Wednesday, December 18, 2013

Parsing an ATR: now more web 2.0 friendly

I made some style evolution of the online ATR parser at https://smartcard-atr.appspot.com/.

You can have a look at the previous articles on the same subject: Parsing an ATR and Parsing an ATR: now in color.

The main page now looks like:


I am not a web designer. So I used already defined style from Bootstrap.
The website follows the responsive design. The pages are now adapted to any screen size: desktop or smartphone.

If you have ideas to improve the design or add new features just contact me.

Monday, November 25, 2013

New version of libccid: 1.4.14

I just released a version 1.4.14 of libccid the free software CCID class smart card reader driver.

Changes:
1.4.14 - 25 November 2013, Ludovic Rousseau
  • Add support of
    • Gemalto GemCore SIM Pro firmware 2.0 (using USB)
  • report FEATURE_IFD_PIN_PROPERTIES only for pinpad readers
  • Generalize the management of (old) readers with bDeviceClass = 0xFF
  • some minor bugs removed

Friday, November 1, 2013

Linux NFC driver conflicts with CCID driver for ACS ACR122U

Linux NFC subsystem

Since 2011 the Linux kernel provides a NFC subsystem for some NFC devices. The same device can be used by the Linux NFC subsystem and also my CCID driver. We then have a conflict!

The kernel driver will use the device before the CCID driver has a chance to use it. Loading the CCID driver in pcsc-lite will then fail with an error message: "Can't claim interface"

Devices supported by linux NFC drivers

According to drivers/nfc/pn533.c

NameidVendoridProduct
PN5330x4CC0x2533
SCM SCL37110x4E60x5591
SONY PASORI0x054c0x02e1
ACS ACR122U0x072f0x2200

The ACS ACR122U reader is also in the (unsupported) list of readers for my CCID driver.

So if you have such a reader and a "recent" Linux kernel (version 3.5 or more) you may not be able to use the CCID driver with this device.

Work around

So the CCID driver can use the ACS ACR122U you need to first unload the pn533 kernel driver.

[update April 14th 2017]

To remove the pn533 kernel module use:
$ sudo rmmod pn533

Tuesday, October 29, 2013

OS X Mavericks and smart cards status

The new version of OS X 10.9 called Mavericks is now available since 22th October 2013. The operating system is now called OS X and not Mac OS X.



As I did with the previous major versions of Mac OS X Mountain Lion (and Lion) I will list changes in Maveriks regarding the smart card world.

pcsc-lite

Same version as in Mountain Lion. But seen bellow.

CCID driver

Same as in Mountain Lion.
CCID driver version 1.3.11.

$ grep -A 1 CFBundleShortVersionString /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist 
  <key>CFBundleShortVersionString</key>
  <string>1.3.11</string>

The binary is now 64-bits only in Mavericks when it was 32-bits only in Mountain Lion and previous versions.

$ file /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/MacOS/libccid.dylib
/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/MacOS/libccid.dylib: Mach-O 64-bit dynamically linked shared library x86_64

Source code

The source code is provided by Apple from the web site OS X 10.9 Source. The two components are available in:
The source code is not yet available in the subversion repository of the SmartCard Services project.

The source code for the smart card components in Mac OS X 10.8 is available at Mac OS X 10.8 Source. It is then easy to compare the two versions.

Changes


pcsc-lite


$ diff -ru SmartCardServices-55105 SmartCardServices-55111 | diffstat 
 Info-PCSC.plist                             |    2 
 SmartCardServices.xcodeproj/project.pbxproj |    7 -
 src/PCSC/PCSCDevice.h                       |    2 
 src/PCSC/PCSCDriverBundle.h                 |    2 
 src/PCSC/hotplug_macosx.cpp                 |    2 
 src/PCSC/pcscd_reader.h                     |    2 
 src/PCSC/pcscdaemon.c                       |   54 -----------
 src/PCSC/pcscdmonitor.h                     |    2 
 src/PCSC/pcscdserver.h                      |    2 
 src/PCSC/readerfactory.c                    |  127 ----------------------------
 src/PCSC/readerstate.h                      |    2 
 src/PCSC/sys_macosx.cpp                     |    2 
 12 files changed, 14 insertions(+), 192 deletions(-)

The respawn feature has been removed from pcscd. This feature has been added in Lion and allows a 64-bits pcscd to restart in 32-bits if it find a 32-bits only driver. See Mac OS X Lion and smart cards status for some more details.

