Bug 495765 - Add Smart Card login (330J) registry entries in Windows installer.
Add Smart Card login (330J) registry entries in Windows installer.
Status: CLOSED ERRATA
Product: Dogtag Certificate System
Classification: Community
Component: ESC (Show other bugs)
1.0
All Windows
urgent Severity urgent
: ---
: ---
Assigned To: Jack Magne
Chandrasekar Kannan
:
Depends On:
Blocks: 443788
  Show dependency treegraph
 
Reported: 2009-04-14 13:34 EDT by Jack Magne
Modified: 2015-01-04 18:37 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-07-22 19:34:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jack Magne 2009-04-14 13:34:13 EDT
Description of problem:


In order to support smart card login, for the Safenet 330J, the following registry information must be set by the installer for ESC:

Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\SafeNet 330J]
"ATR"=hex:3b,ec,00,ff,81,31,fe,45,a0,00,00,00,56,33,33,30,4a,33,06,00,00
"ATRMask"=hex:ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,00
"Crypto Provider"="CoolKey PKCS #11 CSP"


This associates the ATR of the 330J with our already provided CoolKey CSP.
Also make sure that the entry for the Gemalto 64K is in order.
Comment 1 Jack Magne 2009-04-14 16:10:40 EDT
Proposed installer script fix for this issue:

$ cvs diff setup.iss
Index: setup.iss
===================================================================
RCS file: /cvs/dirsec/esc/win32/setup.iss,v
retrieving revision 1.6
diff -r1.6 setup.iss
453c453
< Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto
64K V2; ValueType: binary; ValueName: ATRMask: ValueData: ff ff ff ff ff ff ff f
f ff ff; Flags: uninsdeletekey
---
> Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto
64K V2; ValueType: binary; ValueName: ATRMask: ValueData: ff ff 00 ff 00 ff ff f
f 00 00; Flags: uninsdeletekey
457c457
< Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto
64 V2: ValueType: binary; ValueName: ATR; ValueData: 3b 95 95 40 ff ae 01 03 00
00
---
> Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto
64 V2: ValueType: binary; ValueName: ATR; ValueData: 3b 95 00 40 00 ae 01 03 00
00
458a459,464
> ; Now register the Safenet 330J
> Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Safenet
330J: ValueType: binary; ValueName: ATRMask: ValueData: ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff 00 00; Flags: uninsdeletekey
>
> Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Safenet
330J: ValueType: string; ValueName: Crypt Provider: ValueData: CoolKey PKCS #11
CSP
>
> Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Safenet
330J: ValueType: binary; ValueName: ATR; ValueData: 3b ec 00 ff 81 31 fe 45 a0 0
0 00 00 56 33 33 30 4a 33 06 00 00
Comment 2 Matthew Harmsen 2009-04-14 20:41:17 EDT
Comment #1 +mharmsen
Comment 3 Jack Magne 2009-04-14 21:35:56 EDT
$ cvs -d :ext:jmagne@cvs.fedora.redhat.com/cvs/dirsec commit setup.iss
Enter passphrase for key '/home/jack/.ssh/id_rsa':
Checking in setup.iss;
/cvs/dirsec/esc/win32/setup.iss,v  <--  setup.iss
new revision: 1.7; previous revision: 1.6
done
Running syncmail...
Mailing relnotes@fedoraproject.org...
...syncmail done.
Running syncmail...
Mailing cvsdirsec@fedoraproject.org...
...syncmail done.

Fix will appear in next build.
Comment 4 Asha Akkiangady 2009-06-09 19:24:00 EDT
Verified.

Installed ESC SmartCardManagerSetup-1.1.0-5.win32.i386.exe on Vista, verified that registry entries are created for Safenet 330J and Gemalto 64K with the right values.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\SafeNet
330J]
"ATR"=3b,ec,00,ff,81,31,fe,45,a0,00,00,00,56,33,33,30,4a,33,06,00,00
"ATRMask"=ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,00
"Crypto Provider"="CoolKey PKCS #11 CSP"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64K V2]
"ATR"=3b 95 95 40 ff ae 01 03 00 00
"ATRMask"=ff ff 00 ff 00 ff ff ff 00 00
"Crypto Provider"="CoolKey PKCS #11 CSP"

Note You need to log in before you can comment on or make changes to this bug.