Re: No release context in logon

---

• From: fehime <fehimet@xxxxxxxxx>
• Date: Wed, 30 Jan 2008 02:56:57 -0800 (PST)

---

On 29 Ocak, 18:33, lelteto <lelt...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

1. WHY can't you handle multiple (parallel) usage to your smart card? You
definitely should (must) allow multiple contexts open to the card at the same
time.

2. You didn't specify what context logon didn't release. Is it from
CryptAcquireContext or some hash or key context?

3. The logon process actually wants to keep the handle, because later it may
need to use the card again. So keeping the handle open is a perfectly
legitimate use of the crypto provider.

You should update your code to allow 1. (ie. multiple apps / processes /
threads simultaneously accessing the card).

Laszlo Elteto
SafeNet, Inc.

"fehime" wrote:

Hello,

I developed a custom CSP and use it for smart card logon on Win 2000
and XP.
On Win 2000 there is no problem, but in XP although logon is
successfull, the logon process does not release all the contexts that
it acquired. As the contexts aren't released, my smart card handle
hangs and no application can use the smart card unless it is removed.

Do you have any idea how I can handle this problem?

Thank you

Fehime

Hello,

1.I can't handle parallel usage to the smart card, because I use
winscard.lib and when I open a connection to the card and begin a
transaction (by SCardConnect and
SCardBegintransaction), only that handle can use the card until the
connection is closed. So how can I handle parallel usage in this case?

2. logon does not release the first two contexts that it acquires by
CryptAcquireContext. They are used for hashing, signing and getting
provider parameters.

Thanks again
.

---

• Follow-Ups:
  • Re: No release context in logon
    • From: lelteto

• References:
  • No release context in logon
    • From: fehime

• Prev by Date: RE: SEC_E_INTERNAL_ERROR
• Next by Date: Re: Using SSPI to encrypt UDP messages
• Previous by thread: No release context in logon
• Next by thread: Re: No release context in logon
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: No release context in logon ... definitely should allow multiple contexts open to the card at the same ... You didn't specify what context logon didn't release. ... connection is closed. ... (microsoft.public.platformsdk.security) Re: Please help with tenses ... someone who is not tied to one dialect area to stick to "got", ... both forms are used, but in different contexts. ... Generally speaking, North Americans, like all English speakers, use ... got my card?" ... (alt.usage.english) Re: LogOnUser with Smart Card Credentials ... from the Windows logon dialog and serves our application only). ... call LogonUser with the credentials provided in the dialog. ... The card needs to be present to verify the PIN and also to obtain a token. ... (microsoft.public.platformsdk.security) Re: LogOnUser with Smart Card Credentials ... from the Windows logon dialog and serves our application only). ... call LogonUser with the credentials provided in the dialog. ... The card needs to be present to verify the PIN and also to obtain a token. ... (microsoft.public.platformsdk.security) Re: Windows logon through smart card. ... A real PKINIT SC logon uses a private key on the card. ... architecture and to enable smart card logon we have to hook msgina. ... If its a certificate based logon then how ... (microsoft.public.platformsdk.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.platformsdk.security  > 2008-01