Current location - Quotes Website - Signature design - PCSC driver problem?
PCSC driver problem?

pcsc driver development

The following content is translated from foreign websites:

If you want to fully understand the pcsc protocol, you can download the protocol from the PC/SC Workgroup website Look. This website contains a lot of information on pcsc topics. You can also browse MSDN and find related documents. The DDK also contains some smartcard examples, leaving it to those who have the confidence and perseverance to write the pcsc driver. This It is not an easy task. The pcsc driver has its own internal structure (the pcsc driver will be connected to smclib). Many places are relatively obscure and difficult to understand. Non-driver veterans have to obtain information from various possible places. Of course, ddk is a good starting point for driver development.

I personally think it is not a good idea to move the pcsc protocol here. Here I will mainly talk about the understanding of pcsc to get readers started.

The pcsc driver in the example is not a full-featured pcsc driver that serves card readers and smart cards. As everyone knows, after the driver is installed, the system can recognize the pcsc card reader and the application can pass Microsoft's smartcard component to access smart cards. The popular usbkey (called usbtoken or usb dongle in foreign countries) is a security authentication device that integrates a card reader and a card. The upper-layer application uses the pcsc framework to call Microsoft's csp for digital signature, identity authentication and other functions. If you don't follow the pcsc architecture, the development of these functions can be said to be no easier than developing drivers.

The pcsc architecture has several levels:

ICC - integrated circuit cards; card

IFD - interface device (card reader);

< p>IFD handler - handler of interface device (simply speaking, driver);

Resource Manager - service, manages and controls all access by applications to smart cards in any card reader. For example, multiple applications can access the smart card at the same time When operating on a card, the Resource Manager will manage and queue the requests to ensure that the system and the device do not fight.

Service Providers - such as cryptographic (CSP) and noncryptographic (SCSP) service providers. This part is usually established based on smart card application services. What purpose the user's smart card can be used for is realized here. This part must be developed by the user.

The pcsc driver shields the device and other communication protocol matters, so that no matter whether your card reader is a serial port, parallel port, USB port, or how your communication protocol is defined. If users want to develop your smart card, they only need to call the pcsc function provided by Windows without worrying about the underlying implementation details. Divide device and application development into two independent modules. Both pieces are interfaced using the pcsc function of Windows. In this way, any device that complies with the pcsc protocol can be used for your use, and the software you develop can be applied to devices from many different manufacturers without any modifications.

If your pcsc driver meets certain conditions, then you can develop a very peculiar device, such as usbkey (fixing the card reader and card together), and then let the system recognize it as inserted card reader. Then usbkey can replace the card reader + card mode to complete Windows domain login, etc. The cost of developing usbkey is much lower than the cost of developing a card reader and adding a card. Probably less than a third. Of course, I also admit that there is a huge debate in this area, but the way we face the debate is just to let the research continue...

The largest manufacturers of USB keys in China include BGI, Watchdata, and Minghua , Haitai, etc., and abroad there are aladdin, rainbow, etc.

Summary: PC/SC driver is a very important part for both usbkey and card reader. I hope this example will be helpful to those who are interested in the pcsc driver.

Basically correct. However, under the 98 system, the driver of the PCSC architecture has a flaw. The SCRM in the 98 smart card patch does not support plug-and-play of the card reader, even if the device itself is PNP. Therefore, you can consider using only USB drivers on 98 systems.

Card vendors generally encapsulate a device API layer above the driver. This layer accesses the driver through SCRM, or accesses the device directly and through the USB driver. The device API layer is encapsulated with an application API layer, which encapsulates the 7816 instructions and shields the upper layer applications from the details of the 7816 instructions. Further up is the CSP. Of course, it is also possible to add the P11 layer between the CSP and the application API layer to achieve seamless connection and interoperability between CSP and P11.

The most important function in the example is SendSmdReader(). This function should be executed on the external hardware (card or usbkey). In order to simulate the insertion and removal of the virtual card, I created an additional thread WORKER thread (function VdVendorIOCTL), and also created an event SC_INSERT_REMOVE using the function IoCreateSynchronizationEvent. The user application (ins_rem.exe) triggers this event and drives the simulation of card insertion and removal. The second application (sc_mon.exe) reports the current status of the virtual card. And you can also use tool software PCSCInf.exe to detect the card status.

This driver supports the system event log SYSTEM EVENT LOG, saving corresponding status information and error information. All information can be viewed using the system's standard event viewer.

The reset response data and the binary file used to simulate the memory on the card are all stored in the driver source code. It can be easily modified and set through the registry. The name of the virtual card reader is "COMRAD 000001 0"

PC/SC driver test tool:

1. TAPDUDemoCard from Vizvary Istvan

This tool is used There is no need to write a line of code to communicate with the virtual smart card, and the communication is bidirectional.

2. APDU command test from Vizvary Istvan;

Very similar to the first tool.

3.PCSC Info from ZeitControl cardsystems GmbH;

Tool used to test any pcsc compatible card reader. It can control the status of the card in the card reader and report the current card Status

The virtual card reader can be used for win2k domain login. Smart card login is a great feature of win2k. Store the certificate in your smart card or USB key, so that when you log in, the system will check your certificate and approve it before you can log in. In this example, the virtual card reader only reports to the resource manager when the virtual smart card is pulled out and the system locks the PC.

First, put lock_pc. Import the reg file into the registry and activate win2k login settings.

That is, "Please CTRL+ALT+DEL to log in", the parameter "Winlogon\scremoveoption" can be set to "1" or "2", which means "lock the computer when the card is removed" and "log out the current user when the card is removed". If the driver If installed correctly, you will see the domain login window pop up. Please use the ins_rem tool to simulate the insertion and removal of the virtual card.