67830 /428>9*0 4=*/,3*8 B63+D*@, <E42-H*E < Dekart Cryptographic
Service Provider.
       J>*<42*0/- 384:E42*7,- /=>,<4.3,- *3B4>7,D*-.




DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0          Page: 2
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
7 -        -2. 2
488794:;<...............................................................................................................................2
7=>4?>@8;@ ............................................................................................................................3

1.       84A84B@8;@ 4A 4C79D;..................................................................................4

2.       7CF;@ +?@G@8;<......................................................................................................4

3. 7H;+48;@ IJ8D:;K DEKART RSA CRYPTOGRAPHIC
SERVICE PROVIDER ...............................................................................................................4
  3.1.     IJ8D:;< CPACQUIRECONTEXT .....................................................................................................................4
  3.2.     IJ8D:;< CPGETPROVPARAM........................................................................................................................6
  3.3.     IJ8D:;< CPRELEASECONTEXT ...................................................................................................................10
  3.4.     IJ8D:;< CPSETPROVPARAM ......................................................................................................................11
  3.5.     IJ8D:;< CPDERIVEKEY ..............................................................................................................................13
  3.6.     IJ8D:;< CPDESTROYKEY ...........................................................................................................................15
  3.7.     IJ8D:;< CPDUPLICATEKEY ........................................................................................................................15
  3.8.     IJ8D:;< CPEXPORTKEY .............................................................................................................................16
  3.9.     IJ8D:;< CPGENKEY ....................................................................................................................................17
  3.10.    IJ8D:;< CPGENRANDOM ............................................................................................................................20
  3.11.    IJ8D:;< CPGETKEYPARAM........................................................................................................................21
  3.12.    IJ8D:;< CPGETUSERKEY ...........................................................................................................................23
  3.13.    IJ8D:;< CPIMPORTKEY ..............................................................................................................................24
  3.14.    IJ8D:;< CPSETKEYPARAM ........................................................................................................................26
  3.15.    IJ8D:;< CPDECRYPT ...................................................................................................................................29
  3.16.    IJ8D:;< CPENCRYPT ...................................................................................................................................30
  3.17.    IJ8D:;< CPCREATEHASH ...........................................................................................................................31
  3.18.    IJ8D:;< CPDESTROYHASH .........................................................................................................................32
  3.19.    IJ8D:;< CPDUPLICATEHASH ......................................................................................................................33
  3.20.    IJ8D:;< CPGETHASHPARAM .......................................................................................................................34
  3.21.    IJ8D:;< CPHASHDATA................................................................................................................................36
  3.22.    IJ8D:;< CPHASHSESSIONKEY ....................................................................................................................36
  3.23.    IJ8D:;< CPSETHASHPARAM ......................................................................................................................37
  3.24.    IJ8D:;< CPSIGNHASH .................................................................................................................................39
  3.25.    IJ8D:;< CPVERIFYSIGNATURE...................................................................................................................41

4. 7H;+48;@ +9 JD9J , ;+H7>`AJ@abc ? IJ8D:;<c
DEKART RSA CRYPTOGRAPHIC SERVICE PROVIDER...................................42
  4.1.     7H;+48;@ +9 JD9J b _VTABLEPROVSTRUC......................................................................................42
  4.2.     7H;+48;@ +9 JD9J b _ PUBLICKEYSTRUC .........................................................................................43




DSSSCT                     File : DCSP_pg1.doc                                 Ref : DCSPPG0010                         Revision:1.0                Page: 3
                                           Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                      This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
  )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                           =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                    + ,- .              . - /01 2-3. .
1. 8 1. e2. 2               1     /
Dekart RSA Cryptographic Service Provider =>823,?3,.83 2A- +>*=045>,B*.8/+4@ ?,H*0;
2,33;E * =>82/0,<A-80 /4:4@ -2>4, *3085>*>68748 < 4=8>,D*433;8 /*/087; Windows.
Dekart RSA Cryptographic Service Provider /440<80/0<680 0>8:4<,3*-7 Microsoft
Cryptographic Service Provider Interface (CryptoSPI), +404>;8 4=>828A-P0 =>,<*A, 854
*/=4A1?4<,3*- >,?A*.3;7* =>*A4983*-7* =4/>82/0<47 Microsoft Cryptographic Application
Program Interface (CryptoAPI). R Dekart RSA Cryptographic Service Provider >8,A*?4<,3;
/4<>87833;8 78E,3*?7; +>*=045>,B*.8/+4@ ?,H*0; 2,33;E: D*B>4<,- =42=*/1,
C*B>4<,3*8 * ,60830*B*+,D*- 2,33;E.

   .

2. 7/k 2            2 2. 0
Dekart RSA Cryptographic Service Provider <+AP.,80 < /8:- /A826PH*8 B63+D**:
        B63+D** *3*D*,A*?,D** +4308+/0, * =4A6.83*- =,>,780>4< +>*=04=>4<,@28>,;
        B63+D** 5838>,D** +AP.8@ * >,:40; / 3*7*;
        B63+D** C*B>4<,3*-/>,/C*B>4<;<,3*- 2,33;E;
        V63+D** E8C*>4<,3*- * =4A6.83*- D*B>4<4@ =42=*/* 2,33;E.


   )84:E42*748 4:4>624<,3*8:
   • W47=1P08> IBM PC (486 * <;C8).

   )84:E42*748 =>45>,77348 4:8/=8.83*8:
   • =8>,D*433,- /*/087, MS Windows.


3. 7          . 2 l . 5 m Dekart RSA Cryptographic Service Provider
   3.1. I . 5 0 CPAcquireContext

     !":   CPAcquireContext
    $" !": J4?<4A-80 /4?2,01 28/+>*=04> +>*=04=>4<,@28>, / *78387 +AP.8<454
           +4308@38>,.
%! & '(!(: #include “Wincrypt.h”
           BOOL WINAPI CPAcquireContext ( HCRYPTPROV * phProv ,
                  CHAR * pszContainer , DWORD dwFlags ,
                  PVTABLEPROVSTRUCpVTable )

)*+, -" ,        -":
                 PszContainer - *7- +AP.8<454 +4308@38>,. c04 6+,?,08A1 3, /0>4+6, 2A*34@ 38
                 :4A1C8, .87 MAX_PATH ?3,+4<, <+AP.,- =>*?3,+ +43D, /0>4+*. f/A* 2,33;@


DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0          Page: 4
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
=,>,780> - NULL, 04 +>*=04=>4<,@28> :6280 */=4A1?4<,01 < +,.8/0<8 *783*
                  +4308@38>, *7- =4A1?4<,08A-, <4C82C854 < /*/0876.
                  dwFlags - J,>,780> *7880 36A8<48 *A* 4234 *? /A826PH*E ?3,.83*@:

            A. e2. 2 dwFlags                      7      . 2
         CRYPT_VERIFYCONTEXT J>*A4983*8 38 *7880 24/06=, + /8+>803;7 +AP.,7
                             +AP.8<454 +4308@38>,. VA,5 =>823,?3,.83 2A-
                             */=4A1?4<,3*- / =>*A4983*-7*, 2A- +404>;E 0>8:680/-
                             =>4<8>+, D*B>4<4@ =42=*/*. =8>,D**, 4:;.34
                             384:E42*7;8 < k047 /A6.,8, – =4A6.83*8 28/+>*=04>4<
                             40+>;0;E +AP.8@, EkC*>4<,3*8 * =>4<8>+, =42=*/*.
                             J>*       <;?4<8     B63+D**        CPAcquireContext
                             +>*=04=>4<,@28> 38 0>8:680 40 =4A1?4<,08A- <<42,
                             +AP.8<4@ *3B4>7,D**.
           CRYPT_NEWKEYSET   f/A* BA,5 6/0,34<A83, 04 :6280 /4?2,3 34<;@ +AP.8<4@
                             +4308@38> / *78387, /440<80/0<6PH*7 pszContainer.
                             f/A* pszContainer - NULL, 04 < +,.8/0<8 *783*
                             +4308@38>, */=4A1?680/- *7- =4A1?4<,08A-, <4C82C854
                             < /*/0876.
        CRYPT_MACHINE_KEYSET VA,5 74980 */=4A1?4<,01/- =>* <;?4<8 B63+D**
                             CPAcquireContext c CRYPT_NEW_KEYSET *A*
                             BA,547 CRYPT_DELETE_KEYSET. R k047 /A6.,8
                             +AP.*        :6260      /4E>,383;       <      +AP.8
                             HKEY_LOCAL_MACHINE /*/0873454 >88/0>,. VA,5
                             =>823,?3,.83 2A- */=4A1?4<,3*- +>*=04=>4<,@28>, <
                             /4/0,<8 /*/0873;E =>*A4983*@.
         CRYPT_DELETEKEYSET WAP.8<4@ +4308@38>, /440<80/0<6PH*@ pszContainer,
                             62,A-80/-. f/A* pszContainer - NULL, 04 62,A-80/-
                             +AP.8<4@ +4308@38> / *78387, ?,2,33;7 =4
                             674A.,3*P. R/8 +AP.8<;8 =,>; < +AP.8<47
                             +4308@38>8 0,+98 63*.049,P0/-. W452, BA,5
                             CRYPT_DELETEKEYSET           6/0,34<A83,    ?3,.83*8,
                             <4?<>,H83348 < phProv, 38 4=>828A834 * B63+D*-
                             CPAcquireContext 38 24A93, <;?;<,01/- =4<04>34.


                  PVTable - 6+,?,08A1 3, /0>6+06>6 _VTABLEPROVSTRUC, +404>,- /428>9*0
                  /=*/4+ callback B63+D*@, =>82/0,<A-87;E 4=8>,D*4334@ /*/0874@ 2A-
                  */=4A1?4<,3*- +>*=04=>4<,@28>47

)-*+, -" ,  -":
           PhProv - ,2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> +>*=04=>4<,@28>,.
)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE, < =>40*<347 /A6.,8
           <4?<>,H,80/- FALSE. f/A* <4?<>,H,80/- FALSE, /440<80/0<6PH*@ +42
           4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError().
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0          Page: 5
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
? 1  k 2 ,2 1. e2. 0                        7     . 2
NTE_BAD_FLAGS                 J,>,780> dwFlags *7880 ?,=>8H83348 ?3,.83*8.
                              WAP.8<4@ +4308@38> 38 :;A 40+>;0, *, <4?74934,
NTE_BAD_KEYSET
                              38 /6H8/0<680.
                              J,>,780> pszContainer 6/0,34<A83 < ?,=>8H83348
NTE_BAD_KEYSET_PARAM
                              ?3,.83*8.
                              )8 =>4CA, =>4<8>+, D*B>4<4@ =42=*/* DLL
NTE_BAD_SIGNATURE             +>*=04=>4<,@28>,. DLL *A* D*B>4<,- =42=*/1
                              */+,983;.
                              J,>,780> dwFlags 6/0,34<A83 <
NTE_EXISTS                    CRYPT_NEWKEYSET, , +AP.8<4@ +4308@38>
                              698 /6H8/0<680.
                              WAP.8<4@ +4308@38>, /440<80/0<6PH*@
NTE_KEYSET_ENTRY_BAD
                              pszContainer 3,@283, 34 */+,983.
                              WAP.8<4@ +4308@38>, /440<80/0<6PH*@
NTE_KEYSET_NOT_DEF
                              pszContainer, 38 /6H8/0<680.
                              W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A
NTE_NO_MEMORY
                              =,7-01.
                              J4A1?4<,08A1 =>8><,A 4=8>,D*P, 3,9,0*87
SCARD_W_CANCELLED_BY_USER
                              +A,<*C* Cancel
                              J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A*
SCARD_W_WRONG_CHV             =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam,
                              38=>,<*A13;@
                              J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0,
                              *A* =,>4A1, 6/0,34<A833;@ B63+D*8@
SCARD_E_INVALID_CHV           SetProvParam, *7880 38=>,<*A13;@ B4>7,0.
                              ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36
                              *A* /428>9*0 3824=6/0*7;8 /*7<4A;.
                              R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@,
SCARD_W_CHV_BLOCKED           0.+. */.8>=,A4/1 +4A*.8/0<4 =4=;04+,
                              >,?>8C83348 +,>04@ 2A- <<42,.
                              )824/0,04.34 78/0, 3, 34/*08A8 2A- /4E>,383*-
NTE_TOKEN_KEYSET_STORAGE_FULL
                              *3B4>7,D**.


   3.2. I . 5 0 CPGetProvParam

     !":   CPGetProvParam
    $" !": R4?<>,H,80 =,>,780>; +>*=04=>4<,@28>,.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPGetProvParam ( HCRYPTPROV hProv ,
               DWORD dwParam , BYTE * pbData ,
               DWORD * pdwDataLen , DWORD dwFlags )
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0          Page: 6
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
)*+, -" ,    -":
             hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
             CPAcquireContext.
             dwParam - ?3,.83*8 ,>567830, 4=>828A-80 0*= ?,=>4/,. R 3,/04-H88 <>87-
             4=>828A83; /A826PH*8 ?3,.83*- dwParam.
           A. e2. 2 dwParam                    + 2 v      2 / l2 pbData
                                 o7- +AP.8<454 +4308@38>, <*2, CONTAINER, 8/A* 43
                                 *7880 *7-, < =>40*<347 /A6.,8 63*+,A1348 *7- (/7.
        PP_CONTAINER             PP_UNIQUE_CONTAINER). q0>4+4<,- <8A*.*3, /
                                 =>*?3,+47 +43D, /0>4+*, /428>9,H,- *7- 08+6H854
                                 +AP.8<454 +4308@38>,.
                                 r3*+,A1348 *7- +AP.8<454 +4308@38>,. r3*+,A1348 *7-
                                 ?,<*/*0 40 0*=, +AP.8<454 34/*08A- * 74980 *7801 <*2:
        PP_UNIQUE_CONTAINER MEDIAFOLDER, MEDIAUNIQUEFOLDER *A*
                                 MEDIAUNIQUE. q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D,
                                 /0>4+*, /428>9,H,- *7- 08+6H854 +AP.8<454 +4308@38>,.
        PP_ENUMALGS              J4228>9*<,87;8 ,A54>*07;.
        PP_ENUMALGS_EX           J4228>9*<,87;8 ,A54>*07;.
                                 o783, +AP.8<;E +4308@38>4<. q0>4+4<,- <8A*.*3, /
                                 =>*?3,+47 +43D, /04>4+*, /428>9,H,- *7- 423454 *?
                                 +AP.8<;E +4308@38>4<, =4228>9*<,87;E
        PP_ENUMCONTAINERS +>*=04=>4<,@28>47. J>*+A,23;8 =>45>,77; .*0,P0
                                 6+,?,33;@ =,>,780> 384234+>,034 2A- =8>8.*/A83*- </8E
                                 +AP.8<;E +4308@38>4<, =4228>9*<,87;E
                                 +>*=04=>4<,@28>47.
        PP_PROVTYPE              t*= +>*=04=>4<,@28>,. u,2,80/- <8A*.*34@ DWORD.
                                 t*= >8,A*?,D** +>*=04=>4<,@28>,. u,2,80/- <8A*.*34@
                                 DWORD. R 3,/04-H88 <>87- 4=>828A83; /A826PH*8
                                 0*=; >8,A*?,D**:
                                                    •    CRYPT_IMPL_HARDWARE
        PP_IMPTYPE
                                                    •    CRYPT_IMPL_SOFTWARE
                                                    •    CRYPT_IMPL_MIXED
                                                    •    CRYPT_IMPL_UNKNOWN
                            q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D, /0>4+*,
                            /428>9,H,- *7- +>*=04=>4<,@28>,. q440<80/0<680
        PP_NAME
                            <E49283*-7 "CSP Name", +404>;8 =>45>,77, setup
                            6/0,34<*A, < Windows® Registry.
                            R8>/*- +>*=04=>4<,@28>,. u,2,80/- <8A*.*34@ DWORD.
        PP_VERSION
                            ),=>*78>, <8>/*- 1.0 =>82/0,<A-80/- +,+ 0x00000100.
        PP_KEYSPEC          t*= +AP.,. u,2,80/- <8A*.*34@ DWORD.
        PP_KEYX_KEYSIZE_INC {426A1 40+>;0454 +AP., 4:783,. u,2,80/- <8A*.*34@
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0          Page: 7
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
DWORD.
                            {426A1 40+>;0454 +AP., c|J. u,2,80/- <8A*.*34@
        PP_SIG_KEYSIZE_INC
                            DWORD.
                            R4?<>,H,80 28/+>*=04> :8?4=,/34/0* >,?28A, >88/0>,
        PP_KEYSET_SEC_DESCR
                            Windows, 528 E>,3-0/- +AP.* =4A1?4<,08A-.
                            J4228>9*<,87;8 =,>,780>; ,A54>*074<. J8>8.*/A-P0/-
        PP_ENUMOIDS_EX      /0>4+4<;8 <8A*.*3; - OID =4228>9*<,87;E 3,:4>4<
                            =,>,780>4< ,A54>*074<.
                            OID 08+6H*E =,>,780>4< ,A54>*07, B63+D**
        PP_HASHOID
                            E8C*>4<,3*-.
        PP_SIGNATUREOID     OID 08+6H*E =,>,780>4< ,A54>*07, =42=*/*.
        PP_DHOID                               OID 08+6H*E =,>,780>4< ,A54>*07, F*BB*-}8AA7,3,.
        PP_CIPHEROID                           OID 08+6H*E =,>,780>4< ,A54>*07, C*B>4<,3*-.
                                               R;2,~0 < pbData +AP.8<4@ :A4: 0*=, 2A- 6/0,34<+*
                                               =>45>,773454 Fq• =>4<,@28>, 6>4<3- -2>, q. f/A*
                                               +4308+/0 +>*=04=>4<,@28>, hProv 40+>;0 < >89*78
        PP_RANDOM
                                               CRYPT_VERIFYCONTEXT, 04 =>82<,>*08A134 :6260
                                               =4A6.83; /A6.,@3;8 .*/A, / B*?*.8/+454 *A*
                                               +A,<*,06>3454 Fq•.
                                               W42 =4/A8238@ 4C*:+* +>*=04=>4<,@28>,. R pbData
                                               :6B8> :6280 =478H83, <8A*.*3, DWORD - +42 =4/A8238@
        PP_LAST_ERROR                          4C*:+*, <4?<>,H~334@ 4234@ *? B63+D*@
                                               +>*=04=>4<,@28>,. W42; 4C*:4+ 2,3; < B,@A8
                                               WincryptEx.h.
                                               FA- */=4A1?4<,3*- < -2>8 q. R4?<>,H,80 ?3,.83*8
                                               =4/A823854 ,>567830, B63+D** mutex_init (6+,?,08A1 3,
        PP_MUTEX_ARG
                                               4:>,:40.*+ =>8>;<,3*-) 2A- </8E mutex, */=4A1?687;E
                                               =>* >,:408 CSP.

