Comments (22)
Are you setting the IntermediateCA1 and IntermediateCA2 parameters to the test CA certs as well? The test certs should chain up to Microsoft ECC Root Certificate Authority 2017. We're still using these certs for internal testing without issue.
We don't have bioiso event logs. If you use feedback hub to take a recording under "Security & Privacy/Windows Hello Fingerprint", and share the feedback ID, we can look at the traces.
from securedeviceconnectionprotocol.
Thank you for reply this thread.
As you mentioned, I checked the certificate and Intermediate CA1, 2 in our driver source code, but no problem was found.
(Certificate and Intermediate CA1, 2 in use are the same as in the Test Vector.)
If an incorrect certificate is inserted, an error code is E_INVALIDARG (0x80070057)
and I sent feedback via feedback hub. ( https://aka.ms/AA9bn4s )
from securedeviceconnectionprotocol.
Thanks for filing that. That helped narrow things down a bit. I was able to confirm it doesn't have to do with the expiration, and I see the same details viewing the certificate on my machine (where our tests pass with an these certs). There's a few possibilities for why this code can be returned that I'll have to ask some team members about.
Given that we haven't seen issues with these certificates though, I think there could be some formatting issues with the secure connection buffer. Can you dump a buffer so we can check the contents?
from securedeviceconnectionprotocol.
Thank you for your cooperation in this matter.
OK, I attach a log of the driver being developed (TraceView) and screenshots of Event Log (SensorAdapterConnectSecure function in SensorAdapter)
[SensorAdapterConnectSecure] -->
[SensorAdapterConnectSecure] WINBIO_SECURE_CONNECTION PARAMS Size : 105[SensorAdapterConnectSecure] Host's Random Key :
0x4a, 0xf1, 0xea, 0xb9, 0x1e, 0x14, 0x73, 0x9d, 0xa5, 0x86, 0xe7, 0x6a, 0x33, 0x8a, 0x6c, 0x4e,
0xbf, 0xa9, 0xba, 0x04, 0xb1, 0xec, 0xa3, 0xb3, 0x93, 0x4b, 0xd1, 0xae, 0xca, 0xb9, 0x6a, 0x4b[SensorAdapterConnectSecure] Host's Public Key :
0x04, 0x11, 0x93, 0xee, 0x79, 0x39, 0x01, 0xde, 0x44, 0x5c, 0x97, 0x7c, 0x37, 0xc0, 0x57, 0x41,
0xec, 0x69, 0xd5, 0x60, 0x8f, 0xc0, 0xdf, 0x62, 0x24, 0xbb, 0x54, 0xf8, 0x89, 0x36, 0x8d, 0x76,
0x17, 0x1b, 0x86, 0x0d, 0x8d, 0xb4, 0x89, 0x07, 0xbc, 0x98, 0x7b, 0xfd, 0x83, 0x54, 0xff, 0xea,
0xed, 0xd6, 0xaa, 0x12, 0x66, 0xc8, 0x7e, 0xcf, 0x93, 0x27, 0x6c, 0xd7, 0xf9, 0xd8, 0xc6, 0x63,
0x14DeviceIoControl IOCTL_BIOMETRIC_CONNECT_SECURE result : 0, bytesReturned : 0
GetOverlappedResult result : 1, bytesReturned : 3360
[SensorAdapterConnectSecure] ///////////////////////////////////
[SensorAdapterConnectSecure] Size : 3360
[SensorAdapterConnectSecure] Version : 1
[SensorAdapterConnectSecure] Flags : 0
[SensorAdapterConnectSecure] CERT_M_SIZE : 846
[SensorAdapterConnectSecure] CERT_CA1 : 1025
[SensorAdapterConnectSecure] CERT_CA2 : 1114[SensorAdapterConnectSecure] MAC :
0x4c, 0xcf, 0xfb, 0xa9, 0x8d, 0x21, 0x4c, 0x98, 0xfb, 0x42, 0x43, 0xc7, 0x62, 0x04, 0x9c, 0xcb,
0xc2, 0x42, 0x64, 0x18, 0xcf, 0xe6, 0x0c, 0xe9, 0x26, 0x30, 0xd7, 0xc4, 0x32, 0xd4, 0x7b, 0xb0[SensorAdapterConnectSecure] Certificate_m :
0x30, 0x82, 0x03, 0x4a, 0x30, 0x82, 0x02, 0xf1, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x13, 0x33,
0x00, 0x00, 0x00, 0x04, 0x65, 0x4f, 0x77, 0xfa, 0xd9, 0x1c, 0x24, 0x77, 0x00, 0x00, 0x00, 0x00,
0x00, 0x04, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x7d,
0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30,
0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74,
0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65, 0x64,
0x6d, 0x6f, 0x6e, 0x64, 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x15, 0x4d,
0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61,
0x74, 0x69, 0x6f, 0x6e, 0x31, 0x27, 0x30, 0x25, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1e, 0x57,
0x69, 0x6e, 0x64, 0x6f, 0x77, 0x73, 0x20, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x31, 0x39, 0x42,
0x39, 0x32, 0x39, 0x36, 0x35, 0x20, 0x43, 0x41, 0x20, 0x32, 0x30, 0x31, 0x38, 0x30, 0x1e, 0x17,
0x0d, 0x31, 0x38, 0x30, 0x35, 0x32, 0x34, 0x32, 0x30, 0x33, 0x34, 0x34, 0x32, 0x5a, 0x17, 0x0d,
