A minidriver is a hardware-specific DLL that uses a Microsoft-provided class driver to accomplish most actions through function calls, and provides only device-specific controls.
Under WDM, the minidriver registers its associated hardware adapters with the class driver, and the class driver creates a file object to represent each adapter that registers. The minidriver uses the class driver’s device object to make system calls. The class driver is accessed by user-mode clients through WDM Streaming.
In relation to a usb token or smart card, a minidriver provides a simpler alternative to developing a legacy cryptographic service provider (CSP) by encapsulating most of the complex cryptographic operations from the card minidriver developer.
The CSP-Minidriver is build on top of the token interface, which is part of the PKCS#11 module. It inherits card and crypto support from the PKCS#11 module.
The CSP-Minidriver is a read-only driver that exposes RSA and ECDSA private keys, public keys and certificates at it’s interface. The CSP-Minidriver is based on the Smart Card Minidriver Specification v7.07. It supports Windows 7, Windows 8 (8.1) and Windows 10. As it is a read-only driver, generating keys and writing certificates is not supported. Key and certificate provisioning can be done using OpenSCDP and the Smart Card Shell or via an application that supports the PKCS#11 interface. A read/write CSP for the SmartCard-HSM is available as part of the OpenSC Project.
Beginning with Windows Vista, applications can use the Microsoft Cryptography API: Next Generation (CNG) for smart card–based cryptographic services. As part of the elliptic curve cryptography (ECC) effort that was introduced in Windows Vista, ECC smart cards are supported in the new cryptographic framework. Applications and interfaces that interact with existing Rivest-Shamir-Adleman (RSA) card minidrivers through the legacy CAPI subsystem continue to work without modification.
RSA smart card minidrivers can also be registered with the smart card key storage provider (KSP) so that they can be called through the CNG interface. Dual-mode ECC/RSA + ECC-only requests are routed to the KSP and, through it, to the appropriate card minidrivers. For Windows Vista–based clients, ECC-only and ECC/RSA dual-mode cards are supported by using the Windows smart card framework. Dual-mode cards can also be accessed through CAPI primarily to expose RSA-only features.
Related Products
Related Articles
Thales Releases SafeNet IDPrime 940C/3940C Smart Cards
September 30th, 2024 -- Thales is excited to release the SafeNet IDPrime 940C/3940C smart card. The SafeNet IDPrime 940C is a contact interface smart card and the SafeNet IDPrime 3940C is a dual-interface smart card, allowing communication either via a
Release of SafeSign Identity Client version 3.7 for Microsoft, MacOS and Linux
Arnhem, September 2021 -- AET Europe, the leading vendor of solutions in the area of strong digital identities, is announcing the launch of the new generation of their leading product SafeSign Identity Client, version 3.7 for Standard (MacOS and
Identity and Access Management Leader Versasec Unveils vSEC:CMS S-Series v5.4
STOCKHOLM, SWEDEN, February 7, 2019 -- Versasec, the leader in smart card management systems, rolled out the latest generation of its flagship identity and access management (IAM) solution today. vSEC:CMS S-Series v5.4 incorporates a variety of important new features, including new console
Identity and Access Management Leader Versasec Unveils vSEC:CMS S-Series v5.4
STOCKHOLM, SWEDEN, February 7, 2019 -- Versasec, the leader in smart card management systems, rolled out the latest generation of its flagship identity and access management (IAM) solution today. vSEC:CMS S-Series v5.4 incorporates a variety of important new features, including new console
IGEL Achieves Record U.S. Federal Market Sales for Secure Endpoint security and optimization Software and Endpoints
San Francisco, November 7, 2018 – IGEL, a world leader in endpoint security and optimization software for the secure enterprise, today announced record sales in the U.S. federal market including significant wins during the federal fiscal year ending September 30, 2018 with
Identiv Launches Its First Certificate-Based PKI Credential for Microsoft® Minidriver
FREMONT, Calif., August 23, 2018 — Identiv, Inc. (Nasdaq: INVE) today announced the latest addition to its high-security credential portfolio, uTrust MD Smart Cards. Providing a comprehensive solution for converged physical and logical access control, Identiv’s uTrust MD Smart Card is the
Identiv’s uTrust Sense Minidriver Smart Cards is the New Generation of Logical and Physical Access Control
Santa Ana, January 30, 2018 - Identiv’s new uTrust Sense Minidriver Smart Cards are the next generation of smart card solutions for logical access and physical access control. From accessing Windows®-enabled computers to opening doors, these secure cards incorporate an
New Gemalto SafeNet Authentication Manager 9.0 will be presented in Russia
July 13, 2017 -- TESSIS, together with Gemalto, is announcing the emergence on the Russian market of a new major version of life-cycle management software for electronic keys from Gemalto, SafeNet Authentication Manager 9.0 (SAM 9.0). Thanks to this solution, users of
Version 10.0 of the SafeNet Authentication Client released
Gemalto has recently announced the release of version 10.0 of the SafeNet Authentication Client (SAC). A first step towards integrating the SAC with Gemalto smart cards that allows administrators and users to manage IDPrime cards through the standard PKCS#11 and
New software from Intercede provides added protection using Intel® Authenticate for enterprise PCs
RSA CONFERENCE 2016, San Francisco, March 1, 2016 – Today, digital identity and credentials expert Intercede announced new security software designed for deployment alongside Intel’s latest hardware-based identity protection technology, Intel® Authenticate. Intercede software, running on the 6th Gen Intel® Core™ vPro™
Hypersecu specializes in strong Two-Factor Authentication Solutions
Las Vegas, NV May 09, 2014 - Hypersecu specializes in strong two-factor authentication (2FA) solutions, BYOD security solutions, mobile payment solutions and mobile authentication products. Hypersecu will showcase their latest solutions at the exhibitions: BYOD Security solutions ➢ Mobile Smart card
SPYRUS Delivers Microsoft Certified Windows To Go Drives with FIPS 140-2 Level 3 Tamper-Proof Smart Cards and Digital Certificates for Multi-Factor Authentication
San Jose, CA – November 18, 2013 – SPYRUS today announced the availability of the SPYRUS WorkSafe™ and WorkSafe Pro portable SSD live drives for Windows To Go built using the Windows 8.1 update. WorkSafe transforms almost any PC into
Pentio IC Card 3300 NFC is the First Hybrid IC Card Compatible with Windows 8 and Windows Server 2012
07/04/2013 - Pentio Corporation (head office: Shinjuku-ku, Tokyo; President and CEO: Haruhiko Hasegawa, hereinafter referred to as Pentio), which provides device development and solution authentication using devices, is compatible with major Windows operating systems including Microsoft (R) Windows We began
New Smart Card Management System from Versatile Security
Stockholm, Sweden, December 15, 2012 -- Versatile Security Sweden AB announces the release of vSEC:CMS T-Series version 3.0. New features in this version include: Smart card printing capability, new graphical interface with intuitive lifecycle navigation, support of new Smart Cards,