Hello Jean-Michel, > Do you have any information on the work involved to add some HID > protocol to OpenSC. Is HID protocol standard or would any solution be > proprietary?
Just trying to add my 2 cents: I am aware of tokens that expose a USB hub with more than one device connected to it. Specifically, one or more mass storage units and one or more HID devices. The mass storage units are seen by the system as standard units, while the HID device gives access to a card reader through a proprietary protocol. The advantage of this solution should be that, on many operating systems, you can access the card reader without elevated privileges and without having to install any drivers – just use the userland software provided on the storage unit. Of course, security-wise I tend to see that more as a disadvantage; the first thing that comes to my mind is a drive-by download that can sniff your card transactions and use your token without the need for any special privilege. What seems unlikely to me is mass storage encryption directly on the device: I would guess that you need expensive hardware (at least, expensive compared to ordinary smart cards) to perform decent encryption at reasonable bitrates for a mass storage device, but I'm not knowledgeable on this front and I certainly stand ready to be corrected! It would still be possible to add a HID reader module to OpenSC, but you would need an OS-specific lower layer and a reader-specific upper layer, and either get precise specs from the vendor or go through quite a bit of reverse engineering. Bye, -- Emanuele _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
