locked
How do I fix smart card logon error - No valid certificates found ? RRS feed

  • Question

  • I have written a smart card minidriver (for a read-only card). Now I am trying Windows 7 smart card logon, but there is "No valid certificates found" error on logon screen, when I insert the card. 
    I have two certificates in the smart card, one for encryption, another for digital signature and windows logon. 
    Encryption certificate:
      Key Usage: Key Encipherment
    Signature and Logon certificate:
      Key Usage: Digital Signature, Non-Repudiation
      EKU : Client Authentication, Secure Email, Smart Card Logon
    I set two cmapfile records for these certificates:
    cmap[0].wszGuid = L"encr0@ug.net";
    cmap[0].bFlags                 = CONTAINER_MAP_VALID_CONTAINER;
    cmap[0].bReserved               = 0;
    cmap[0].wSigKeySizeBits         = 0;
    cmap[0].wKeyExchangeKeySizeBits = 2048;
    cmap[1].wszGuid = L"sign0@ug.net";
    cmap[1].bFlags                 = CONTAINER_MAP_VALID_CONTAINER|CONTAINER_MAP_DEFAULT_CONTAINER;
    cmap[1].bReserved               = 0;
    cmap[1].wSigKeySizeBits         = 2048;
    cmap[1].wKeyExchangeKeySizeBits = 0;
    Function calls in minidriver logs:
    when card inserted first time:
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [1]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardReadFile() [ksc00]
    CardGetProperty() [CP_CARD_CAPABILITIES]
    CardGetProperty()[CP_CARD_GUID]
    CardReadFile() [cmapfile]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[0]
    CardGetContainerInfo() ContainerIndex...[1]
    CardGetProperty() [CP_CARD_GUID]
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [0]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[0]
    CardReadFile() [cmapfile]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[0]
    CardReadFile() [cmapfile]
    CardReadFile()|pszFileName = [kxc00]
    CardGetProperty() [CP_CARD_CAPABILITIES]
    CardGetProperty()[CP_CARD_GUID]
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [1]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardReadFile() [ksc01] --- File not found
    CardReadFile() [cmapfile]
    CardDeleteContext()
    CardAcquireContext()
    CardGetProperty() [CP_CARD_GUID]
    CardReadFile() [cmapfile]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [msroots]
    CardGetProperty()...[CP_CARD_CAPABILITIES]
    CardDeleteContext()
    when smart card logon occurs:
    CardAcquireContext()
    CardGetProperty() [CP_CARD_GUID]
    CardReadFile() [cardcf]
    CardGetProperty() [CP_CARD_SUPPORTS_WIN_X509_ENROLLMENT]
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [1]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardReadFile() [ksc00]
    CardGetCapabilities...[CP_CARD_CAPABILITIES]
    CardReadFile() [cmapfile]
    CardDeleteContext()
    CardAcquireContext()
    CardGetProperty() [CP_CARD_GUID]
    CardReadFile() [cardcf]
    CardGetProperty() [CP_CARD_SUPPORTS_WIN_X509_ENROLLMENT]
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [1]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile()|pszFileName = [cmapfile]
    CardReadFile()|pszFileName = [ksc00]
    CardGetProperty() [CP_CARD_CAPABILITIES]
    CardReadFile() [cmapfile]
    CardDeleteContext()
    Why smart card logon doesn't continue? Is my certificate not suitable for logon, or did I write incorrect cmapfile, or anything else?
    Monday, April 4, 2011 12:03 PM

Answers