I'm currently working on creating a Custom Windows Authentication System in Windows 11. I am using this GitHub project for starting reference. I've developed a DLL to implement a custom login layer on the Windows Login Tile. However, after entering a valid username and password in the tile fields, the system doesn't proceed to the next step—it loads for a while and then says "Incorrect username or password." Do you have any suggestions on how this issue can be resolved? Or can you help me find any other better way to create a Custom Windows Authentication flow (i.e. using custom fields, custom biometric devices, etc.)?
Code Snippet
public List<_CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR> CredentialProviderFieldDescriptorList = new List<_CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR> { \
new _CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR
{
cpft = _CREDENTIAL_PROVIDER_FIELD_TYPE.CPFT_SMALL_TEXT,
dwFieldID = 0,
pszLabel = "Welcome to Custom Windows Login",
},
new _CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR
{
cpft = _CREDENTIAL_PROVIDER_FIELD_TYPE.CPFT_SUBMIT_BUTTON,
dwFieldID = 1,
pszLabel = "Login",
},
new _CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR
{
cpft = _CREDENTIAL_PROVIDER_FIELD_TYPE.CPFT_EDIT_TEXT, // Username field
dwFieldID = FIELD_ID_USERNAME,
pszLabel = "Enter Username",
},
new _CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR
{
cpft = _CREDENTIAL_PROVIDER_FIELD_TYPE.CPFT_PASSWORD_TEXT, // Password field
dwFieldID = FIELD_ID_PASSWORD,
pszLabel = "Enter Password",
}
};
public int GetSerialization(out _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE pcpgsr,
out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs, out string ppszOptionalStatusText,
out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon)
{
Log.LogMethodCall();
// Hardcoded valid credentials
string validUsername = "Reve";
string validPassword = "3825568900";
try
{
// Validate the username and password against hardcoded values
if (username == validUsername && password == validPassword)
{
// If valid, proceed with the authentication process
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_RETURN_CREDENTIAL_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
var inCredSize = 0;
var inCredBuffer = Marshal.AllocCoTaskMem(0);
if (!PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
Marshal.FreeCoTaskMem(inCredBuffer);
inCredBuffer = Marshal.AllocCoTaskMem(inCredSize);
if (PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
ppszOptionalStatusText = "Login successful";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS;
pcpcs.clsidCredentialProvider = Guid.Parse(Constants.CredentialProviderUID);
pcpcs.rgbSerialization = inCredBuffer;
pcpcs.cbSerialization = (uint)inCredSize;
RetrieveNegotiateAuthPackage(out var authPackage);
pcpcs.ulAuthenticationPackage = authPackage;
return HResultValues.S_OK;
}
}
Marshal.FreeCoTaskMem(inCredBuffer);
ppszOptionalStatusText = "Failed to pack credentials";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR;
return HResultValues.E_FAIL;
}
else
{
// If invalid, return an error message
ppszOptionalStatusText = "Invalid username or password";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR;
// Indicate that the credential serialization failed
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
return HResultValues.E_FAIL;
}
}
catch (Exception ex)
{
// Handle any unexpected exceptions
ppszOptionalStatusText = $"An error occurred: {ex.Message}";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR;
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
return HResultValues.E_FAIL;
}
}
```**Error Message**
|An account failed to log on.
Subject:
Security ID: SYSTEM
Account Name: DESKTOP-476EOJ1$
Account Domain: WORKGROUP
Logon ID: 0x3E7
Logon Type: 2
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: -
Account Domain: -
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xC000006D
Sub Status: 0xC000006A
Process Information:
Caller Process ID: 0x860
Caller Process Name: C:\Windows\System32\svchost.exe
Network Information:
Workstation Name: -
Source Network Address: 127.0.0.1
Source Port: 0
Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon request fails. It is generated on the computer where access was attempted.|
| -------- |
|An account failed to log on. Subject: Security ID: SYSTEM Account Name: DESKTOP-476EOJ1$ Account Domain: WORKGROUP Logon ID: 0x3E7 Logon Type: 2 Account For Which Logon Failed: Security ID: NULL SID Account Name: - Account Domain: - Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xC000006D Sub Status: 0xC000006A Process Information: Caller Process ID: 0x860 Caller Process Name: C:\Windows\System32\svchost.exe Network Information: Workstation Name: - Source Network Address: 127.0.0.1 Source Port: 0 Detailed Authentication Information: Logon Process: User32 Authentication Package: Negotiate Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon request fails. It is generated on the computer where access was attempted.|