Links about smart card infrastructure
General Architecture
- Windows Vista Smart Card Infrastructure (contains container naming reference)
- The Smart Card Cryptographic Service Cookbook (contains cryptoapi calls for windows logon)
- Certificate Enumeration (from technet)
Mini driver
- Smart Card Minidriver Specification
- Smart Card Minidriver Certification Requirements (see at the bottom for the CSP sequence of Smart card logon, PIN Change, Enrollement, RunAS, …)
- Minidriver tests for microsoft update deployment
- Belgian EID minidriver notes about how to test a minidriver easily with cmck.exe (from the “Windows Logo Kit DTM Controller”)
DPAPI
- Microsot reference Paper “Windows Data Protection”
- Export non exportable keys on Windows
- Reversing DPAPI and stealing Windows Secret Offline
- DPAPIck
- KB309408: limitation on DPAPI and roaming profiles
- DPAPI Secrets. Security analysis and data recovery in DPAPI
Kernel debug
- Virtual kernel debugger booster
- CryptoAPI tracer script
- Steve Patrick (Spat) notes about how to debug lsass.exe
Remove Policy
Authentication
Logging
Others
- Spat’s Weblog (configuration of the Belgium ID for smart card logon)
- Find out if a smart card was used for logon