0x31, 0x39, 0x30, 0x38, 0x32, 0x34, 0x32, 0x30, 0x33, 0x34, 0x34, 0x32, 0x5a, 0x30, 0x1c, 0x31,
0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x11, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65,
0x20, 0x42, 0x49, 0x4f, 0x20, 0x53, 0x65, 0x6e, 0x73, 0x6f, 0x72, 0x30, 0x59, 0x30, 0x13, 0x06,
0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03,
0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x86, 0x83, 0xc1, 0xbd, 0x6b, 0x3b, 0x7c, 0xdc, 0x64, 0x86,
0x29, 0x29, 0x1b, 0xc9, 0xca, 0x98, 0x20, 0x6b, 0x39, 0xd5, 0x94, 0xe1, 0xc8, 0x79, 0x6b, 0xa4,
0xe7, 0x7e, 0x86, 0x24, 0x51, 0xe7, 0x9c, 0xac, 0xf8, 0xbd, 0x82, 0x3f, 0x9d, 0x07, 0x1e, 0x8a,
0x43, 0x68, 0x2d, 0xdf, 0x40, 0xbf, 0x0c, 0x0c, 0xc8, 0xc1, 0x5b, 0x26, 0x05, 0x9f, 0xc5, 0x68,
0x3a, 0x0a, 0xe6, 0xdc, 0x0e, 0x82, 0xa3, 0x82, 0x01, 0xaf, 0x30, 0x82, 0x01, 0xab, 0x30, 0x75,
0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x6e, 0x30, 0x6c, 0xa4, 0x6a, 0x30, 0x68, 0x31, 0x32, 0x30,
0x30, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x04, 0x82, 0x37, 0x64, 0x02, 0x13, 0x24, 0x34, 0x36, 0x44,
0x33, 0x42, 0x30, 0x30, 0x33, 0x2d, 0x30, 0x32, 0x31, 0x46, 0x2d, 0x34, 0x44, 0x31, 0x42, 0x2d,
0x42, 0x31, 0x44, 0x35, 0x2d, 0x36, 0x43, 0x33, 0x33, 0x32, 0x43, 0x46, 0x41, 0x46, 0x36, 0x42,
0x43, 0x31, 0x32, 0x30, 0x30, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x04, 0x82, 0x37, 0x64, 0x01, 0x13,
0x24, 0x46, 0x41, 0x45, 0x30, 0x35, 0x41, 0x39, 0x44, 0x2d, 0x46, 0x43, 0x42, 0x32, 0x2d, 0x34,
0x46, 0x31, 0x34, 0x2d, 0x39, 0x30, 0x37, 0x44, 0x2d, 0x39, 0x36, 0x36, 0x36, 0x43, 0x43, 0x45,
0x31, 0x46, 0x30, 0x38, 0x38, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
0xa7, 0xba, 0x70, 0x4d, 0x99, 0x4b, 0x82, 0x1f, 0xb3, 0xcb, 0xb6, 0x03, 0xd5, 0x30, 0x08, 0xc5,
0xb3, 0x2d, 0x9c, 0xf9, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,
0x14, 0x13, 0x93, 0xc8, 0xcd, 0xf2, 0x23, 0x9a, 0x2d, 0xc6, 0x9b, 0x2a, 0xeb, 0x9a, 0xab, 0x99,
0x0b, 0x56, 0x04, 0x5e, 0x7c, 0x30, 0x5f, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x58, 0x30, 0x56,
0x30, 0x54, 0xa0, 0x52, 0xa0, 0x50, 0x86, 0x4e, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77,
0x77, 0x77, 0x2e, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x2e, 0x63, 0x6f, 0x6d,
0x2f, 0x70, 0x6b, 0x69, 0x6f, 0x70, 0x73, 0x2f, 0x63, 0x72, 0x6c, 0x2f, 0x57, 0x69, 0x6e, 0x64,
0x6f, 0x77, 0x73, 0x25, 0x32, 0x30, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x25, 0x32, 0x30, 0x31, 0x39,
0x42, 0x39, 0x32, 0x39, 0x36, 0x35, 0x25, 0x32, 0x30, 0x43, 0x41, 0x25, 0x32, 0x30, 0x32, 0x30,
0x31, 0x38, 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x6c, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
0x01, 0x01, 0x04, 0x60, 0x30, 0x5e, 0x30, 0x5c, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
0x30, 0x02, 0x86, 0x50, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x6d,
0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6b, 0x69,
0x6f, 0x70, 0x73, 0x2f, 0x63, 0x65, 0x72, 0x74, 0x73, 0x2f, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77,
0x73, 0x25, 0x32, 0x30, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x25, 0x32, 0x30, 0x31, 0x39, 0x42, 0x39,
0x32, 0x39, 0x36, 0x35, 0x25, 0x32, 0x30, 0x43, 0x41, 0x25, 0x32, 0x30, 0x32, 0x30, 0x31, 0x38,
0x2e, 0x63, 0x72, 0x74, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02,
0x30, 0x00, 0x30, 0x15, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0e, 0x30, 0x0c, 0x06, 0x0a, 0x2b,
0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x4c, 0x2b, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, 0x29, 0x3d, 0x2c, 0xb3,
0x27, 0x5a, 0xa6, 0xbb, 0xe3, 0x19, 0x57, 0xec, 0x39, 0x55, 0x5d, 0x0a, 0x4e, 0xe4, 0xca, 0x0a,
0x4b, 0xda, 0xfd, 0x1e, 0xe5, 0x54, 0xf7, 0x40, 0x50, 0xcc, 0xa5, 0x44, 0x02, 0x20, 0x73, 0x85,
0xff, 0x05, 0xc9, 0x05, 0x91, 0x76, 0xe7, 0x5e, 0x48, 0xe6, 0x63, 0x52, 0xcb, 0xe1, 0x27, 0x7c,
0xbf, 0x6d, 0x3d, 0xc0, 0xa0, 0x21, 0x57, 0xf4, 0xb6, 0xa9, 0xaa, 0xbc, 0x3d, 0x25, 0x04[SensorAdapterConnectSecure] IntermediateCA1 :
0x82, 0x03, 0xfd, 0x30, 0x82, 0x03, 0x82, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x13, 0x33, 0x00,
0x00, 0x00, 0x07, 0xe8, 0x9d, 0x61, 0x62, 0x4d, 0x46, 0x0f, 0x95, 0x00, 0x00, 0x00, 0x00, 0x00,