             dwFlags - u3,.83*- BA,54<. R 3,/04-H88 <>87- 4=>828A83; /A826PH*8
             ?3,.83*- BA,54<:
            A. e2. 2 dwFlags                             7     . 2
                                   W452, .*0,80/- =,>,780> =8>8.*/A83*- (3,=>*78>,
                                   PP_ENUMALGS, PP_ENUMALGS_EX *A*
                                   PP_ENUMCONTAINERS) * 6/0,34<A83 k040 BA,5,
                                   24A983 :;01 <4?<>,H83 =8><;@ kA87830 < /=*/+8
        CRYPT_FIRST
                                   =8>8.*/A83*-. o3,.8 - <4?<>,H,80/- /A826PH*@
                                   kA87830 < /=*/+8. f/A* BA,94+ 6/0,34<A83, * .*0,80/-
                                   =,>,780> 38=8>8.*/A83*-, <4?<>,H,80/- +42 4C*:+*
                                   NTE_BAD_FLAGS.
                                   W452, .*0,80/- =,>,780> =8>8.*/A83*-
        CRYPT_MACHINE_KEYSET PP_ENUMCONTAINERS, 74980 :;01 4=>828A83 BA,5
                                   CRYPT_MACHINE_KEYSET. c040 BA,5 24A983 :;01
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0          Page: 8
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
6/0,34<A83, 8/A* 36934, .04:; =8>8.*/A83*8
                                                  =>4E42*A4 < >,?28A8 HKEY_LOCAL_MACHINE, , 38 <
                                                  >,?28A8 HKEY_CURRENT_USER (?3,.83*8 =4
                                                  674A.,3*P) /*/0873454 >88/0>,.
                                                  f/A* dwParam 6/0,34<A83 < PP_KEYSET_SEC_DESCR,
                                                  :6280 <4?<>,H83 28/+>*=04> :8?4=,/34/0* >,?28A,
                                                  >88/0>,, /428>9,H854 +AP.8<4@ +4308@38>. R k047
                                                  /A6.8 dwFlags */=4A1?680/-, .04:; =8>82,01 :*04<;8
                                                  BA,5*, 4:€82*3-87;8 =4>,?>-234@ 4=8>,D*8@ OR.
                                                  r+,?,08A1 3, 28/+>*=04> :8?4=,/34/0* <4?<>,H,80/- <
                                                  ,>5678308 pbData, 2A*3, 28/+>*=04>, :8?4=,/34/0*
                                                  <4?<>,H,80/- < ,>5678308 pcbData. FA- =4A6.83*-
                                                  24=4A3*08A134@ *3B4>7,D**, /7. RegGetKeySecurity *
                                                  RegSetKeySecurity. qA826PH*@ /=*/4+ /428>9*0 *783,
                                                  :*04<, 4=>828A-PH*E ?,0>8:4<,336P *3B4>7,D*P 4
                                                  :8?4=,/34/0*.
                                                       •    OWNER_SECURITY_INFORMATION -
        SECURITY_INFORMATION                                r+,?;<,80 *2830*B*+,04> <A,28A1D,
                                                            6=47-360454 4:€8+0,.
                                                       •    GROUP_SECURITY_INFORMATION -
                                                            r+,?;<,80 *2830*B*+,04> =8><*.3;@ 5>6==;
                                                            6=47-360454 4:€8+0,.
                                                       •    DACL_SECURITY_INFORMATION - r+,?;<,80
                                                            *2830*B*+,04> 2*/+>8D*433454 ACL
                                                            6=47-360454 4:€8+0,.
                                                       •    SACL_SECURITY_INFORMATION - r+,?;<,80
                                                            *2830*B*+,04> /*/0873454 ACL 6=47-360454
                                                            4:€8+0,.

           dwBufLen – >,?78> <E423454 :6B8>, 2,33;E.
           DwFlags – 38*/=4A1?687;@ =,>,780>, 4:;.34 6/0,3,<A*<,80/- < 0.
           PbData - 6+,?,08A1 3, 7,//*< <E423;E 2,33;E.
)-*+, -" , -":
           pbData - •6B8> 2,33;E =,>,780>,. V63+D*- +4=*>680 /440<80/0<6PH*8
           =,>,780>6 2,33;8 < :6B8>. V4>7,0 k0*E 2,33;E ?,<*/*0 40 ?3,.83*- dwParam.
           f/A* ,>567830 B63+D** - NULL, 04 2,33;8 38 +4=*>6P0/-. t>8:687;@ >,?78>
           :6B8>, < :,@0,E <4?<>,H,80/- < pdwDataLen.
                  .
)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.
    ? 1   k 2 ,2 1. e2. 0                          7    . 2

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0          Page: 9
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
‚,?78> :6B8>, pbData 38 24/0,04.83 2A- +4=*>4<,3*-
ERROR_MORE_DATA
                          ?,0>8:4<,33;E 2,33;E.
NTE_BAD_FLAGS             J,>,780> dwFlags *7880 ?,=>8H83348 ?3,.83*8.
NTE_BAD_TYPE              dwParam 4=>828A-80 38*?<8/03;@ =,>,780>.
                          J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87 +A,<*C*
SCARD_W_CANCELLED_BY_USER
                          Cancel
                          J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A* =,>4A1,
SCARD_W_WRONG_CHV         6/0,34<A833;@ B63+D*8@ SetProvParam,
                          38=>,<*A13;@
                          J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0, *A*
                          =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam, *7880
SCARD_E_INVALID_CHV       38=>,<*A13;@ B4>7,0. ),=>*78>, =,>4A1 *7880
                          3824=6/0*76P 2A*36 *A* /428>9*0 3824=6/0*7;8
                          /*7<4A;.
                          R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@, 0.+.
SCARD_W_CHV_BLOCKED       */.8>=,A4/1 +4A*.8/0<4 =4=;04+, >,?>8C83348 +,>04@
                          2A- <<42,.


   3.3. I . 5 0 CPReleaseContext

      !":   CPReleaseContext
     $" !": o/=4A1?680/- 2A- 62,A83*- 28/+>*=04>, +>*=04=>4<,@28>,, /4?2,33454
            CPAcquireContext.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPReleaseContext ( HCRYPTPROV hProv ,
                        DWORD dwFlags );
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            dwFlags - J,>,780> *7880 36A8<48 ?3,.83*8:

)-*+, -" , -": 0/60/0<6P0.
)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.
? 1   k 2 ,2 1. e2. 0                  7     . 2
NTE_BAD_FLAGS          J,>,780> dwFlags *7880 3836A8<48 ?3,.83*8.

$%&'()*+&(. J4/A8 0454, +,+ k0, B63+D*- :;A, <;?<,3,, 28/+>*=04> hProv /0,34<*0/-
3828@/0<*08A13;7. q8//*433;8 +AP.* * 4:€8+0; B63+D** EkC*>4<,3*-, /4?2,33;8 /
*/=4A1?4<,3*87 28/+>*=04>, hProv, >,?>6C,P0/-.


DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 10
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
3.4. I . 5 0 CPSetProvParam

      !":   CPSetProvParam
     $" !": o/=4A1?680/- 2A- 6/0,34<A83*- =,>,780>4< +>*=04=>4<,@28>,.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPSetProvParam ( HCRYPTPROV hProv ,
                        DWORD dwParam , BYTE * pbData , DWORD dwFlags);
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            dwParam - ?3,.83*8 ,>567830, 4=>828A-80 0*= ?,=>4/,. R 3,/04-H88 <>87-
            4=>828A83; /A826PH*8 ?3,.83*- dwParam.
          A. e2. 2 dwParam                     + 2 v       2 / l2 pbData
                                 r/0,3,<A*<,80 28/+>*=04> :8?4=,/34/0* >,?28A, >88/0>,
      PP_KEYSET_SEC_DESCR Windows, 528 E>,3-0/- +AP.* =4A1?4<,08A-. u3,.83*8
                                 28/+>*=04>, =8>82,~0/- < pbData.
                                 r/0,3,<A*<,80 *2830*B*+,04> ,A54>*07, B63+D**
      PP_HASHOID
                                 E8C*>4<,3*-.
      PP_CIPHEROID               r/0,3,<A*<,80 *2830*B*+,04> ,A54>*07, C*B>4<,3*-.
      PP_SIGNATUREOID            r/0,3,<A*<,80 *2830*B*+,04> ,A54>*07, =42=*/*.
                                 r/0,3,<A*<,80 *2830*B*+,04> ,A54>*07, F*BB*-
      PP_DHOID
                                 }8AA7,3,.
                                 u,2,~0 =,>4A1 (PIN) 2A- 24/06=, + +AP.6
                                 AT_KEYEXCHANGE, < =>40*<347 /A6.,8 43
      PP_KEYEXCHANGE_PIN ?,=>,C*<,80/- 6 =4A1?4<,08A- =4/>82/0<47 UI (8/A* 38
                                 :;A 6/0,34<A83 BA,5 CRYPT_SILENT, /7.
                                 CPAcquireContext()).
                                 u,2,~0 =,>4A1 (PIN) 2A- 24/06=, + +AP.6
                                 AT_SIGNATURE, < =>40*<347 /A6.,8 43 ?,=>,C*<,80/-
      PP_SIGNATURE_PIN
                                 6 =4A1?4<,08A- =4/>82/0<47 UI (8/A* 38 :;A 6/0,34<A83
                                 BA,5 CRYPT_SILENT, /7. CPAcquireContext ()).
                                 o3*D*>680 24:,<A83*8 + Fq• +4308+/0,
                                 +>*=04=>4<,@28>, hProv ?3,.83*- / B*?*.8/+454 *A*
                                 +A,<*,06>3454 Fq•. R /A6.,8, 8/A* < 2,334@ /*/0878
                                 =4228>9*<,80/- 04A1+4 :*4A45*.8/+*@ Fq•, 04
                                 <;2,~0/- UI 2A- <<42, /4:;0*@ 7;C* */*A* +A,<*,06>;
                                 (8/A* 38 :;A 6/0,34<A83 BA,5 CRYPT_SILENT, /7.
                                 CPAcquireContext ()).
      PP_USE_HARDWARE_RNG
                                                 :;.34, =>* 40/6/0<** < /*/0878 B*?*.8/+454 Fq•,
                                                 2,33;8 / +A,<*,06>3454 (+A,<*,06>,, 7;C1) Fq•
                                                 24:,<A-P0/- < 4:-?,08A1347 =4>-2+8 + +4308+/06
                                                 +>*=04=>4<,@28>, (< +4308@38> +AP.8<4@ *3B4>7,D**)
                                                 04A1+4 =>* /4?2,3** =4/04-33;E +AP.8@
                                                 AT_KEYEXCHANGE *A* AT_SIGNAUTURE B63+D*8@
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 11
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
CPGenKey ().
                                                 J4A6.,80 *? pbData +AP.8<4@ :A4: 0*=,
                                                 CRYPT_SIMPLEBLOB 2A- 6/0,34<+* =>45>,773454
        PP_RANDOM
                                                 Fq• 6>4<3- -2>, q. q7. 4=*/,3*8 =,>,780>,
                                                 PP_RANDOM B63+D** CPGetProvParam ().
                                                 FA- */=4A1?4<,3*- < -2>8 q. r/0,3,<A*<,80 ?3,.83*8
                                                 =4/A823854 ,>567830, B63+D** mutex_init (6+,?,08A1 3,
        PP_MUTEX_ARG                             4:>,:40.*+ =>8>;<,3*-) 2A- </8E mutex, */=4A1?687;E
                                                 =>* >,:408 CSP. c040 =,>,780> 24A983 :;01 6/0,34<A83
                                                 24 =8><454 <;?4<, CPAcquireContext ().

                  pbData - •6B8> 2,33;E =,>,780>,. c040 :6B8> =>* 4:>,H83** + B63+D**
                  24A983 /428>9,01 2,33;8, +404>;8 /440<80/0<6P0 0*=6 =,>,780>,,
                  =478H~33476 < dwParam. V4>7,0 2,33;E ?,<*/*0 40 0*=, =,>,780>,.

                dwFlags - u3,.83*- BA,54<. o/=4A1?6P0/- /A826PH*8 ?3,.83*- BA,54<::
               A. e2. 2 dwFlags                            7      . 2
                                     VA,5 6/0,3,<A*<,80/-,8/A* dwParam 6/0,34<A83 <
                                     28/+>*=04> :8?4=,/34/0* >,?28A, >88/0>,
                                     PP_KEYSET_SEC_DESCR,/428>9,H854 +AP.8<4@
                                     +4308@38>. r+,?,08A1 3, 28/+>*=04> :8?4=,/34/0*
                                     =8>82,~0/- < ,>5678308 pbData, 854 2A*3, =8>82,~0/- <
                                     ,>5678308 pcbData. o/=4A1?6P0/- /A826PH*8 :*04<;8
                                     BA,5*:
                                                      •    OWNER_SECURITY_INFORMATION -
                                                           r+,?;<,80 *2830*B*+,04> <A,28A1D, 4:€8+0,.
        SECURITY_INFORMATION
                                                      •    GROUP_SECURITY_INFORMATION -
                                                           r+,?;<,80 *2830*B*+,04> =8><*.3;@ 5>6==;
                                                           4:€8+0,.
                                                      •    DACL_SECURITY_INFORMATION - r+,?;<,80
                                                           *2830*B*+,04> 2*/+>8D*433454 ACL 4:€8+0,.
                                                      •    SACL_SECURITY_INFORMATION - r+,?;<,80
                                                           *2830*B*+,04> /*/0873454 ACL 4:€8+0,.

)-*+, -" , -": 0/60/0<6P0.
)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.
      ? 1   k 2 ,2 1. e2. 0                              7     . 2
                                       FA*3, *2830*B*+,04>, 5A,<3454 +AP.,
NTE_BAD_DATA
                                       =4A1?4<,08A- =>8<;C,80 7,+/*7,A134

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 12
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
24=6/0*76P.
NTE_BAD_FLAGS                 R8A*.*3, dwFlags *7880 3836A8<48 ?3,.83*8.
NTE_BAD_TYPE                  dwParam 4=>828A-80 38*?<8/03;@ =,>,780>.
NTE_KEYSET_ENTRY_BAD          ),>6C83*8 D8A4/034/0* +AP.8@ < ur.
                              C*:+, =>* /.*0;<,3** 2,33;E *? /*/0873454
NTE_FAIL
                              >88/0>,.
                              J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87
SCARD_W_CANCELLED_BY_USER
                              +A,<*C* Cancel
                              J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A*
SCARD_W_WRONG_CHV             =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam,
                              38=>,<*A13;@
                              J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0,
                              *A* =,>4A1, 6/0,34<A833;@ B63+D*8@
SCARD_E_INVALID_CHV           SetProvParam(), *7880 38=>,<*A13;@ B4>7,0.
                              ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36
                              *A* /428>9*0 3824=6/0*7;8 /*7<4A;.
                              R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@,
SCARD_W_CHV_BLOCKED           0.+. */.8>=,A4/1 +4A*.8/0<4 =4=;04+
                              >,?>8C83348 +,>04@ 2A- <<42,.
                              )824/0,04.34 78/0, 3, 34/*08A8 2A- /4E>,383*-
NTE_TOKEN_KEYSET_STORAGE_FULL
                              *3B4>7,D**.

$%&'()*+&(. J4/A8 0454, +,+ k0, B63+D*- :;A, <;?<,3,, 28/+>*=04> hProv /0,34<*0/-
3828@/0<*08A13;7. q8//*433;8 +AP.* * 4:€8+0; B63+D** EkC*>4<,3*-, /4?2,33;8 /
*/=4A1?4<,3*87 28/+>*=04>, hProv, >,?>6C,P0/-.


   3.5. I . 5 0 CPDeriveKey

      !":   CPDeriveKey
     $" !": o/=4A1?680/- 2A- /4?2,3*- +>*=045>,B*.8/+*E +AP.8@ /8//** 3, 4/34<8
            ?3,.83*- EkC-B63+D**, <;.*/A8334@ =4 2>65*7 +AP.,7, =,>4A-7 *A* AP:;7
            2>65*7 2,33;7 =4A1?4<,08A-.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPDeriveKey ( HCRYPTPROV hProv ,
                        ALG_ID AlgId , HCRYPTHASH hBaseData ,
                        DWORD dwFlags , HCRYPTKEY * phKey );
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            AlgId - o2830*B*+,04> ,A54>*07, C*B>4<,3*-, 2A- +404>454 24A983 :;01
            =>4*?<8283 +AP..
             A. e2. 2 AlgId                            7      . 2


DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 13
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
WAP. C*B>4<,3*- 2,33;E. „A54>*07 C*B>4<,3*- *
                                      >,?78> +AP., =>82<,>*08A134 4=>828A-P0/-
                                      B63+D*8@ CPSetKeyParam. o3*D*,A*?*>6PH*@
        CALG_SCHANNEL_ENC_KEY
                                      <8+04> (IV) 4:;.34 6/0,3,<A*<,80/- CPSetKeyParam
                                      (/ KP_IV). FA- SSL 2 2,33;@ +AP. */=4A1?680/- +,+
                                      {„q-+AP..
                                      …838>*>680/- {„q-+AP.. „A54>*07 5838>,D**
        CALG_SCHANNEL_MAC_KEY +AP., =>82<,>*08A134 4=>828A-P0/- B63+D*8@
                                      CPSetKeyParam
                                      WAP. *7*04?,H*0; 3, 4/34<8 4:€8+0,
        CALG_TLS1_MAC_KEY
                                      TLS1_MASTER_HASH.
             hBaseData - F8/+>*=04> 4:€8+0, B63+D** EkC*>4<,3*-, */=4A1?687;@ 2A-
             4:>,:40+* <E423;E 2,33;E.
             dwFlags - VA,5* 4=>828A-P0 =>*?3,+* =>4*?<42*7454 +AP., /8//**. R
             3,/04-H88 <>87- 4=>828A83; /A826PH*8 ?3,.83*- BA,54<:
          A. e2. 2 dwFlags                             7     . 2
                              f/A* BA,5 6/0,34<A83, 04 =>4*?<82~33;@ +AP. 74980 :;01
                              =8>82,3 *? +>*=04=>4<,@28>, < +AP.8<4@ :A4: .8>8?
                              B63+D*P CPExportKey (). f/A* BA,5 38 6/0,34<A83, +AP. 38
        CRYPT_EXPORTABLE :6280 k+/=4>0*>687;7 * :6280 24/06=83 04A1+4 < =>828A,E
                              08+6H8@ /8//** =>*A4983*P, +404>48 /4?2,A4 k040 +AP..
                              F8@/0<*8 k0454 BA,5, 38 >,/=>4/0>,3-P0/- 3, 40+>;0;@
                              +AP. +AP.8<4@ =,>;.
                              f/A* =>* >,:408 / TLS BA,5 6/0,34<A83, 04 /4?2,80/- +AP.
        CRYPT_SERVER          C*B>4<,3*- /8><8>,, 8/A* 38 6/0,34<A83 - /4?2,80/- +AP.
                              C*B>4<,3*- +A*830,.


)-*+, -" ,         -":
                  phKey - „2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> =>4*?<82~33454
                  +AP.,.
.
)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.
  ? 1   k 2 ,2 1. e2. 0                             7     . 2
                             J,>,780> AlgId 4=>828A-80 ,A54>*07, +404>;@ 38
NTE_BAD_ALGID
                             =4228>9*<,80/- +>*=04=>4<,@28>47.
NTE_BAD_FLAGS                R8A*.*3, dwFlags *7880 4C*:4.348 ?3,.83*8.
NTE_NO_MEMORY                W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A =,7-01.
NTE_FAIL                     C*:+, =>* /.*0;<,3** 2,33;E *? /*/0873454 >88/0>,.
GPE_CORRUPT_KEYCONTEXT ),>6C83*8 D8A4/034/0* +AP.8@

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 14
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
$%&'()*+&(. f/A* 3, <E42 =42,80/- B*+/*>4<,33;@ 3,:4> 2,33;E, 04 B63+D*- /4?2,80 42*3
* 040 98 +AP.. R k047 /A6.,8 /4?2,<,87;@ +AP. 74934 */=4A1?4<,01 04A1+4 2A-
C*B>4<,3*- 2,33;E *A* k+/=4>0, +AP.8@ 3, +AP.8<;8 34/*08A*. o/=4A1?4<,01 854 2A-
C*B>4<,3*- 2,33;E *A* k+/=4>0, +AP.8@, =478H,87;E 3, 2*/+ *A* =8>82,<,87;E =4
+,3,A6 /<-?*, 38 >8+47832680/-.
.

