Supporting fixed length keypad input
Werner Koch
wk at gnupg.org
Tue Jan 8 15:50:48 CET 2013
On Tue, 8 Jan 2013 09:31, gniibe at fsij.org said:
> (1) Add a option to SCDaemon. Say, "opt.keypad_fixed_length" or
> something. This is to enable handling of fixed length keypad
> input for SCDaemon.
The problem here is that you may not know the length of the PIN. The
card may have been used before with a different reader. Depending on
the implementation of the reader the wrong PIN counter may soon go down
to zero. An explicit agreement from the user will be better.
Or wait: We could extend the login data flags
(app-openpgp.c:parse_login_data) to declare that the length of the pin
is 6/8. Only if that flag has been set the fixed length feature may be
used.
> (2) Add protocol between SCDaemon and GPG-Agent. SCDaemon inquires
> length of PIN to GPG-Agent, when needed.
gpg-agent should not know about such card or reader details.
> (3) Upon inquiry by SCDaemon for the length of PIN, GPG-Agent will
> answer if it has the information at hand. Or else, GPG-Agent will
> invoke pinentry to ask the length to the user, and reply back to
> SCDaemon.
It would be okay to use gpg-agent as a proxy to pop up a pinentry.
IIRC, we already do that in some cases.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list