Solved

How to change  smartCard Pin in CSP

Posted on 2008-06-23
7
3,013 Views
Last Modified: 2013-11-15
hi all
i use CSP to access smartcards and usbtoken , but i don't know how to change smartcard pincode .
please help me !
thanks
0
Comment
Question by:ncsvietnam
7 Comments
 
LVL 2

Expert Comment

by:karampelas
ID: 21847170
It depends what windows you have. For XP/ 2003 server you will need the Smart Card Pin Tool is included as part of the downloadable Smart Card Base CSP package (KB909520) available via Windows Update. It becomes available as soon as the
Base CSP package is installed on the machine.

In Windows Vista, users can change their smart card user PIN using the secure desktop.

For exact details read the following. Their are two paragraphs that explain how to do it.
http://www.netsolutions.gemalto.com/download/070507%20WP%20Gemalto%20%20NET%20PIN%20Mgmt%20in%20Windows%20Platforms.pdf
0
 

Author Comment

by:ncsvietnam
ID: 21880839
thank you very much for your responding . but my mean is change smart Card pin by program , use Cryptography API in window platform .
0
 
LVL 2

Accepted Solution

by:
karampelas earned 125 total points
ID: 21882213
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 1

Assisted Solution

by:KonstantinPrinz
KonstantinPrinz earned 250 total points
ID: 22236908
KB909520 installs pintool.exe into %WinDir%\system32
0
 
LVL 1

Assisted Solution

by:KonstantinPrinz
KonstantinPrinz earned 250 total points
ID: 22236910
0
 
LVL 61

Assisted Solution

by:btan
btan earned 125 total points
ID: 22970383
There is no CAPI (if the smartcard CSP support it) calls on changing the PIN but rather replaying the cached PIN (and clearing it using CryptSetParams)

The most straight forward method is via sending APDU commands like CHANGE CHV (you can get it from vendor if proprietary else by default they are the standard ISO 7816-4) to the smartcard thru the reader. It can be via SCard Commands or via PKCS#11 (if supported).

For Scard command, use Scardtransmit (see http://msdn.microsoft.com/en-us/library/aa379804(VS.85).aspx) to send the APDU

Try out the APDU player as well (to try out APDU) but be wary on PIN lockout - http://www.codeproject.com/KB/smart/SmartcardFmwk.aspx

0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
This video discusses moving either the default database or any database to a new volume.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now