Solved

How to change  smartCard Pin in CSP

Posted on 2008-06-23
7
3,016 Views
Last Modified: 2013-11-15
hi all
i use CSP to access smartcards and usbtoken , but i don't know how to change smartcard pincode .
please help me !
thanks
0
Comment
Question by:ncsvietnam
7 Comments
 
LVL 2

Expert Comment

by:karampelas
ID: 21847170
It depends what windows you have. For XP/ 2003 server you will need the Smart Card Pin Tool is included as part of the downloadable Smart Card Base CSP package (KB909520) available via Windows Update. It becomes available as soon as the
Base CSP package is installed on the machine.

In Windows Vista, users can change their smart card user PIN using the secure desktop.

For exact details read the following. Their are two paragraphs that explain how to do it.
http://www.netsolutions.gemalto.com/download/070507%20WP%20Gemalto%20%20NET%20PIN%20Mgmt%20in%20Windows%20Platforms.pdf
0
 

Author Comment

by:ncsvietnam
ID: 21880839
thank you very much for your responding . but my mean is change smart Card pin by program , use Cryptography API in window platform .
0
 
LVL 2

Accepted Solution

by:
karampelas earned 125 total points
ID: 21882213
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 1

Assisted Solution

by:KonstantinPrinz
KonstantinPrinz earned 250 total points
ID: 22236908
KB909520 installs pintool.exe into %WinDir%\system32
0
 
LVL 1

Assisted Solution

by:KonstantinPrinz
KonstantinPrinz earned 250 total points
ID: 22236910
0
 
LVL 62

Assisted Solution

by:btan
btan earned 125 total points
ID: 22970383
There is no CAPI (if the smartcard CSP support it) calls on changing the PIN but rather replaying the cached PIN (and clearing it using CryptSetParams)

The most straight forward method is via sending APDU commands like CHANGE CHV (you can get it from vendor if proprietary else by default they are the standard ISO 7816-4) to the smartcard thru the reader. It can be via SCard Commands or via PKCS#11 (if supported).

For Scard command, use Scardtransmit (see http://msdn.microsoft.com/en-us/library/aa379804(VS.85).aspx) to send the APDU

Try out the APDU player as well (to try out APDU) but be wary on PIN lockout - http://www.codeproject.com/KB/smart/SmartcardFmwk.aspx

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now