I also note that the support of Rosetta is still present. This has been added during Tiger (10.4 released in 2006) to support the migration from PowerPC and Intel processors. The idea is to be able to use a PowerPC (big endian) PC/SC client talking to an Intel (little endian) pcscd server. Some functions inside pcsc-lite are used to do the needed conversions like SHSharedSegmentMsgToNetworkOrder() and SHSharedSegmentMsgToHostOrder() in src/PCSC/winscard_msg.cpp.

libccid


$ diff -ru SmartcardCCID-55000 SmartcardCCID-55005 | diffstat 
diff: SmartcardCCID-55000/libusb/libusb/compile: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/config.guess: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/config.sub: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/depcomp: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/install-sh: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/ltmain.sh: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/missing: No such file or directory
 Makefile                       |    2 
 files/automake_copy.patch      |only
 files/darwin_no_seize.patch    |only
 libusb/Makefile.in             |  372 -
 libusb/aclocal.m4              | 1404 +++-
 libusb/autogen.sh              |    4 
 libusb/autom4te.cache/output.0 |11877 +++++++++++++++++++----------------------
 libusb/autom4te.cache/output.1 |11877 +++++++++++++++++++----------------------
 libusb/autom4te.cache/requests |   80 
 libusb/autom4te.cache/traces.0 |  754 +-
 libusb/autom4te.cache/traces.1 |  155 
 libusb/config.h.in             |   20 
 libusb/configure               |11767 +++++++++++++++++++---------------------
 libusb/darwin.c                |    6 
 libusb/doc/Makefile.in         |   51 
 libusb/tests/Makefile.in       |  168 
 16 files changed, 18722 insertions(+), 19815 deletions(-)

Only some files needed to rebuild the binary have been updated. libusb version is still libusb-0.1.13b and libccid is still ccid-1.3.11.

Impacts of the changes


Since the respawn feature has been removed from pcscd a 32-bits (Intel) only driver will not be usable on Mavericks. You have to provide a 64-bits (or Universal Binary with 32-bits and 64-bits) so it can be used on Mavericks.


Conclusion

Apple has not really updated the smart card components in Mavericks, or Mountain Lion or Lion. No bug or limitation has been fixed. And no new bug have been introduced.
Only 64-bits smart card drivers are usable on Mavericks.

The CCID driver provided (version 1.3.11) has been released on July 2009, 4 years ago. Since this version 146 readers have been added (112% more). Yes, more readers have been added since 1.3.11 than readers supported in version 1.3.11.

Sunday, October 20, 2013

New version of pcsc-lite: 1.8.10

I just released a new version of pcsc-lite 1.8.10.

This version is a bug fix for the version 1.8.9 I released 3 days ago.

When making the Debian package for pcsc-lite the lintian tool reported that a new symbol log_msg was exported by the client library libpcsclite.so.1. This symbol is NOT part of the WinSCard API and should not be exported. It was a bug and needed to be fixed soon to avoid problems in PC/SC applications (like symbol conflict).

Changes:
pcsc-lite-1.8.10: Ludovic Rousseau
19 October 2013
  • do not export the internal log_msg symbol from libpcsclite.so.1

Wednesday, October 16, 2013

New version of pcsc-lite: 1.8.9

I just released a new version of pcsc-lite 1.8.9.

