I need an Authentication Package as described in [url removed, login to view](v=[url removed, login to view]).aspx and a Credential Provider for Windows 7 based on the samples included in the Windows SDK.
The new credential provider will prompt the user for his or her username and ask to type a key instead of a password. They key will be a 16 byte hexadecimal value. Based on that key, the authentication package will authenticate the user performing a cryptographic operation that consists of encrypting an array of zero with the entered key using the AES_128 algorithm using the CryptEncrypt function ([url removed, login to view](v=[url removed, login to view]).aspx)
To make it simple, both the Credential Provider and the Authentication Package will be based on the samples provided in the Windows SDK that you can modify to fit the requirements. The final application will be packaged in an installer that registers both the Credential Provider and the Authentication package in the machine where they are installed.
Also, the key will be stored as an attribute in Active Directory for the user, so when connected to a domain the authentication is performed against the domain controller with the key in the server, but this caches the key for the user in the local workstation and later the same user can use the same username and password to log on locally with the cached key. If the key is updated in Active Directory it will be updated in the local cache the next time the user connects to the domain.
The milestones I would like for the project are:
1. (10%) Initial setup, registers the credential provider and an initial authentication package that works locally. 32 and 64 bit versions.
2. (15%) Add using the key stored as an attribute in Active Directory with the client connected to the network.
3. (10%) Cache of the key in the workstation to work when not in the network and update in the next connection to the domain.
4. (30%) Credential provider and authentication package work over RDP in addition to interactive logon.
5. (15%) Project cleanup and single step build including Wix installer for both 32 and 64 bits installers.
6. (20%) Improved installer with options to install only the auth package or along with the Cred Provider as well as msi for automatic deployment from Active Directory.
Note that the project uses only Windows API functions including for cryptography, no external crypto libraries used. Also, the installer is based on the wix toolset available at [url removed, login to view]
For this version, the target server is Windows Server 2008 R2 with latests updates and the client is Windows 7 Enterprise with latest updates. Both available for evaluation from the Microsoft web site.