0x07, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x81, 0x84,
0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30,
0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74,
0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65, 0x64,
0x6d, 0x6f, 0x6e, 0x64, 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x15, 0x4d,
0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61,
0x74, 0x69, 0x6f, 0x6e, 0x31, 0x2e, 0x30, 0x2c, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x25, 0x57,
0x69, 0x6e, 0x64, 0x6f, 0x77, 0x73, 0x20, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x53, 0x65, 0x63,
0x75, 0x72, 0x65, 0x20, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x73, 0x20, 0x50, 0x43, 0x41, 0x20,
0x32, 0x30, 0x31, 0x38, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x38, 0x30, 0x31, 0x33, 0x31, 0x31, 0x39,
0x35, 0x34, 0x35, 0x33, 0x5a, 0x17, 0x0d, 0x32, 0x38, 0x30, 0x31, 0x33, 0x31, 0x32, 0x30, 0x30,
0x34, 0x35, 0x33, 0x5a, 0x30, 0x7d, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x0a, 0x57, 0x61,
0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04,
0x07, 0x13, 0x07, 0x52, 0x65, 0x64, 0x6d, 0x6f, 0x6e, 0x64, 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03,
0x55, 0x04, 0x0a, 0x13, 0x15, 0x4d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x20, 0x43,
0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x31, 0x27, 0x30, 0x25, 0x06, 0x03,
0x55, 0x04, 0x03, 0x13, 0x1e, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x73, 0x20, 0x48, 0x65, 0x6c,
0x6c, 0x6f, 0x20, 0x31, 0x39, 0x42, 0x39, 0x32, 0x39, 0x36, 0x35, 0x20, 0x43, 0x41, 0x20, 0x32,
0x30, 0x31, 0x38, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xbe, 0x4b,
0x90, 0x6e, 0x24, 0xfc, 0xa1, 0x53, 0xc8, 0xa7, 0x3c, 0x70, 0xe8, 0x97, 0xcd, 0x1b, 0x31, 0xe4,
0x95, 0x91, 0x7a, 0x58, 0xa2, 0x86, 0xa8, 0x70, 0xf6, 0x09, 0x30, 0x77, 0x99, 0x3d, 0x10, 0xdf,
0xf7, 0x95, 0x0f, 0x68, 0x83, 0xe6, 0xa4, 0x11, 0x7c, 0xda, 0x82, 0xe7, 0x0b, 0x8b, 0xf2, 0x9d,
0x6b, 0x5b, 0xf5, 0x3e, 0x77, 0xb4, 0xc1, 0x0e, 0x49, 0x00, 0x83, 0xba, 0x94, 0xf8, 0xa3, 0x82,
0x01, 0xd7, 0x30, 0x82, 0x01, 0xd3, 0x30, 0x10, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82,
0x37, 0x15, 0x01, 0x04, 0x03, 0x02, 0x01, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04,
0x16, 0x04, 0x14, 0x13, 0x93, 0xc8, 0xcd, 0xf2, 0x23, 0x9a, 0x2d, 0xc6, 0x9b, 0x2a, 0xeb, 0x9a,
0xab, 0x99, 0x0b, 0x56, 0x04, 0x5e, 0x7c, 0x30, 0x65, 0x06, 0x03, 0x55, 0x1d, 0x20, 0x04, 0x5e,
0x30, 0x5c, 0x30, 0x06, 0x06, 0x04, 0x55, 0x1d, 0x20, 0x00, 0x30, 0x52, 0x06, 0x0c, 0x2b, 0x06,
0x01, 0x04, 0x01, 0x82, 0x37, 0x4c, 0x83, 0x7d, 0x01, 0x01, 0x30, 0x42, 0x30, 0x40, 0x06, 0x08,
0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, 0x16, 0x34, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
0x2f, 0x77, 0x77, 0x77, 0x2e, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x2e, 0x63,
0x6f, 0x6d, 0x2f, 0x70, 0x6b, 0x69, 0x6f, 0x70, 0x73, 0x2f, 0x44, 0x6f, 0x63, 0x73, 0x2f, 0x52,
0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f, 0x72, 0x79, 0x2e, 0x68, 0x74, 0x6d, 0x00, 0x30, 0x19,
0x06, 0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x04, 0x0c, 0x1e, 0x0a, 0x00,
0x53, 0x00, 0x75, 0x00, 0x62, 0x00, 0x43, 0x00, 0x41, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f,
0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18,
0x30, 0x16, 0x80, 0x14, 0xda, 0xca, 0x4b, 0xd0, 0x4c, 0x56, 0x03, 0x27, 0x5f, 0x97, 0xeb, 0x75,
0xa3, 0x02, 0xc3, 0xbf, 0x45, 0x9c, 0xf8, 0xb1, 0x30, 0x68, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04,
0x61, 0x30, 0x5f, 0x30, 0x5d, 0xa0, 0x5b, 0xa0, 0x59, 0x86, 0x57, 0x68, 0x74, 0x74, 0x70, 0x3a,
0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x2e,
0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6b, 0x69, 0x6f, 0x70, 0x73, 0x2f, 0x63, 0x72, 0x6c, 0x2f, 0x57,
0x69, 0x6e, 0x64, 0x6f, 0x77, 0x73, 0x25, 0x32, 0x30, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x25, 0x32,
0x30, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x25, 0x32, 0x30, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65,
0x73, 0x25, 0x32, 0x30, 0x50, 0x43, 0x41, 0x25, 0x32, 0x30, 0x32, 0x30, 0x31, 0x38, 0x2e, 0x63,