Changes:
pcsc-lite-1.8.9: Ludovic Rousseau
16 October 2013
  • SCardEndTransaction(): Return an error if is called with no corresponding SCardBeginTransaction()
  • SCardGetAttrib(): Add support of SCARD_ATTR_DEVICE_SYSTEM_NAME
  • SCardGetAttrib(): Fix bug in SCARD_ATTR_DEVICE_FRIENDLY_NAME
  • SCardBeginTransaction() was not correctly releasing a mutex when the hCard handle was invalidated
    The problem was that SCardGetStatusChange() was blocked because SCardBeginTransaction() had not released the context mutex.
  • PCSC/reader.h: Use C99 flexible array member
    The structures PIN_MODIFY_STRUCTURE and PIN_VERIFY_STRUCTURE now use a C99 flexible array member when available for abData field.
    uint8_t abData[];
  • Add support of --reader-name-no-serial and --reader-name-no-interface
    It is now possible to NOT add the USB serial number of the reader using --reader-name-no-serial
    It is now possible to NOT add the CCID interface name of the reader using --reader-name-no-interface
  • Add support of serialconfdir pkg-config variable
    It is now possible to use pkg-config to get the directory used by pcscd to fetch serial drivers configurations.
    $ pkg-config libpcsclite --variable=serialconfdir
    /etc/reader.conf.d
  • pcsc-spy: Try to display the thread in the order they appear in the log
  • pcsc-spy: Add SCARD_ATTR_DEVICE_SYSTEM_NAME
  • Check the Info.plist file is (a minimum) correct
  • Update PROTOCOL_VERSION_MINOR from 2 to 3
    We broke the API between version 1.8.3 and 1.8.4 by changing the value of MAX_READERNAME. This change should have been made before releasing version 1.8.4 to make mix of versions clearly non working instead of failing with strange errors.
  • hotplug_libudev.c: Fix a memory leak in case of error
  • Fix OpenBSD 5.2 compilation regarding dlopen
  • correctly manage thread safe multi-slot readers
  • Do not use pthread_atfork() any more (fix problem on FreeBSD)
  • fix memory leaks.
    This was not really a problem unless you embedd pcscd in another process and do init/deinit pcscd without exiting the process (as maybe used on Android or iOS).
  • pcscd.8 manpage: add documentation for --max-thread, --max-card-handle-per-thread, --max-card-handle-per-reader, --force-reader-polling, --error, --critical and --color
  • Some other minor improvements and bug corrections

Wednesday, October 9, 2013

New version of libccid: 1.4.13

I just released a version 1.4.13 of libccid the free software CCID class smart card reader driver.

Changes:
1.4.13 - 9 October 2013, Ludovic Rousseau
  • Add support of
    • Access IS ePassport Reader
    • Planeta RC700-NFC CCID
  • Add support of Windows value for CM_IOCTL_GET_FEATURE_REQUEST
    Windows uses 0x313520 for SCARD_CTL_CODE(3400) pcsc-lite uses 0x42000D48 for SCARD_CTL_CODE(3400)
    RDP aplications (like rdesktop) will convert SCardControl() commands from a Windows application (so using 0x313520) to pcsc-lite.
  • fix multi-slot support for card movement notification (introduced in 1.4.12)
  • Mac OS X: differentiate each libccid library by the dynamic linker using --prefix=/fake/$BUNDLE_ID
  • some minor bugs removed

Sunday, September 8, 2013

CCID descriptor statistics: bMaxSlotIndex

Article from the serie "CCID descriptor statistics"

The bMaxSlotIndex field is a number value from the CCID USB descriptor: highest available slot on this device. All slots are consecutive starting at 00h. i.e. 0Fh = 16 slots on this device numbered 00h to 0Fh.

bMaxSlotIndex#%
0x0023692.91 %
0x01114.33 %
0x0231.18 %
0x0431.18 %
0x0310.39 %


CCID readers may have more than one physical card interface. The vast majority of them (93%) are simple readers with only one card interface (bMaxSlotIndex: 0x00).

