Re: Custom CSP debugging

From: vincent godin (godin.v_at_gmail.com)
Date: 10/14/05 

Date: Fri, 14 Oct 2005 09:28:10 +0200

Hello Vivek,

Just wondering, are you sure you need to debug you CSP in Winlogon context ?
It's generally not required. To be able to test your CSP you effectively need to run Windows in debug mode (or patch the advapi32 as described). Once it is done crypt32.dll will be able to load your CSP.dll. This should be enough to test it : install you CSP.dll (as described in MS docs) and test it using a test software you build. You will be able to set breakpoints and run into your CSP code step by step.

On the other hand if you really need to debug your CSP function in winlogon context, I suggest you build a simple notification package to launch Visual Studio (or windbg if you don't have Visual tools). Remember to start your debugging application on si.lpDesktop = _T("winsta0\\Winlogon");
I can give you some code if needed.

        Vincent.

>
>>Hi,
>>Thanks for your reply,.. I think my post was not very clear in
>>describing the whole arrangement properly. This is exactly what I have
>>been doing,..
>>
>>I have two machines : The Remote and the Test machine.
>>
>>>>From my Remote machine I start a Kernel debug session on the Test
>>machine using WinDbg via the serial modem,.. CSP dll gets loaded and
>>the signing process is disabled,.. Now I need to test the CSP dll on my
>>test machine (winXP),.. Here I run another instance of WinDbg and
>>attach it to the winlogon process.
>>For the symbols path I point it to the folder where the pdb is located
>>for the CSP dll,..
>>
>>What else do I need to do here? Are you suggesting that I run another
>>instance of the Kernel Debugger in the Test machine?
>>
>>Regarding the 2nd Option, I copied the patch (I think provided by you
>>only,..) for WinXP-SP2, but I was unable to replace the advapi32.Dll
>>from the system folder,..
>>
>>Please guide me here, totally lost,..
>>-
>>
>>

Relevant Pages

  • Debugging a CSP dll
    ... I'm currently developing a CSP for a HSM. ... My problem is that my CSP dll loads; ... I'd prefer not to use kernel debugging as I ...
    (microsoft.public.platformsdk.security)
  • Re: Cant write sertificate for UserLogon on my SC CSP
    ... If this is windows server 2003 CA, have you added your CSP to the list on ... > My mind what problem in registry CSP - but i not saw difference between my> CSP and Schlumberger Cryptographic Service Provider. ... > and test any resource in this CSP dll. ... > Who know what Enroll ActiveX check in SC CSP.dll. ...
    (microsoft.public.platformsdk.security)
  • Re: 3rd pary software interferes with the cryptographic services
    ... I have submitted a request to our lab for a test machine. ... i will install the csp and update you my test result asap. ...
    (microsoft.public.platformsdk.security)
  • Getting CSP Load Error 8009001D
    ... I am attempting to use a custom un-signed CSP. ... instructions elsewhere in this group for loading/using an un-signed ... The test machine has a kernel debugger attached and I get past ... out why the 8009001D dll load error is occuring. ...
    (microsoft.public.platformsdk.security)
  • Re: smart card and signing email => pin dialog => csp??
    ... CSP uses to handle _session_ credentials, so default behaviour will display the PIN dialog only once; likely your CSP asks your PIN for each signature because it knows about non repudiation of that key and thus enforce PIN verification for each access to the key. ... the alternative is just to ask your provider for a tailored dialog, or if you are lucky and use a CSP whose UI resources and not included in the CSP DLL, you can just create your own resources DLL. ...
    (microsoft.public.platformsdk.security)