      3.6. I . 5 0 CPDestroyKey

      !":   CPDestroyKey
     $" !": o/=4A1?680/- 2A- 62,A83*- +AP.8@, =8>82,<,87;@ .8>8? =,>,780> hKey. J4/A8
            62,A83*- +AP. (28/+>*=04> +AP.,) 38 74980 */=4A1?4<,01/-.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPDestroyKey ( HCRYPTPROV hProv,
                        HCRYPTKEY hKey );
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            hKey - F8/+>*=04> 62,A-87454 +AP.,.
)-*+, -" , -": 0/60/0<6P0.
)+ 3 4 "5+"     $" !":
            J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
            FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
            .8>8? B63+D*P GetLastError.
? 1   k 2 ,2 1. e2. 0             7     . 2
NTE_BAD_TYPE            t*= ,A54>*07, hKey 4C*:4.83.


      3.7. I . 5 0 CPDuplicateKey

      !":   CPDuplicateKey
     $" !": o/=4A1?680/- 2A- /4?2,3*- +4=** ?,2,33454 +AP.,, <+AP.,- </8 854
            =8>87833;8, 4=>828A-PH*8 <360>83388 /4/04-3*8 +AP., (3,=>*78>, <8+04>
            IV).
%! & '(!(: #include <Wincrypt.h>
                BOOL WINAPI CPDuplicateKey ( HCRYPTPROV hProv ,
                        HCRYPTKEY hKey , DWORD * pdwReserved ,
                        DWORD dwFlags , HCRYPTKEY * phKey );
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            hKey - F8/+>*=04> */E423454 (+4=*>687454) +AP.,.
            pdwReserved - J,>,780> ?,>8?8><*>4<,3 2A- :626H854 */=4A1?4<,3*- * 24A983
            :;01 NULL.
            dwFlags - J,>,780> ?,>8?8><*>4<,3 2A- :626H854 */=4A1?4<,3*- * 24A983
            :;01 0.

DSSSCT                   File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 15
                                             Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                        This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
    )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                             =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                      + ,- .              . - /01 2-3. .
)-*+, -" ,         -":
                  phKey - „2>8/, =4 +404>476 B63+D*- <4?<>,H,80 28/+>*=04> /+4=*>4<,33454
                  +AP.,.

)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.
? 1  k 2 ,2 1. e2. 0                           7     . 2
NTE_BAD_KEY            WAP.8<4@ +4308@38> 38 :;A 40+>;0 *, <4?74934, 38 /6H8/0<680.


   3.8. I . 5 0 CPExportKey

      !":   CPExportKey
     $" !": o/=4A1?680/- 2A- k+/=4>0, +>*=045>,B*.8/+*E +AP.8@ *? +AP.8<454
            +4308@38>, +>*=04=>4<,@28>,, /4E>,3-- *E < ?,H*H~3347 <*28.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPExportKey ( HCRYPTPROV hProv ,
                        HCRYPTKEY hKey , HCRYPTKEY hExpKey ,
                        DWORD dwBlobType , DWORD dwFlags ,
                        BYTE * pbData , DWORD * pdwDataLen );
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            hKey - F8/+>*=04> k+/=4>0*>687454 +AP.,.
            hExpKey - F8/+>*=04> +AP.,, 3, +404>47 4/6H8/0<A-80/- +>*=045>,B*.8/+,-
            ?,H*0, k+/=4>0*>687454 +AP.,. c04 24A983 :;01 +AP., 4:H*@ / =4A6.,08A87
            +4>>8/=43283D**. u,C*B>4<,33;8 2,33;8 +AP., =478H,P0/- < +AP.8<4@
            :A4:, =>823,?3,.833;@ 2A- <38C3854 E>,383*- * =8>82,.* =4 +,3,A,7 /<-?*.
            „A54>*07; B63+D** k+/=4>0, +AP.8@ 5,>,30*>6P0, .04 04A1+4 =4A1?4<,08A1
            =>823,?3,.83*- /74980 */=4A1?4<,01 k040 +AP.8<4@ :A4:. FA- ?,H*0; +AP.,
            */=4A1?680/- ,A54>*07, 6+,?,33;@ =>* /4?2,3** +AP., k+/=4>0,. f/A*
            +AP.8<4@ :A4: 38 24A983 :;01 ?,C*B>4<,3 (3,=>*78>, 0*= +AP.8<454 :A4:, -
            PUBLICKEYBLOB), k040 =,>,780> 24A983 :;01 36A8<4@.
            dwBlobType - t*= +AP.8<454 :A4:,, =>823,?3,.833454 2A- k+/=4>0, +AP.,. R
            3,/04-H88 <>87- 4=>828A83; 0>* 0*=, +AP.8<;E :A4:4<:
             9                                   ;   -31    . 2
                          o/=4A1?680/- 2A- 0>,3/=4>0*>4<+* +AP., /8//**. pbData
      SIMPLEBLOB
                          6+,?;<,80 3, /0>6+06>6 CRYPT_SIMPLEBLOB.
                          o/=4A1?680/- 2A- 0>,3/=4>0*>4<+* 40+>;0;E +AP.8@. pbData
      PUBLICKEYBLOB
                          6+,?;<,80 3, /0>6+06>6 CRYPT_PUBLICKEYBLOB.
                          o/=4A1?680/- 2A- 0>,3/=4>0*>4<+* +AP.8<;E =,> (/8+>803;E
      PRIVATEKEYBLOB +AP.8@). pbData 6+,?;<,80 3, /0>6+06>6
                          CRYPT_PRIVATEKEYBLOB.

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 16
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
dwFlags - u3,.83*- BA,54<. J,>,780> ?,>8?8><*>4<,3 2A- :626H854
                  */=4A1?4<,3*- * 24A983 :;01 0.
                  pbData - •6B8> 2,33;E, +62, B63+D*- +4=*>680 +AP.8<4@ :A4:.
                  pdwDataLen - „2>8/ 2A*3; +AP.8<454 :A4:,. J>* <;?4<8 B63+D** 6+,?,33;@
                  =,>,780> /428>9*0 .*/A4 :,@04< < :6B8>8 pbData.

)-*+, -" ,         -":
                  pdwDataLen - „2>8/ 2A*3; +AP.8<454 :A4:,. J4/A8 <;=4A383*- B63+D**
                  =,>,780> :6280 6/0,34<A83 .*/A47 :,@04< 2,33;E, /+4=*>4<,33;E < :6B8>
                  pbData. f/A* :6B8>, /440<80/0<6PH*@ pbData, 3824/0,04.34 :4A1C4@, :6280
                  <4?<>,H83 +42 4C*:+* ERROR_MORE_DATA .8>8? B63+D*P SetLastError(). R
                  k047 /A6.,8 0>8:687;@ >,?78> :6B8>, <4?<>,H,80/- < pdwDataLen. f/A* k0,
                  B63+D*- ?,<8>C,80/- / +4247 4C*:+*, 40A*.3;7 40 ERROR_MORE_DATA, <
                  k047 =,>,780>8 <4?<>,H,80/- 34A1.

)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.
  ? 1   k 2 ,2 1. e2. 0                              7    . 2
                             •6B8> pbData 3824/0,04.34 :4A1C4@, .04:; +4=*>4<,01
ERROR_MORE_DATA
                             ?,0>8:4<,33;8 2,33;8.
NTE_BAD_FLAGS                R8A*.*3, dwFlags *7880 3836A8<48 ?3,.83*8.
                             2*3 *A* 4:, *? +AP.8@, 6+,?,33;E hKey * hExpKey, 38
NTE_BAD_KEY
                             28@/0<*08A13;.
                             J4=;0+, k+/=4>0, +AP.,, +452, =>,<4 k+/=4>0,
                             +>*=04=>4<,@28>47 38 =>824/0,<A834; =4=;0+, k+/=4>0,
NTE_BAD_KEY_STATE
                             3, +AP.8, 2A- +404>454 >,?>8C83*8 k+/=4>0*>4<,01 38
                             6/0,34<A834.
NTE_BAD_TYPE                 dwBlobType =,>,780> 4=>828A-80 38*?<8/03;@ 0*= :A4:,.
NTE_NO_MEMORY                W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A =,7-01.
NTE_FAIL                     C*:+, =>* /.*0;<,3** 2,33;E *? /*/0873454 >88/0>,.
GPE_CORRUPT_KEYCONTEXT ),>6C83*8 D8A4/034/0* +AP.8@.


   3.9. I . 5 0 CPGenKey

      !":   CPGenKey
     $" !": o/=4A1?680/- 2A- 5838>,D** /A6.,@3;E +>*=045>,B*.8/+*E +AP.8@ *A*
            =,>3;E (/8+>803;@/40+>;0;@) +AP.8@.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPGenKey ( HCRYPTPROV hProv ,
               ALG_ID AlgId , DWORD dwFlags , HCRYPTKEY * phKey );
)*+, -" , -":

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 17
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
                  CPAcquireContext.
                  AlgId - o2830*B*+,04> ,A54>*07, C*B>4<,3*- *A* c|J, 2A- +404>454 24A983
                  :;01 =>4*?<8283 +AP.. {4560 :;01 =>4*?<8283; +AP.* /A826PH*E +A,//4<:
                  •    <>87833;8 /*7780>*.3;8 +AP.* (/8//*43;8 +AP.*);

                  •    <>87833;8 (kB878>3;8) +AP.8<;8 =,>; ,A54>*074< F*BB*-}8AA7,3,;

                  •    24A54<>87833;8 +AP.8<;8 =,>;, /4E>,3-87;8 < +AP.8<47 +4308@38>8.

                       R4?7493;8 /8//*433;8 +AP.*:


                       A. e2. 2 AlgId
                                   WAP. C*B>4<,3*- */*A* *704?,H*0; 2,33;E =4
                  =*/,3*8         …qt 28147-89. R =4/A82/0<** k040 +AP. 74934
                  CALG_G28147      =4780*01 +,+ +AP. 2A- *7=4>0,/k+/=4>0, / =474H1P
                                   B63+D** CPSetKeyParam ().
                  CALG_TLS1_MASTER q=8D*,A13;@ +AP. 2A- >8,A*?,D** =>404+4A, TLS.
                  •    R4?7493;8 kB878>3;8 +AP.* F*BB*-}8AA7,3,:
                               AlgId                   7     . 2
                                   cB878>3,- +AP.8<,- =,>, 3, :,?8 …qt ‚ 34.10-94.
                  CALG_DH_EX_EPHEM
                                   J>823,?3,.83, 2A- 4:783, /8//*433;7* +AP.,7*.
                                   cB878>3,- +AP.8<,- =,>, 3, :,?8 …qt ‚ 34.10-2001.
                  CALG_DH_EL_EPHEM
                                   J>823,?3,.83, 2A- 4:783, /8//*433;7* +AP.,7*.
                  •    R4?7493;8 24A54<>87833;8 +AP.8<;8 =,>;:
                             AlgId                     7     . 2
                                 J>4*?<42*0/- +AP.8<,- =,>,, /4E>,3-87,- < +AP.8<47
                                 +4308@38>8. J>823,?3,.83, 2A- 4:783, /8//*433;7*
                  AT_KEYEXCHANGE +AP.,7* * c|J. R +,.8/0<8 ,A54>*07, +AP.8<4@ =,>;
                                 <;:*>,80/- ,A54>*07 =4 674A.,3*P 2A- hProv, =,>,780>
                                 PP_DHOID CPGetProvParam ().
                                 J>4*?<42*0/- +AP.8<,- =,>, /45A,/34 …qt ‚ 34.10-94,
                  CALG_DH_EX_SF  /4E>,3-87,- < +AP.8<47 +4308@38>8. J>823,?3,.83, 2A-
                                 4:783, /8//*433;7* +AP.,7* * c|J.
                                 J>4*?<42*0/- +AP.8<,- =,>, /45A,/34 …qt ‚ 34.10-
                                 2001, /4E>,3-87,- < +AP.8<47 +4308@38>8.
                  CALG_DH_EL_SF
                                 J>823,?3,.83, 2A- 4:783, /8//*433;7* +AP.,7* *
                                 c|J.
                                 J>4*?<42*0/- +AP.8<,- =,>,, /4E>,3-87,- < +AP.8<47
                  AT_SIGNATURE   +4308@38>8. J>823,?3,.83, 2A- c|J. R +,.8/0<8
                                 ,A54>*07, +AP.8<4@ =,>; <;:*>,80/- ,A54>*07 =4

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 18
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
674A.,3*P 2A- hProv, =,>,780> PP_SIGNATUREOID
                                  B63+D** CPGetProvParam ().
                                  J>4*?<42*0/- +AP.8<,- =,>, /45A,/34 …qt ‚ 34.10-94,
             CALG_GR3410          /4E>,3-87,- < +AP.8<47 +4308@38>8. J>823,?3,.83, 2A-
                                  c|J.
                                  J>4*?<42*0/- +AP.8<,- =,>, /45A,/34 …qt ‚ 34.10-
             CALG_GR3410EL        2001, /4E>,3-87,- < +AP.8<47 +4308@38>8.
                                  J>823,?3,.83, 2A- c|J.
             dwFlags - VA,5* 4=>828A-P0 =>*?3,+* =>4*?<42*7454 +AP.,. ‚,?78>; +AP.8@
             =42=*/* * +AP.8@ 4:783, 74560 :;01 6/0,34<A83; =>* <;>,:40+8 +AP.,.
             ‚,?78> +AP., 6/0,3,<A*<,80/- < /0,>C*E 16 :*0,E =,>,780>, dwFlags, k0* 16
             :*0 =>82/0,<A-P0 >,?78> 7426A- < :*0,E. R 2,334@ <8>/** +>*=04=>4<,@28>,
             >,?78> 7426A- +AP., >,<83 1024. R 3,/04-H88 <>87- 4=>828A833; /A826PH*8
             BA,5*:
           A. e2. 2 dwFlags                             7      . 2
                                  f/A* k040 BA,5 6/0,34<A83, 04 =>4*?<82~33;@ +AP.
                                  74980 :;01 =8>82,3 *? +>*=04=>4<,@28>, < +AP.8<4@
                                  :A4: .8>8? B63+D*P CPExportKey (). f/A* k040 BA,5 38
                                  6/0,34<A83, +AP. 38 :6280 k+/=4>0*>687;7 * :6280
        CRYPT_EXPORTABLE          24/06=83 04A1+4 < =>828A,E 08+6H8@ /8//**
                                  =>*A4983*P, +404>48 /4?2,A4 k040 +AP.. F8@/0<*8
                                  k0454 BA,5, 38 >,/=>4/0>,3-P0/- 3, 40+>;0;8 +AP.*
                                  +AP.8<;E =,>;.

                             f/A* k040 BA,5 6/0,34<A83, 04 =>* AP:47 ?,=>4/8 3,
                             24/06= + 34/*08AP /8+>803454 +AP., =4A1?4<,08A-
        CRYPT_USER_PROTECTED
                             <;<42*0/- 4+34 2*,A45,, ?,=>,C*<,PH854 =>,<4
                             24/06=, + +AP.6.
                             f/A* k040 BA,5 6/0,34<A83, 04 5838>*>680/- "=6/0,-"
                             +AP.8<,- =,>, 4:783,. J,>,780>; k04@ +AP.8<4@ =,>;
        CRYPT_PREGEN
                             24A93; :;01 6/0,34<A83; / */=4A1?4<,3*87 B63+D**
                             CPSetKeyParam ().


)-*+, -" ,      -":
              phKey - „2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> /B4>7*>4<,33454
        +AP., (+AP.8<4@ =,>; 40+>;0;@//8+>803;@ +AP.*).

)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.
      ? 1   k 2 ,2 1. e2. 0                              7      . 2
NTE_BAD_ALGID                          J,>,780> AlgId 4=>828A-80 ,A54>*07, 38

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 19
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
=4228>9*<,87;@ +>*=04=>4<,@28>47.
NTE_BAD_FLAGS                 R8A*.*3, dwFlags *7880 4C*:4.348 ?3,.83*8.
                              W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A
NTE_NO_MEMORY
                              =,7-01.
                              C*:+, =>* /.*0;<,3** 2,33;E *? /*/0873454
NTE_FAIL
                              >88/0>,.
GPE_CORRUPT_KEYCONTEXT        ),>6C83*8 D8A4/034/0* +AP.8@.
                              J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87
SCARD_W_CANCELLED_BY_USER
                              +A,<*C* Cancel
                              J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A*
SCARD_W_WRONG_CHV             =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam(),
                              38=>,<*A13;@
                              J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0,
                              *A* =,>4A1, 6/0,34<A833;@ B63+D*8@
SCARD_E_INVALID_CHV           SetProvParam(), *7880 38=>,<*A13;@ B4>7,0.
                              ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36
                              *A* /428>9*0 3824=6/0*7;8 /*7<4A;.
                              R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@,
SCARD_W_CHV_BLOCKED           0.+. */.8>=,A4/1 +4A*.8/0<4 =4=;04+
                              >,?>8C83348 +,>04@ 2A- <<42,.
                              )824/0,04.34 78/0, 3, 34/*08A8 2A- /4E>,383*-
NTE_TOKEN_KEYSET_STORAGE_FULL
                              *3B4>7,D**


   3.10.          I . 5 0 CPGenRandom

      !":   CPGenRandom
     $" !": o/=4A1?680/- 2A- ?,=4A383*- :6B8>, /A6.,@3;7* :,@0,7*..
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPGenRandom ( HCRYPTPROV hProv ,
                       DWORD dwLen , BYTE * pbBuffer );
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            dwLen - •*/A4 :,@04< /A6.,@3;E 2,33;E, +404>;8 :6260 =>4*?<8283;.

)-*+, -" ,         -":
                  pbBuffer - •6B8>, +62, +4=*>6P0/- /A6.,@3;8 2,33;8. FA*3, k0454 :6B8>, <
                  :,@0,E =8>82,~0/- =,>,780>47 dwLen.

)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 20
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
? 1       k 2 ,2 1. e2. 0                  7     . 2
                     )8624<A80<4>*08A13,- /0,0*/0*+, 2,0.*+, /A6.,@3;E .*/8A,
                     +430>4A*>687,- =>* 40+>;0** +4308@38>,. c0, 4C*:+,
NTE_FAIL
                     34/*0 <8>4-034/03;@ E,>,+08>. FA- +4>>8+034 >,:40,PH8@
RPE_FAIL_STATBUFFER
                     =>45>,77; <8>4-034/01 <4?3*+34<83*- 4C*:+* 38
                     =>8<;C,80 10^(-16).
                     )8624<A80<4>*08A13,- =4/04-334 28@/0<6PH,- /0,0*/0*+,
NTE_FAIL             2,0.*+, /A6.,@3;E .*/8A. c0, 4C*:+, 34/*0 <8>4-034/03;@
RPE_FAIL_TESTBUFFER  E,>,+08>. FA- +4>>8+034 >,:40,PH8@ =>45>,77;
                     <8>4-034/01 <4?3*+34<83*- 4C*:+* 38 =>8<;C,80 10^(-16).
NTE_KEYSET_ENTRY_BAD F,33;8 38<8>34 /.*0,3; *? /*/0873454 >88/0>,.

$%&'()*+&(. V63+D*- CPGenRandom () =4A6.,80 /A6.,@3;8 .*/A, / =>45>,773454 Fq•
+4308+/0, +>*=04=>4<,@28>, hProv, +404>;@ *3*D*,A*?*>680/- =>* <;=4A383** B63+D**
CPAcquireContext() c 3,+4=A833454 < +4308@38>8 +AP.8<454 34/*08A- /4/04-3*- Fq• *
6/0,34<A833;E < /*/0878 B*?*.8/+*E Fq•. R /A6.,8, 8/A* +4308+/0 +>*=04=>4<,@28>,
40+>;0 < >89*78 CRYPT_VERIFYCONTEXT * < /*/0878 38 6/0,34<A834 B*?*.8/+*E Fq•,
=>45>,773;@ Fq• *3*D*,A*?*>680/- / 3,+,=A*<,87454 < >88/0>8 4:H8/*/0873454
/4/04-3*- Fq•.