11 readers have 2 interfaces (bMaxSlotIndex: 0x01)
  • ATMEL AT91SO CCID Smart Card Reader
  • Alcor Micro AU9522
  • Gemalto GemCore SIM Pro Smart Card Reader
  • Gemalto Hybrid Smartcard Reader
  • SCM Microsystems Inc. SCR 331-DI
  • SCM Microsystems Inc. SCR331-DI USB Smart Card Reader
  • SCM Microsystems Inc. SDI010 Smart Card Reader
  • SCM Microsystems Inc. SDI011 Contactless Reader
  • SCM Microsystems Inc. SDI011 Contactless Reader
  • SpringCard EasyFinger Standard
  • SpringCard H512 Series
  • SpringCard H663 Series
Many of the 2 interfaces readers (SCM readers) have a contact interface and also a contactless interface. But SCM uses proprietary commands to driver the contactless interface so this interface is not supported by my CCID driver.
Or the reader has a contact interface and also a SAM interface (using a ID-000 format).

3 readers have 3 interfaces (bMaxSlotIndex: 0x02)
  • COVADIS Auriga
  • SpringCard CrazyWriter
  • SpringCard CSB6 Secure

1 reader has 4 interfaces (bMaxSlotIndex: 0x03)
  • SpringCard EasyFinger Ultimate

3 readers have 5 interfaces (bMaxSlotIndex: 0x04)
  • Gemplus GemCore POS Pro Smart Card Reader
  • SpringCard CSB6 Ultimate
  • Teridian Semiconductors TSC12xxFV.09

The value bMaxSlotIndex may be compared to the value bMaxCCIDBusySlots. A value bMaxCCIDBusySlots > 0 indicates the reader allows to access more than one slot at the same time.

If you compare the list of readers from bMaxSlotIndex (this page) and bMaxCCIDBusySlots you see that many readers provide more than one slot but can only talk to one slot at a time. Only the "Teridian Semiconductors TSC12xxFV.09" reader declares 5 slots and 5 simultaneous busy slots.

Monday, August 12, 2013

New version of libccid: 1.4.12

I just released a version 1.4.12 of libccid the free software CCID class smart card reader driver.

Changes:
1.4.12 - 12 August 2013, Ludovic Rousseau
  • Add support of
    • HID OMNIKEY 5127 CK
    • HID OMNIKEY 5326 DFR
    • HID OMNIKEY 5427 CK
    • Ingenico WITEO USB Smart Card Reader (Base and Badge)
    • SecuTech SecuTech Token
  • Add support of card movement notifications for multi-slot readers
  • Check libusb is at least at version 1.0.8
  • Get the serialconfdir value from pcsc-lite pkg config instead of using $(DESTDIR)/$(sysconfdir)/reader.conf.d/
  • Disable class driver on Mac OS X
  • Update the bundle name template to include the vendor name
  • some minor bugs removed

Sunday, June 23, 2013

CCID descriptor statistics: bMaxCCIDBusySlots

Article from the serie "CCID descriptor statistics"

The bMaxCCIDBusySlots field is a number value from the CCID USB descriptor: Maximum number of slots which can be simultaneously busy.
If the CCID does not support queuing, it reports bMaxCCIDBusySlots equal to 01h; which means that the CCID will treat all commands synchronously.

bMaxCCIDBusySlots#%
125198.82 %
010.39 %
210.39 %
510.39 %


The normal value for a CCID interface is 1.

The value 0 is bogus. If only 0 slot can be busy (used) then the reader can be used at all. This is the case of the Feitian Technologies FT SCR310 reader.

The value 2 is used by the COVADIS Auriga reader. This reader also declares 3 slots (bMaxSlotIndex: 0x02) so 2 slots (among 3) can be used at the same time.

The value 5 is used by Teridian Semiconductors TSC12xxFV.09. This reader has 5 slots (bMaxSlotIndex: 0x04). So all the 5 slots can be used at the same time.

