Re: Writing a Smart Card Minidriver (on PKCS#11)

From: "Alexander" <ac2806@xxxxxxx>
Date: Tue, 31 Jul 2007 17:39:18 +0200

Hi Jan,

Thank you for the detailed description. This helps me a lot.

A smart card minidriver test suite is available from Microsoft. However,
it will still be useful to look at real life use case scenarios, to see
what is expected in practise from the minidriver; especially since you
will probably not be able to fully implement the minidriver
specification...

Do you know how to get this test suite? We have a MSDN subscripion, but I
didn't find it. Maybe there is also a sample project for a card mini driver,
I have read in an other thread.

Exactly. If your card has a PUK instead of a challenge response system
for allowing administrator authentication, you will not be able to
implement the challenge response scheme. This means you will have to
provide a card unblock tool separately, since you will not be able to use
the pintool.exe that comes with the Microsoft Base Smart Card CSP.

In the specification there is also the function CardUnblockPin defined. If
in "pbAuthenticationData" a pointer to a PUK is specified instead of the
response data of CardGetChallenge() as specified, this could probably work.
What do you think?

regards Alex

.

Follow-Ups:
- Re: Writing a Smart Card Minidriver (on PKCS#11)
  - From: Jan Spooren

References:
- Writing a Smart Card Minidriver (on PKCS#11)
  - From: Alexander
- Re: Writing a Smart Card Minidriver (on PKCS#11)
  - From: Jan Spooren
- Re: Writing a Smart Card Minidriver (on PKCS#11)
  - From: Alexander
- Re: Writing a Smart Card Minidriver (on PKCS#11)
  - From: Jan Spooren

Prev by Date: Re: Impersonating from a non admin user account
Next by Date: Re: CertEnroll - InstallResponse in .net
Previous by thread: Re: Writing a Smart Card Minidriver (on PKCS#11)
Next by thread: Re: Writing a Smart Card Minidriver (on PKCS#11)
Index(es):
- Date
- Thread

Relevant Pages

Re: Writing a Smart Card Minidriver (on PKCS#11)
... I tested now my minidriver with certutil -scinfo. ... CardWriteFile, updating the \cardcf file ... CardWriteFile to the mscp\cmapfile, creating a key container. ... CardQueryCapabilities is called to verify if the card can generate key ...
(microsoft.public.platformsdk.security)
Re: yellow SCRFILTER device for a smartcard (!) on Windows 7
... Microsoft provides a one or two minidriver which are special for some cards. ... card the customer will use. ... Meanwhile our driver passed the WHQL tests and got the Win7 logo. ... I'm about to WHQL-test our driver for smartcard readers on Windows ...
(microsoft.public.development.device.drivers)
Re: Writing a Smart Card Minidriver (on PKCS#11)
... that directly sends APDUs to the smart card using the smart card API, ... smart card minidriver will have to emulate one. ... it would be useful to debug a minidriver. ...
(microsoft.public.platformsdk.security)
Re: Handling of key container in smart card module + SecurityEnvironmentID
... in my chip specification for creating key container. ... One of the things you have to do when writing a minidriver is to map the ... pair onto the card, or to instruct the card to generate a key pair. ... the idea is to get a new key pair onto the card (in case of an RSA ...
(microsoft.public.platformsdk.security)
Re: Writing a Smart Card Minidriver (on PKCS#11)
... what is expected in practise from the minidriver; ... Maybe there is also a sample project for a card mini ... the pintool.exe that comes with the Microsoft Base Smart Card CSP. ... card, however, none of the standard tools (such as the card unblock in the ...
(microsoft.public.platformsdk.security)