Menu
▾
▴
Re: [Opensc-devel] Recently submitted pull requests
|
From: Tim T. <tt...@mi...> - 2013-09-24 21:06:06
|
On 09/24/2013 04:04 PM, Douglas E. Engert wrote: > (You know that Windows 7 and above have a PIV driver from Micrsoft, > that works with login, IE, Outlook, and any application that can use > the certificate store, like Chrome.) Yes, that is true. However, the MS-provided smartcard stack does not support using an external pinpad to enter the token pin. Their middleware does not attempt to discover what features are supported by the reader connected to the system. Even if the vendor reader driver is installed, the MS Card Services treat the pinpad reader as a basic USB CCID reader and prompt the user to enter their PIN via the system keyboard. That's why I was looking at using OpenSC in the first place. Except the OpenSC minidriver (without my fix) sets the PIN Type to be AlphaNumeric instead of External. This causes the MS base card service module to prompt the user for their token PIN via a dialog box, instead of having them enter it on the pin pad. When the PIN Type is set to External, the minidriver has complete control over how the PIN is collected and verified. > > > I would rather see the piv_ops (*read_public_key) implemented in the card_piv.c > as this will only do it when needed. I will look into doing it this way. This was actually the path I started down, but I seem to recall running into difficulty, but can't remember exactly what went wrong. I'll try again. > > What type of pin pad reader are you using? We are using both an two different pin pad readers: the OmniKey 3821 and the Gemalto PC Pinpad (I think it's now called the IDBridge CT700). - Tim -- Tim Taylor tt...@mi... Office: 781-271-2099 Mobile: 617-893-0107 Principal Software Systems Engineer The MITRE Corporation 202 Burlington Road Bedford, MA 01730-1420 |
