You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When changing the user pin using a displayless pinpad (Cherry KC 1000 SC), pcks15-tool is printing confusing instructions on the console. It says:
Enter old PIN [UserPIN]: entry deferred to the reader keypad
Old PIN value will be prompted with pinpad.
Enter new PIN [UserPIN]: entry deferred to the reader keypad
New PIN value will be prompted with pinpad.
and then afterwards activates the pinpad three times in a row.
Perhaps it's a limitation of the protocol, but even in such case the tool could provide more useful guidance before activating the pinpad.
Proposed Resolution
The interaction could look something like this (stolen from a run without -use-pinpad):
$ pkcs15-tool --verbose --change-pinUsing reader with a card: Cherry KC 1000 SC [KC 1000 SC] 00 00Connecting to card in reader Cherry KC 1000 SC [KC 1000 SC] 00 00...Using card driver SmartCard-HSM.Trying to find a PKCS#15 compatible card...Found secondary!Enter old PIN [UserPIN]: <pinpad activated, user enters pin and confirms>Enter new PIN [UserPIN]: <pinpad activated, user enters pin and confirms>Enter new PIN again [UserPIN]: <pinpad activated, user enters pin and confirms>PIN code changed successfully.filip@japko:~/git/github.com/filip-zyzniewski/OpenSC$
If the protocol does not provide feedback from the pinpad, then perhaps the message could be something like:
The reader keypad will be activated three times. Enter the old PIN once and the new PIN twice.
Steps to reproduce
filip@japko:~/git/github.com/filip-zyzniewski/OpenSC$ git rev-parse HEAD5e06acb3f2e95448248b75aaf2e033131e46510dfilip@japko:~/git/github.com/filip-zyzniewski/OpenSC$ git difffilip@japko:~/git/github.com/filip-zyzniewski/OpenSC$ src/tools/pkcs15-tool --verbose --use-pinpad --change-pinUsing reader with a card: Cherry KC 1000 SC [KC 1000 SC] 00 00Connecting to card in reader Cherry KC 1000 SC [KC 1000 SC] 00 00...Using card driver SmartCard-HSM.Trying to find a PKCS#15 compatible card...Found secondary!Enter old PIN [UserPIN]: entry deferred to the reader keypadOld PIN value will be prompted with pinpad.Enter new PIN [UserPIN]: entry deferred to the reader keypadNew PIN value will be prompted with pinpad.<pinpad activated, user enters pin and confirms><pinpad activated, user enters pin and confirms><pinpad activated, user enters pin and confirms>PIN code changed successfully.filip@japko:~/git/github.com/filip-zyzniewski/OpenSC$
Problem Description
When changing the user pin using a displayless pinpad (Cherry KC 1000 SC),
pcks15-toolis printing confusing instructions on the console. It says:and then afterwards activates the pinpad three times in a row.
Perhaps it's a limitation of the protocol, but even in such case the tool could provide more useful guidance before activating the pinpad.
Proposed Resolution
The interaction could look something like this (stolen from a run without
-use-pinpad):If the protocol does not provide feedback from the pinpad, then perhaps the message could be something like:
Steps to reproduce
Logs
with
OPENSC_DEBUG=3: https://gist.github.com/filip-zyzniewski/fb4324c484f7501de9e623251ec6e30bThe text was updated successfully, but these errors were encountered: