CardGetChallenge Function

The CardGetChallenge function, defined by a smart card module, authenticates a user with a challenge and response.

Syntax

DWORD WINAPI CardGetChallenge(
  __in   PCARD_DATA pCardData,
  __out  PBYTE *ppbChallengeData,
  __out  PDWORD pcbChallengeData
);

Parameters

pCardData [in]
A pointer to a CARD_DATA structure received from a call to the CardAcquireContext function.
ppbChallengeData [out]
A pointer to a PBYTE value that receives the challenge data from the smart card.
pcbChallengeData [out]
A pointer to a DWORD value that specifies the size, in bytes, of the challenge data contained in the ppbChallengeData parameter.

Return Value

If the function succeeds, the function returns zero.

If the function fails, it returns a nonzero value.

Remarks

The smart card creates challenge data by using its administrative key and places this data in the ppbChallengeData parameter. The caller then computes the response to the challenge by using shared knowledge of that key and submits the response to the card by calling the CardAuthenticateChallenge function. If the response is correct, the user is authenticated.

This authentication technique is normally used for privileged operations such as unblocking a user's PIN. To help avoid possible spoofing of identity, card module implementations should require that identical challenge and response values are not used more than once.

If the next call to the smart card module is not a call to the CardAuthenticateChallenge function that uses the challenge data received in the ppbChallengeData buffer, this function should discard that data.

Requirements

Minimum supported client	Windows XP, Windows 2000 Professional with SP4
Minimum supported server	Windows Server 2003, Windows 2000 Server with SP4
Header	Cardmod.h

Share via