   3.11.          I . 5 0 CPGetKeyParam

      !":   CPGetKeyParam
     $" !": R4?<>,H,80 =,>,780>; +AP.,.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPGetKeyParam ( HCRYPTPROV hProv ,
                        HCRYPTKEY hKey , DWORD dwParam ,
                        BYTE * pbData , DWORD * pdwDataLen ,
                        DWORD dwFlags );
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            hKey - F8/+>*=04> +AP.,, =,>,780>; +404>454 6/0,3,<A*<,P0/-.
            dwParam - J,>,780>, =>*3*7,PH*@ /A826PH*8 <4?7493;8 ?3,.83*-:
       A. e2. 2 dwParam                   + 2 v      2 / l2 pbData
                          o2830*B*+,04> ,A54>*07, (ALG_ID), /440<80/0<6PH*@
      KP_ALGID
                          2,33476 +AP.6.
                          VA,5* >,?>8C83*- */=4A1?4<,3*- +AP.,. u,2,80/- <8A*.*34@
      KP_PERMISSIONS
                          DWORD.
                          ),.,A13;@ <8+04> *3*D*,A*?,D** (IV *A* /*3E>4=4/;A+,)
      KP_IV
                          ,A54>*07, C*B>4<,3*-.
                          ‚89*7 ,A54>*07, C*B>4<,3*-. u,2,80/- <8A*.*34@ DWORD.
      KP_MODE
                          o/=4A1?6P0/- >89*7; C*B>4<,3*-:
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 21
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
•    CRYPT_MODE_ECB - …qt 28147-89 >89*7 =>4/04@
                                                 ?,783;;
                                            •    CRYPT_MODE_OFB - …qt 28147-89 >89*7
                                                 5,77*>4<,3*-;
                                            •    CRYPT_MODE_CFB - …qt 28147-89 >89*7
                                                 5,77*>4<,3*- / 4:>,034@ /<-?1P.
                                            •    CRYPT_MODE_CBC - :A4.3;@ C*B> / 4:>,034@ /<-?1P
                                                 3, :,?8 …qt 28147-89;
                        …A6:*3, 4:>,034@ /<-?*. u,2,80/- <8A*.*34@ DWORD. J4
                        674A.,3*P ?3,.83*8 k04@ <8A*.*3; >,<34 64, .04
        KP_MODE_BITS
                        /440<80/0<680 >89*76 5,77*>4<,3*- / 4:>,034@ /<-?1P …qt
                        28147-89.
                        F4=4A3*08A13;@ =,>,780> +AP.,. r/0,3,<A*<,80 >89*7
        KP_MIXMODE      =>84:>,?4<,3*87 +AP., =4/A8 ?,C*B>4<,3*- +,92;E 1024 :,@0
                        *3B4>7,D**.
                        FA*3, +AP., < :*0,E. u,2,80/- <8A*.*34@ DWORD,
        KP_KEYLEN
                        6+,?;<,PH8@ .*/A4 :*0 < +AP.8.
                        o2830*B*+,04> 6?A, ?,783;, 6/0,3,<A*<,87454 =>*A4983*87.
        KP_CIPHEROID
                        q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D, /0>4+*.
                        o2830*B*+,04> ,A54>*07, F*BB*-}8AA7,3,. q0>4+4<,-
        KP_DHOID
                        <8A*.*3, / =>*?3,+47 +43D, /0>4+*.
                        o2830*B*+,04> ,A54>*07, =42=*/*. q0>4+4<,- <8A*.*3, /
        KP_SIGNATUREOID
                        =>*?3,+47 +43D, /0>4+*.
                        o2830*B*+,04> B63+D** E8C*>4<,3*-, 6/0,3,<A*<,874@
        KP_HASHOID
                        =>*A4983*87. q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D, /0>4+*.
        KP_Y            0+>;0;@ +AP. +AP.8<4@ =,>;.

                  dwFlags - J,>,780> *7880 36A8<48 ?3,.83*8:
                  pdwDataLen - „2>8/ 2A*3; 2,33;E =,>,780>,. J>* <;?4<8 B63+D** 6+,?,33;@
                  =,>,780> /428>9*0 .*/A4 :,@04< < :6B8>8 pbData.

)-*+, -" ,         -":
                  pbData - •6B8> 2,33;E =,>,780>,. V63+D*- +4=*>680 /440<80/0<6PH*8
                  =,>,780>6 2,33;8 < :6B8>. V4>7,0 k0*E 2,33;E ?,<*/*0 40 ?3,.83*- dwParam.
                  f/A* =,>,780> - NULL, 04 2,33;8 38 +4=*>6P0/-. t>8:687;@ >,?78> :6B8>, <
                  :,@0,E <4?<>,H,80/- < pdwDataLen.
                  pdwDataLen - „2>8/ 2A*3; 2,33;E =,>,780>,. J4/A8 <;=4A383*- B63+D**
                  =,>,780> :6280 6/0,34<A83 .*/A47 :,@04< 2,33;E =,>,780>,, /+4=*>4<,33;E <
                  :6B8> pbData. f/A* :6B8>, /440<80/0<6PH*@ pbData, 3824/0,04.34 <8A*+,
                  .04:; < 3854 +4=*>4<,01 ?,=>4C833;8 2,33;8, .8>8? B63+D*P GetLastError()
                  :6280 <4?<>,H83 +42 4C*:+* ERROR_MORE_DATA. R k047 /A6.,8
                  0>8:687;@ >,?78> :6B8>, <4?<>,H,80/- < pdwDataLen. f/A* k0, B63+D*-
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 22
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
?,<8>C,80/- / +4247 4C*:+*, 40A*.3;7 40 ERROR_MORE_DATA, < k047
                  =,>,780>8 <4?<>,H,80/- 34A1.

)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.
   ? 1    k 2 ,2
                                                7     . 2
      1. e2. 0
                      ‚,?78> :6B8>, pbData 3824/0,04.83 2A- +4=*>4<,3*-
ERROR_MORE_DATA
                      ?,0>8:4<,33;E 2,33;E.
NTE_BAD_FLAGS         J,>,780> dwFlags *7880 3836A8<48 ?3,.83*8.
NTE_BAD_TYPE          J,>,780> dwParam =8>82,~0 38*?<8/0348 ?3,.83*8 =,>,780>,.
                      J4=;0+, .083*- +AP.8<;E =,>,780>4<, +452, =>,<4 .083*-
NTE_PERM
                      +>*=04=>4<,@28>47 38 =>82/0,<A834.

$%&'()*+&(. J4/A8 0454, +,+ k0, B63+D*- :;A, <;?<,3,, 28/+>*=04> hProv /0,34<*0/-
3828@/0<*08A13;7. q8//*433;8 +AP.* * 4:€8+0; B63+D** EkC*>4<,3*-, /4?2,33;8 /
*/=4A1?4<,3*87 28/+>*=04>, hProv, >,?>6C,P0/-.


   3.12.          I . 5 0 CPGetUserKey

      !":   CPGetUserKey
     $" !": <4?<>,H,80 28/+>*=04> 4234@ *? =4/04-33;E +AP.8<;E =,> < +AP.8<47
            +4308@38>8.
%! & '(!(: #include <Wincrypt.h>
                BOOL WINAPI CPGetUserKey ( HCRYPTPROV hProv ,
                        +D dwKeySpec , HCRYPTKEY * phUserKey);
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            dwKeySpec - q=8D*B*+,D*- <4?<>,H,87454 +AP.,. qA826PH*8 0*=; AP.8<;E
            =,> * +AP.8@ 4=>828A83; < 3,/04-H88 <>87-:
           A. e2. 2                  7      . 2
      AT_KEYEXCHANGE WAP.8<,- =,>, 4:783,
      AT_SIGNATURE        WAP.8<,- =,>, D*B>4<4@ =42=*/*

                  dwFlags - J,>,780> *7880 36A8<48 ?3,.83*8:

)-*+, -" ,         -":
                  phUserKey - „2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> +AP.,.

)+ 3 4 "5+"             $" !":

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 23
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
          FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
          .8>8? B63+D*P GetLastError.
    ? 1  k 2 ,2 1. e2. 0                             7      . 2
                                WAP., 6+,?,33;@ dwKeySpec =,>,780>47, 38
NTE_NO_KEY
                                /6H8/0<680.
NTE_BAD_TYPE                    u3,.83*8 =,>,780>, dwKeySpec 38*?<8/034.
                                J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87 +A,<*C*
SCARD_W_CANCELLED_BY_USER
                                Cancel
                                J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A* =,>4A1,
SCARD_W_WRONG_CHV               6/0,34<A833;@ B63+D*8@ SetProvParam(),
                                38=>,<*A13;@
                                J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0, *A*
                                =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam(),
SCARD_E_INVALID_CHV             *7880 38=>,<*A13;@ B4>7,0. ),=>*78>, =,>4A1 *7880
                                3824=6/0*76P 2A*36 *A* /428>9*0 3824=6/0*7;8
                                /*7<4A;.
                                R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@, 0.+.
SCARD_W_CHV_BLOCKED             */.8>=,A4/1 +4A*.8/0<4 =4=;04+, >,?>8C83348 +,>04@
                                2A- <<42,.


   3.13.          I . 5 0 CPImportKey

      !":   CPImportKey
     $" !": o/=4A1?680/- 2A- *7=4>0, +>*=045>,B*.8/+454 +AP., *? +AP.8<454 :A4:, <
            +4308@38> +>*=04=>4<,@28>,.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPImportKey ( HCRYPTPROV hProv ,
                        BYTE * pbData , DWORD dwDataLen ,
                        HCRYPTKEY hImpKey , DWORD dwFlags ,
                        HCRYPTKEY * phKey );
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            pbData - •6B8>, /428>9,H*@ +AP.8<4@ :A4:, =>4*?<82833;@ / *c=4A1?4<,3*87
            B63+D** CPExportKey () 2,33;7 *A* 2>65*7 +>*=04=>4<,@28>47,
            B63+D*43*>6PH*7 3, 62,A83347 +47=1P08>8.
            dwDataLen - FA*3, +AP.8<454 :A4:, < :,@0,E.
            hImpKey - F8/+>*=04> +AP.,, 3, +404>47 4/6H8/0<A-80/- /3-0*8
            +>*=045>,B*.8/+4@ ?,H*0; *7=4>0*>687454 +AP.,. u3,.83*8 k0454 =,>,780>,
            24A934 /440<80/0<4<,01 ?3,.83*P hExpKey, 4=>828A~33476 2A- B63+D**
            CPExportKey () =>* /4?2,3** +AP.8<454 :A4:,. f/A* +AP.8<4@ :A4:
            ?,C*B>4<,3 3, /8//*43347 +AP.8, k040 =,>,780> 24A983 /428>9,01
            28/+>*=04> 3, /8//*433;@ +AP.. f/A* +AP.8<4@ :A4: 38 ?,C*B>4<,3

DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 24
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
(3,=>*78>, PUBLICKEYBLOB), 04 k040 =,>,780> 38 */=4A1?680/- * 24A983
          :;01 >,<83 36AP.
          dwFlags - u3,.83*8 BA,5,. c040 =,>,780> < 3,/04-H88 <>87- */=4A1?680/-
          04A1+4, +452, +AP.8<,- =,>, (/8+>803;@/40+>;0;@ +AP.*) *7=4>0*>680/- <
          +>*=04=>4<,@28> (< B4>78 PRIVATEKEYBLOB). R k047 /A6.,8, 8/A*
          *7=4>0*>687;@ +AP. 24A983 ?,34<4 k+/=4>0*>4<,01/-, < k040 =,>,780>
          24A983 :;01 =478H83 BA,5 CRYPT_EXPORTABLE. f/A* k040 BA,5 38
          */=4A1?680/-, <;?4<; + CryptExportKey / 28/+>*=04>47 +AP., :6260 08>=801
          3862,.6.
)-*+, -" , -":
          phKey - „2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> *7=4>0*>4<,33454
          +AP.,.

)+ 3 4 "5+"    $" !":
           J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 –
           FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83
           .8>8? B63+D*P GetLastError.
      ? 1   k 2 ,2 1. e2. 0                                7     . 2
                                       )8 =>4C~A +430>4A1 D8A4/034/0*
NTE_BAD_DATA
                                       *7=4>0*>687454 +AP.8<454 :A4:,.
                                       J,>,780> dwFlags /428>9*0 4C*:4.36P
NTE_BAD_FLAGS
                                       <8A*.*36.
                                       2*3 *A* 4:, *? +AP.8@, 6+,?,33;E hKey *
NTE_BAD_KEY
                                       hImpKey, 38 28@/0<*08A13;.
                                       t*= +AP.8<454 :A4:, 38 =4228>9*<,80/- k0*7
NTE_BAD_TYPE
                                       +>*=04=>4<,@28>47 *, <4?74934, 4C*:4.83.
                                       J4=;0+, *7=4>0, +AP.,, +452, =>,<4 *7=4>0,
NTE_PERM
                                       +>*=04=>4<,@28>47 38 =>824/0,<A834.
                                       W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A
NTE_NO_MEMORY
                                       =,7-01.
NTE_FAIL                               ),>6C83*8 D8A4/034/0* +AP.8@ < ur.
GPE_CORRUPT_KEYCONTEXT                 ),>6C83*8 D8A4/034/0* +AP.8@.
                                       J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87
SCARD_W_CANCELLED_BY_USER
                                       +A,<*C* Cancel
                                       J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A*
SCARD_W_WRONG_CHV                      =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam(),
                                       38=>,<*A13;@
                                       J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0,
                                       *A* =,>4A1, 6/0,34<A833;@ B63+D*8@
SCARD_E_INVALID_CHV                    SetProvParam(), *7880 38=>,<*A13;@ B4>7,0.
                                       ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36
                                       *A* /428>9*0 3824=6/0*7;8 /*7<4A;.
                                       R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@,
SCARD_W_CHV_BLOCKED
                                       0.+. */.8>=,A4/1 +4A*.8/0<4 =4=;04+,
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 25
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
>,?>8C83348 +,>04@ 2A- <<42,.
                              )824/0,04.34 78/0, 3, 34/*08A8 2A- /4E>,383*-
NTE_TOKEN_KEYSET_STORAGE_FULL
                              *3B4>7,D**

$%&'()*+&(. :;.34 2A- /45A,/4<,3*- (k+/=4>0,/*7=4>0,) /8//*433454 +AP., =>*783-P0
,A54>*07 F*BB*-}8AA7,3,. R k047 /A6.,8 +AP. =,>34@ /<-?* (+AP. k+/=4>0,/*7=4>0,
/8//*433454 +AP.,) =4>492,80/- 4=8>,D*8@ *7=4>0, 40+>;0454 +AP., =4A6.,08A-
(40=>,<*08A-) 3, +AP.8<4@ =,>8 40=>,<*08A- (=4A6.,08A-).


   3.14.          I . 5 0 CPSetKeyParam

      !":   CPSetKeyParam
     $" !": r/0,3,<A*<,80 =,>,780>; +AP.,.
%! & '(!(: #include <Wincrypt.h>
               BOOL WINAPI CPSetKeyParam ( HCRYPTPROV hProv ,
                        HCRYPTKEY hKey , DWORD dwParam ,
                        BYTE * pbData , DWORD dwFlags );
)*+, -" , -":
            hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D**
            CPAcquireContext.
            hKey - F8/+>*=04> +AP.,, =,>,780>; +404>454 6/0,3,<A*<,P0/-.
            dwParam - J,>,780>, =>*3*7,PH*@ /A826PH*8 <4?7493;8 ?3,.83*-:
        A. e2. 2 dwParam                    + 2 v      2 / l2 pbData
                             o2830*B*+,04> ,A54>*07, +AP., (ALG_ID),
                             /440<80/0<6PH*@ 2,33476 +AP.6. J8>82,~0/- B63+D**
                             .8>8? :6B8> pbData. R4?7494 6/0,34<*01 ?3,.83*8
                             CALG_G28147 2A- +AP.8@ +A,//,
                             ALG_CLASS_DATA_ENCRYPT (/8//*433;E +AP.8@).
                                      ALG_ID                     7     . 2
                                                      WAP. C*B>4<,3*- */*A*
                                                      *704?,H*0; 2,33;E =4 …qt
                                                      28147-89. R =4/A82/0<** k040
                              CALG_G28147             +AP. 74934 =4780*01 +,+ +AP.
      KP_ALGID                                        2A- *7=4>0,/k+/=4>0, /
                                                      =474H1P B63+D**
                                                      CPSetKeyParam ().
                                                      WAP. k+/=4>0,/*7=4>0, +AP.8@
                                                      0*=, CALG_G28147 2A-
                              CALG_PRO_EXPORT
                                                      E>,383*- 3, 2*/+8 *A* =8>82,.*
                                                      =4 +,3,A6 /<-?*.
                                                      WAP. k+/=4>0,/*7=4>0, +AP.8@
                                                      0*=, CALG_G28147 =4 …qt
                              CALG_SIMPLE_EXPORT
                                                      28147-89 < >89*78 =>4/04@
                                                      ?,783; 2A- E>,383*- 3,
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 26
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
+AP.8<47 34/*08A8.

                                                                                  o/=4A1?4<,3*8
                                                                                  CALG_SIMPLE_EXPORT 2A-
                                                                                  +AP.8@ CALG_G28147,
                                                                                  =8>82,3;E < +,3,A8 /<-?*,
                                                                                  <4?74934 04A1+4 < /A6.,8
                                                                                  4:8/=8.83*- /0>454@
                                                                                  4234+>,034/0* 4=8>,D**
                                                                                  *7=4>0, +AP., =>*3*7,PH8@
                                                                                  /04>434@ * 5,>,30*>4<,34@
                                                                                  /A6.,@34/0* =4A6.83*- +AP.,
                                                                                  =8>82,PH8@ /04>434@.

                                                              )824=6/0*74 */=4A1?4<,3*8
                                                              CALG_SIMPLE_EXPORT 2A-
                                                              k+/=4>0,/*7=4>0, +AP.8@ /
                                                              D8A1P E>,383*- *E 2*/+8.
                                                              WAP. 2A- >8,A*?,D** =>404+4A,
                                            CALG_TLS1_MASTER
                                                              TLS.
                                                              WAP. 2A- >8,A*?,D** =>404+4A,
                                            CALG_TLS1_MAC_KEY
                                                              TLS.
                                                              WAP. 2A- >8,A*?,D** =>404+4A,
                                            CALG_TLS1_ENC_KEY
                                                              TLS.
                                           ),.,A13;@ <8+04> (IV). J4/A824<,08A134/01 :,@04<,
        KP_IV
                                           /428>9,H,- IV, =8>82,~0/- B63+D** .8>8? :6B8> pbData.
                                           q=4/4: 24=4A383*-. R8A*.*3, DWORD, /428>9,H,- 78042
                                           24=4A383*-, */=4A1?687;@ C*B>47 +AP.,, =8>82,~0/-
        KP_PADDING                         B63+D** .8>8? :6B8> pbData. R 3,/04-H88 <>87- 4=>828A83
                                           /A826PH*@ /=4/4: 24=4A383*:
                                                •    PKCS5_PADDING - PKCS 5
                                           ‚89*7 C*B>,. u,2,80/- <8A*.*34@ DWORD. J8>82,~0/-
                                           B63+D** .8>8? :6B8> pbData. R /A826PH87 /=*/+8
                                           =>*<8283; >89*7; C*B>4<,3*-, 4=>828A~33;8 < 3,/04-H88
                                           <>87-:
                                           • CRYPT_MODE_ECB - …qt 28147-89 >89*7 =>4/04@
        KP_MODE                            ?,783;;
                                           • CRYPT_MODE_OFB - …qt 28147-89 >89*7
                                           5,77*>4<,3*-;
                                           • CRYPT_MODE_CFB - …qt 28147-89 >89*7
                                           5,77*>4<,3*- / 4:>,034@ /<-?1P.
                                           • CRYPT_MODE_CBC - :A4.3;@ C*B> / 4:>,034@ /<-?1P;
                                           …A6:*3, 4:>,034@ /<-?*. u,2,80/- <8A*.*34@ DWORD. J4
        KP_MODE_BITS
                                           674A.,3*P ?3,.83*8 k04@ <8A*.*3; >,<34 64, .04
DSSSCT                File : DCSP_pg1.doc                      Ref : DCSPPG0010                 Revision:1.0         Page: 27
                                          Copyright © Dekart S.R.L (www.dekart.com ) – 2005
                     This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L.
 )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8?
                                          =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<.
                                                   + ,- .              . - /01 2-3. .
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1
Dcsp pg1

More Related Content

Viewers also liked (9)

Key manager oper_guide
Key manager oper_guideKey manager oper_guide
Key manager oper_guide
 
Sim explorer ru
Sim explorer ruSim explorer ru
Sim explorer ru
 
Sec keeper ru
Sec keeper ruSec keeper ru
Sec keeper ru
 
Anuzul
AnuzulAnuzul
Anuzul
 
Ckeygen
CkeygenCkeygen
Ckeygen
 
Csp oper guide
Csp oper guideCsp oper guide
Csp oper guide
 
1 c logon
1 c logon1 c logon
1 c logon
 
Dcsp
DcspDcsp
Dcsp
 
Icalogoneng
IcalogonengIcalogoneng
Icalogoneng
 

Similar to Dcsp pg1 (20)

D crypto api
D crypto apiD crypto api
D crypto api
 
Lnlogon ru
Lnlogon ruLnlogon ru
Lnlogon ru
 
Lnlogon en
Lnlogon enLnlogon en
Lnlogon en
 
A agricultura familiar e os desafios frente à redução de pobreza e desigualda...
A agricultura familiar e os desafios frente à redução de pobreza e desigualda...A agricultura familiar e os desafios frente à redução de pobreza e desigualda...
A agricultura familiar e os desafios frente à redução de pobreza e desigualda...
 
Matemática - Actividades Nivel Inicial - Juegos
Matemática - Actividades Nivel Inicial - JuegosMatemática - Actividades Nivel Inicial - Juegos
Matemática - Actividades Nivel Inicial - Juegos
 
Suprfull
SuprfullSuprfull
Suprfull
 
Age maio 2012 bloco 2 completo
Age maio 2012 bloco 2 completoAge maio 2012 bloco 2 completo
Age maio 2012 bloco 2 completo
 
Dragonite for thermosets 2 page web
Dragonite for thermosets 2 page webDragonite for thermosets 2 page web
Dragonite for thermosets 2 page web
 
Icalogon
IcalogonIcalogon
Icalogon
 
002207866
002207866002207866
002207866
 
Flipped
Flipped Flipped
Flipped
 
Itsecteam shell
Itsecteam shellItsecteam shell
Itsecteam shell
 
Ph 35
Ph 35Ph 35
Ph 35
 
Contrato 2014
Contrato 2014Contrato 2014
Contrato 2014
 
Tema8seguridaden las comunicaciones
Tema8seguridaden las comunicacionesTema8seguridaden las comunicaciones
Tema8seguridaden las comunicaciones
 
Cortafuegos
CortafuegosCortafuegos
Cortafuegos
 
Becky\'s Resume
Becky\'s ResumeBecky\'s Resume
Becky\'s Resume
 
Chapter 1 tax treaty entitl..
Chapter 1  tax treaty entitl..Chapter 1  tax treaty entitl..
Chapter 1 tax treaty entitl..
 
Globe Trotting for Green Building Hotspots
Globe Trotting for Green Building HotspotsGlobe Trotting for Green Building Hotspots
Globe Trotting for Green Building Hotspots
 
Архитектура коммутаторов Cisco Catalyst 6500
Архитектура коммутаторов Cisco Catalyst 6500Архитектура коммутаторов Cisco Catalyst 6500
Архитектура коммутаторов Cisco Catalyst 6500
 

More from CompaniaDekartSRL (20)

Keyexpo
KeyexpoKeyexpo
Keyexpo
 
Ikeygen
IkeygenIkeygen
Ikeygen
 
Xcd pg
Xcd pgXcd pg
Xcd pg
 
Cdserv
CdservCdserv
Cdserv
 
Cdexpert
CdexpertCdexpert
Cdexpert
 
Keycert
KeycertKeycert
Keycert
 
Ikeyexpo
IkeyexpoIkeyexpo
Ikeyexpo
 
Ccrt pg
Ccrt pgCcrt pg
Ccrt pg
 
Cdex pg
Cdex pgCdex pg
Cdex pg
 
Pom2010a
Pom2010aPom2010a
Pom2010a
 
Pom2009a
Pom2009aPom2009a
Pom2009a
 
Pom2005b
Pom2005bPom2005b
Pom2005b
 
Pom2002e
Pom2002ePom2002e
Pom2002e
 
Pom2001d
Pom2001dPom2001d
Pom2001d
 
Pom2001a
Pom2001aPom2001a
Pom2001a
 
Pom2001
Pom2001Pom2001
Pom2001
 
Petrova 99full
Petrova 99fullPetrova 99full
Petrova 99full
 
Petr98
Petr98Petr98
Petr98
 
Pc pz
Pc pzPc pz
Pc pz
 
Ecomigra
EcomigraEcomigra
Ecomigra
 

Dcsp pg1

  • 1. DEKART CRYPTOGRAPHIC SERVICE PROVIDER 45 2005
  • 2. 4.. 5 0 F,33;@ 24+67830 /428>9*0 4=*/,3*8 B63+D*@, <E42-H*E < Dekart Cryptographic Service Provider. J>*<42*0/- 384:E42*7,- /=>,<4.3,- *3B4>7,D*-. DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 2 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 3. 7 - -2. 2 488794:;<...............................................................................................................................2 7=>4?>@8;@ ............................................................................................................................3 1. 84A84B@8;@ 4A 4C79D;..................................................................................4 2. 7CF;@ +?@G@8;<......................................................................................................4 3. 7H;+48;@ IJ8D:;K DEKART RSA CRYPTOGRAPHIC SERVICE PROVIDER ...............................................................................................................4 3.1. IJ8D:;< CPACQUIRECONTEXT .....................................................................................................................4 3.2. IJ8D:;< CPGETPROVPARAM........................................................................................................................6 3.3. IJ8D:;< CPRELEASECONTEXT ...................................................................................................................10 3.4. IJ8D:;< CPSETPROVPARAM ......................................................................................................................11 3.5. IJ8D:;< CPDERIVEKEY ..............................................................................................................................13 3.6. IJ8D:;< CPDESTROYKEY ...........................................................................................................................15 3.7. IJ8D:;< CPDUPLICATEKEY ........................................................................................................................15 3.8. IJ8D:;< CPEXPORTKEY .............................................................................................................................16 3.9. IJ8D:;< CPGENKEY ....................................................................................................................................17 3.10. IJ8D:;< CPGENRANDOM ............................................................................................................................20 3.11. IJ8D:;< CPGETKEYPARAM........................................................................................................................21 3.12. IJ8D:;< CPGETUSERKEY ...........................................................................................................................23 3.13. IJ8D:;< CPIMPORTKEY ..............................................................................................................................24 3.14. IJ8D:;< CPSETKEYPARAM ........................................................................................................................26 3.15. IJ8D:;< CPDECRYPT ...................................................................................................................................29 3.16. IJ8D:;< CPENCRYPT ...................................................................................................................................30 3.17. IJ8D:;< CPCREATEHASH ...........................................................................................................................31 3.18. IJ8D:;< CPDESTROYHASH .........................................................................................................................32 3.19. IJ8D:;< CPDUPLICATEHASH ......................................................................................................................33 3.20. IJ8D:;< CPGETHASHPARAM .......................................................................................................................34 3.21. IJ8D:;< CPHASHDATA................................................................................................................................36 3.22. IJ8D:;< CPHASHSESSIONKEY ....................................................................................................................36 3.23. IJ8D:;< CPSETHASHPARAM ......................................................................................................................37 3.24. IJ8D:;< CPSIGNHASH .................................................................................................................................39 3.25. IJ8D:;< CPVERIFYSIGNATURE...................................................................................................................41 4. 7H;+48;@ +9 JD9J , ;+H7>`AJ@abc ? IJ8D:;<c DEKART RSA CRYPTOGRAPHIC SERVICE PROVIDER...................................42 4.1. 7H;+48;@ +9 JD9J b _VTABLEPROVSTRUC......................................................................................42 4.2. 7H;+48;@ +9 JD9J b _ PUBLICKEYSTRUC .........................................................................................43 DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 3 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 4. 1. 8 1. e2. 2 1 / Dekart RSA Cryptographic Service Provider =>823,?3,.83 2A- +>*=045>,B*.8/+4@ ?,H*0; 2,33;E * =>82/0,<A-80 /4:4@ -2>4, *3085>*>68748 < 4=8>,D*433;8 /*/087; Windows. Dekart RSA Cryptographic Service Provider /440<80/0<680 0>8:4<,3*-7 Microsoft Cryptographic Service Provider Interface (CryptoSPI), +404>;8 4=>828A-P0 =>,<*A, 854 */=4A1?4<,3*- >,?A*.3;7* =>*A4983*-7* =4/>82/0<47 Microsoft Cryptographic Application Program Interface (CryptoAPI). R Dekart RSA Cryptographic Service Provider >8,A*?4<,3; /4<>87833;8 78E,3*?7; +>*=045>,B*.8/+4@ ?,H*0; 2,33;E: D*B>4<,- =42=*/1, C*B>4<,3*8 * ,60830*B*+,D*- 2,33;E. . 2. 7/k 2 2 2. 0 Dekart RSA Cryptographic Service Provider <+AP.,80 < /8:- /A826PH*8 B63+D**: B63+D** *3*D*,A*?,D** +4308+/0, * =4A6.83*- =,>,780>4< +>*=04=>4<,@28>,; B63+D** 5838>,D** +AP.8@ * >,:40; / 3*7*; B63+D** C*B>4<,3*-/>,/C*B>4<;<,3*- 2,33;E; V63+D** E8C*>4<,3*- * =4A6.83*- D*B>4<4@ =42=*/* 2,33;E. )84:E42*748 4:4>624<,3*8: • W47=1P08> IBM PC (486 * <;C8). )84:E42*748 =>45>,77348 4:8/=8.83*8: • =8>,D*433,- /*/087, MS Windows. 3. 7 . 2 l . 5 m Dekart RSA Cryptographic Service Provider 3.1. I . 5 0 CPAcquireContext !": CPAcquireContext $" !": J4?<4A-80 /4?2,01 28/+>*=04> +>*=04=>4<,@28>, / *78387 +AP.8<454 +4308@38>,. %! & '(!(: #include “Wincrypt.h” BOOL WINAPI CPAcquireContext ( HCRYPTPROV * phProv , CHAR * pszContainer , DWORD dwFlags , PVTABLEPROVSTRUCpVTable ) )*+, -" , -": PszContainer - *7- +AP.8<454 +4308@38>,. c04 6+,?,08A1 3, /0>4+6, 2A*34@ 38 :4A1C8, .87 MAX_PATH ?3,+4<, <+AP.,- =>*?3,+ +43D, /0>4+*. f/A* 2,33;@ DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 4 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 5. =,>,780> - NULL, 04 +>*=04=>4<,@28> :6280 */=4A1?4<,01 < +,.8/0<8 *783* +4308@38>, *7- =4A1?4<,08A-, <4C82C854 < /*/0876. dwFlags - J,>,780> *7880 36A8<48 *A* 4234 *? /A826PH*E ?3,.83*@: A. e2. 2 dwFlags 7 . 2 CRYPT_VERIFYCONTEXT J>*A4983*8 38 *7880 24/06=, + /8+>803;7 +AP.,7 +AP.8<454 +4308@38>,. VA,5 =>823,?3,.83 2A- */=4A1?4<,3*- / =>*A4983*-7*, 2A- +404>;E 0>8:680/- =>4<8>+, D*B>4<4@ =42=*/*. =8>,D**, 4:;.34 384:E42*7;8 < k047 /A6.,8, – =4A6.83*8 28/+>*=04>4< 40+>;0;E +AP.8@, EkC*>4<,3*8 * =>4<8>+, =42=*/*. J>* <;?4<8 B63+D** CPAcquireContext +>*=04=>4<,@28> 38 0>8:680 40 =4A1?4<,08A- <<42, +AP.8<4@ *3B4>7,D**. CRYPT_NEWKEYSET f/A* BA,5 6/0,34<A83, 04 :6280 /4?2,3 34<;@ +AP.8<4@ +4308@38> / *78387, /440<80/0<6PH*7 pszContainer. f/A* pszContainer - NULL, 04 < +,.8/0<8 *783* +4308@38>, */=4A1?680/- *7- =4A1?4<,08A-, <4C82C854 < /*/0876. CRYPT_MACHINE_KEYSET VA,5 74980 */=4A1?4<,01/- =>* <;?4<8 B63+D** CPAcquireContext c CRYPT_NEW_KEYSET *A* BA,547 CRYPT_DELETE_KEYSET. R k047 /A6.,8 +AP.* :6260 /4E>,383; < +AP.8 HKEY_LOCAL_MACHINE /*/0873454 >88/0>,. VA,5 =>823,?3,.83 2A- */=4A1?4<,3*- +>*=04=>4<,@28>, < /4/0,<8 /*/0873;E =>*A4983*@. CRYPT_DELETEKEYSET WAP.8<4@ +4308@38>, /440<80/0<6PH*@ pszContainer, 62,A-80/-. f/A* pszContainer - NULL, 04 62,A-80/- +AP.8<4@ +4308@38> / *78387, ?,2,33;7 =4 674A.,3*P. R/8 +AP.8<;8 =,>; < +AP.8<47 +4308@38>8 0,+98 63*.049,P0/-. W452, BA,5 CRYPT_DELETEKEYSET 6/0,34<A83, ?3,.83*8, <4?<>,H83348 < phProv, 38 4=>828A834 * B63+D*- CPAcquireContext 38 24A93, <;?;<,01/- =4<04>34. PVTable - 6+,?,08A1 3, /0>6+06>6 _VTABLEPROVSTRUC, +404>,- /428>9*0 /=*/4+ callback B63+D*@, =>82/0,<A-87;E 4=8>,D*4334@ /*/0874@ 2A- */=4A1?4<,3*- +>*=04=>4<,@28>47 )-*+, -" , -": PhProv - ,2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> +>*=04=>4<,@28>,. )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE, < =>40*<347 /A6.,8 <4?<>,H,80/- FALSE. f/A* <4?<>,H,80/- FALSE, /440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError(). DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 5 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 6. ? 1 k 2 ,2 1. e2. 0 7 . 2 NTE_BAD_FLAGS J,>,780> dwFlags *7880 ?,=>8H83348 ?3,.83*8. WAP.8<4@ +4308@38> 38 :;A 40+>;0, *, <4?74934, NTE_BAD_KEYSET 38 /6H8/0<680. J,>,780> pszContainer 6/0,34<A83 < ?,=>8H83348 NTE_BAD_KEYSET_PARAM ?3,.83*8. )8 =>4CA, =>4<8>+, D*B>4<4@ =42=*/* DLL NTE_BAD_SIGNATURE +>*=04=>4<,@28>,. DLL *A* D*B>4<,- =42=*/1 */+,983;. J,>,780> dwFlags 6/0,34<A83 < NTE_EXISTS CRYPT_NEWKEYSET, , +AP.8<4@ +4308@38> 698 /6H8/0<680. WAP.8<4@ +4308@38>, /440<80/0<6PH*@ NTE_KEYSET_ENTRY_BAD pszContainer 3,@283, 34 */+,983. WAP.8<4@ +4308@38>, /440<80/0<6PH*@ NTE_KEYSET_NOT_DEF pszContainer, 38 /6H8/0<680. W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A NTE_NO_MEMORY =,7-01. J4A1?4<,08A1 =>8><,A 4=8>,D*P, 3,9,0*87 SCARD_W_CANCELLED_BY_USER +A,<*C* Cancel J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A* SCARD_W_WRONG_CHV =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam, 38=>,<*A13;@ J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0, *A* =,>4A1, 6/0,34<A833;@ B63+D*8@ SCARD_E_INVALID_CHV SetProvParam, *7880 38=>,<*A13;@ B4>7,0. ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36 *A* /428>9*0 3824=6/0*7;8 /*7<4A;. R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@, SCARD_W_CHV_BLOCKED 0.+. */.8>=,A4/1 +4A*.8/0<4 =4=;04+, >,?>8C83348 +,>04@ 2A- <<42,. )824/0,04.34 78/0, 3, 34/*08A8 2A- /4E>,383*- NTE_TOKEN_KEYSET_STORAGE_FULL *3B4>7,D**. 3.2. I . 5 0 CPGetProvParam !": CPGetProvParam $" !": R4?<>,H,80 =,>,780>; +>*=04=>4<,@28>,. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPGetProvParam ( HCRYPTPROV hProv , DWORD dwParam , BYTE * pbData , DWORD * pdwDataLen , DWORD dwFlags ) DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 6 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 7. )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. dwParam - ?3,.83*8 ,>567830, 4=>828A-80 0*= ?,=>4/,. R 3,/04-H88 <>87- 4=>828A83; /A826PH*8 ?3,.83*- dwParam. A. e2. 2 dwParam + 2 v 2 / l2 pbData o7- +AP.8<454 +4308@38>, <*2, CONTAINER, 8/A* 43 *7880 *7-, < =>40*<347 /A6.,8 63*+,A1348 *7- (/7. PP_CONTAINER PP_UNIQUE_CONTAINER). q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D, /0>4+*, /428>9,H,- *7- 08+6H854 +AP.8<454 +4308@38>,. r3*+,A1348 *7- +AP.8<454 +4308@38>,. r3*+,A1348 *7- ?,<*/*0 40 0*=, +AP.8<454 34/*08A- * 74980 *7801 <*2: PP_UNIQUE_CONTAINER MEDIAFOLDER, MEDIAUNIQUEFOLDER *A* MEDIAUNIQUE. q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D, /0>4+*, /428>9,H,- *7- 08+6H854 +AP.8<454 +4308@38>,. PP_ENUMALGS J4228>9*<,87;8 ,A54>*07;. PP_ENUMALGS_EX J4228>9*<,87;8 ,A54>*07;. o783, +AP.8<;E +4308@38>4<. q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D, /04>4+*, /428>9,H,- *7- 423454 *? +AP.8<;E +4308@38>4<, =4228>9*<,87;E PP_ENUMCONTAINERS +>*=04=>4<,@28>47. J>*+A,23;8 =>45>,77; .*0,P0 6+,?,33;@ =,>,780> 384234+>,034 2A- =8>8.*/A83*- </8E +AP.8<;E +4308@38>4<, =4228>9*<,87;E +>*=04=>4<,@28>47. PP_PROVTYPE t*= +>*=04=>4<,@28>,. u,2,80/- <8A*.*34@ DWORD. t*= >8,A*?,D** +>*=04=>4<,@28>,. u,2,80/- <8A*.*34@ DWORD. R 3,/04-H88 <>87- 4=>828A83; /A826PH*8 0*=; >8,A*?,D**: • CRYPT_IMPL_HARDWARE PP_IMPTYPE • CRYPT_IMPL_SOFTWARE • CRYPT_IMPL_MIXED • CRYPT_IMPL_UNKNOWN q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D, /0>4+*, /428>9,H,- *7- +>*=04=>4<,@28>,. q440<80/0<680 PP_NAME <E49283*-7 "CSP Name", +404>;8 =>45>,77, setup 6/0,34<*A, < Windows® Registry. R8>/*- +>*=04=>4<,@28>,. u,2,80/- <8A*.*34@ DWORD. PP_VERSION ),=>*78>, <8>/*- 1.0 =>82/0,<A-80/- +,+ 0x00000100. PP_KEYSPEC t*= +AP.,. u,2,80/- <8A*.*34@ DWORD. PP_KEYX_KEYSIZE_INC {426A1 40+>;0454 +AP., 4:783,. u,2,80/- <8A*.*34@ DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 7 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 8. DWORD. {426A1 40+>;0454 +AP., c|J. u,2,80/- <8A*.*34@ PP_SIG_KEYSIZE_INC DWORD. R4?<>,H,80 28/+>*=04> :8?4=,/34/0* >,?28A, >88/0>, PP_KEYSET_SEC_DESCR Windows, 528 E>,3-0/- +AP.* =4A1?4<,08A-. J4228>9*<,87;8 =,>,780>; ,A54>*074<. J8>8.*/A-P0/- PP_ENUMOIDS_EX /0>4+4<;8 <8A*.*3; - OID =4228>9*<,87;E 3,:4>4< =,>,780>4< ,A54>*074<. OID 08+6H*E =,>,780>4< ,A54>*07, B63+D** PP_HASHOID E8C*>4<,3*-. PP_SIGNATUREOID OID 08+6H*E =,>,780>4< ,A54>*07, =42=*/*. PP_DHOID OID 08+6H*E =,>,780>4< ,A54>*07, F*BB*-}8AA7,3,. PP_CIPHEROID OID 08+6H*E =,>,780>4< ,A54>*07, C*B>4<,3*-. R;2,~0 < pbData +AP.8<4@ :A4: 0*=, 2A- 6/0,34<+* =>45>,773454 Fq• =>4<,@28>, 6>4<3- -2>, q. f/A* +4308+/0 +>*=04=>4<,@28>, hProv 40+>;0 < >89*78 PP_RANDOM CRYPT_VERIFYCONTEXT, 04 =>82<,>*08A134 :6260 =4A6.83; /A6.,@3;8 .*/A, / B*?*.8/+454 *A* +A,<*,06>3454 Fq•. W42 =4/A8238@ 4C*:+* +>*=04=>4<,@28>,. R pbData :6B8> :6280 =478H83, <8A*.*3, DWORD - +42 =4/A8238@ PP_LAST_ERROR 4C*:+*, <4?<>,H~334@ 4234@ *? B63+D*@ +>*=04=>4<,@28>,. W42; 4C*:4+ 2,3; < B,@A8 WincryptEx.h. FA- */=4A1?4<,3*- < -2>8 q. R4?<>,H,80 ?3,.83*8 =4/A823854 ,>567830, B63+D** mutex_init (6+,?,08A1 3, PP_MUTEX_ARG 4:>,:40.*+ =>8>;<,3*-) 2A- </8E mutex, */=4A1?687;E =>* >,:408 CSP. dwFlags - u3,.83*- BA,54<. R 3,/04-H88 <>87- 4=>828A83; /A826PH*8 ?3,.83*- BA,54<: A. e2. 2 dwFlags 7 . 2 W452, .*0,80/- =,>,780> =8>8.*/A83*- (3,=>*78>, PP_ENUMALGS, PP_ENUMALGS_EX *A* PP_ENUMCONTAINERS) * 6/0,34<A83 k040 BA,5, 24A983 :;01 <4?<>,H83 =8><;@ kA87830 < /=*/+8 CRYPT_FIRST =8>8.*/A83*-. o3,.8 - <4?<>,H,80/- /A826PH*@ kA87830 < /=*/+8. f/A* BA,94+ 6/0,34<A83, * .*0,80/- =,>,780> 38=8>8.*/A83*-, <4?<>,H,80/- +42 4C*:+* NTE_BAD_FLAGS. W452, .*0,80/- =,>,780> =8>8.*/A83*- CRYPT_MACHINE_KEYSET PP_ENUMCONTAINERS, 74980 :;01 4=>828A83 BA,5 CRYPT_MACHINE_KEYSET. c040 BA,5 24A983 :;01 DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 8 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 9. 6/0,34<A83, 8/A* 36934, .04:; =8>8.*/A83*8 =>4E42*A4 < >,?28A8 HKEY_LOCAL_MACHINE, , 38 < >,?28A8 HKEY_CURRENT_USER (?3,.83*8 =4 674A.,3*P) /*/0873454 >88/0>,. f/A* dwParam 6/0,34<A83 < PP_KEYSET_SEC_DESCR, :6280 <4?<>,H83 28/+>*=04> :8?4=,/34/0* >,?28A, >88/0>,, /428>9,H854 +AP.8<4@ +4308@38>. R k047 /A6.8 dwFlags */=4A1?680/-, .04:; =8>82,01 :*04<;8 BA,5*, 4:€82*3-87;8 =4>,?>-234@ 4=8>,D*8@ OR. r+,?,08A1 3, 28/+>*=04> :8?4=,/34/0* <4?<>,H,80/- < ,>5678308 pbData, 2A*3, 28/+>*=04>, :8?4=,/34/0* <4?<>,H,80/- < ,>5678308 pcbData. FA- =4A6.83*- 24=4A3*08A134@ *3B4>7,D**, /7. RegGetKeySecurity * RegSetKeySecurity. qA826PH*@ /=*/4+ /428>9*0 *783, :*04<, 4=>828A-PH*E ?,0>8:4<,336P *3B4>7,D*P 4 :8?4=,/34/0*. • OWNER_SECURITY_INFORMATION - SECURITY_INFORMATION r+,?;<,80 *2830*B*+,04> <A,28A1D, 6=47-360454 4:€8+0,. • GROUP_SECURITY_INFORMATION - r+,?;<,80 *2830*B*+,04> =8><*.3;@ 5>6==; 6=47-360454 4:€8+0,. • DACL_SECURITY_INFORMATION - r+,?;<,80 *2830*B*+,04> 2*/+>8D*433454 ACL 6=47-360454 4:€8+0,. • SACL_SECURITY_INFORMATION - r+,?;<,80 *2830*B*+,04> /*/0873454 ACL 6=47-360454 4:€8+0,. dwBufLen – >,?78> <E423454 :6B8>, 2,33;E. DwFlags – 38*/=4A1?687;@ =,>,780>, 4:;.34 6/0,3,<A*<,80/- < 0. PbData - 6+,?,08A1 3, 7,//*< <E423;E 2,33;E. )-*+, -" , -": pbData - •6B8> 2,33;E =,>,780>,. V63+D*- +4=*>680 /440<80/0<6PH*8 =,>,780>6 2,33;8 < :6B8>. V4>7,0 k0*E 2,33;E ?,<*/*0 40 ?3,.83*- dwParam. f/A* ,>567830 B63+D** - NULL, 04 2,33;8 38 +4=*>6P0/-. t>8:687;@ >,?78> :6B8>, < :,@0,E <4?