0x72, 0x6c, 0x30, 0x75, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x69,
0x30, 0x67, 0x30, 0x65, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x59,
0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x6d, 0x69, 0x63, 0x72, 0x6f,
0x73, 0x6f, 0x66, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6b, 0x69, 0x6f, 0x70, 0x73, 0x2f,
0x63, 0x65, 0x72, 0x74, 0x73, 0x2f, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x73, 0x25, 0x32, 0x30,
0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x25, 0x32, 0x30, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x25, 0x32,
0x30, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x73, 0x25, 0x32, 0x30, 0x50, 0x43, 0x41, 0x25, 0x32,
0x30, 0x32, 0x30, 0x31, 0x38, 0x2e, 0x63, 0x72, 0x74, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0x87, 0xb6, 0x82,
0xf3, 0xda, 0xbe, 0xb1, 0x7b, 0x98, 0x7d, 0x3d, 0x0a, 0x90, 0xa8, 0xf5, 0xbf, 0x15, 0xc3, 0xee,
0x8a, 0x4e, 0xc0, 0x7b, 0x10, 0x1d, 0xa9, 0xe3, 0x0b, 0xec, 0x2c, 0x53, 0x4e, 0xa7, 0xbd, 0xf1,
0x6c, 0xad, 0x18, 0x55, 0xba, 0x25, 0x73, 0x55, 0xb7, 0x5b, 0x12, 0x24, 0xf4, 0x02, 0x31, 0x00,
0xaf, 0x02, 0x9c, 0x4b, 0x92, 0xd0, 0x72, 0xa5, 0x80, 0xca, 0x69, 0x2b, 0x38, 0x50, 0x64, 0xd8,
0x58, 0x9e, 0xea, 0xd6, 0x35, 0xcf, 0x68, 0x98, 0x92, 0x81, 0x09, 0x61, 0xc2, 0xbd, 0xb1, 0x4c,
0x7f, 0xae, 0x55, 0x7b, 0xfc, 0x22, 0xdd, 0xd6, 0xb7, 0x7c, 0xb5, 0xa8, 0x18, 0x5d, 0x33[SensorAdapterConnectSecure] IntermediateCA2 :
0x04, 0x30, 0x82, 0x04, 0x56, 0x30, 0x82, 0x03, 0xdc, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x13,
0x33, 0x00, 0x00, 0x00, 0x03, 0x6c, 0xcf, 0xed, 0xe2, 0x44, 0x70, 0x19, 0xbf, 0x00, 0x00, 0x00,
0x00, 0x00, 0x03, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03, 0x30,
0x81, 0x94, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e,
0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52,
0x65, 0x64, 0x6d, 0x6f, 0x6e, 0x64, 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13,
0x15, 0x4d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f,
0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x31, 0x3e, 0x30, 0x3c, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
0x35, 0x4d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x20, 0x45, 0x43, 0x43, 0x20, 0x44,
0x65, 0x76, 0x69, 0x63, 0x65, 0x73, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74,
0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74,
0x79, 0x20, 0x32, 0x30, 0x31, 0x37, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x38, 0x30, 0x31, 0x32, 0x35,
0x31, 0x39, 0x34, 0x39, 0x33, 0x38, 0x5a, 0x17, 0x0d, 0x33, 0x33, 0x30, 0x31, 0x32, 0x35, 0x31,
0x39, 0x35, 0x39, 0x33, 0x38, 0x5a, 0x30, 0x81, 0x84, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13,
0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06,
0x03, 0x55, 0x04, 0x07, 0x13, 0x07, 0x52, 0x65, 0x64, 0x6d, 0x6f, 0x6e, 0x64, 0x31, 0x1e, 0x30,
0x1c, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x15, 0x4d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66,
0x74, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x31, 0x2e, 0x30,
0x2c, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x25, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x73, 0x20,
0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x44, 0x65, 0x76,
0x69, 0x63, 0x65, 0x73, 0x20, 0x50, 0x43, 0x41, 0x20, 0x32, 0x30, 0x31, 0x38, 0x30, 0x76, 0x30,
0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00,
0x22, 0x03, 0x62, 0x00, 0x04, 0x1d, 0xdd, 0x08, 0x02, 0x03, 0x25, 0x75, 0x20, 0xe2, 0x71, 0x8b,
0xad, 0x28, 0x09, 0x82, 0xe9, 0x06, 0xee, 0x83, 0xc5, 0x3a, 0x6c, 0x4b, 0x71, 0x92, 0x50, 0x4e,
0x20, 0xe9, 0x72, 0xb4, 0xfc, 0x53, 0x2a, 0xef, 0x5d, 0xcc, 0x9a, 0xb4, 0xcd, 0x76, 0xb8, 0x94,
0x97, 0x44, 0xb2, 0x71, 0x0e, 0xc9, 0xb1, 0x16, 0x03, 0xa1, 0x65, 0x2b, 0xb9, 0xe8, 0x5d, 0x5f,
0xf2, 0x30, 0x2e, 0xdd, 0xb1, 0x2b, 0x20, 0xfc, 0xbe, 0x00, 0x88, 0xea, 0x1f, 0xa7, 0x7f, 0x99,
0x84, 0x98, 0x7c, 0x71, 0x3e, 0x4d, 0x34, 0x83, 0x69, 0x9b, 0x08, 0xcb, 0x78, 0xb2, 0x4b, 0xbd,
0xd7, 0x3e, 0xbe, 0x67, 0xa0, 0xa3, 0x82, 0x01, 0xfc, 0x30, 0x82, 0x01, 0xf8, 0x30, 0x10, 0x06,
0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x15, 0x01, 0x04, 0x03, 0x02, 0x01, 0x00, 0x30,
