Jaa


Smart Card Resource Manager Service

The Smart Card Resource Manager (SCRM) provides the basic infrastructure that all other smart card components.  It manages smart card readers on the system and application interactions.  It is fully PC/SC 1.0 compliant.

 

The smart card resource manager is implemented as a shared service living in an svchost process.  It runs in the context of Local Service.

 

The smart card resource manager service has the following service description:

  <serviceData name="SCardSvr"

displayName="@%SystemRoot%\System32\SCardSvr.dll,-1"

errorControl="normal" group="SmartCardGroup"

imagePath="%SystemRoot%\system32\svchost.exe /k

LocalService" start="demand" tag=""

type="win32ShareProcess" security=""

description="@%SystemRoot%\System32\SCardSvr.dll,-5

requiredPrivileges="SeCreateGlobalPrivilege,SeChangeNotifyPrivilege,SeImpersonatePrivilege"

dependOnGroup="" dependOnService="PlugPlay"

objectName="NT AUTHORITY\LocalService">

          <failureActions resetPeriod="900">

              <actions>

                 <action type="restartService" delay="120000"/>

                 <action type="restartService" delay="300000"/>

                 <action type="none" delay="0"/>

              </actions>

          </failureActions>

          <registryKeys>

             <registryKey keyName="HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCardSvr\Parameters">

                <registryValue name="ServiceDll" valueType="REG_EXPAND_SZ" value="%SystemRoot%\System32\SCardSvr.dll" buildFilter=""></registryValue>

                <registryValue name="ServiceMain" valueType="REG_SZ" value="CalaisMain" buildFilter=""></registryValue>

                <registryValue name="ServiceDllUnloadOnStop" valueType="REG_DWORD" value="1" buildFilter=""></registryValue>

             </registryKey>

          <securityDescriptor name="ServiceXKeySecurity"/>

          </registryKeys>

          <securityDescriptor name="ServiceXSecurity" buildFilter=""/>

    </serviceData>

By default, the service is set into manual mode.  It is the responsibility of any smart card driver author to set the service state of Automatic and call a predefined entry point in winscard.dll that will start the service.  This ensures that the service is enabled when needed but is also disabled for the vast majority of users that don’t use smart cards.

When the service is started it performs several book keeping functions.  The first function it performs is registers itself for service notifications.  In addition, it registers itself for PnP notifications for device removal and additions.  It also initializes its data cache and a global event that signals that the service is started.

 

All communications with smart card readers on Windows should take place through the SCRM.  It provides a rich interface to track, select, and communicate with all drivers that declare themselves as a member of the smart card reader device group. The SCRM views each smart card reader slot as a unique reader and each slot is managed separately regardless of the actual physical characteristics of the device.  The SCRM handles the following high level actions:

  • Device introduction
  • Reader initialization
  • Notify clients of new readers
  • Serializing access to readers
  • Card Access
  • Tunneling of reader specific commands

Comments

  • Anonymous
    March 19, 2007
    Great post :) looking forward to seeing more information on the SCRM !

  • Anonymous
    March 26, 2008
    My smart card resource manger will not start.  I get an error 1068.  Help please.

  • Anonymous
    April 24, 2008
    How can I use my Smart Card Resource Manager under a Web Service ? Thanks

  • Anonymous
    December 17, 2009
    Is there an equivalent of SNAPI (present on Windows Mobile) for Windows desktops? And if it is there, is there something from that we can use to monitor smart card insertion and removal? I am using the ActivIdentity's smart card.