--- trunk/OpenPGPminidriver/CardKeyContainer.c	2010/03/04 21:50:46	7
+++ trunk/OpenPGPminidriver/CardKeyContainer.c	2010/03/11 20:32:26	8
@@ -39,6 +39,7 @@
 )
 {
 	DWORD dwReturn = 0;	
+	POPENPGP_CONTEXT pContext = NULL;
 	Trace(WINEVENT_LEVEL_VERBOSE, L"Enter bContainerIndex=%d",bContainerIndex);
 	__try
 	{
@@ -60,6 +61,7 @@
 			dwReturn  = SCARD_E_UNSUPPORTED_FEATURE;
 			__leave; 
 		}
+		// controls are done in CardCreateContainerEx
 		dwReturn = CardCreateContainerEx(pCardData, 
 								bContainerIndex,
 								dwFlags,
@@ -97,6 +99,7 @@
 )
 {
 	DWORD dwReturn = 0;	
+	POPENPGP_CONTEXT pContext = NULL;
 	Trace(WINEVENT_LEVEL_VERBOSE, L"Enter bContainerIndex=%d",bContainerIndex);
 	__try
 	{
@@ -129,11 +132,18 @@
 		{
 			__leave;
 		}
-		if ((dwFlags & CARD_CREATE_CONTAINER_KEY_GEN) == CARD_CREATE_CONTAINER_KEY_GEN )
+		pContext = (POPENPGP_CONTEXT) pCardData->pvVendorSpecific;
+		if (pContext->fIsReadOnly)
 		{
-			dwReturn = SCardCreateKey(pCardData, bContainerIndex, dwKeySize);
+			dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
+			Trace(WINEVENT_LEVEL_ERROR, L"Readonly card");
+			__leave;
+		}
+		if (dwFlags == CARD_CREATE_CONTAINER_KEY_GEN)
+		{
+			dwReturn = OCardCreateKey(pCardData, bContainerIndex, dwKeySize);
 		}
-		else if ((dwFlags & CARD_CREATE_CONTAINER_KEY_IMPORT ) == CARD_CREATE_CONTAINER_KEY_IMPORT  )
+		else if (dwFlags == CARD_CREATE_CONTAINER_KEY_IMPORT)
 		{
 			if (pbKeyData == NULL)
 			{
@@ -141,7 +151,7 @@
 				dwReturn  = SCARD_E_INVALID_PARAMETER;
 				__leave;
 			}
-			dwReturn = SCardImportKey(pCardData, bContainerIndex, pbKeyData, dwKeySize);
+			dwReturn = OCardImportKey(pCardData, bContainerIndex, pbKeyData, dwKeySize);
 		}
 		else
 		{
@@ -181,7 +191,7 @@
     __inout PCONTAINER_INFO  pContainerInfo
 )
 {
-	DWORD dwReturn = 0;	
+	DWORD dwReturn = 0, dwVersion;	
 	Trace(WINEVENT_LEVEL_VERBOSE, L"Enter bContainerIndex=%d",bContainerIndex);
 	__try
 	{
@@ -197,6 +207,13 @@
 			dwReturn  = SCARD_E_INVALID_PARAMETER;
 			__leave;
 		}
+		dwVersion = (pContainerInfo->dwVersion == 0) ? 1 : pContainerInfo->dwVersion;
+		if ( dwVersion != CONTAINER_INFO_CURRENT_VERSION )
+		{
+			Trace(WINEVENT_LEVEL_ERROR, L"dwVersion == %d", pContainerInfo->dwVersion);
+			dwReturn  = ERROR_REVISION_MISMATCH;
+			__leave;
+		}
 		if ( dwFlags )
 		{
 			Trace(WINEVENT_LEVEL_ERROR, L"dwFlags == %d", dwFlags);
@@ -222,11 +239,11 @@
 		{
 			case Signature:
 			case Authentication:
-				dwReturn = SCardReadPublicKey(pCardData, bContainerIndex, 
+				dwReturn = OCardReadPublicKey(pCardData, bContainerIndex, 
 					&(pContainerInfo->pbSigPublicKey),&(pContainerInfo->cbSigPublicKey));
 				break;
 			case Confidentiality:
-				dwReturn = SCardReadPublicKey(pCardData, bContainerIndex, 
+				dwReturn = OCardReadPublicKey(pCardData, bContainerIndex, 
 					&(pContainerInfo->pbKeyExPublicKey),&(pContainerInfo->cbKeyExPublicKey));
 				break;
 		}