I am running into a strange issue with the virtual smartcard driver we wrote. If I install this driver onto a system that has an existing reader with a card installed and try to authenticate using a cert on the virtual reader, by selecting “Run As Other User” the validation will fail. All other scenarios we have tried work, including reading and using the card to login.
Tracing the IRPs via IrpTracker kind of gives the impression that when LSSAS requests the information from the CSP, a few of the APDU’s go to my card but then seem as if the requests jump to the other card. I am working on adding a filter driver to log the APDU request/responses to try an determine if this is indeed the case. Since this occurs using two well known 3rd party CSPs so I know it has to be an issue with how I am setting something up in my driver. If I remove the card in the physical reader everything works. Putting two physical readers on the same system using two similar cards works. So I have to be missing/overlooking something perhaps around reader to card relationship. If it is worth noting, using various utilities I can read all data from both the physical card and the virtual card. The virtual driver is KMDF based.
Since in this case the CSP has the logic to read the supported cards, is it safe to assume that card to reader enumeration/relationship is up to their implementation?
Nik Twerdochlib
Software Developer
+1.601.607.8309 O
+1.866.522.8678 F
BOMGAR | Enterprise Remote Support™
One of the Fastest-Growing Technology Companies in America | Technology Fast 500™