Hi all, I've come across an issue with the way a "Change PIN" operation is processed in OpenSC, when using a pinpad reader and the Portuguese eID card. Basically, the problem is that one of the versions of the Portuguese eID card (IAS spec) only supports changing the PIN if a previously "Verify PIN" apdu was sent. So the driver, when receiving a "change pin" request, breaks it in two different APDUs: SC_PIN_CMD_VERIFY and, after that, SC_PIN_CMD_CHANGE.
Normally, this is what happens (old pin = 1234, new pin = 1234). APDU 00:20:00:01:08:31:32:33:34:2F:2F:2F:2F SW: 90 00 APDU 00:24:01:01:08:31:32:33:34:2F:2F:2F:2F SW: 90 00 This works perfectly when using a regular reader. When using a pinpad reader it works also, but a "minor annoyance" occurs: the reader asks for 4 PINs (instead of the regular 3) and I think this can cause confusion to the users. If I'm not mistaken, 1 PIN is asked for the SC_PIN_CMD_VERIFY apdu and the 3 other PINs are asked for the SC_PIN_CMD_CHANGE apdu. I've been trying to understand part10_modify_pin_block() in reader- pcsc.c, but I still don't know exactly what is needed to change its behavior to support correctly this card. Can anyone help? Thank you. João _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
