Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

smart card minidriver CardAcquireContext not being called by MS BaseCSP

421 views
Skip to first unread message

Randy

unread,
Sep 7, 2008, 7:31:52 PM9/7/08
to
I'm new to the minidriver world and it has been tough to get things
started, there isn't a lot of information out there. My first hurdle
was
the fact that windows carries a default Base CSP that is not smart
card
enabled, and I finally found out through a document from
Gemalto.lol. Now I have a feeling I'm having another silly issue and
was wondering if you guys could point out what it is that I'm
missing.
My minidriver is loaded properly by winlogon (I see in log file), I
see Process
attach correctly but then no call to CardAcquireContext. I
then used certutil -scinfo and I get a popup window saying insert
smart card, when I view details it says: "The card is available for
use.
However, the card is not the one being requested, and cannot be
used for the current operation." There is also a red sign next to
the
smart card icon in the window. But CardAcquireContext doesn't
get called either. When I close it says CryptAcquirecontext was
exited by the user.

Any thoughts, is my system missing something silly? The function
is properly exported. I don't get it, certutil led me to believe
that
something is missing...

Thanks in advance for any help.

-Randy

Afshin Pir

unread,
Sep 8, 2008, 12:32:01 AM9/8/08
to
Hi
I think there are only 2 mistakes which can cause such a problem(never
happened such an error for me,It was easy to reach CPAcquireContext):
1-You haven't specified Provider type correctly for smart card in registry.
2-You haven't exported CPAcquireContext with extern "C"(or specifing def file)

Regards

Randy

unread,
Sep 8, 2008, 12:50:27 PM9/8/08
to
Thanks for the quick reply Afshin Pir, I really appreciate your input.

I have extern "C" __declspec(dllexport) in front of the function
prototype in the cardmod.h (I do the same in other dll's I've done).
I also checked the registry declaration for my "XTest Card" entry and
I have:
--------------------------
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards
\XTec PIV-II Card]
"ATR"=hex:blahblahblah (actual atr is there)
"ATRMask"=hex:blahblah (actual mask is there)
"80000001"="xtest.dll"
"Crypto Provider"="Microsoft Base Smart Card Crypto Provider"
--------------------------

When I call certutil -scinfo I get:
--------------------------
402.203.0: 0x80070057 (WIN32: 87): ..CertCli Version
The Microsoft Smart Card Resource Manager is running.
Current reader/card status:
Readers: 1
0: SCM Microsystems Inc. SCR331-DI Smart Card Reader 0
--- Reader: SCM Microsystems Inc. SCR331-DI Smart Card Reader 0
--- Status: SCARD_STATE_PRESENT | SCARD_STATE_UNPOWERED
--- Status: The card is available for use.
--- Card: XTest Card

=======================================================
Analyzing card in reader: SCM Microsystems Inc. SCR331-DI Smart Card
Reader 0
SCM Microsystems Inc. SCR331-DI Smart Card Reader 0:
Microsoft Base Smart Card Crypto Provider:
CryptAcquireContext: The action was cancelled by the user. 0x8010006e
(-2146434962)
317.973.0: 0x8010006e (-2146434962)
317.1046.0: 0x8010006e (-2146434962)
317.1100.0: 0x8010006e (-2146434962)

Done.
CertUtil: -SCInfo command FAILED: 0x8010006e (-2146434962)
CertUtil: The action was cancelled by the user.
301.3128.0: 0x8010006e (-2146434962)
--------------------------

The certutil command line holds on line "Analyzing card in reader"
while the popup
is displayed showing me the reader with a wrong way traffic sign on
it, then
on the right I have two text boxes one says Smart card inserted: XTest
Card, the
other says Smart card status: "The card is available for use. However,


the card is
not the one being requested, and cannot be used for the current
operation."

-Is there a way to make sure that the correct Base CSP is being
called, if there is
what do I use to test it?

-If you specify the wrong Crypto Provider in your registry, is this
what you get?

Am I missing something in the system, I finished installing the
Windows-KB909520-v1.000-x86-ENU.exe
which installs the proper Microsoft Base Smart Card Cryptographic
Service Provider.

Thanks for the help.

Regards,
-Randy

Randy

unread,
Sep 11, 2008, 10:46:50 AM9/11/08
to
You were dead on.

After a lot of trial and error, I began to wonder if the function was
properly exported. I've done many dll's before but this time around I
had to use the function prototype for CardAcquireContext already
defined in cardmod.h. I simply put:
extern "C" __declspec(dllexport) in front. I didn't for one second
questioned it. I wrote a quick app to call the dll
and load CardAcquireContext and it wouldn't work until I removed
WINAPI from the function, which is simply a __stdcall calling
convention, but so it's __declspec(dllexport) so there was a
conflict. It is working now :-).

Quick question: what does it mean when CardReadFile is being called
with NULL Dir and also a NULL FileName. I know from the specs NULL
Dir is the root Dir, but what about the NULL pszFileName?

Thanks for any help.

-Randy

0 new messages