Skip to content
This repository has been archived by the owner on May 16, 2024. It is now read-only.

Home

Jump to bottom
Kristel Merilain edited this page Aug 2, 2021 · 44 revisions

Minidriver for EstEID ID-cards

Background:

For ATRFilter see https://github.com/open-eid/minidriver/wiki/Atrfilter

Supported platforms:

  • Windows 8.1 (x86, x64)
  • Windows 10 (x86, x64)
  • Windows Server 2012 R2
  • Windows Server 2016
  • Windows Server 2019

Supported features:

  • pinpad
    • Can be disabled with creating registriy key's
[HKEY_LOCAL_MACHINE\SOFTWARE\RIA\minidriver]
"disablepinpad"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RIA\minidriver]
"disablepinpad"=dword:00000001
  • hash algorithms
    • SHA1, SHA-256, SHA-384, SHA-512
  • Logging can be enabled by creating esteidcm.log file to user %TEMP% folder
    • Logging in RDP session written in Server to %TEMP% esteidcm.log

Implemented API

DllMain
CardAcquireContext
CardDeleteContext
CardGetContainerProperty
CardSetContainerProperty
CardGetProperty
CardSetProperty
CardQueryCapabilities
CardCreateContainer
CardGetContainerInfo
CardAuthenticatePin
CardAuthenticateEx
CardEnumFiles
CardGetFileInfo
CardReadFile
CardWriteFile
CardQueryFreeSpace
CardQueryKeySizes
CardRSADecrypt
CardSignData

Not Implimented API

CardDeleteContainer
CardUnblockPin
CardChangeAuthenticator
CardCreateDirectory
CardDeleteDirectory
CardCreateFile
CardDeleteFile
CardConstructDHAgreement
CardDeriveKey
CardDeriveKey
CspGetDHAgreement
CardGetChallenge
CardAuthenticateChallenge
CardGetChallengeEx
CardChangeAuthenticatorEx
CardDeauthenticate
CardDeauthenticateEx

Usage:

Diagnostics

  • To verify installation of minidriver open Command Prompt and run C:\Windows\System32\certutil -scinfo command.

Testing unsigned driver

Run in CMD with administrator rights:

bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS

bcdedit.exe -set TESTSIGNING ON

Restart windows

Clone this wiki locally