0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xda, 0xca, 0x4b, 0xd0, 0x4c, 0x56,
0x03, 0x27, 0x5f, 0x97, 0xeb, 0x75, 0xa3, 0x02, 0xc3, 0xbf, 0x45, 0x9c, 0xf8, 0xb1, 0x30, 0x65,
0x06, 0x03, 0x55, 0x1d, 0x20, 0x04, 0x5e, 0x30, 0x5c, 0x30, 0x06, 0x06, 0x04, 0x55, 0x1d, 0x20,
0x00, 0x30, 0x52, 0x06, 0x0c, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x4c, 0x83, 0x7d, 0x01,
0x01, 0x30, 0x42, 0x30, 0x40, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, 0x16,
0x34, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x6d, 0x69, 0x63, 0x72,
0x6f, 0x73, 0x6f, 0x66, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6b, 0x69, 0x6f, 0x70, 0x73,
0x2f, 0x44, 0x6f, 0x63, 0x73, 0x2f, 0x52, 0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f, 0x72, 0x79,
0x2e, 0x68, 0x74, 0x6d, 0x00, 0x30, 0x19, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37,
0x14, 0x02, 0x04, 0x0c, 0x1e, 0x0a, 0x00, 0x53, 0x00, 0x75, 0x00, 0x62, 0x00, 0x43, 0x00, 0x41,
0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0f, 0x06,
0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1f,
0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x14, 0xda, 0x5b, 0xf1, 0x0e,
0x66, 0x47, 0xd1, 0x5d, 0x13, 0x5f, 0x5b, 0x7a, 0xeb, 0xeb, 0x5f, 0x01, 0x08, 0xb5, 0x49, 0x30,
0x7a, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x73, 0x30, 0x71, 0x30, 0x6f, 0xa0, 0x6d, 0xa0, 0x6b,
0x86, 0x69, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x6d, 0x69, 0x63,
0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x6b, 0x69, 0x6f, 0x70,
0x73, 0x2f, 0x63, 0x72, 0x6c, 0x2f, 0x4d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x25,
0x32, 0x30, 0x45, 0x43, 0x43, 0x25, 0x32, 0x30, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x73, 0x25,
0x32, 0x30, 0x52, 0x6f, 0x6f, 0x74, 0x25, 0x32, 0x30, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
0x63, 0x61, 0x74, 0x65, 0x25, 0x32, 0x30, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79,
0x25, 0x32, 0x30, 0x32, 0x30, 0x31, 0x37, 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x81, 0x87, 0x06, 0x08,
0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x7b, 0x30, 0x79, 0x30, 0x77, 0x06, 0x08,
0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x6b, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
0x2f, 0x77, 0x77, 0x77, 0x2e, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x2e, 0x63,
0x6f, 0x6d, 0x2f, 0x70, 0x6b, 0x69, 0x6f, 0x70, 0x73, 0x2f, 0x63, 0x65, 0x72, 0x74, 0x73, 0x2f,
0x4d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x25, 0x32, 0x30, 0x45, 0x43, 0x43, 0x25,
0x32, 0x30, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x73, 0x25, 0x32, 0x30, 0x52, 0x6f, 0x6f, 0x74,
0x25, 0x32, 0x30, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x25, 0x32,
0x30, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x25, 0x32, 0x30, 0x32, 0x30, 0x31,
0x37, 0x2e, 0x63, 0x72, 0x74, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03,
0x03, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x30, 0x56, 0x2a, 0xad, 0x72, 0x4c, 0xb9, 0x8c, 0xb3,
0x23, 0x80, 0xf5, 0x5f, 0xf8, 0x21, 0x94, 0x66, 0x0f, 0x76, 0x77, 0xe2, 0x7b, 0x03, 0xdd, 0x30,
0x5e, 0xcb, 0x90, 0xca, 0x78, 0xe6, 0x0b, 0x2d, 0x12, 0xe5, 0xf7, 0x67, 0x31, 0x58, 0x71, 0xe6,
0xf3, 0x64, 0xc1, 0x04, 0xb3, 0x8b, 0xe9, 0xe2, 0x02, 0x31, 0x00, 0xb9, 0x20, 0x61, 0xb9, 0xd0,
0x5e, 0x3a, 0xa4, 0xa2, 0x8a, 0xfe, 0x1d, 0xfc, 0x27, 0x61, 0x0b, 0x98, 0x16, 0x8c, 0x02, 0x9c,
0x20, 0x7f, 0xee, 0xf3, 0xcb, 0x1f, 0x0a, 0x37, 0x62, 0xb1, 0x8e, 0xce, 0xd9, 0x9a, 0x9e, 0xac,
0xe6, 0x1a, 0xd4, 0xb8, 0xf1, 0xa8, 0x2b, 0xb1, 0xb4, 0x40[SensorAdapterConnectSecure] Device Random :
0xe2, 0x6b, 0x3c, 0x3f, 0x14, 0xce, 0x0d, 0x0b, 0x65, 0xbe, 0x61, 0x8d, 0xfe, 0x28, 0x6f, 0x2c,
0x3c, 0x24, 0xe5, 0x10, 0x43, 0xfe, 0x54, 0xf0, 0x4d, 0xf5, 0x50, 0x75, 0x69, 0xf1, 0xdb, 0x70[SensorAdapterConnectSecure] Device Public Key :
0xba, 0x1c, 0x22, 0x87, 0xd6, 0x1c, 0xde, 0x55, 0x1c, 0x76, 0xc3, 0xd4, 0x36, 0xd3, 0xf2, 0xfb,
0x9d, 0x66, 0x5d, 0x87, 0x57, 0xee, 0xde, 0x90, 0x94, 0x0c, 0x9e, 0xb2, 0x1b, 0x73, 0xbb, 0x56,
0xc0, 0x91, 0x35, 0xa2, 0xd8, 0xd7, 0x2c, 0xdc, 0xda, 0x1a, 0xf4, 0x55, 0x78, 0x58, 0x4b, 0x13,
