opensc-explorer: allow entering the PIN interactively

In VERIFY, allow the user to enter the PIN unteractively if it was not given on the command line, and if the card reader does not support PIN input. If it was not given on the command line and the card reader supports PIN input, then the bahaviour is unchanged: enter PIN via card reader.
estieux-tehtri-security · Aug 11, 2012 · ea8a64d · ea8a64d
1 parent 322e3cf
commit ea8a64d
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 8 deletions.
diff --git a/doc/tools/opensc-explorer.1.xml b/doc/tools/opensc-explorer.1.xml
@@ -437,8 +437,11 @@
 				colon-separated list of hex values or a <literal>"</literal> enclosed string.
 				</para>
                                 <para>
-                                If <replaceable>key</replaceable> is omitted, the PIN will be verified
-				using the card reader's pin pad.
+                                If <replaceable>key</replaceable> is omitted, the exact action depends on the
+				card reader's features: if the card readers supports PIN input via a pin pad,
+				then the PIN will be verified using the card reader's pin pad.
+				If the card reader does not support PIN input, then the PIN will be asked
+				interactively.
                                 </para>
 				<para>
 				Examples:

diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c
@@ -922,13 +922,30 @@ static int do_verify(int argc, char **argv)
 	}
 
 	if (argc < 2) {
-		if (!(card->reader->capabilities & SC_READER_CAP_PIN_PAD)) {
-			printf("Card reader or driver doesn't support PIN PAD\n");
-			return -1;
+		if (card->reader->capabilities & SC_READER_CAP_PIN_PAD) {
+			printf("Please enter PIN on the reader's pin pad.\n");
+			data.pin1.prompt = "Please enter PIN";
+			data.flags |= SC_PIN_CMD_USE_PINPAD;
+		}
+		else {
+			char *pin = NULL;
+			size_t len = 0;
+
+			printf("Please enter PIN: ");
+			r = util_getpass(&pin, &len, stdin);
+			if (r < 0) {
+				printf("No PIN entered - aborting VERIFY.\n");
+				return -1;
+			}
+			if (strlcpy(buf, pin, sizeof(buf)) >= sizeof(buf)) {
+				free(pin);
+				printf("PIN too long - aborting VERIFY.\n");
+				return -1;
+			}
+			free(pin);
+			data.pin1.data = buf;
+			data.pin1.len = strlen(buf);
 		}
-		printf("Please enter PIN on the reader's pin pad.\n");
-		data.pin1.prompt = "Please enter PIN";
-		data.flags |= SC_PIN_CMD_USE_PINPAD;
 	} else {
 		r = parse_string_or_hexdata(argv[1], buf, &buflen);
 		if (0 != r) {