0

I want to write CredentialProvider similar to builtin SmartcardCredentialProvider used in domain, but with one difference: When the PIN field is displayed, do automatic submit with empty PIN and let the user log in to windows.

I have some ideas, but not sure if it will work:

  1. Write CredentialProvider that will monitor the state SmartcardCredential provider, detect the state with PIN prompt and hit Enter
  2. Write credential provider that will do the smartcard discovery on its own do the authentication process between Smartcard <-> CredentialProviderAPI

Can this structure lead me to entering empty pin? KERB_SMART_CARD_LOGON https://learn.microsoft.com/en-gb/windows/win32/api/ntsecapi/ns-ntsecapi-kerb_smart_card_logon

I dived into pGina source code, but I see only username and password used in authentication with CredentialProviderAPI, so I am afraid it is possible to use with certificate on smartcard.

tista3
  • 79
  • 1
  • 6
  • 2
    You're asking this question too soon. If you haven't even worked out which language you want to use, you need to sit down and do more research into the options available. – user4581301 Aug 03 '23 at 18:15
  • @user4581301 pGina is in both C# and C++ interacting with each other, so it must be these – tista3 Aug 03 '23 at 18:34
  • 2
    You can write a provider which logs in a user [without interaction](https://stackoverflow.com/questions/13734982/autounlock-a-windows-user-session), so it is surely possible. Not sure if you will be able to reuse any of the existing smartcard related stuff since that is based on two factor (possession + knowledge). – Mitch Aug 03 '23 at 18:59
  • If you will write the logic of acquiring data from Smartcard, then there are no reason to write separate modules. This logic can be implemented in the single module. – Alexander Aug 04 '23 at 10:58
  • Smartcard insertion event can be transformed into event to reenumerate provider's tiles. On this stage you can tell Winlogon (or CredUI) that your provider have a tile that can do autologon. – Alexander Aug 04 '23 at 11:02

0 Answers0