--- opensc-0.10.0/man/pkcs15-crypt.1.orig	2005-12-07 13:24:17.000000000 -0200
+++ opensc-0.10.0/man/pkcs15-crypt.1	2005-12-07 13:25:02.000000000 -0200
@@ -78,6 +78,8 @@
 When the cryptographic operation requires a PIN to access the key, \fBpkcs15\-crypt\fR will prompt the user for the PIN on the terminal\&. Using this option allows you to specify the PIN on the command line\&.
 
 Note that on most operating systems, the command line of a process can be displayed by any user using the ps(1) command\&. It is therefore a security risk to specify secret information such as PINs on the command line\&.
+.IP
+If you specify '-' as PIN, it will be read from STDIN.
 
 .TP
 \fB\-\-verbose, \-v\fR
--- opensc-0.10.0/src/tools/pkcs15-crypt.c.orig	2005-12-07 11:46:56.000000000 -0200
+++ opensc-0.10.0/src/tools/pkcs15-crypt.c	2005-12-07 12:02:51.000000000 -0200
@@ -78,7 +78,7 @@
 	"Input file is a SHA-1 hash",
 	"Input file is a MD5 hash",
 	"Use PKCS #1 v1.5 padding",
-	"Uses password (PIN) <arg>",
+	"Uses password (PIN) <arg> (use - for reading PIN from STDIN)",
 	"Wait for card insertion",
 	"Verbose operation. Use several times to enable debug output.",
 };
@@ -87,14 +87,34 @@
 sc_card_t *card = NULL;
 struct sc_pkcs15_card *p15card = NULL;
 
+char *readpin_stdin()
+{
+	char buf[128];
+	char *p;
+
+	p = fgets(buf, sizeof(buf), stdin);
+	if (p != NULL) {
+		p = strchr(buf, '\n');
+		if (p != NULL)
+			*p = '\0';
+		return strdup(buf);
+	}
+	return NULL;
+}
+
 static char * get_pin(struct sc_pkcs15_object *obj)
 {
 	char buf[80];
 	char *pincode;
 	struct sc_pkcs15_pin_info *pinfo = (struct sc_pkcs15_pin_info *) obj->data;
 	
-	if (opt_pincode != NULL)
-		return strdup(opt_pincode);
+	if (opt_pincode != NULL) {
+		if (opt_pincode[0] == '-')
+			return readpin_stdin();
+		else
+			return strdup(opt_pincode);
+	}
+	
 	sprintf(buf, "Enter PIN [%s]: ", obj->label);
 	while (1) {
 		pincode = getpass(buf);