Re: usbccid driver : enable Escape command

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

---

• From: "Olivier R." <Olivier R.@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 3 May 2005 23:08:03 -0700

---

Your first idea may not be a solution regarding our business target as we
provides corporate solutions. In this kind of solution, the computers are
managed by one ore more administrator and the user has not the knowledge of
the admin password.
If the user changes the device usb connection (using another USB port, a USB
hub etc...), he will be requested to enter the admin password as there is a
registry key for each USB connection in HKLM.
Another issue with this solution is that a CCID driver is dedicated to
smartcard. It interacts with the smartcard server service (scardsvr) that is
provided by Microsoft and PC/SC compliant. Application that used the scard
API are not our application, they are our customer PC/SC end application,
sometimes they are already written and we can't ask them to handle the
missing registry key detection and modification.

Your second idea (filter driver) needs some more investigation for us as we
have little knowledge about filter drivers. However, if they behave like
standard device driver, they will still need to be signed to be
automatically installed by Windows.
The INF modification of the CCID driver is then more simple and quick and
provide the same behavior.
The service is the best idea as this service, installed during the driver
installation could monitor the PNP notification of the device insertion
filtered by its GUID and verify the presence of the registry key. As this
service would run in the system context, it should have admin rigths and
should be able to add the key in the registry if it is missing. At this
stage, I don't see nasty issue with this solution.

We still have a request pending at Microsoft for a CCID driver release with
the registry key set but we don't get any answer at this time.

Thanks for your help,
Olivier R.

"Ray Trent" wrote:

> This isn't a pleasant approach, but when you detect that the value isn't
> set you could tell the use and offer to execute a registry modification
> using "runas" or some other mechanism that prompts for an admin password.
>
> Other than that the only way would be to write a service or filter
> driver that does nothing except set the value. That's probably the
> "best" solution if MS can't help by providing a modified and signed INF
> in a hotfix or something.
>
> Olivier R. wrote:
> > Hello,
> >
> > I use the usbccid driver to develop a smartcard application.
> > As explained in the usbccid driver documentation :
> > http://www.microsoft.com/whdc/device/input/smartcard/USB_CCID.mspx
> > "In order to send or receive an Escape command to a reader, the DWORD
> > registry value EscapeCommandEnable must be added and set to a non-zero value
> > under the HKLM\SYSTEM\CCS\Enum\USB\Vid*Pid*\*\Device Properties key."
> >
> > My problem is to find a way to automaticaly add the EscapeCommandEnable
> > DWORD in HKLM\SYSTEM\CCS\Enum\USB\Vid*Pid*\*\Device Properties during the
> > installation of the application.
> > (it is only during the installation of the application that you have the
> > administrator rights and so you can add a value in the registry base).
> >
> > - Is there a version of the usbccid driver available that avoids to modify
> > the registry (with Escape command always enabled) ?
> > - if I modify the usbccid.inf file so that this DWORD will be add in the
> > registry base : unfortunately the driver will not be signed anymore which is
> > too bad.
> > - The path depends on the USB port where the reader is plugged : which means
> > that the administrator will have to plug the reader to all USB ports during
> > the installation process to add each value to the right registry path and so
> > to be sure that he will be able to use the reader with all its computer ports
> > .
> >
> > I hope someone has a solution.
> >
> > Have a nice day
> >
> > Olivier
> >
>
> --
> .../ray\..
>
.

---

• References:
  • Re: usbccid driver : enable Escape command
    • From: Ray Trent

• Prev by Date: Re: Dont want the Found New HardWare Wizard
• Next by Date: Re: Fields in rolled irp
• Previous by thread: Re: usbccid driver : enable Escape command
• Next by thread: Re: MmProbeAndLockPages page locking
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: hijack this startup - can someone tell me the hack i am experienci ... | *Registry key not found* ... | *Registry value not found* ... | Autorun entries from Registry: ... | Intel82801 Audio Driver Install Service: ... (microsoft.public.windowsxp.security_admin) Re: Intel 855GME graphic driver woes.... ... select registry branch you want to deny access to. ... This is certainly less flexible and more Hacky and ugly than Bens ... I am trying to use the "IntelEmbedded Graphics driver package ... // Close registry key. ... (microsoft.public.windowsxp.embedded) IRC Packets being generated. Dont know where from... ... *Registry value not found* ... Autorun entries from Registry: ... Enumerating ICQ Agent Autostart apps: ... RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual ... (microsoft.public.security.virus) hijack this startup - can someone tell me the hack i am experienci ... *Registry value not found* ... Enumerating ICQ Agent Autostart apps: ... Intel82801 Audio Driver Install Service: ... Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual ... (microsoft.public.windowsxp.security_admin) Re: BSOD Error 0x000000B8 ... *Registry value not found* ... Enumerating ICQ Agent Autostart apps: ... ADI UAA Function Driver for High Definition Audio Service: ... Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs ... (microsoft.public.windowsxp.help_and_support)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Development  > microsoft.public.development.device.drivers  > 2005-05