Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Support PIN unblocking in minidriver via PUK as response to challenge
Minidriver currently has basic support for unblocking card PIN by providing PUK as an administrator password to CardUnblockPin() function. However, this doesn't work for example when trying to unblock PIN via system smartcard PIN unblock screen accessible after pressing Ctrl+Alt+Del as it wants to use challenge / response authentication. MS Smart Card Minidriver specification (version 7.07) explicitly says that challenge / response is the only authentication mode that Windows uses to authenticate an administrator. Unfortunately, this way of unblocking PIN seems to not be widely supported by cards. However, we can simply treat the provided response to challenge as PUK. Because (at least) Ctrl+Alt+Del PIN unblock screen accepts only hex string, every PUK digit X has to be input as '3X' (without quotes) there. Also the response string is not hidden behind asterisks on this screen as it should been. Signed-off-by: Maciej S. Szmigiero <[email protected]>
- Loading branch information