PIN-Entry

Werner Koch wk@gnupg.org
Thu Oct 25 08:52:01 2001 

On Thu, 25 Oct 2001 00:51:52 +0100, Markus Montkowski said:

> 1 and 3 are more or less easy to handle while 2 which is probably
> the biggest number of "secure" Readers in the field where this type

Yeah really "secure", you can have the smartcard sign everything with
such a reader.  Those with a display are actually not better unless
you can's display the entire document.  Smartdcards do protect the
secret key pretty good against remote attacks.  But this is all.  No
protection against any malicous use by trojaned software (read
ActiveX).

> Ok Now to the spec I read it and have some questions and/or suggestions
> to enable the thing to work with existing reader HW.

Please recall that the PINEntry's main task is to get the passphrase
for a secret key stored on disk.  Using it for a reader w/o keypad is
just a kludge.

> I assume the dialogs close after the CONFIRM?

Yes.

> One to to set the PIN length and PIN Type(Numerical/Alphanum.)
> and result in the Confirm call to return after the 4th digit was

No. This is not the usual way a dialog on a PC works; well UI design
is not my domain of course.

> Also we have to keep in mind that PIN-try commands do have a time variable
> after which they timeout with an error.Defaults are 15 sec no key after call

A timeout for a dialog which grabs the keyboard is indeed very useful
(especially during testing).  However, it is sufficient do configure
this with a global option or fall back to a hardwired value.

> only after an other 5 sec. So that a type 2 Reader would work the same way
> as a for a type 3 Reader. and Keep the dialog in sync with the command

It is far easier to send a CANCEL when the reader comes back with a timeout.

> For Type 3 Readers we might need to display a dialog just with Text and
> no controls (Buttons).

> C:SHOWMESSAGE
> S: INQUIRE DATA
> C: D Please enter the PIN at your reader
> C: END
> S: OK

Good point, we probably want to add this later.

  Werner

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus