PIN-Entry

Markus Montkowski mmontkowski@gmx.de
Thu Oct 25 00:54:01 2001 

Werner Koch wrote:

> On Wed, 24 Oct 2001 15:44:03 +0200, Olaf Schlueter said:
>
> > I have the feeling (maybe wrong) that there is a misconception about the
> > "Secure PIN entry" feature some more advanced readers do provide (Markus
>
> I don't think so.  There was a misunderstanding by Markus related to
> the PIN Entry.  My original post was about the PIN Entry which is used
> to get the passphrase or PIN from the user.  Well, it will also be
> used to get the PIN for a passphrase if a reader with a keypad is not
> available.

Still some light misunderstanding I think. I mentioned that there
are 3 types of readers:
1. No PIN entry
2. PIN-Entry but No Display and
3. PIN-Entry with display.
1 and 3 are more or less easy to handle while 2 which is probably
the biggest number of "secure" Readers in the field where this type
of software is used. They require some Display on the screen.
Like I said the reader sends a * char and keeps the digit in it's
storage to combine it with the PIN APDU when the user presses Ok or
the digit count is reached.

Ok Now to the spec I read it and have some questions and/or suggestions
to enable the thing to work with existing reader HW.

Normal PIN Process:

SETDESC...OK
SETPROMT...OK
CONFIRM  (Blocks till the user presses enter/ESC? ) OK
GETPIN...OK

MessageBox Mode:

SETERROR...OK
CONFIRM (blocking?) OK

I assume the dialogs close after the CONFIRM?

Suggestions Add some commands which might not be needed for
the Passphrase stuff but would come handy for smartcards:

One to to set the PIN length and PIN Type(Numerical/Alphanum.)
and result in the Confirm call to return after the 4th digit was
pressed. As Reader PIN entries don't require pressing enter when
a fixed PIN length is required.
Example :Numerical 4 Digits
C: SETPINTYPE
S: INQUIRE DATA
C: D N,4
C: END
S: OK

----

Also we have to keep in mind that PIN-try commands do have a time variable
after which they timeout with an error.Defaults are 15 sec no key after call
and more than 5 sec between digits. For variable PIN length and at least
1 digit entered the reader shall display "Please Confirm Entry" and timeout
only after an other 5 sec. So that a type 2 Reader would work the same way
as a for a type 3 Reader. and Keep the dialog in sync with the command
send to the reader.

C: SETTIMEOUTS
S: INQUIRE DATA
C: D 15,5,5
C: END
S: OK

Or we would need some kind of End dialog command
C:ENDDIALOG
S:OK

Example PIN Process for Reader with PAD and no Display:

  SETDESC...OK
  SETPROMT...OK (Dialog is Visible)
  Send VerifyCommand to Reader
  ENDDIALOG,OK (PIN not needed as the reader as the value, or entry timed out)

----

For Type 3 Readers we might need to display a dialog just with Text and
no controls (Buttons).

C:SHOWMESSAGE
S: INQUIRE DATA
C: D Please enter the PIN at your reader
C: END
S: OK

C:ENDDIALOG
S:OK