0x54, 0x38, 0xe3, 0xbd, 0x18, 0xeb, 0x12, 0xce, 0x9b, 0x81, 0x4f, 0x91, 0x55, 0x4a, 0xa8, 0x54,
0x04,
[SensorAdapterConnectSecure] Firmware Public Key :
0xf2, 0xf0, 0xb2, 0xf7, 0x32, 0x75, 0x56, 0x1b, 0x21, 0xc6, 0xe7, 0xe6, 0x3b, 0x0b, 0xa5, 0x88,
0xaf, 0x92, 0xf9, 0x04, 0x6f, 0x0d, 0x65, 0xdc, 0x76, 0xc4, 0x53, 0x82, 0x87, 0xa2, 0x97, 0x3f,
0x55, 0x60, 0x0c, 0x7f, 0x31, 0x89, 0xaa, 0x88, 0xf4, 0x8c, 0x67, 0xd9, 0xbf, 0xcc, 0x04, 0xd0,
0x3f, 0xc8, 0xba, 0x26, 0x19, 0xcf, 0x7a, 0xa2, 0xd7, 0xbc, 0x73, 0xd9, 0x84, 0x0f, 0x6c, 0x15,
0xc3[SensorAdapterConnectSecure] Firmware Hash :
0xbf, 0x47, 0xea, 0x1f, 0x4a, 0x4a, 0x60, 0x54, 0x70, 0x31, 0x3c, 0xac, 0xb3, 0xa4, 0x4f, 0x4a,
0x46, 0x1f, 0x68, 0xc6, 0xfa, 0xea, 0xb0, 0x7e, 0x73, 0x76, 0x10, 0xcb, 0x5a, 0xc8, 0x35, 0xce[SensorAdapterConnectSecure] Model Signature :
0x46, 0x5d, 0x53, 0xff, 0xd5, 0xe9, 0x2a, 0x2b, 0xd8, 0x15, 0x99, 0xd6, 0xbb, 0x0e, 0x24, 0x9b,
0x7e, 0xf7, 0xa1, 0x22, 0xa8, 0xe2, 0x98, 0x17, 0x33, 0xbd, 0x68, 0x6b, 0xa9, 0x0d, 0x7c, 0xf9,
0x5f, 0x7c, 0x6b, 0x7f, 0x0a, 0x7c, 0xdc, 0x1d, 0xf7, 0xf9, 0x91, 0xc7, 0x0e, 0x68, 0xb9, 0x80,
0x23, 0xf7, 0xd7, 0x0a, 0x57, 0x32, 0x96, 0x55, 0x54, 0xae, 0x7d, 0xde, 0x6e, 0xf1, 0xbb, 0x51[SensorAdapterConnectSecure] Device Signature :
0xda, 0x57, 0x52, 0x0d, 0xdc, 0xb2, 0x4c, 0xe4, 0x07, 0x08, 0xae, 0x7a, 0x2a, 0x40, 0x36, 0x6f,
0xc4, 0xab, 0xe9, 0xb2, 0x4c, 0xaa, 0x30, 0xec, 0xd2, 0xb4, 0x1b, 0xe7, 0x91, 0x9e, 0x49, 0xaa,
0x3f, 0xcb, 0xdf, 0x70, 0xf1, 0xa7, 0x3b, 0x27, 0x0e, 0xd4, 0x49, 0x1a, 0xf0, 0x09, 0x95, 0xac,
0xf9, 0x58, 0xe4, 0x43, 0xad, 0x95, 0xc9, 0xc8, 0x47, 0x13, 0xf3, 0xf2, 0x13, 0xc8, 0xa1, 0x30
[SensorAdapterConnectSecure] ///////////////////////////////////
[SensorAdapterConnectSecure] <--
DLL_THREAD_DETACH
but, when I replace the SensorAdapter of the built-in fingerprint sensor driver to our developing SensorAdapter, it works without problems.
[SensorAdapterConnectSecure] -->
[SensorAdapterConnectSecure] WINBIO_SECURE_CONNECTION PARAMS Size : 105[SensorAdapterConnectSecure] Host's Random Key :
0x0e, 0xfb, 0x56, 0x09, 0xaa, 0x98, 0x77, 0x71, 0x93, 0xe7, 0x4e, 0x94, 0x20, 0x72, 0xd1, 0xde,
0x61, 0x88, 0xb1, 0x98, 0xbf, 0x09, 0x30, 0x9c, 0x54, 0x69, 0x40, 0xb0, 0x9e, 0x73, 0xba, 0x24[SensorAdapterConnectSecure] Host's Public Key :
0x04, 0x42, 0xde, 0xcb, 0x17, 0xe9, 0xf5, 0x1f, 0x44, 0xf2, 0x65, 0xea, 0x6b, 0xf1, 0xee, 0xc5,
0x16, 0xd5, 0x4e, 0xdf, 0x65, 0x4e, 0x9f, 0x87, 0xcc, 0x3a, 0xbf, 0x1a, 0x2d, 0xed, 0x84, 0xc3,
0x2d, 0x32, 0x7b, 0x78, 0x32, 0x63, 0x26, 0xf1, 0x98, 0x14, 0x5c, 0xd4, 0x2c, 0x8c, 0x32, 0x18,
0xda, 0x81, 0xd7, 0x15, 0x69, 0x55, 0xf9, 0xe1, 0xff, 0x01, 0x6a, 0x5c, 0x8c, 0x27, 0x9c, 0x26,
0x4cDeviceIoControl IOCTL_BIOMETRIC_CONNECT_SECURE result : 0, bytesReturned : 0
GetOverlappedResult result : 1, bytesReturned : 3358
[SensorAdapterConnectSecure] ///////////////////////////////////
[SensorAdapterConnectSecure] Size : 3358
[SensorAdapterConnectSecure] Version : 1
[SensorAdapterConnectSecure] Flags : 0
[SensorAdapterConnectSecure] CERT_M_SIZE : 847
[SensorAdapterConnectSecure] CERT_CA1 : 1023
[SensorAdapterConnectSecure] CERT_CA2 : 1114
//...(omit)...
[SensorAdapterConnectSecure] ///////////////////////////////////
[SensorAdapterConnectSecure] <--
from securedeviceconnectionprotocol.
The certs from the logging don't match the test certs from the wiki exactly. Which certs do the sizes in these logs refer to? The first set of sizes is correct, but the second set matches the incorrect certs.
Model Cert:
- Extra 0x04 at the end
- Size should be 846 bytes, one in the logs is 847 bytes.
CA1 Cert:
- Missing first byte (should be 0x30)
- Missing last byte (should be 0x04, could have been appended to the model cert on accident?)
- Size should be 1025 bytes, one in the logs is only 1023 bytes
CA 2 Cert:
- Extra 0x04 at the beginning
- Missing last byte (Should be 0x9B)
- Size is correct on this one
from securedeviceconnectionprotocol.
Sorry, There seems to be a problem with the attached previous log.
but As you mentioned, I checked cert_m, Intermediate_CA1, and Intermediate_CA2 again, error state is the same.
(I attached correct log below.)
Also, the log cases I included last time are as follows.
