IIUC, the readers are 'dumb' devices, so this is how opensc works actually: Opensc invoke select DF... Opensc shows a login and send it to card / request login to card which shows a login popup, and gets 9000 if ok Opensc request sign...
Having a pinpad/biometric could work like this: Opensc knows CKF_PROTECTED_AUTHENTICATION_PATH is set Opensc invoke select DF... Opensc request login to reader (passing login apdu ?), and gets 9000 if ok Opensc request sign... What i dont understand is how reader authenticate against card: fingerprint is translated to char* and sent to card? how the reader kow whats the login apdu for that card? (please, give me some doc about that...) There must be a flag at reader level which says "im a reader, and im able to biometric/pinpad verify". Is there any "feature_support_flag" to do that, like when using extended_apdus? > If you can edit a root file you can do anything much more evil. having root acces < having pin => using private key <offtopic>By the way: does any of you know how to use "encrypted memory" in applications? _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