<>,H,80/- < pdwDataLen. . )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 9 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 10. ‚,?78> :6B8>, pbData 38 24/0,04.83 2A- +4=*>4<,3*- ERROR_MORE_DATA ?,0>8:4<,33;E 2,33;E. NTE_BAD_FLAGS J,>,780> dwFlags *7880 ?,=>8H83348 ?3,.83*8. NTE_BAD_TYPE dwParam 4=>828A-80 38*?<8/03;@ =,>,780>. J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87 +A,<*C* SCARD_W_CANCELLED_BY_USER Cancel J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A* =,>4A1, SCARD_W_WRONG_CHV 6/0,34<A833;@ B63+D*8@ SetProvParam, 38=>,<*A13;@ J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0, *A* =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam, *7880 SCARD_E_INVALID_CHV 38=>,<*A13;@ B4>7,0. ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36 *A* /428>9*0 3824=6/0*7;8 /*7<4A;. R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@, 0.+. SCARD_W_CHV_BLOCKED */.8>=,A4/1 +4A*.8/0<4 =4=;04+, >,?>8C83348 +,>04@ 2A- <<42,. 3.3. I . 5 0 CPReleaseContext !": CPReleaseContext $" !": o/=4A1?680/- 2A- 62,A83*- 28/+>*=04>, +>*=04=>4<,@28>,, /4?2,33454 CPAcquireContext. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPReleaseContext ( HCRYPTPROV hProv , DWORD dwFlags ); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. dwFlags - J,>,780> *7880 36A8<48 ?3,.83*8: )-*+, -" , -": 0/60/0<6P0. )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 NTE_BAD_FLAGS J,>,780> dwFlags *7880 3836A8<48 ?3,.83*8. $%&'()*+&(. J4/A8 0454, +,+ k0, B63+D*- :;A, <;?<,3,, 28/+>*=04> hProv /0,34<*0/- 3828@/0<*08A13;7. q8//*433;8 +AP.* * 4:€8+0; B63+D** EkC*>4<,3*-, /4?2,33;8 / */=4A1?4<,3*87 28/+>*=04>, hProv, >,?>6C,P0/-. DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 10 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 11. 3.4. I . 5 0 CPSetProvParam !": CPSetProvParam $" !": o/=4A1?680/- 2A- 6/0,34<A83*- =,>,780>4< +>*=04=>4<,@28>,. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPSetProvParam ( HCRYPTPROV hProv , DWORD dwParam , BYTE * pbData , DWORD dwFlags); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. dwParam - ?3,.83*8 ,>567830, 4=>828A-80 0*= ?,=>4/,. R 3,/04-H88 <>87- 4=>828A83; /A826PH*8 ?3,.83*- dwParam. A. e2. 2 dwParam + 2 v 2 / l2 pbData r/0,3,<A*<,80 28/+>*=04> :8?4=,/34/0* >,?28A, >88/0>, PP_KEYSET_SEC_DESCR Windows, 528 E>,3-0/- +AP.* =4A1?4<,08A-. u3,.83*8 28/+>*=04>, =8>82,~0/- < pbData. r/0,3,<A*<,80 *2830*B*+,04> ,A54>*07, B63+D** PP_HASHOID E8C*>4<,3*-. PP_CIPHEROID r/0,3,<A*<,80 *2830*B*+,04> ,A54>*07, C*B>4<,3*-. PP_SIGNATUREOID r/0,3,<A*<,80 *2830*B*+,04> ,A54>*07, =42=*/*. r/0,3,<A*<,80 *2830*B*+,04> ,A54>*07, F*BB*- PP_DHOID }8AA7,3,. u,2,~0 =,>4A1 (PIN) 2A- 24/06=, + +AP.6 AT_KEYEXCHANGE, < =>40*<347 /A6.,8 43 PP_KEYEXCHANGE_PIN ?,=>,C*<,80/- 6 =4A1?4<,08A- =4/>82/0<47 UI (8/A* 38 :;A 6/0,34<A83 BA,5 CRYPT_SILENT, /7. CPAcquireContext()). u,2,~0 =,>4A1 (PIN) 2A- 24/06=, + +AP.6 AT_SIGNATURE, < =>40*<347 /A6.,8 43 ?,=>,C*<,80/- PP_SIGNATURE_PIN 6 =4A1?4<,08A- =4/>82/0<47 UI (8/A* 38 :;A 6/0,34<A83 BA,5 CRYPT_SILENT, /7. CPAcquireContext ()). o3*D*>680 24:,<A83*8 + Fq• +4308+/0, +>*=04=>4<,@28>, hProv ?3,.83*- / B*?*.8/+454 *A* +A,<*,06>3454 Fq•. R /A6.,8, 8/A* < 2,334@ /*/0878 =4228>9*<,80/- 04A1+4 :*4A45*.8/+*@ Fq•, 04 <;2,~0/- UI 2A- <<42, /4:;0*@ 7;C* */*A* +A,<*,06>; (8/A* 38 :;A 6/0,34<A83 BA,5 CRYPT_SILENT, /7. CPAcquireContext ()). PP_USE_HARDWARE_RNG :;.34, =>* 40/6/0<** < /*/0878 B*?*.8/+454 Fq•, 2,33;8 / +A,<*,06>3454 (+A,<*,06>,, 7;C1) Fq• 24:,<A-P0/- < 4:-?,08A1347 =4>-2+8 + +4308+/06 +>*=04=>4<,@28>, (< +4308@38> +AP.8<4@ *3B4>7,D**) 04A1+4 =>* /4?2,3** =4/04-33;E +AP.8@ AT_KEYEXCHANGE *A* AT_SIGNAUTURE B63+D*8@ DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 11 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 12. CPGenKey (). J4A6.,80 *? pbData +AP.8<4@ :A4: 0*=, CRYPT_SIMPLEBLOB 2A- 6/0,34<+* =>45>,773454 PP_RANDOM Fq• 6>4<3- -2>, q. q7. 4=*/,3*8 =,>,780>, PP_RANDOM B63+D** CPGetProvParam (). FA- */=4A1?4<,3*- < -2>8 q. r/0,3,<A*<,80 ?3,.83*8 =4/A823854 ,>567830, B63+D** mutex_init (6+,?,08A1 3, PP_MUTEX_ARG 4:>,:40.*+ =>8>;<,3*-) 2A- </8E mutex, */=4A1?687;E =>* >,:408 CSP. c040 =,>,780> 24A983 :;01 6/0,34<A83 24 =8><454 <;?4<, CPAcquireContext (). pbData - •6B8> 2,33;E =,>,780>,. c040 :6B8> =>* 4:>,H83** + B63+D** 24A983 /428>9,01 2,33;8, +404>;8 /440<80/0<6P0 0*=6 =,>,780>,, =478H~33476 < dwParam. V4>7,0 2,33;E ?,<*/*0 40 0*=, =,>,780>,. dwFlags - u3,.83*- BA,54<. o/=4A1?6P0/- /A826PH*8 ?3,.83*- BA,54<:: A. e2. 2 dwFlags 7 . 2 VA,5 6/0,3,<A*<,80/-,8/A* dwParam 6/0,34<A83 < 28/+>*=04> :8?4=,/34/0* >,?28A, >88/0>, PP_KEYSET_SEC_DESCR,/428>9,H854 +AP.8<4@ +4308@38>. r+,?,08A1 3, 28/+>*=04> :8?4=,/34/0* =8>82,~0/- < ,>5678308 pbData, 854 2A*3, =8>82,~0/- < ,>5678308 pcbData. o/=4A1?6P0/- /A826PH*8 :*04<;8 BA,5*: • OWNER_SECURITY_INFORMATION - r+,?;<,80 *2830*B*+,04> <A,28A1D, 4:€8+0,. SECURITY_INFORMATION • GROUP_SECURITY_INFORMATION - r+,?;<,80 *2830*B*+,04> =8><*.3;@ 5>6==; 4:€8+0,. • DACL_SECURITY_INFORMATION - r+,?;<,80 *2830*B*+,04> 2*/+>8D*433454 ACL 4:€8+0,. • SACL_SECURITY_INFORMATION - r+,?;<,80 *2830*B*+,04> /*/0873454 ACL 4:€8+0,. )-*+, -" , -": 0/60/0<6P0. )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 FA*3, *2830*B*+,04>, 5A,<3454 +AP., NTE_BAD_DATA =4A1?4<,08A- =>8<;C,80 7,+/*7,A134 DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 12 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 13. 24=6/0*76P. NTE_BAD_FLAGS R8A*.*3, dwFlags *7880 3836A8<48 ?3,.83*8. NTE_BAD_TYPE dwParam 4=>828A-80 38*?<8/03;@ =,>,780>. NTE_KEYSET_ENTRY_BAD ),>6C83*8 D8A4/034/0* +AP.8@ < ur. C*:+, =>* /.*0;<,3** 2,33;E *? /*/0873454 NTE_FAIL >88/0>,. J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87 SCARD_W_CANCELLED_BY_USER +A,<*C* Cancel J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A* SCARD_W_WRONG_CHV =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam, 38=>,<*A13;@ J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0, *A* =,>4A1, 6/0,34<A833;@ B63+D*8@ SCARD_E_INVALID_CHV SetProvParam(), *7880 38=>,<*A13;@ B4>7,0. ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36 *A* /428>9*0 3824=6/0*7;8 /*7<4A;. R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@, SCARD_W_CHV_BLOCKED 0.+. */.8>=,A4/1 +4A*.8/0<4 =4=;04+ >,?>8C83348 +,>04@ 2A- <<42,. )824/0,04.34 78/0, 3, 34/*08A8 2A- /4E>,383*- NTE_TOKEN_KEYSET_STORAGE_FULL *3B4>7,D**. $%&'()*+&(. J4/A8 0454, +,+ k0, B63+D*- :;A, <;?<,3,, 28/+>*=04> hProv /0,34<*0/- 3828@/0<*08A13;7. q8//*433;8 +AP.* * 4:€8+0; B63+D** EkC*>4<,3*-, /4?2,33;8 / */=4A1?4<,3*87 28/+>*=04>, hProv, >,?>6C,P0/-. 3.5. I . 5 0 CPDeriveKey !": CPDeriveKey $" !": o/=4A1?680/- 2A- /4?2,3*- +>*=045>,B*.8/+*E +AP.8@ /8//** 3, 4/34<8 ?3,.83*- EkC-B63+D**, <;.*/A8334@ =4 2>65*7 +AP.,7, =,>4A-7 *A* AP:;7 2>65*7 2,33;7 =4A1?4<,08A-. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPDeriveKey ( HCRYPTPROV hProv , ALG_ID AlgId , HCRYPTHASH hBaseData , DWORD dwFlags , HCRYPTKEY * phKey ); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. AlgId - o2830*B*+,04> ,A54>*07, C*B>4<,3*-, 2A- +404>454 24A983 :;01 =>4*?<8283 +AP.. A. e2. 2 AlgId 7 . 2 DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 13 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 14. WAP. C*B>4<,3*- 2,33;E. „A54>*07 C*B>4<,3*- * >,?78> +AP., =>82<,>*08A134 4=>828A-P0/- B63+D*8@ CPSetKeyParam. o3*D*,A*?*>6PH*@ CALG_SCHANNEL_ENC_KEY <8+04> (IV) 4:;.34 6/0,3,<A*<,80/- CPSetKeyParam (/ KP_IV). FA- SSL 2 2,33;@ +AP. */=4A1?680/- +,+ {„q-+AP.. …838>*>680/- {„q-+AP.. „A54>*07 5838>,D** CALG_SCHANNEL_MAC_KEY +AP., =>82<,>*08A134 4=>828A-P0/- B63+D*8@ CPSetKeyParam WAP. *7*04?,H*0; 3, 4/34<8 4:€8+0, CALG_TLS1_MAC_KEY TLS1_MASTER_HASH. hBaseData - F8/+>*=04> 4:€8+0, B63+D** EkC*>4<,3*-, */=4A1?687;@ 2A- 4:>,:40+* <E423;E 2,33;E. dwFlags - VA,5* 4=>828A-P0 =>*?3,+* =>4*?<42*7454 +AP., /8//**. R 3,/04-H88 <>87- 4=>828A83; /A826PH*8 ?3,.83*- BA,54<: A. e2. 2 dwFlags 7 . 2 f/A* BA,5 6/0,34<A83, 04 =>4*?<82~33;@ +AP. 74980 :;01 =8>82,3 *? +>*=04=>4<,@28>, < +AP.8<4@ :A4: .8>8? B63+D*P CPExportKey (). f/A* BA,5 38 6/0,34<A83, +AP. 38 CRYPT_EXPORTABLE :6280 k+/=4>0*>687;7 * :6280 24/06=83 04A1+4 < =>828A,E 08+6H8@ /8//** =>*A4983*P, +404>48 /4?2,A4 k040 +AP.. F8@/0<*8 k0454 BA,5, 38 >,/=>4/0>,3-P0/- 3, 40+>;0;@ +AP. +AP.8<4@ =,>;. f/A* =>* >,:408 / TLS BA,5 6/0,34<A83, 04 /4?2,80/- +AP. CRYPT_SERVER C*B>4<,3*- /8><8>,, 8/A* 38 6/0,34<A83 - /4?2,80/- +AP. C*B>4<,3*- +A*830,. )-*+, -" , -": phKey - „2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> =>4*?<82~33454 +AP.,. . )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 J,>,780> AlgId 4=>828A-80 ,A54>*07, +404>;@ 38 NTE_BAD_ALGID =4228>9*<,80/- +>*=04=>4<,@28>47. NTE_BAD_FLAGS R8A*.*3, dwFlags *7880 4C*:4.348 ?3,.83*8. NTE_NO_MEMORY W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A =,7-01. NTE_FAIL C*:+, =>* /.*0;<,3** 2,33;E *? /*/0873454 >88/0>,. GPE_CORRUPT_KEYCONTEXT ),>6C83*8 D8A4/034/0* +AP.8@ DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 14 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 15. $%&'()*+&(. f/A* 3, <E42 =42,80/- B*+/*>4<,33;@ 3,:4> 2,33;E, 04 B63+D*- /4?2,80 42*3 * 040 98 +AP.. R k047 /A6.,8 /4?2,<,87;@ +AP. 74934 */=4A1?4<,01 04A1+4 2A- C*B>4<,3*- 2,33;E *A* k+/=4>0, +AP.8@ 3, +AP.8<;8 34/*08A*. o/=4A1?4<,01 854 2A- C*B>4<,3*- 2,33;E *A* k+/=4>0, +AP.8@, =478H,87;E 3, 2*/+ *A* =8>82,<,87;E =4 +,3,A6 /<-?*, 38 >8+47832680/-. . 3.6. I . 5 0 CPDestroyKey !": CPDestroyKey $" !": o/=4A1?680/- 2A- 62,A83*- +AP.8@, =8>82,<,87;@ .8>8? =,>,780> hKey. J4/A8 62,A83*- +AP. (28/+>*=04> +AP.,) 38 74980 */=4A1?4<,01/-. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPDestroyKey ( HCRYPTPROV hProv, HCRYPTKEY hKey ); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. hKey - F8/+>*=04> 62,A-87454 +AP.,. )-*+, -" , -": 0/60/0<6P0. )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 NTE_BAD_TYPE t*= ,A54>*07, hKey 4C*:4.83. 3.7. I . 5 0 CPDuplicateKey !": CPDuplicateKey $" !": o/=4A1?680/- 2A- /4?2,3*- +4=** ?,2,33454 +AP.,, <+AP.,- </8 854 =8>87833;8, 4=>828A-PH*8 <360>83388 /4/04-3*8 +AP., (3,=>*78>, <8+04> IV). %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPDuplicateKey ( HCRYPTPROV hProv , HCRYPTKEY hKey , DWORD * pdwReserved , DWORD dwFlags , HCRYPTKEY * phKey ); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. hKey - F8/+>*=04> */E423454 (+4=*>687454) +AP.,. pdwReserved - J,>,780> ?,>8?8><*>4<,3 2A- :626H854 */=4A1?4<,3*- * 24A983 :;01 NULL. dwFlags - J,>,780> ?,>8?8><*>4<,3 2A- :626H854 */=4A1?4<,3*- * 24A983 :;01 0. DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 15 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 16. )-*+, -" , -": phKey - „2>8/, =4 +404>476 B63+D*- <4?<>,H,80 28/+>*=04> /+4=*>4<,33454 +AP.,. )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 NTE_BAD_KEY WAP.8<4@ +4308@38> 38 :;A 40+>;0 *, <4?74934, 38 /6H8/0<680. 3.8. I . 5 0 CPExportKey !": CPExportKey $" !": o/=4A1?680/- 2A- k+/=4>0, +>*=045>,B*.8/+*E +AP.8@ *? +AP.8<454 +4308@38>, +>*=04=>4<,@28>,, /4E>,3-- *E < ?,H*H~3347 <*28. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPExportKey ( HCRYPTPROV hProv , HCRYPTKEY hKey , HCRYPTKEY hExpKey , DWORD dwBlobType , DWORD dwFlags , BYTE * pbData , DWORD * pdwDataLen ); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. hKey - F8/+>*=04> k+/=4>0*>687454 +AP.,. hExpKey - F8/+>*=04> +AP.,, 3, +404>47 4/6H8/0<A-80/- +>*=045>,B*.8/+,- ?,H*0, k+/=4>0*>687454 +AP.,. c04 24A983 :;01 +AP., 4:H*@ / =4A6.,08A87 +4>>8/=43283D**. u,C*B>4<,33;8 2,33;8 +AP., =478H,P0/- < +AP.8<4@ :A4:, =>823,?3,.833;@ 2A- <38C3854 E>,383*- * =8>82,.* =4 +,3,A,7 /<-?*. „A54>*07; B63+D** k+/=4>0, +AP.8@ 5,>,30*>6P0, .04 04A1+4 =4A1?4<,08A1 =>823,?3,.83*- /74980 */=4A1?4<,01 k040 +AP.8<4@ :A4:. FA- ?,H*0; +AP., */=4A1?680/- ,A54>*07, 6+,?,33;@ =>* /4?2,3** +AP., k+/=4>0,. f/A* +AP.8<4@ :A4: 38 24A983 :;01 ?,C*B>4<,3 (3,=>*78>, 0*= +AP.8<454 :A4:, - PUBLICKEYBLOB), k040 =,>,780> 24A983 :;01 36A8<4@. dwBlobType - t*= +AP.8<454 :A4:,, =>823,?3,.833454 2A- k+/=4>0, +AP.,. R 3,/04-H88 <>87- 4=>828A83; 0>* 0*=, +AP.8<;E :A4:4<: 9 ; -31 . 2 o/=4A1?680/- 2A- 0>,3/=4>0*>4<+* +AP., /8//**. pbData SIMPLEBLOB 6+,?;<,80 3, /0>6+06>6 CRYPT_SIMPLEBLOB. o/=4A1?680/- 2A- 0>,3/=4>0*>4<+* 40+>;0;E +AP.8@. pbData PUBLICKEYBLOB 6+,?;<,80 3, /0>6+06>6 CRYPT_PUBLICKEYBLOB. o/=4A1?680/- 2A- 0>,3/=4>0*>4<+* +AP.8<;E =,> (/8+>803;E PRIVATEKEYBLOB +AP.8@). pbData 6+,?;<,80 3, /0>6+06>6 CRYPT_PRIVATEKEYBLOB. DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 16 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 17. dwFlags - u3,.83*- BA,54<. J,>,780> ?,>8?8><*>4<,3 2A- :626H854 */=4A1?4<,3*- * 24A983 :;01 0. pbData - •6B8> 2,33;E, +62, B63+D*- +4=*>680 +AP.8<4@ :A4:. pdwDataLen - „2>8/ 2A*3; +AP.8<454 :A4:,. J>* <;?4<8 B63+D** 6+,?,33;@ =,>,780> /428>9*0 .*/A4 :,@04< < :6B8>8 pbData. )-*+, -" , -": pdwDataLen - „2>8/ 2A*3; +AP.8<454 :A4:,. J4/A8 <;=4A383*- B63+D** =,>,780> :6280 6/0,34<A83 .*/A47 :,@04< 2,33;E, /+4=*>4<,33;E < :6B8> pbData. f/A* :6B8>, /440<80/0<6PH*@ pbData, 3824/0,04.34 :4A1C4@, :6280 <4?<>,H83 +42 4C*:+* ERROR_MORE_DATA .8>8? B63+D*P SetLastError(). R k047 /A6.,8 0>8:687;@ >,?78> :6B8>, <4?<>,H,80/- < pdwDataLen. f/A* k0, B63+D*- ?,<8>C,80/- / +4247 4C*:+*, 40A*.3;7 40 ERROR_MORE_DATA, < k047 =,>,780>8 <4?<>,H,80/- 34A1. )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 •6B8> pbData 3824/0,04.34 :4A1C4@, .04:; +4=*>4<,01 ERROR_MORE_DATA ?,0>8:4<,33;8 2,33;8. NTE_BAD_FLAGS R8A*.*3, dwFlags *7880 3836A8<48 ?3,.83*8. 2*3 *A* 4:, *? +AP.8@, 6+,?,33;E hKey * hExpKey, 38 NTE_BAD_KEY 28@/0<*08A13;. J4=;0+, k+/=4>0, +AP.,, +452, =>,<4 k+/=4>0, +>*=04=>4<,@28>47 38 =>824/0,<A834; =4=;0+, k+/=4>0, NTE_BAD_KEY_STATE 3, +AP.8, 2A- +404>454 >,?>8C83*8 k+/=4>0*>4<,01 38 6/0,34<A834. NTE_BAD_TYPE dwBlobType =,>,780> 4=>828A-80 38*?<8/03;@ 0*= :A4:,. NTE_NO_MEMORY W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A =,7-01. NTE_FAIL C*:+, =>* /.*0;<,3** 2,33;E *? /*/0873454 >88/0>,. GPE_CORRUPT_KEYCONTEXT ),>6C83*8 D8A4/034/0* +AP.8@. 3.9. I . 5 0 CPGenKey !": CPGenKey $" !": o/=4A1?680/- 2A- 5838>,D** /A6.,@3;E +>*=045>,B*.8/+*E +AP.8@ *A* =,>3;E (/8+>803;@/40+>;0;@) +AP.8@. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPGenKey ( HCRYPTPROV hProv , ALG_ID AlgId , DWORD dwFlags , HCRYPTKEY * phKey ); )*+, -" , -": DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 17 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 18. hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. AlgId - o2830*B*+,04> ,A54>*07, C*B>4<,3*- *A* c|J, 2A- +404>454 24A983 :;01 =>4*?<8283 +AP.. {4560 :;01 =>4*?<8283; +AP.* /A826PH*E +A,//4<: • <>87833;8 /*7780>*.3;8 +AP.* (/8//*43;8 +AP.*); • <>87833;8 (kB878>3;8) +AP.8<;8 =,>; ,A54>*074< F*BB*-}8AA7,3,; • 24A54<>87833;8 +AP.8<;8 =,>;, /4E>,3-87;8 < +AP.8<47 +4308@38>8. R4?7493;8 /8//*433;8 +AP.*: A. e2. 2 AlgId WAP. C*B>4<,3*- */*A* *704?,H*0; 2,33;E =4 =*/,3*8 …qt 28147-89. R =4/A82/0<** k040 +AP. 74934 CALG_G28147 =4780*01 +,+ +AP. 2A- *7=4>0,/k+/=4>0, / =474H1P B63+D** CPSetKeyParam (). CALG_TLS1_MASTER q=8D*,A13;@ +AP. 2A- >8,A*?,D** =>404+4A, TLS. • R4?7493;8 kB878>3;8 +AP.* F*BB*-}8AA7,3,: AlgId 7 . 2 cB878>3,- +AP.8<,- =,>, 3, :,?8 …qt ‚ 34.10-94. CALG_DH_EX_EPHEM J>823,?3,.83, 2A- 4:783, /8//*433;7* +AP.,7*. cB878>3,- +AP.8<,- =,>, 3, :,?8 …qt ‚ 34.10-2001. CALG_DH_EL_EPHEM J>823,?3,.83, 2A- 4:783, /8//*433;7* +AP.,7*. • R4?7493;8 24A54<>87833;8 +AP.8<;8 =,>;: AlgId 7 . 2 J>4*?<42*0/- +AP.8<,- =,>,, /4E>,3-87,- < +AP.8<47 +4308@38>8. J>823,?3,.83, 2A- 4:783, /8//*433;7* AT_KEYEXCHANGE +AP.,7* * c|J. R +,.8/0<8 ,A54>*07, +AP.8<4@ =,>; <;:*>,80/- ,A54>*07 =4 674A.,3*P 2A- hProv, =,>,780> PP_DHOID CPGetProvParam (). J>4*?<42*0/- +AP.8<,- =,>, /45A,/34 …qt ‚ 34.10-94, CALG_DH_EX_SF /4E>,3-87,- < +AP.8<47 +4308@38>8. J>823,?3,.83, 2A- 4:783, /8//*433;7* +AP.,7* * c|J. J>4*?<42*0/- +AP.8<,- =,>, /45A,/34 …qt ‚ 34.10- 2001, /4E>,3-87,- < +AP.8<47 +4308@38>8. CALG_DH_EL_SF J>823,?3,.83, 2A- 4:783, /8//*433;7* +AP.,7* * c|J. J>4*?