Case 1. Our driver using Test Vector (SDCP_ConnectSecure_Log.txt)
cert_m : 846 / IntermediateCA1 : 1025 / IntermediateCA2 : 1114
Case 2. The built-in driver (commercial driver) for the notebook replaces and using our SensorAdapter,
so the model certificate and Intermediate CA1, CA2 are not of Test Vector.
cert_m : 847 / IntermediateCA1 : 1023 / IntermediateCA2 : 1114
from securedeviceconnectionprotocol.
Hello,
Here is Additional Information about Test Cases.
I tested under the following environments.
(In TestSigning Mode, it is possible to upload a modified driver without a valid driver signature. so our replaced SensorAdapter is currently installed with Synaptics' Driver.
Test Steps:
- Implement SensorAdapterConnectSecure Function on SensorAdapter
- Using IOCTL_BIOMETRIC_CONNECT_SECURE, WINBIO_SECURE_CONNECTION_DATA including FPR(eg. Synaptics)'s Model Certificate is received from the device driver
- Transfer WINBIO_SECURE_CONNECTION_DATA to BioTrustlet
In addition, even if Device Driver and IOCTL are not handled, it is possible to check if Secure Connection is properly established in Event Viewer by inserting only SDCP Test Code and Certificate in SensorAdapterConnectSecure function of SensorAdapter.
Iād appreciate it if you could check what certificate is valid, again.
I look forward to hearing from you soon.
from securedeviceconnectionprotocol.
I still see a small discrepancy between the model cert in your logs, and the model cert in the wiki. I quickly ran a diff on the two, a couple bytes in the middle are different (wiki cert on the left, test cert from logs on the right):
The CA certs are accurate though. Can you confirm whether those bytes are changed in your code or cert file?
from securedeviceconnectionprotocol.
Hello
I 'm very grateful to you for all your help .
As a result of verifying the certificates and functions since the last answer,
it was found that the model certificate of our device is wrong.
After fixing the problem of our device, when we put the values of the test vector,
I also checked the result values that are the same as those in github's Test Values.
but, When I change the Test Vector to the actual value(h_r, h_pk, pk_f, sk_f) it still doesn't work.
And the error code displayed in Event Viewer has also been changed to 0x8007001f (ERROR_GEN_FAILURE).
0x8007001f
A device attached to the system is not functioning.
200902_Device_Log.txt
200902_Host_Log.txt
I attached host and device logs and Screenshot of Event Viewer.
Can you please tell us what kind of situation the error is occurring?
and In sdcpcli_hash_claim, it is supposed to put the actual certificate instead of g_model_pub_key.
I am wondering if I can put the certificate (846 bytes) directly or the public key extracted from the certificate.
Always Thank you for everything.
from securedeviceconnectionprotocol.
Glad to see we fixed the certificate issue. For sdcpcli_hash_claim, you should use the whole model cert instead of the public key. The ERROR_GEN_FAILURE isn't coming from the bio code, so I'd need to look at logs again to get a clue. Let's try using the model cert in sdcpcli_hash_claim to see if that resolves the error. If not, take feedback again and I can try to narrow down where the error is coming from.
from securedeviceconnectionprotocol.
Hello,
First of all, thank you for your answer.
I tested again from the origin.
As you said, when generating the claim hash, I put the certificate directly (846 bytes).
and I tested three methods like below,
- ran with github's test vector (came out same result)
- ran with our developing code (the mac and master secret of host and that of device is same, but the function didn't work on Windows by Error Code : 0x8007001F)
- ran with synaptics value (The mac values of which we calculated and of those the output from Synaptics FP Sensor were different)
It occured some discrepancy though I thought there wouldn't no problem with the function because the test vector were same.
Additional Information about testing Synaptics Driver.
- Create Host KeyPair (Public / Private)
- Transmit the fixed public key; of which created from KeyPair and fixed Host Random value to the Synaptics Driver (this original driver works fine on Windows)
- Check the value returned by Synaptics FPR.
m: (calculated)
39a132c8aed12288df28119bbbf3d95017739452b502cafe8cde8e96782a7c3e
m: (from Synaptics Driver)
908f2cf1fd4f57b317f13ad1d5f448e2a0ca2a55d43485a398ed455a7658a5d0
*Those were not same between the code of Github and the mac value from Synaptics Driver with using a fixed Host Public Key (and private Key) & Random value
The test code used on below and the log output from the Synaptics FP sensor are attatched like below.
(You can run test code of Synaptics' value with the attached zip file (test/synaptics))
Synaptics_log.txt
SecureDeviceConnectionProtocol.zip
Best Regards.
from securedeviceconnectionprotocol.
I think the problem is in the master key generation in the example code. We should be using the host public key, and firmware private key instead of the other way around.
ASSERT_EQUAL(0, sdcpcli_derive_master_secret(
host_key.pk, sizeof(host_key.pk),
firmware_key.sk, sizeof(firmware_key.sk),
host_random, sizeof(host_random),
device_random, sizeof(device_random),
device_master_secret, sizeof(device_master_secret)));
Let me see if I can dig up that private key, since I don't see it in the example code.
from securedeviceconnectionprotocol.
Hello,
Synaptics TestCode Example was not processed on the code of device but just on code of Host.
(The code that you explained was code of device.)
I generated Master secret with using <sk_h, pk_f> master secret as instructed on GitHub wiki.
Because the value from Device(Synaptics FP Sensor) is only s_m, s_d, cert_m, r_d, pk_f, pk_d, h_f, I cannot know the private key of firmware.
Besides for verifying the calculated value, the vaue was returned after sending Host Public Key and random value which is fixed for the purpose of test to Synaptics FP Sensor,
not from Host public key and Host random which is generated from Bio Trustlet of Windows.
and the value was not sent from Host Public Key.
Q1. When I excute s_m, s_d, cert_m, r_d, pk_f, pk_d, h_f calculated from Synaptics FP Sensor on GitHub's code,
the Mac value of Synaptics FP Sensor and that of GitHub code has differences.
So would you please to confirm how the MAC value is put out with the attached log value?
