The CKF_PROTECTED_AUTHENTICATION_PATH flag (as returned by C_GetTokenInfo) should be used to decide weather to request the PIN via terminal or let the reader fetch the pin from pinpad. https://bugzilla.mindrot.org/show_bug.cgi?id=2185 The patch is attached to the bug report.
Reasonably Related Threads
- [Bug 2185] New: Allow entering the PIN via reader pinpad
- [patch] Updated patch for pkcs#11 smartcard readers that have a protected PIN path
- Supporting smartcard readers with PIN entry keypads
- [patch] Supporting smartcard readers with PIN entry keypads (updated against -HEAD)
- [Bug 2240] New: Secure PIN entry for smartcards through the keypad on the reader (patch)
Wisdom of the Ancients
