Hello, Le 26 avril 2012 09:18, helpcrypto helpcrypto <helpcry...@gmail.com> a écrit : >> I don't know about the readers or their internals, but OpenSC for sure >> does not support any kind of biometric authentication. > > PKCS#11 interface define both, ui callback (notify)
What is that? Can you be more specific? > and that login can > be made using pinpads/external devices. (C_Login can receive the pin, > or can show a dialog if pin==NULL). Yes. That is the flag CKF_PROTECTED_AUTHENTICATION_PATH in CK_TOKEN_INFO. > Biometric/other kind of pinpads can be used using external libraries > provided in config. This, of course, could mean a security risk 'cause > someone could proxyfy the libraries. > > Couldnt opensc provide a way to do this safely? > Could signed libraries solve this? What is the threat model? Who is the attacker and what can he do? Signing a library will not solve much if the attacker has root access or is the user itself. Regards -- Dr. Ludovic Rousseau _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
