Trezor - Could this be the model for a PGP crypto device?

[NIIBE Yutaka]

On 03/10/2015 09:18 PM, Jonathan Schleifer wrote:
> Does this really need to be part of the specification? For example,
> the Gnuk could just delay signing / decryption / authentication
> until the button has been pressed and return an error if it doesn't
> get pressed within a certain amount of time.

Good point.

Yes, it is possible to implement "ack" button in a way you describe.
But, technically, it's not good for the underlying layer to impose
this kind of "snatch".  It is better for Host PC to know the
interaction.

Besides, when possible, I don't want a feature to be implemented only
for Gnuk.   I don't want to differentiate, but to collaborate.

Well, I realized that my idea of yesterday was not good.  According to
ISO 7816-4, no command is allowed before GET RESPONSE.

So, we could consider something like this:

    Host PC                               OpenPGPcard

           command: PSO =>
                        <= response: 0x9F<LENGTH>

           command: VERIFY with 0x84  ==>
                        (or something different than 0x81, 0x82, or 0x83)
                        <= response: 0x9000 OK

           command: GET DATA on some pseudo Data Object  ==>
                        <= response: <DATA> of result of PSO

It seems for me that we can use 0x9F<LENGTH> to let host PC the length
of data.  (while 0x61<LENGTH> expects succeeding GET RESPONSE.)

This can be done with smartcard + cardreader with pinpad.
--