Il giorno 10/ago/08, alle ore 00:13, Ludovic Rousseau ha scritto: > Is it that simple than returning an error code (or something similar) > to Firefox so that Firefox asks the PIN to the user and issue a new > C_Login() with the PIN to the provider? > > Does OpenSC support that feature? > Does Firefox support that feature?
In theory, if the private key has the CKA_ALWAYS_AUTHENTICATE attribute set (PKCS#11 ยง10.9, towards the end), then one C_Login() call will suffice for just one use of the private keys, and subsequent uses will return CKR_USER_NOT_LOGGED_IN. I would guess that OpenSC does not support that right now, but it should be fairly easy to implement, and I would expect Firefox to support it. (Even if the developers did not support it explicitly, getting CKR_USER_NOT_LOGGED_IN as a result from a signature should be enough to make one want to login again!) Bye, -- Emanuele _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