In this case, It seems this problem derived from an error or omission at the calculation of master secret or Claim Hash :H(c) on GitHub's code.
Q2. Why is the error code 0x8007001F come out though I implemented the driver of Github (cert_m of Test Vector)
(Also it comes out same error code 0x8007001F when the incorrect Certificate with Synaptics's driver was input. It needs to be suspicious that the cert_m has some fault.)
Q3. Additionally would you let me know how to get the Real Certificate (with Certificate's Private Key) applied on our FP sensor?
Thank you.
from securedeviceconnectionprotocol.
Would you have any idea about this matter?
Feel free feedback to me. Thank you!
from securedeviceconnectionprotocol.
Sorry to get back late, I've had a really busy week.
-
I compared the github code to our test code and can't find any issues with the github sample. How exactly are you getting the fixed values onto the sensor, and is there any way we can see the H(c) and master secret derived on the sensor?
-
There's a lot of places this could be coming from. The error code is ERROR_GEN_FAILURE (A device attached to the system is not functioning) If you take feedback again I can look at the logs to get a better clue, but it's coming from one of the libraries we're calling into.
-
Which certificate do you mean? Are you talking about a new model cert for your FP sensor, or just the github test cert with private key?
from securedeviceconnectionprotocol.
Hello,
Thank you for your response.
1. I compared the github code to our test code and can't find any issues with the github sample. How exactly are you getting the fixed values onto the sensor, and is there any way we can see the H(c) and master secret derived on the sensor?
As you know it is possible to operate a driver corrected with non-signed if the Windows Test Mode (bcdedit /set TESTSIGNING ON) is activated.
Also it is possible that we can know the values of a device through WINBIO_SECURE_CONNECTION_DATA structure when we send IOCTL_BIOMETRIC_CONNECT_SECURE through SensorAdapter corrected as this picture.
What we can recognize from those values is just the Device Random(r_d), Claim (cert_m, pk_d, pk_f, h_f, s_m, s_d), Mac,
but what we have to calculate by ourselves is for Master Secret and Claim Hash.
Thus what I am just guessing is whether the formula of calculating Claim Hash or generating Master Secret through the Key Agreement is wrong or not.(Please see green)
We cannot calculate the Key Agreement(Master Secret) because the Host Random and the Host Public is transferred from Bio Trustlet on the original Windows Biometrics routine.
2. There's a lot of places this could be coming from. The error code is ERROR_GEN_FAILURE (A device attached to the system is not functioning) If you take feedback again I can look at the logs to get a better clue, but it's coming from one of the libraries we're calling into.
I need your help about how to get an efficient way to the log.
3. Which certificate do you mean? Are you talking about a new model cert for your FP sensor, or just the github test cert with private key?
It just means about the certificate of our commercial FP Sensor.
Iād thought that I can get the Private Key and the certificate which is applicable for the device when we upload the test result through the Hardware Center after proceeding the WHQL test
from securedeviceconnectionprotocol.
Agreed, it's likely a discrepancy in one or more of those factors. I can run those values through our test code to see, but I probably won't be able to get to it for a bit.
For the logs, just take a recording through feedback hub again (use feedback hub to take a recording under "Security & Privacy/Windows Hello Fingerprint", and share the feedback ID, we can look at the traces)
I'll have to engage with my PMs for getting that cert. Are you on the Microsoft partner portal? If so, we can open a work item to track that.
from securedeviceconnectionprotocol.
Hello.
Agreed, it's likely a discrepancy in one or more of those factors. I can run those values through our test code to see, but I probably won't be able to get to it for a bit.
Thanks to your hospitality, I will look forward to waiting your reply.
For the logs, just take a recording through feedback hub again (use feedback hub to take a recording under "Security & Privacy/Windows Hello Fingerprint", and share the feedback ID, we can look at the traces)
Reuploaded once again through the feedback hub.
|I'll have to engage with my PMs for getting that cert. Are you on the Microsoft partner portal? If so, we can open a work item to track that.
Yes we are already registered on the Microsoft Partner Portal.
But would you teach me the meaning-open a work item-
In my understanding, what you said is just the way of asking "Collaborate" ā "Feedback"?
from securedeviceconnectionprotocol.
Sorry for the confusion. Yes, please open a feedback. If should give you an ID number we can find it by.
from securedeviceconnectionprotocol.
You're welcome.
Here is Feedback's ID on Collaborate. (ID : 380841).
from securedeviceconnectionprotocol.
Would you share any update?
from securedeviceconnectionprotocol.
We got the collaborate item and it's assigned to the correct people. As for testing, I haven't had a chance. Earliest I would be able to would be the week after next.
from securedeviceconnectionprotocol.
Related Issues (20)
- Missing of "0x00" in KDF, compared to NIST SP800-108(Revised, OCT 2009) HOT 1
- [Question] Expected output for IOCTL_BIOMETRIC_CONNECT_SECURE HOT 2
- [Question] Default sensor/storage adapters for secure device HOT 3
- [Question] removed
- [question] Clarification about `EngineAdapterIdentifyFeatureSetAuthenticated()` return values HOT 4
- Questions about SDCP HOT 9
- sdcp.sln HOT 1
- secure connect failure HOT 6
- The size of ECDH shared secret z may not must be 32 bytes long, netiher the EC private key size
- [Questio] HLK and device certification process for SecureBio
- [Question] Process of SensorAdapterConnectSecure with IOCTL_BIOMETRIC_CONNECT_SECURE
- I wonder dose one secure connect have a timeliness? HOT 6
- Creating Secure Bio Certificates from Test Vectors
- [Question] EngineAdapterIdntifyFeatureSetAuthenticated during start enrollment
- This repo is missing important files HOT 1
- Missing sdcp.sln file when finish all the compile steps on Windows HOT 3
- [question] Securing templates and Enroll()/Identify() implementation with match-on-host sensor HOT 3
- [Question] Host validate the certification HOT 8
- [Question] Reconnect processing at sample code HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
š Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ššš
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ā¤ļø Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from securedeviceconnectionprotocol.