[opensc-devel] Pinpad
Hello, I have a Kobil card reader with pinpad. In principle the pinpad works with opensc, but the behaviour generally is a bit confusing. If you use it with pam (for instance su, kdm or gdm) the user is asked to type the PIN at the keyboard, this input is ignored and as soon as you type 'enter' the pinpad beeps and is ready for entering the PIN. It would be nicer to have no keyboard interaction at all. Just the pinpad is enough, so that the users are not tempted to type the PIN on the keyboard. Firefox 2 acts similar. If you use the Kobil pksc11 modules instead of opensc, the behaviour is as you wish (both on Linux and Windows). Firefox 3 starts in a promising way: As soon as you move to a web page requiring a user certificate, the pinpad beeps and you can enter the PIN. Unfortunately Firefox 3 crashes after the PIN is entered (both on Windows and Linux). Firefox 3 works if the pinpad is disabled. Who is to blame for this? The applications like pam or firefox? Or opensc? -- Grüße Johannes ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Pinpad
On Fri, Jun 27, 2008 at 9:10 AM, Johannes Becker <[EMAIL PROTECTED]> wrote: > Hello, Hello, > I have a Kobil card reader with pinpad. In principle the pinpad works with > opensc, but the behaviour generally is a bit confusing. > > If you use it with pam (for instance su, kdm or gdm) the user is asked to > type the PIN at the keyboard, this input is ignored and as soon as you > type 'enter' the pinpad beeps and is ready for entering the PIN. > It would be nicer to have no keyboard interaction at all. Just the pinpad is > enough, so that the users are not tempted to type the PIN on the keyboard. Which PAM are you using with OpenSC? > Firefox 2 acts similar. If you use the Kobil pksc11 modules instead of > opensc, the behaviour is as you wish (both on Linux and Windows). Do you use the same PAM module or does Kobil provides one? > Firefox 3 starts in a promising way: As soon as you move to a web page > requiring a user certificate, the pinpad beeps and you can enter the PIN. > Unfortunately Firefox 3 crashes after the PIN is entered (both on Windows > and Linux). > Firefox 3 works if the pinpad is disabled. Can you start firefox in debug mode to try to identify the source of the crash (firefox or opensc)? Just start firefox as (on Linux): $ firefox -g You should then be inside gdb (gdb) run wait for the crash (gdb) backtrace > Who is to blame for this? The applications like pam or firefox? > Or opensc? No idea yet. Bye -- Dr. Ludovic Rousseau ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Pinpad
Hi, as far as i remember, the PKCS#11 driver has to use CKF_PROTECTED_AUTHENTICATION_PATH to indicate to the application that it shall not prompt for the PIN itself. Seems that this is not the case for your reader. The question is how OpenSC decides on whether to use the flag, i am pretty sure it does with other readers. Do you know whether your KOBIL is accessed via PC/SC or CT-API ? Best regards, Franz> From: [EMAIL PROTECTED]> To: opensc-devel@lists.opensc-project.org> Date: Fri, 27 Jun 2008 09:10:03 +0200> Subject: [opensc-devel] Pinpad> > Hello,> > I have a Kobil card reader with pinpad. In principle the pinpad works with > opensc, but the behaviour generally is a bit confusing.> > If you use it with pam (for instance su, kdm or gdm) the user is asked to > type the PIN at the keyboard, this input is ignored and as soon as you > type 'enter' the pinpad beeps and is ready for entering the PIN.> It would be nicer to have no keyboard interaction at all. Just the pinpad is > enough, so that the users are not tempted to type the PIN on the keyboard.> > Firefox 2 acts similar. If you use the Kobil pksc11 modules instead of > opensc, the behaviour is as you wish (both on Linux and Windows).> > Firefox 3 starts in a promising way: As soon as you move to a web page> requiring a user certificate, the pinpad beeps and you can enter the PIN.> Unfortunately Firefox 3 crashes after the PIN is entered (both on Windows > and Linux).> Firefox 3 works if the pinpad is disabled.> > Who is to blame for this? The applications like pam or firefox?> Or opensc?> > -- > Grüße> Johannes> ___> opensc-devel mailing list> opensc-devel@lists.opensc-project.org> http://www.opensc-project.org/mailman/listinfo/opensc-devel _ Explore the seven wonders of the world http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
