Hello, On Jun 7, 2011, at 16:19 , Douglas E. Engert wrote: > On 6/7/2011 3:03 AM, OpenSC wrote: >> #296: SC_ALGORITHM_ONBOARD_KEY_GEN vs SC_CARD_FLAG_ONBOARD_KEY_GEN >> >> SC_CARD_CAP_RNG is used only in two places. The same functionality could >> be achieved with auto-detection through calling sc_get_challenge. > > Questions: > Are there any cards that require the the PIN before a challenge can be > returned? That should be a separate problem from discovering the presence of the RNG, which is only used to expose a not-so-often used PKCS#11 flag, which anyway gets further checks if actually trying to fetch random from the device?
I don't know the answer though, I'm not aware of them though, even though challenge is also used for mutual authentication and thus *might* require some kind of CHV. > How much extra overhead does this require to actually get a challenge from > the card? I think it would be better to keep necessary interaction to the minimum. Best, Martin -- @MartinPaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
