A guy I respect very much once told me he wrote his first GINA during a week-end.
Let’s face it, I’m not that bright: already to get it working on a domain-based setting took a few days. But when a partner asked for a workgroup version, trouble started.
Here is/are the thing(s):
1) Under XP “home” (thus the “Solo” deal), winlogon will _not_ send insertion or removal events to the GINA.
2) The Microsoft winlogon service that handles the GINA is not re-entrant (don’t know about Vista, but I am convinced that this statement is correct under 2K and XP).
So to fix 1) I decided to run a second thread that would tell winlogon that the card had been inserted or removed (polling is ugly I know).
Yes but 2) generated an amazing amount of sporadic crashes … that my partner did struggle with (as a user) as much as I did, I must admit.
Being an MSDN lawful subscriber, I got to talk the some of the folks at MS that deal with that … and no go .
A consultant out there (I believe that is Keith: http://www.pluralsight.com/wiki/default.aspx/Keith/CustomizingGINA.html ), has a forum where I posted my problem.
There I was told about that re-entrency problem and that the trick that was usually used (especially in the Microsoft COM code), was to create a hidden window and send it a user’s-event to wake it up (that is scary no ?).
Anyway, that did the trick, and although I am not very proud of my code when I look at it (too much was written at 2 am maybe); next I’ll release that GINA Solo thing (dll in C++, and configuration utility in VB6 … that was before I found out about wxPython).
The released applet was in BasicCard (actually my first GINA applet was in S-Choice: http://www.sci-s.com/schoice_os.htm ) … I think I have one In JavaCard also.
I will release the former and the latter.
Philippe
I really like Doxygen for Java Card; so I thought that with the third party filter I found, I could get it to work fine on Python … no go for now.
The SCF source documentation is back to the epydoc format. I am trying the new beta release but have yet to check out the new features.
So I just re-ran my hold script (which I’ll have to adjust to add the new stuff) and put the result online: http://www.snakecard.com/Source/Documentation/API/html/
Philippe
When a project requires pre-personalization and more specifically loading a binary file onto the target, once discovers that there are a few pitfalls associated with the process.
When reading Global Platform , you discover that many other documents must be read before you get the job done (ex: MACing). By the way, I’ll release soon a GP support module for SCF.
Anyway, if it is simpler with BasicCard, there are still a few risk of locking the card even if there is not crypto. involved. You’ll find here: http://snakecard.com/Source/Applications/SCF/Load_BC.zip; the core code I have used in a few project to load a BasicCard binary onto the card (that means it works 
).
Do note, however, that the way to switch a card from load to test to run mode varies from a BasicCard to another … but that is well tackled in their documentation.
17+ years together, and you had to fall in that stupid pool.
May the road be as fun to you as you were to us; thinking of you will only bring good memories … and a few tears.
I tell you what: wait a bit for me, I’ll re-incarnate as a dog and you as a man … and you’ll feed me for a change !
Philippe
This EPurse was written with the following constraints:
- work on a 2K BasicCard,
- work cross-platform,
- be stand alone (not need for a SQL server … although the port is quite easy.
Having to stick to a 2K card was the toughest challenge … and if I recall I could not add a byte to the existing.
The security is OK, even if this is no EMV application.
Oh yes. HTMLgen is needed (reports and Emails if I recall).
I think it’s all there … let me know if that is not the case.
Philippe