Re: Writing a Smart Card Minidriver (on PKCS#11)

---

• From: "Alexander" <ac2806@xxxxxxx>
• Date: Mon, 30 Jul 2007 12:40:31 +0200

---

Hi Jan
Thanks for your reply.

The intention why we want to set up the minidriver on the PKCS#11 is, that
our PKCS#11 supports a lot of different cards, but if the mapping is not
possible we have to implement more minidrivers for the different cards.

Do you maybe know, what commands are called when creating a keypair (key
container) and installing the certificate to this keypair?

Is there maybe a testapplication? I found the document "Smart Card
Minidriver Certification Requirements for Base CSP and KSP". There are the
command desribed in detail, but not which data are transfered. This will
maybe save a lot of time, because I will not have to debug all applications,
to see how they call the minidriver.

You wrote, that the challenge response authentication is is used in the
pintool.exe to unblock the card. In most cases the PINs are unblocked with a
PUK and not via challenge response. How can this challenge response
authentication which encrypts a challenge with a key (often DES) mapped to a
PUK. The application which encrypts the challenge must hold the key, do I
have to enter this key in the pintool.exe. In case of a DES key it will be a
least 8 bytes and nobody would remember this key. A PUK can not be used to
encrypt the challenge.

regards
Alexander


.

---

• Follow-Ups:
  • Re: Writing a Smart Card Minidriver (on PKCS#11)
    • From: Jan Spooren
  • Re: Writing a Smart Card Minidriver (on PKCS#11)
    • From: Stefan Engelbert

• References:
  • Writing a Smart Card Minidriver (on PKCS#11)
    • From: Alexander
  • Re: Writing a Smart Card Minidriver (on PKCS#11)
    • From: Jan Spooren

• Prev by Date: Re: Machine policy registry keys
• Next by Date: Re: Writing a Smart Card Minidriver (on PKCS#11)
• Previous by thread: Re: Writing a Smart Card Minidriver (on PKCS#11)
• Next by thread: Re: Writing a Smart Card Minidriver (on PKCS#11)
• Index(es):
  • Date
  • Thread

---

Relevant Pages Writing a Smart Card Minidriver (on PKCS#11) ... task to create a minidriver. ... We only want to use the cards for certificate ... When rolling out a certificate, ... How can I debug it? ... (microsoft.public.platformsdk.security) Re: Writing a Smart Card Minidriver (on PKCS#11) ... The intention why we want to set up the minidriver on the PKCS#11 is, that our PKCS#11 supports a lot of different cards, but if the mapping is not possible we have to implement more minidrivers for the different cards. ... (microsoft.public.platformsdk.security) Re: Pseudo random shuffle. ... > and you will both be assured of the same random sequence of cards. ... then decrypting the result with K1, ... and encrypts them all seperately using Ka. ... because in poker it is usual for folding players to discard their cards ... (sci.lang.japan)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.platformsdk.security  > 2007-07