Links about smart card infrastructure

General Architecture

• Windows Vista Smart Card Infrastructure (contains container naming reference)
• The Smart Card Cryptographic Service Cookbook (contains cryptoapi calls for windows logon)
• Certificate Enumeration (from technet)

Mini driver

• Smart Card Minidriver Specification
• Smart Card Minidriver Certification Requirements (see at the bottom for the CSP sequence of Smart card logon, PIN Change, Enrollement, RunAS, …)
• Minidriver tests for microsoft update deployment
• Belgian EID minidriver notes about how to test a minidriver easily with cmck.exe (from the “Windows Logo Kit DTM Controller”)

DPAPI

• Microsot reference Paper “Windows Data Protection”
• Export non exportable keys on Windows
• Reversing DPAPI and stealing Windows Secret Offline
• DPAPIck
• KB309408: limitation on DPAPI and roaming profiles
• DPAPI Secrets. Security analysis and data recovery in DPAPI

Kernel debug

• Virtual kernel debugger booster
• CryptoAPI tracer script
• Steve Patrick (Spat) notes about how to debug lsass.exe

Remove Policy

• Deconstructing the Smartcard Removal Policy Service

Authentication

• HSPD-12 Logical Access Authentication and Active Directory Domains

Logging

• Determining Whether a User Logged on Using A Smart Card

Others

• Spat’s Weblog (configuration of the Belgium ID for smart card logon)
• Find out if a smart card was used for logon