4.12 WFS_CMD_PIN_INITIALIZATION

Description The encryption module must be initialized before any encryption function can be used. Every initialization destroys all keys that have been loaded or imported. Usually this command is called by an operator task and not by the application program.

Initialization also involves loading “initial” application keys and local vendor dependent keys. These can be supplied, for example, by an operator through a keyboard, a local configuration file or possibly by means of some secure hardware that can be attached to the device. The application “initial” keys would normally get updated by the application during a WFS_EXEC_PIN_IMPORT command as soon as possible. Local vendor dependent static keys (e.g. storage, firmware and offset keys) would normally be transparent to the application and by definition can not be dynamically changed.

Where initial keys are not available immediately when this command is issued (i.e. when operator intervention is required), the Service Provider returns WFS_ERR_PIN_ACCESS_DENIED and the application must await the WFS_SRVE_PIN_INITIALIZED event.

During initialization an optional encrypted ID key can be stored in the HW module. The ID key and the corresponding encryption key can be passed as parameters; if not, they are generated automatically by the encryption module. The encrypted ID is returned to the application and serves as authorization for the key import function. The WFS_INF_PIN_CAPABILITIES command indicates whether or not the device will support this feature.

Input Param LPWFSPININIT lpInit;

typedef struct _wfs_pin_init
{
LPWFSXDATA lpxIdent;
LPWFSXDATA lpxKey;
} WFSPININIT, * LPWFSPININIT;

lpxIdent
Pointer to the value of the ID key. Null if not required.

lpxKey
Pointer to the value of the encryption key. Null if not required.

Output Param LPWFSXDATA lpxIdentification;

lpxIdentification
Pointer to the value of the ID key encrypted by the encryption key. Can be used as authorization for the WFS_CMD_PIN_IMPORT_KEY command, can be NULL if no authorization required.

Error Codes The following additional error codes can be generated by this command:

Value Meaning

WFS_ERR_PIN_ACCESSDENIED The encryption module is either not initialized (or not ready for some vendor specific reason).

WFS_ERR_PIN_INVALIDID The ID passed was not valid.

Events The following additional events can be generated by this command:

Value Meaning

WFS_SRVE_PIN_ILLEGAL_KEY_ACCESS An error occured accessing an encryption key.

WFS_SRVE_PIN_INITIALIZED The encryption module is now initialized.

Comments None.