4.3 WFS_CMD_PIN_DERIVE_KEY

Description A key is derived from input data using a key generating key and an initialization vector. The input data can be expanded with a fill-character to the necessary length (mandated by the encryption algorithm being used). The derived key is imported into the encryption module and is used for encryption or decryption operations.

Input Param LPWFSPINDERIVE lpDerive;

typedef struct _wfs_pin_derive
{
WORD wDerivationAlgorithm;
LPSTR lpsKey;
LPSTR lpsKeyGenKey;
LPSTR lpsStartValueKey;
LPWFSXDATA lpxStartValue;
BYTE bPadding;
LPWFSXDATA lpxInputData;
LPWFSXDATA lpxIdent;
} WFSPINDERIVE, * LPWFSPINDERIVE;

wDerivationAlgorithm
Specifies the algorithm that is used for derivation. Possible values are:
(see command WFS_INF_PIN_CAPABILITIES)

lpsKey
Specifies the name where the derived key will be stored.

lpsKeyGenKey
Specifies the name of the key generating key that is used for the derivation.

lpsStartValueKey
Specifies the name of the stored key used to decrypt the lpxStartValue to obtain the Initialization Vector. If this parameter is NULL, lpxStartValue is used as the Initialization Vector.

lpxStartValue
DES initialization vector for the encryption step within the derivation.

bPadding
Specifies the padding character for the encryption step within the derivation.

lpxInputData
Pointer to the data to be used for key derivation.

lpxIdent
Specifies the key owner identification. The use of this parameter is vendor dependent.

Output Param None.

Error Codes The following additional error codes can be generated by this command:

Value Meaning

WFS_ERR_PIN_KEYNOTFOUND The specified key was not found.

WFS_ERR_PIN_KEYNOVALUE The specified key is not loaded.

WFS_ERR_PIN_USEVIOLATION The specified use is not supported by this key.

WFS_ERR_PIN_MODENOTSUPPORTED The specified algorithm is not supported.

WFS_ERR_PIN_ACCESSDENIED The encryption module is either not initialized (or not ready for some vendor specific reason).

WFS_ERR_PIN_INVALIDID The ID passed was not valid.

WFS_ERR_PIN_DUPLICATEKEY A key exists with that name and cannot be overwritten.

WFS_ERR_PIN_INVALIDKEYLENGTH The length of lpxStartValue is not supported.

Events The following additional events can be generated by this command:

Value Meaning

WFS_SRVE_PIN_ILLEGAL_KEY_ACCESS An error occured accessing an encryption key.

Comments None.