Question about implementing smartcard WinLogOn and CRYPT_SILENT



Hi all,

I´m thinking about how to implement winlogon in a CSP using Windows XP and 2003 Server. Nowadays I´m reading the SmartCardCookBook documentation, there is an example of how would be the Windows XP interactive logon, it begins as follows:

Windows XP interactive logon

1. CryptAcquireContext
* Acquire a handle to the default container on the card
* The calling process specifies the CRYPT_MACHINE_KEYSET and CRYPT_SILENT flags
* Returns handle to default container context (#C1)


.... I have a question about this call:

If Windows uses CRYPT_SILENT in the context acquisition against CSP, ¿It means that Windows has it´s own "PIN requesting UI" and that PIN will be provided to CSP in a following call to the CryptSetProvParam function, in order to do any private key operation?

Another question is that I don´t know what I have to do in order to force Windows XP to enable SmartCard Logon. I have a smartcard properly registered in Windows, and associated to my CSP, but when I´m at the Windows XP login screen and insert the card, I cannot see any UI asking me for the PIN. ¿somebody knows if i need to enable any specific windows service/daemon?

I would appreciate any help.
Thanks in advance :-)
.



Relevant Pages

  • Re: Coredll patch Windows CE 4.21
    ... you first create a Windows CE project based on the ARM emulator. ... Debugging a CSP is similar to debugging ... windows ce images/apps using platform builder and arm emulator. ... > the platform builder and activating the flag "Enable Kernel Debugger" ...
    (microsoft.public.windowsce.platbuilder)
  • RE: Asking some project definitions in order to develop a "Smart C
    ... Yes, I think start with implementing a "Smart Card Module" is great, but Is ... I'm now trying to write an application using TPM on "windows XP", ... Similarly to CSP you can create your own ... Cryptoki library, ie. the CSP is just an API layer above that library. ...
    (microsoft.public.platformsdk.security)
  • Re: Coredll patch Windows CE 4.21
    ... The way you say to do the tests of our CSP in a Pocket PC device is using ... the platform builder and activating the flag "Enable Kernel Debugger" isn't ... Do I must to do a new Windows CE ...
    (microsoft.public.windowsce.platbuilder)
  • Re: Should we sign DLLs used by a CSP.
    ... dlls that you use. ... wouldn't be able to just write a strong crypto CSP and add it to Windows. ... API provided via one of the CPAcquireContextparameters. ...
    (microsoft.public.platformsdk.security)
  • Re: RSA/DSA crypto service provider - what component needed
    ... PRB: Err Msg: CSP for This Implementation Could Not Be Acquired ... MS Exchange Hosting: http://www.intermedia.net/exchangehosting Windows 2000 Web Hosting: http://www.intermedia.net/webhosting For a waiver of the set up fee use "IMFREE" code ... > Im trying to use .Net RSA/DSACryptoServiceProvider classes and during> object creation I got exception from: mscorlib "CryptoAPI cryptographic service provider for this implementation could not be acquired". ... > Are that components dependent of national versions of Windows or region? ...
    (microsoft.public.dotnet.framework.aspnet.security)