Smart Card Reader Application Software

Posted onby
Smart Card Reader Application Software

This desktop application allows you to track attendance for an event, using SentriCard® membership cards. Windows® XP, Vista, or Windows® 7, a compatible USB smart card reader, and an Internet connection is required. Signature Capture for Windows® SigCap v1.0; Release Notes. SentriLock Software Release Notes. Technical Bulletins.

SOLUTION FOUND!!!

There is an opensource software called 'Smart Card Manager' which is referenced on militarycac.com as an alternative to using ActivClient 6.2 (AKA for those of us that can't access a CAC secured site to download a program designed to enable the use of a CAC card needed for said site).

I'm not totally sure what the program actually did, however, it seems to have re-established the link between my card reader and my internet browser/certificate management software. Below is the link to the program:

And below is the link to the page on militarycac.com (Also a wonderful resource for anyone military for finding the latest drivers and certificate packs for your computer and card reader)


Finally, make sure (if you're military) that you have all of the appropriate DoD PKI Root Certificates installed and have uninstalled old/conflicting certificates. Instructions for this can be found by clicking the Navy Knowledge Online (NKO) website ( https://wwwa.nko.navy.mil/ ) and clicking the CAC Login Help link below the login button in the center of the page. The link will pop up a window with instructions for things to do on the DISA website. Make sure you complete the following:

  1. Follow the instructions to run the Cross-Certificate remover (instructions are found in the popup on NKO.
  2. INSTALL 'Installroot 4' on your machine. To do this choose the 'Trust Store' tab instead of the 'Certificate Validation' tab on the Tools page of the DISA site. 'Installroot 4: NIPR Windows Installer' is the DoD PKI certificate installer that you then need to download and install.

Following all of that, you should be up and running. It's taken me a lot of digging to find this solution and I've done a lot of the working with solutions from militarycac.com in the past and it seems every time windows changes, something about smartcard login on government sites breaks. Hopefully this will save some of the rest of you that headache that we all hate.

*This method has successfully restored my access to all of the military sites I had access to in the past. (MyPay, BUPERS, NFAS, DEERS, NSIPS, NKO, MOVE.MIL) hopefully it works for you as well.

-->

Smart Card

Pairing Process

Smart Card Reader Driver

The operating system follows these steps to pair a smart card with an already installed minidriver:

  • Get the ATR from the smart card.

  • Iterate through entries in the HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptographyCalaisSmartCards registry key and do the following:

    • Apply ATRMask subkey value that is stored in the registry to the ATR that was acquired from the smart card.
    • Compare the masked ATR value to the ATR subkey value that is stored in the registry.
    • If the two ATR values match, stop processing and pair the corresponding minidriver with the smart card.

Smart card ATR and ATRMask values must be carefully chosen to avoid the erroneous pairing of a minidriver with a smart card. The smart card ATR value that is stored in the registry should be the expected value after the ATRMask has been applied to an ATR read from a smart card. Otherwise, the masked ATR values from the card and the registry do not match and the pairing fails.

Beginning with Windows 7, the first time a smart card is inserted into a card reader triggers Plug and Play events that result in a search for an appropriate minidriver on the Windows Update site. The device ID that Windows generates to locate the driver on Windows Update depends upon the following factors:

Card
  • Historical bytes from the ATR. For more information about ATR historical bytes, see section 8 of the ISO/IEC 7816-4:2005(E) standard.
  • Presence of the Microsoft Plug and Play AID application with a list of GUIDS in tag 0x7F68.
  • Presence of a PIV application on the card which will be paired with an inbox driver.
  • Presence of a GIDS (Generic Identity Device Specification) application with Microsoft Generic Profile on the card which will be paired with an inbox driver.

For more detailed information on the smart card discovery process for Plug and Play and Winscard, see Smart Card Discovery Process. These processes result in the generation of a unique device ID for the smart card.

Smart Card Reader Application Software Free

Note To determine the device ID that Windows generates for a smart card, the recommended approach is to insert the smart card in a smart card reader that is attached to a computer that is running Windows 7 or later versions of Windows. The device ID can then be found by looking at the “Hardware Ids” property of the smart card device in Device Manager.

Smart Card Reader Software

Sample INF for x86 and amd64

The following is a sample INF file for smart card installation in Windows 8 and earlier versions of Windows. This INF file is decorated for installation in X86 and AMD64 CPU platforms.

Note To avoid problems with deployments, it is strongly advised to test your driver package on clean installations of all targeted operating systems prior to submitting the driver package to Winqual.

The following are required for this type of INF file:

  • The hardware ID that is specified by the %FabrikamCardDeviceName% string must either be the ATR historical bytes of the device or the decoded value of the device’s smart card framework identifier. For more information about this identifier, see the “Windows Smart Card Framework Card Identifier” section in Smart Card Discovery Process.
  • The DefaultInstall section is mandatory in INF files for smart card minidriver packages.