RemoteTpmVirtualSmartCardManager class

  • Article

The RemoteTpmVirtualSmartCardManager class manages TPM virtual smart cards on remote computers. This COM server is only available to remote callers with local administrator credentials.

Remarks

Managing TPM virtual smart cards remotely requires that the client can provide an administrator credential on the target computer. To communicate with the remote TPM virtual smart card manager COM server, the client needs to correctly initialize the COM security layer.

The remote TPM virtual smart card manager COM server requires the COM authentication level to be RPC_C_AUTHN_LEVEL_PKT_PRIVACY to ensure the communications between the client and the server are encrypted and signed because sensitive data such as admin key and PIN are sent across the network.

The remote TPM virtual smart card manager COM server requires the COM impersonation level to be RPC_C_IMP_LEVEL_IMPERSONATE so that it can impersonate the client and manager TPM virtual smart cards on the target computer as an administrator. The client should only conduct remote TPM virtual smart card management on trusted computers. Only the impersonate level is required.

For security reasons, the client should never grant RPC_C_IMP_LEVEL_DELEGATE.

The client also needs to determine what authentication and authorization services can be used. Kerberos is recommended, while NTLM is also supported by DCOM. Optionally, if the client implements the status callback interface and wants to receive progress and error callback, the client needs to configure its local access permission to allow the server's machine account. And lastly, Windows Firewall needs to be configured properly to allow DCOM traffic.

Examples

The following example code uses CoInitializeSecurity to configure a process-wide COM security layer to activate a remote TPM virtual smart card server using its launching credential and receive callbacks. The example will only work in domain scenarios.

HRESULT hr = S_OK;

// pSecDesc is initialized with a SECURITY_DESCRIPTOR in absolute format representing SDDL O:BAG:BAD:(A;;CCDCLC;;;WD)
// Because the remote computer is trusted, giving EVERYONE access to the status callback object should be safe.
PSECURITY_DESCRIPTOR pSecDesc;

COSERVERINFO ServerInfo;
MULTI_QI Query;
ITpmVirtualSmartCardManager *pObj = NULL;

hr = CoInitializeSecurity(
    pSecDesc,
    -1, // Let COM choose which authentication services to register.
    NULL,
    NULL,
    RPC_C_AUTHN_LEVEL_PKT_PRIVACY,
    RPC_C_IMP_LEVEL_IMPERSONATE,
    NULL,
    EOAC_NONE,
    NULL);
if (FAILED(hr))
{
    // Report error and exit.
}

memset(&ServerInfo, 0, sizeof(COSERVERINFO));
ServerInfo.pwszName = L"Target machine name";

memset(&Query, 0, sizeof(MULTI_QI));
Query.pIID = &IID_ITpmVirtualSmartCardManager;

hr = CoCreateInstanceEx(
    CLSID_RemoteTpmVirtualSmartCardManager,
    NULL,
    CLSCTX_REMOTE_SERVER,
    &ServerInfo,
    1,
    &Query);
if (FAILED(hr))
{
    // Report error and exit.
}

if (FAILED(Query.hr))
{
    // Report error and exit.
}

pObj = (ITpmVirtualSmartCardManager*) Query.pItf;

Requirements

Minimum supported client

Windows 8 [desktop apps only]

Minimum supported server

Windows Server 2012 [desktop apps only]

Header

 Tpmvscmgr.h

IDL

 Tpmvscmgr.idl

Library

 Vscmgr.lib