ISCardISO7816::ExternalAuthenticate method
[The ExternalAuthenticate method is available for use in the operating systems specified in the Requirements section. It is not available for use in Windows Server 2003 with Service Pack 1 (SP1) and later, Windows Vista, Windows Server 2008, and subsequent versions of the operating system. The Smart Card Modules provide similar functionality.]
The ExternalAuthenticate method constructs an application protocol data unit (APDU) command that conditionally updates security status, verifying the identity of the computer when the smart card does not trust it.
The command uses the result (yes or no) of the computation by the card (based on a challenge previously issued by the card, for example, by the INS_GET_CHALLENGE command), a key (possibly secret) stored in the card, and authentication data transmitted by the interface device.
Syntax
HRESULT ExternalAuthenticate(
[in] BYTE byAlgorithmRef,
[in] BYTE bySecretRef,
[in] LPBYTEBUFFER pChallenge,
[in, out] LPSCARDCMD *ppCmd
);
Parameters
-
byAlgorithmRef [in]
-
The reference of the algorithm in the card.
If this value is zero, this indicates that no information is given. The reference of the algorithm is known either before issuing the command or is provided in the data field.
-
bySecretRef [in]
-
The reference of the secret.
Value Meaning - No Info
Bit position: 00000000
No information is given. The reference of the secret is known either before issuing the command or is provided in the data field.- Global ref
Bit position: 0-------
Global reference data (an MF specific key).- Specific ref
Bit position: 1-------
Specific reference data (a DF specific key).- RFU
Bit position: -xx-----
00 (other values are RFU).- Secret
Bit position: ---xxxxx
Number of the secret. -
pChallenge [in]
-
A pointer to the authentication-related data. This parameter may be NULL.
-
ppCmd [in, out]
-
On input, a pointer to an ISCardCmd interface object or NULL.
On return, it is filled with the APDU command constructed by this operation. If ppCmd was set to NULL, a smart card ISCardCmd object is internally created and returned by using the ppCmd pointer.
Return value
The method returns one of the following possible values.
| Return code | Description |
|---|---|
|
The operation completed successfully. |
|
A parameter that is not valid was passed. |
|
A bad pointer was passed in. |
|
Out of memory. |
Remarks
For the encapsulated command to be successful, the last challenge obtained from the card must be valid.
Unsuccessful comparisons may be recorded in the card (for example, to limit the number of further attempts of the use of the reference data).
For a list of all the methods provided by this interface, see ISCardISO7816.
In addition to the COM error codes listed above, this interface may return a smart card error code if a smart card function was called to complete the request. For more information, see Smart Card Return Values.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client |
Windows XP [desktop apps only] |
| Minimum supported server |
Windows Server 2003 [desktop apps only] |
| End of client support |
Windows XP |
| End of server support |
Windows Server 2003 |
| Header |
|
| Type library |
|
| DLL |
|
| IID |
IID_ISCardISO7816 is defined as 53B6AA68-3F56-11D0-916B-00AA00C18068 |
See also