Hi! > > I wrote a patch for libccid to support PACE. Due to a lack of > > standardization on the USB level there is only my ccid-emulator, which > > can be used with this feature. See > > http://sourceforge.net/projects/vsmartcard/ for the libccid patch and > > ccid-emulator. > > Thanks for the info and pointer. > PACE is now standardized/documented in an PC/SC document [1]. > > So I may include your patch (or a modified version) "soon". > > Thanks > > [1] http://www.pcscworkgroup.com/specifications/specdownload.php > Part 10. Amendment 1: IFDs with Secure Pin Entry Capabilities > > -- > Dr. Ludovic Rousseau > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel
Actually PACE is executed with SCardControl. The current implementation for control commands in OpenSC would not allow executing PACE, because reader-pcsc.c:237 always encodes an APDU. This is OK if you are only using PIN verification/modification (which require an encoded APDU). But it is impossible to use for PACE, because the input data is something very different than an APDU. I have already filed a bug on this topic and proposed a solution http://www.opensc-project.org/opensc/ticket/236... Are you interested in supporting PACE? This would allow changing the PIN of the German identity card (nPA) with certain PIN pad readers (CAT-S/CAT-K). I could also add support for doing PACE with readers that don't have a PIN pad, but for this I am first waiting for the final decisions regarding SM in OpenSC. Cheers, Frank.
pgpgQnHLX8vOb.pgp
Description: PGP signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
