Gemalto PC pinpad card reader
This card reader supports pinpad input, however, there is a limitation for use with OpenPGP card.
While OpenPGP card supports variable length pass phrase, this card reader is designed with the assumption of fixed length of PIN input. Because of that, when host asks the card reader for PIN input, host needs its length beforehand to inform the card reader.
(When a card reader supports variable length pass phrase, host doesn't need pin length information.)
We need to put the information of pin length somewhere. Our support, currently, is to put it on the card, since it is card specific information. Specifically, we use a data object of a OpenPGP card to store this information.
To use the pinpad for your OpenPGP card, you need to put information of your pass phrase length, it's like:
- Login data .......: gpguser\n\x14P=6,8\n
We use the data object of "Login data" in the format of:
<LOGIN_NAME>\n\x14P=<USER_PIN_LENGTH>,<ADMIN_PIN_LENGTH>\n
You can omit the part of ",<ADMIN_PIN_LENGTH>", in such a case, ADMIN_PIN_LENGTH equals to USER_PIN_LENGTH.
Note that this card reader has limitation of minimum length of pin input 4, and maxmum length of pin input 8. While OpenPGP card has constraints of minimum user pin >= 6 and minimum admin pin >= 8.
How to put to login data data object
Make a file, named login-data.txt, with a content like:
gpguser ^TP=6,8
Here, ^T is a single control character (0x14).
Then, invoke 'gpg --card-edit', and becoming admin, put the information by:
gpg/card> login <PATH_TO/login-data.txt
Yes, it's like redirect syntax.