<42*0/- +AP.8<,- =,>,, /4E>,3-87,- < +AP.8<47 AT_SIGNATURE +4308@38>8. J>823,?3,.83, 2A- c|J. R +,.8/0<8 ,A54>*07, +AP.8<4@ =,>; <;:*>,80/- ,A54>*07 =4 DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 18 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 19. 674A.,3*P 2A- hProv, =,>,780> PP_SIGNATUREOID B63+D** CPGetProvParam (). J>4*?<42*0/- +AP.8<,- =,>, /45A,/34 …qt ‚ 34.10-94, CALG_GR3410 /4E>,3-87,- < +AP.8<47 +4308@38>8. J>823,?3,.83, 2A- c|J. J>4*?<42*0/- +AP.8<,- =,>, /45A,/34 …qt ‚ 34.10- CALG_GR3410EL 2001, /4E>,3-87,- < +AP.8<47 +4308@38>8. J>823,?3,.83, 2A- c|J. dwFlags - VA,5* 4=>828A-P0 =>*?3,+* =>4*?<42*7454 +AP.,. ‚,?78>; +AP.8@ =42=*/* * +AP.8@ 4:783, 74560 :;01 6/0,34<A83; =>* <;>,:40+8 +AP.,. ‚,?78> +AP., 6/0,3,<A*<,80/- < /0,>C*E 16 :*0,E =,>,780>, dwFlags, k0* 16 :*0 =>82/0,<A-P0 >,?78> 7426A- < :*0,E. R 2,334@ <8>/** +>*=04=>4<,@28>, >,?78> 7426A- +AP., >,<83 1024. R 3,/04-H88 <>87- 4=>828A833; /A826PH*8 BA,5*: A. e2. 2 dwFlags 7 . 2 f/A* k040 BA,5 6/0,34<A83, 04 =>4*?<82~33;@ +AP. 74980 :;01 =8>82,3 *? +>*=04=>4<,@28>, < +AP.8<4@ :A4: .8>8? B63+D*P CPExportKey (). f/A* k040 BA,5 38 6/0,34<A83, +AP. 38 :6280 k+/=4>0*>687;7 * :6280 CRYPT_EXPORTABLE 24/06=83 04A1+4 < =>828A,E 08+6H8@ /8//** =>*A4983*P, +404>48 /4?2,A4 k040 +AP.. F8@/0<*8 k0454 BA,5, 38 >,/=>4/0>,3-P0/- 3, 40+>;0;8 +AP.* +AP.8<;E =,>;. f/A* k040 BA,5 6/0,34<A83, 04 =>* AP:47 ?,=>4/8 3, 24/06= + 34/*08AP /8+>803454 +AP., =4A1?4<,08A- CRYPT_USER_PROTECTED <;<42*0/- 4+34 2*,A45,, ?,=>,C*<,PH854 =>,<4 24/06=, + +AP.6. f/A* k040 BA,5 6/0,34<A83, 04 5838>*>680/- "=6/0,-" +AP.8<,- =,>, 4:783,. J,>,780>; k04@ +AP.8<4@ =,>; CRYPT_PREGEN 24A93; :;01 6/0,34<A83; / */=4A1?4<,3*87 B63+D** CPSetKeyParam (). )-*+, -" , -": phKey - „2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> /B4>7*>4<,33454 +AP., (+AP.8<4@ =,>; 40+>;0;@//8+>803;@ +AP.*). )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 NTE_BAD_ALGID J,>,780> AlgId 4=>828A-80 ,A54>*07, 38 DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 19 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 20. =4228>9*<,87;@ +>*=04=>4<,@28>47. NTE_BAD_FLAGS R8A*.*3, dwFlags *7880 4C*:4.348 ?3,.83*8. W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A NTE_NO_MEMORY =,7-01. C*:+, =>* /.*0;<,3** 2,33;E *? /*/0873454 NTE_FAIL >88/0>,. GPE_CORRUPT_KEYCONTEXT ),>6C83*8 D8A4/034/0* +AP.8@. J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87 SCARD_W_CANCELLED_BY_USER +A,<*C* Cancel J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A* SCARD_W_WRONG_CHV =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam(), 38=>,<*A13;@ J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0, *A* =,>4A1, 6/0,34<A833;@ B63+D*8@ SCARD_E_INVALID_CHV SetProvParam(), *7880 38=>,<*A13;@ B4>7,0. ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36 *A* /428>9*0 3824=6/0*7;8 /*7<4A;. R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@, SCARD_W_CHV_BLOCKED 0.+. */.8>=,A4/1 +4A*.8/0<4 =4=;04+ >,?>8C83348 +,>04@ 2A- <<42,. )824/0,04.34 78/0, 3, 34/*08A8 2A- /4E>,383*- NTE_TOKEN_KEYSET_STORAGE_FULL *3B4>7,D** 3.10. I . 5 0 CPGenRandom !": CPGenRandom $" !": o/=4A1?680/- 2A- ?,=4A383*- :6B8>, /A6.,@3;7* :,@0,7*.. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPGenRandom ( HCRYPTPROV hProv , DWORD dwLen , BYTE * pbBuffer ); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. dwLen - •*/A4 :,@04< /A6.,@3;E 2,33;E, +404>;8 :6260 =>4*?<8283;. )-*+, -" , -": pbBuffer - •6B8>, +62, +4=*>6P0/- /A6.,@3;8 2,33;8. FA*3, k0454 :6B8>, < :,@0,E =8>82,~0/- =,>,780>47 dwLen. )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 20 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 21. ? 1 k 2 ,2 1. e2. 0 7 . 2 )8624<A80<4>*08A13,- /0,0*/0*+, 2,0.*+, /A6.,@3;E .*/8A, +430>4A*>687,- =>* 40+>;0** +4308@38>,. c0, 4C*:+, NTE_FAIL 34/*0 <8>4-034/03;@ E,>,+08>. FA- +4>>8+034 >,:40,PH8@ RPE_FAIL_STATBUFFER =>45>,77; <8>4-034/01 <4?3*+34<83*- 4C*:+* 38 =>8<;C,80 10^(-16). )8624<A80<4>*08A13,- =4/04-334 28@/0<6PH,- /0,0*/0*+, NTE_FAIL 2,0.*+, /A6.,@3;E .*/8A. c0, 4C*:+, 34/*0 <8>4-034/03;@ RPE_FAIL_TESTBUFFER E,>,+08>. FA- +4>>8+034 >,:40,PH8@ =>45>,77; <8>4-034/01 <4?3*+34<83*- 4C*:+* 38 =>8<;C,80 10^(-16). NTE_KEYSET_ENTRY_BAD F,33;8 38<8>34 /.*0,3; *? /*/0873454 >88/0>,. $%&'()*+&(. V63+D*- CPGenRandom () =4A6.,80 /A6.,@3;8 .*/A, / =>45>,773454 Fq• +4308+/0, +>*=04=>4<,@28>, hProv, +404>;@ *3*D*,A*?*>680/- =>* <;=4A383** B63+D** CPAcquireContext() c 3,+4=A833454 < +4308@38>8 +AP.8<454 34/*08A- /4/04-3*- Fq• * 6/0,34<A833;E < /*/0878 B*?*.8/+*E Fq•. R /A6.,8, 8/A* +4308+/0 +>*=04=>4<,@28>, 40+>;0 < >89*78 CRYPT_VERIFYCONTEXT * < /*/0878 38 6/0,34<A834 B*?*.8/+*E Fq•, =>45>,773;@ Fq• *3*D*,A*?*>680/- / 3,+,=A*<,87454 < >88/0>8 4:H8/*/0873454 /4/04-3*- Fq•. 3.11. I . 5 0 CPGetKeyParam !": CPGetKeyParam $" !": R4?<>,H,80 =,>,780>; +AP.,. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPGetKeyParam ( HCRYPTPROV hProv , HCRYPTKEY hKey , DWORD dwParam , BYTE * pbData , DWORD * pdwDataLen , DWORD dwFlags ); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. hKey - F8/+>*=04> +AP.,, =,>,780>; +404>454 6/0,3,<A*<,P0/-. dwParam - J,>,780>, =>*3*7,PH*@ /A826PH*8 <4?7493;8 ?3,.83*-: A. e2. 2 dwParam + 2 v 2 / l2 pbData o2830*B*+,04> ,A54>*07, (ALG_ID), /440<80/0<6PH*@ KP_ALGID 2,33476 +AP.6. VA,5* >,?>8C83*- */=4A1?4<,3*- +AP.,. u,2,80/- <8A*.*34@ KP_PERMISSIONS DWORD. ),.,A13;@ <8+04> *3*D*,A*?,D** (IV *A* /*3E>4=4/;A+,) KP_IV ,A54>*07, C*B>4<,3*-. ‚89*7 ,A54>*07, C*B>4<,3*-. u,2,80/- <8A*.*34@ DWORD. KP_MODE o/=4A1?6P0/- >89*7; C*B>4<,3*-: DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 21 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 22. CRYPT_MODE_ECB - …qt 28147-89 >89*7 =>4/04@ ?,783;; • CRYPT_MODE_OFB - …qt 28147-89 >89*7 5,77*>4<,3*-; • CRYPT_MODE_CFB - …qt 28147-89 >89*7 5,77*>4<,3*- / 4:>,034@ /<-?1P. • CRYPT_MODE_CBC - :A4.3;@ C*B> / 4:>,034@ /<-?1P 3, :,?8 …qt 28147-89; …A6:*3, 4:>,034@ /<-?*. u,2,80/- <8A*.*34@ DWORD. J4 674A.,3*P ?3,.83*8 k04@ <8A*.*3; >,<34 64, .04 KP_MODE_BITS /440<80/0<680 >89*76 5,77*>4<,3*- / 4:>,034@ /<-?1P …qt 28147-89. F4=4A3*08A13;@ =,>,780> +AP.,. r/0,3,<A*<,80 >89*7 KP_MIXMODE =>84:>,?4<,3*87 +AP., =4/A8 ?,C*B>4<,3*- +,92;E 1024 :,@0 *3B4>7,D**. FA*3, +AP., < :*0,E. u,2,80/- <8A*.*34@ DWORD, KP_KEYLEN 6+,?;<,PH8@ .*/A4 :*0 < +AP.8. o2830*B*+,04> 6?A, ?,783;, 6/0,3,<A*<,87454 =>*A4983*87. KP_CIPHEROID q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D, /0>4+*. o2830*B*+,04> ,A54>*07, F*BB*-}8AA7,3,. q0>4+4<,- KP_DHOID <8A*.*3, / =>*?3,+47 +43D, /0>4+*. o2830*B*+,04> ,A54>*07, =42=*/*. q0>4+4<,- <8A*.*3, / KP_SIGNATUREOID =>*?3,+47 +43D, /0>4+*. o2830*B*+,04> B63+D** E8C*>4<,3*-, 6/0,3,<A*<,874@ KP_HASHOID =>*A4983*87. q0>4+4<,- <8A*.*3, / =>*?3,+47 +43D, /0>4+*. KP_Y 0+>;0;@ +AP. +AP.8<4@ =,>;. dwFlags - J,>,780> *7880 36A8<48 ?3,.83*8: pdwDataLen - „2>8/ 2A*3; 2,33;E =,>,780>,. J>* <;?4<8 B63+D** 6+,?,33;@ =,>,780> /428>9*0 .*/A4 :,@04< < :6B8>8 pbData. )-*+, -" , -": pbData - •6B8> 2,33;E =,>,780>,. V63+D*- +4=*>680 /440<80/0<6PH*8 =,>,780>6 2,33;8 < :6B8>. V4>7,0 k0*E 2,33;E ?,<*/*0 40 ?3,.83*- dwParam. f/A* =,>,780> - NULL, 04 2,33;8 38 +4=*>6P0/-. t>8:687;@ >,?78> :6B8>, < :,@0,E <4?<>,H,80/- < pdwDataLen. pdwDataLen - „2>8/ 2A*3; 2,33;E =,>,780>,. J4/A8 <;=4A383*- B63+D** =,>,780> :6280 6/0,34<A83 .*/A47 :,@04< 2,33;E =,>,780>,, /+4=*>4<,33;E < :6B8> pbData. f/A* :6B8>, /440<80/0<6PH*@ pbData, 3824/0,04.34 <8A*+, .04:; < 3854 +4=*>4<,01 ?,=>4C833;8 2,33;8, .8>8? B63+D*P GetLastError() :6280 <4?<>,H83 +42 4C*:+* ERROR_MORE_DATA. R k047 /A6.,8 0>8:687;@ >,?78> :6B8>, <4?<>,H,80/- < pdwDataLen. f/A* k0, B63+D*- DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 22 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 23. ?,<8>C,80/- / +4247 4C*:+*, 40A*.3;7 40 ERROR_MORE_DATA, < k047 =,>,780>8 <4?<>,H,80/- 34A1. )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 7 . 2 1. e2. 0 ‚,?78> :6B8>, pbData 3824/0,04.83 2A- +4=*>4<,3*- ERROR_MORE_DATA ?,0>8:4<,33;E 2,33;E. NTE_BAD_FLAGS J,>,780> dwFlags *7880 3836A8<48 ?3,.83*8. NTE_BAD_TYPE J,>,780> dwParam =8>82,~0 38*?<8/0348 ?3,.83*8 =,>,780>,. J4=;0+, .083*- +AP.8<;E =,>,780>4<, +452, =>,<4 .083*- NTE_PERM +>*=04=>4<,@28>47 38 =>82/0,<A834. $%&'()*+&(. J4/A8 0454, +,+ k0, B63+D*- :;A, <;?<,3,, 28/+>*=04> hProv /0,34<*0/- 3828@/0<*08A13;7. q8//*433;8 +AP.* * 4:€8+0; B63+D** EkC*>4<,3*-, /4?2,33;8 / */=4A1?4<,3*87 28/+>*=04>, hProv, >,?>6C,P0/-. 3.12. I . 5 0 CPGetUserKey !": CPGetUserKey $" !": <4?<>,H,80 28/+>*=04> 4234@ *? =4/04-33;E +AP.8<;E =,> < +AP.8<47 +4308@38>8. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPGetUserKey ( HCRYPTPROV hProv , +D dwKeySpec , HCRYPTKEY * phUserKey); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. dwKeySpec - q=8D*B*+,D*- <4?<>,H,87454 +AP.,. qA826PH*8 0*=; AP.8<;E =,> * +AP.8@ 4=>828A83; < 3,/04-H88 <>87-: A. e2. 2 7 . 2 AT_KEYEXCHANGE WAP.8<,- =,>, 4:783, AT_SIGNATURE WAP.8<,- =,>, D*B>4<4@ =42=*/* dwFlags - J,>,780> *7880 36A8<48 ?3,.83*8: )-*+, -" , -": phUserKey - „2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> +AP.,. )+ 3 4 "5+" $" !": DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 23 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 24. J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 WAP., 6+,?,33;@ dwKeySpec =,>,780>47, 38 NTE_NO_KEY /6H8/0<680. NTE_BAD_TYPE u3,.83*8 =,>,780>, dwKeySpec 38*?<8/034. J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87 +A,<*C* SCARD_W_CANCELLED_BY_USER Cancel J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A* =,>4A1, SCARD_W_WRONG_CHV 6/0,34<A833;@ B63+D*8@ SetProvParam(), 38=>,<*A13;@ J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0, *A* =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam(), SCARD_E_INVALID_CHV *7880 38=>,<*A13;@ B4>7,0. ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36 *A* /428>9*0 3824=6/0*7;8 /*7<4A;. R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@, 0.+. SCARD_W_CHV_BLOCKED */.8>=,A4/1 +4A*.8/0<4 =4=;04+, >,?>8C83348 +,>04@ 2A- <<42,. 3.13. I . 5 0 CPImportKey !": CPImportKey $" !": o/=4A1?680/- 2A- *7=4>0, +>*=045>,B*.8/+454 +AP., *? +AP.8<454 :A4:, < +4308@38> +>*=04=>4<,@28>,. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPImportKey ( HCRYPTPROV hProv , BYTE * pbData , DWORD dwDataLen , HCRYPTKEY hImpKey , DWORD dwFlags , HCRYPTKEY * phKey ); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. pbData - •6B8>, /428>9,H*@ +AP.8<4@ :A4:, =>4*?<82833;@ / *c=4A1?4<,3*87 B63+D** CPExportKey () 2,33;7 *A* 2>65*7 +>*=04=>4<,@28>47, B63+D*43*>6PH*7 3, 62,A83347 +47=1P08>8. dwDataLen - FA*3, +AP.8<454 :A4:, < :,@0,E. hImpKey - F8/+>*=04> +AP.,, 3, +404>47 4/6H8/0<A-80/- /3-0*8 +>*=045>,B*.8/+4@ ?,H*0; *7=4>0*>687454 +AP.,. u3,.83*8 k0454 =,>,780>, 24A934 /440<80/0<4<,01 ?3,.83*P hExpKey, 4=>828A~33476 2A- B63+D** CPExportKey () =>* /4?2,3** +AP.8<454 :A4:,. f/A* +AP.8<4@ :A4: ?,C*B>4<,3 3, /8//*43347 +AP.8, k040 =,>,780> 24A983 /428>9,01 28/+>*=04> 3, /8//*433;@ +AP.. f/A* +AP.8<4@ :A4: 38 ?,C*B>4<,3 DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 24 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 25. (3,=>*78>, PUBLICKEYBLOB), 04 k040 =,>,780> 38 */=4A1?680/- * 24A983 :;01 >,<83 36AP. dwFlags - u3,.83*8 BA,5,. c040 =,>,780> < 3,/04-H88 <>87- */=4A1?680/- 04A1+4, +452, +AP.8<,- =,>, (/8+>803;@/40+>;0;@ +AP.*) *7=4>0*>680/- < +>*=04=>4<,@28> (< B4>78 PRIVATEKEYBLOB). R k047 /A6.,8, 8/A* *7=4>0*>687;@ +AP. 24A983 ?,34<4 k+/=4>0*>4<,01/-, < k040 =,>,780> 24A983 :;01 =478H83 BA,5 CRYPT_EXPORTABLE. f/A* k040 BA,5 38 */=4A1?680/-, <;?4<; + CryptExportKey / 28/+>*=04>47 +AP., :6260 08>=801 3862,.6. )-*+, -" , -": phKey - „2>8/, =4 +404>476 B63+D*- +4=*>680 28/+>*=04> *7=4>0*>4<,33454 +AP.,. )+ 3 4 "5+" $" !": J>* 6/=8C347 ?,<8>C83** B63+D*- <4?<>,H,80 TRUE. R =>40*<347 /A6.,8 – FALSE. q440<80/0<6PH*@ +42 4C*:+* (/7. 0,:A*D6) 74980 :;01 =4A6.83 .8>8? B63+D*P GetLastError. ? 1 k 2 ,2 1. e2. 0 7 . 2 )8 =>4C~A +430>4A1 D8A4/034/0* NTE_BAD_DATA *7=4>0*>687454 +AP.8<454 :A4:,. J,>,780> dwFlags /428>9*0 4C*:4.36P NTE_BAD_FLAGS <8A*.*36. 2*3 *A* 4:, *? +AP.8@, 6+,?,33;E hKey * NTE_BAD_KEY hImpKey, 38 28@/0<*08A13;. t*= +AP.8<454 :A4:, 38 =4228>9*<,80/- k0*7 NTE_BAD_TYPE +>*=04=>4<,@28>47 *, <4?74934, 4C*:4.83. J4=;0+, *7=4>0, +AP.,, +452, =>,<4 *7=4>0, NTE_PERM +>*=04=>4<,@28>47 38 =>824/0,<A834. W>*=04=>4<,@28> <4 <>87- 4=8>,D** */.8>=,A NTE_NO_MEMORY =,7-01. NTE_FAIL ),>6C83*8 D8A4/034/0* +AP.8@ < ur. GPE_CORRUPT_KEYCONTEXT ),>6C83*8 D8A4/034/0* +AP.8@. J4A1?4<,08A1 =>8><,A 4=8>,D*P 3,9,0*87 SCARD_W_CANCELLED_BY_USER +A,<*C* Cancel J4A1?4<,08A1 <<8A 38=>,<*A13;@ =,>4A1 *A* SCARD_W_WRONG_CHV =,>4A1, 6/0,34<A833;@ B63+D*8@ SetProvParam(), 38=>,<*A13;@ J4A1?4<,08A1 <<8A =,>4A1 / 3,>6C83*87 B4>7,0, *A* =,>4A1, 6/0,34<A833;@ B63+D*8@ SCARD_E_INVALID_CHV SetProvParam(), *7880 38=>,<*A13;@ B4>7,0. ),=>*78>, =,>4A1 *7880 3824=6/0*76P 2A*36 *A* /428>9*0 3824=6/0*7;8 /*7<4A;. R<42 Pin-+42, :;A ?,:A4+*>4<,3 /7,>0-+,>04@, SCARD_W_CHV_BLOCKED 0.+. */.8>=,A4/1 +4A*.8/0<4 =4=;04+, DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 25 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 26. >,?>8C83348 +,>04@ 2A- <<42,. )824/0,04.34 78/0, 3, 34/*08A8 2A- /4E>,383*- NTE_TOKEN_KEYSET_STORAGE_FULL *3B4>7,D** $%&'()*+&(. :;.34 2A- /45A,/4<,3*- (k+/=4>0,/*7=4>0,) /8//*433454 +AP., =>*783-P0 ,A54>*07 F*BB*-}8AA7,3,. R k047 /A6.,8 +AP. =,>34@ /<-?* (+AP. k+/=4>0,/*7=4>0, /8//*433454 +AP.,) =4>492,80/- 4=8>,D*8@ *7=4>0, 40+>;0454 +AP., =4A6.,08A- (40=>,<*08A-) 3, +AP.8<4@ =,>8 40=>,<*08A- (=4A6.,08A-). 3.14. I . 5 0 CPSetKeyParam !": CPSetKeyParam $" !": r/0,3,<A*<,80 =,>,780>; +AP.,. %! & '(!(: #include <Wincrypt.h> BOOL WINAPI CPSetKeyParam ( HCRYPTPROV hProv , HCRYPTKEY hKey , DWORD dwParam , BYTE * pbData , DWORD dwFlags ); )*+, -" , -": hProv - 28/+>*=04> +>*=04=>4<,@28>,. J4A6.,80/- .8>8? ?,=>4/ B63+D** CPAcquireContext. hKey - F8/+>*=04> +AP.,, =,>,780>; +404>454 6/0,3,<A*<,P0/-. dwParam - J,>,780>, =>*3*7,PH*@ /A826PH*8 <4?7493;8 ?3,.83*-: A. e2. 2 dwParam + 2 v 2 / l2 pbData o2830*B*+,04> ,A54>*07, +AP., (ALG_ID), /440<80/0<6PH*@ 2,33476 +AP.6. J8>82,~0/- B63+D** .8>8? :6B8> pbData. R4?7494 6/0,34<*01 ?3,.83*8 CALG_G28147 2A- +AP.8@ +A,//, ALG_CLASS_DATA_ENCRYPT (/8//*433;E +AP.8@). ALG_ID 7 . 2 WAP. C*B>4<,3*- */*A* *704?,H*0; 2,33;E =4 …qt 28147-89. R =4/A82/0<** k040 CALG_G28147 +AP. 74934 =4780*01 +,+ +AP. KP_ALGID 2A- *7=4>0,/k+/=4>0, / =474H1P B63+D** CPSetKeyParam (). WAP. k+/=4>0,/*7=4>0, +AP.8@ 0*=, CALG_G28147 2A- CALG_PRO_EXPORT E>,383*- 3, 2*/+8 *A* =8>82,.* =4 +,3,A6 /<-?*. WAP. k+/=4>0,/*7=4>0, +AP.8@ 0*=, CALG_G28147 =4 …qt CALG_SIMPLE_EXPORT 28147-89 < >89*78 =>4/04@ ?,783; 2A- E>,383*- 3, DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 26 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .
  • 27. +AP.8<47 34/*08A8. o/=4A1?4<,3*8 CALG_SIMPLE_EXPORT 2A- +AP.8@ CALG_G28147, =8>82,3;E < +,3,A8 /<-?*, <4?74934 04A1+4 < /A6.,8 4:8/=8.83*- /0>454@ 4234+>,034/0* 4=8>,D** *7=4>0, +AP., =>*3*7,PH8@ /04>434@ * 5,>,30*>4<,34@ /A6.,@34/0* =4A6.83*- +AP., =8>82,PH8@ /04>434@. )824=6/0*74 */=4A1?4<,3*8 CALG_SIMPLE_EXPORT 2A- k+/=4>0,/*7=4>0, +AP.8@ / D8A1P E>,383*- *E 2*/+8. WAP. 2A- >8,A*?,D** =>404+4A, CALG_TLS1_MASTER TLS. WAP. 2A- >8,A*?,D** =>404+4A, CALG_TLS1_MAC_KEY TLS. WAP. 2A- >8,A*?,D** =>404+4A, CALG_TLS1_ENC_KEY TLS. ),.,A13;@ <8+04> (IV). J4/A824<,08A134/01 :,@04<, KP_IV /428>9,H,- IV, =8>82,~0/- B63+D** .8>8? :6B8> pbData. q=4/4: 24=4A383*-. R8A*.*3, DWORD, /428>9,H,- 78042 24=4A383*-, */=4A1?687;@ C*B>47 +AP.,, =8>82,~0/- KP_PADDING B63+D** .8>8? :6B8> pbData. R 3,/04-H88 <>87- 4=>828A83 /A826PH*@ /=4/4: 24=4A383*: • PKCS5_PADDING - PKCS 5 ‚89*7 C*B>,. u,2,80/- <8A*.*34@ DWORD. J8>82,~0/- B63+D** .8>8? :6B8> pbData. R /A826PH87 /=*/+8 =>*<8283; >89*7; C*B>4<,3*-, 4=>828A~33;8 < 3,/04-H88 <>87-: • CRYPT_MODE_ECB - …qt 28147-89 >89*7 =>4/04@ KP_MODE ?,783;; • CRYPT_MODE_OFB - …qt 28147-89 >89*7 5,77*>4<,3*-; • CRYPT_MODE_CFB - …qt 28147-89 >89*7 5,77*>4<,3*- / 4:>,034@ /<-?1P. • CRYPT_MODE_CBC - :A4.3;@ C*B> / 4:>,034@ /<-?1P; …A6:*3, 4:>,034@ /<-?*. u,2,80/- <8A*.*34@ DWORD. J4 KP_MODE_BITS 674A.,3*P ?3,.83*8 k04@ <8A*.*3; >,<34 64, .04 DSSSCT File : DCSP_pg1.doc Ref : DCSPPG0010 Revision:1.0 Page: 27 Copyright © Dekart S.R.L (www.dekart.com ) – 2005 This document shall not be disclosed to a third party without prior written consent of Dekart S.R.L. )*+,+,- .,/01 2,33454 24+67830, 38 74980 :;01 <4/=>4*?<8283, < +,+4@ :; 04 3* :;A4 B4>78 * +,+*7* :; 04 3* :;A4 />82/0<,7* :8? =*/17833454 >,?>8C83*- <A,28A1D, ,<04>/+*E =>,<. + ,- . . - /01 2-3. .