Watch
The Watch component is an executable which will do actions either when smart card is inserted or removed.
Arguments
The following arguments are available:
-
-w
-
-match <criteria>
-
-wait "<insert>|<remove>"
-
-message "<insert>"|"<remove>"
-
-hide insert|remove
-
-sync
-
-logon
-
-term
-
-recognized
-
config | <insert command>
The argument order is important for historical reasons. Last in the argument list is either the static value config
or one single insert command. The value config
will activate the Watch Insert and Watch Remove configuration sections in configuration which allow several different commands.
Watch configurations are only read from global configuration, not from local configuration file, due to security reasons.
-w
Argument -w
is used to wait with the execution of the command until a smart card is loaded, meaning all certificates are read. This value only has meaning for insert commands.
-match
Argument -match
is used to select a specific certificate which should be used when generating an event. The match criteria consist of an issuer field and an optional key usage.
-match "2.5.4.3=Pointsharp CA v2|A0"
This argument is only available when used with <insert command> as last argument not with config .
|
-wait
Argument -wait
is used to specify the number of seconds to wait for a command to finish, may use separate values for insert and remove.
-wait
with values for insert
and remove
.-wait "60|30"
-message
Argument -message
is used to specify a message to be shown when command is executed, may use different messages for insert and remove.
-message
with values for insert
and remove
.-message "Card inserted"|"Card removed"
-hide
Argument -hide
is used to specify that the command should be executed hidden, may separate with different messages for insert and remove.
-hide
.-hide
-hide insert
-hide remove
-sync
Argument -sync
is used by remove event. When specified remove events will not be generated until after a smart card is inserted.
Commands
The configuration sections [Watch Insert] and [Watch Remove] will specify a list of commands executed when a smart card is inserted or removed.
The following commands are available for execution when a smart card is inserted or removed:
-
application <binary> <argument>
-
close <window name>
-
extern <library>,<argument>
-
kill <application>
-
load <library>,<argument>
-
open <file>
-
set –config <file>
-
set –registry <key>
All commands in the list may be prefixed with "parallel" to only start the execution, it will immediately continue with the next command and ignore the result. Not in parallel will require successful execution before it continues with the next command, on failure no more commands will be executed.
application
Command "application" is used to start any application <binary> with any argument <argument>.
$ application c:\windows\notepad.exe c:\iid.txt
Successful execution will always require the process to start, but may also depend on "-wait" argument if present.
close
Command "close" is used to close a Microsoft Windows application. Specify the <windows name> that should be closed.
$ close "iid - Notepad"
The execution will always be considered as successful.
extern
Command "extern" may be used for insert command to read user information from an external library. The smart card is not supported internally, but instead the reader name is sent with the specified command arguments. The library must export a function with the following syntax:
int CALLBACK ReadCommand( const char* pszReader, const char* pszCmd, char* pszData, unsigned long nData)
Return non-zero for success and the data buffer should return username and domain information, separated with ‘;’.
$ extern c:\iid.dll,-iclassid –config c:\iid.txt
After a successful command execution the set command below will be executed with the collected user information.
This execution will be considered as successful if the user information is collected successfully.
kill
Command "kill" is used to terminate or kill an application. Will search for a process with the specified binary and try to kill that process.
$ kill c:\windows\notepad.exe
This execution will always be considered as successful.
load
Command "load" will load a library and call the specified function. The function syntax must follow the parameter syntax used by rundll32.exe:
$ load c:\iid.dll,EntryAdmin -argument
This execution will be considered to be successful if the function is found in the specified library, but will have no requirements for the function to return value.
open
Command "open" may be used on Windows platform to open a file type defined in Registry.
$ open c:\temp\iid.txt
This execution will always be considered as successful.
set
Command "set" either specifies a configuration file or a Registry key which will be updated with user information found on the inserted smart card. Argument "-match" may be used to specify search criteria for the user information.
$ set –config c:\temp\iid.txt
$ set –registry HKLM\Software\SecMaker\Info
This execution will be considered to be successful if user information found.