My CCID driver do not use this value. Only one slot of a reader can be used at the same time. This may evolve but only few readers would benefit some this improvement.

CCID descriptor statistics: bInterfaceNumber

Article from the serie "CCID descriptor statistics"

The bInterfaceNumber field is a number value from the USB descriptor: Number of this interface. Zero-based value identifying the index in the array of concurrent interfaces supported by this configuration.

bInterfaceNumber#%
020781.50 %
13614.17 %
2103.94 %
410.39 %


Many CCID readers only have 1 interface. So the CCID interface is numbered 0.

Readers with 2 or more interfaces are composite devices. They can be either a reader with 2 CCID interfaces or a device with a CCID interface and other interfaces like a mass storage.

Readers with 2 (or more) CCID interfaces are listed in more than one list. For example the "Gemalto Prox Dual USB PC LinkReader" is listed in bInterfaceNumber = 1 and also in bInterfaceNumber = 2 because one CCID interface has bInterfaceNumber = 1 and the other has bInterfaceNumber = 2. And in this the interface number 0 is HID.

The "Gemalto IDBridge K3000" is listed only in the list bInterfaceNumber = 2 because the interfaces 0 and 1 are HID and mass storage.

Readers with bInterfaceNumber = 1:
  • Broadcom Corp 5880
  • C3PO LTC32
  • C3PO TLTC2USB
  • Cherry GmbH SmartBoard XX1X
  • Cherry GmbH SmartBoard XX33
  • Cherry GmbH SmartBoard XX44
  • Dell Dell Smart Card Reader Keyboard
  • Dell keyboard SK-3106
  • Fujitsu Siemens Computers SmartCard Keyboard USB 2A
  • Fujitsu Siemens Computers SmartCard USB 2A
  • FujitsuTechnologySolutions GmbH SmartCase KB SCR eSIG
  • Gemalto Gem e-Seal Pro USB Token
  • Gemalto Prox Dual USB PC LinkReader
  • Gemalto Prox SU USB PC LinkReader
  • Gemalto Smart Enterprise Guardian Secure USB Device
  • Hewlett-Packard Company HP USB CCID Smartcard Keyboard
  • Hewlett-Packard Company HP USB Smart Card Keyboard
  • Identive Identive CLOUD 4500 F Dual Interface Reader
  • Identive Identive CLOUD 4510 F Contactless + SAM Reader
  • Identive Identive CLOUD 4700 F Dual Interface Reader
  • Identive Identive CLOUD 4710 F Contactless + SAM Reader
  • KOBIL Systems mIDentity M
  • KOBIL Systems mIDentity XL
  • MYSMART MySMART PAD V2.0
  • Morpho MSO1350 Fingerprint Sensor & SmartCard Reader
  • Morpho MSO350/MSO351 Fingerprint Sensor & SmartCard Reader
  • Neowave Weneo
  • Verisign Secure Storage Token
  • Yubico Yubikey NEO OTP+CCID

Readers with bInterfaceNumber = 2:
  • Broadcom Corp 5880
  • C3PO KBR36
  • Gemalto IDBridge K3000
  • Gemalto Prox Dual USB PC LinkReader
  • Gemalto Prox SU USB PC LinkReader
  • KOBIL Systems mIDentity 4smart AES
  • KOBIL Systems mIDentity 4smart
  • KOBIL Systems mIDentity fullsize AES
  • KOBIL Systems mIDentity fullsize
  • KOBIL Systems mIDentity visual

Readers with bInterfaceNumber = 4
  • KOBIL Systems IDToken

Wednesday, June 12, 2013

New version of libccid: 1.4.11

I just released a version 1.4.11 of libccid the free software CCID class smart card reader driver.

Changes:
1.4.11 - 12 June 2013, Ludovic Rousseau
  • Add support of
    • Gemalto IDBridge CT30
    • Gemalto IDBridge K30
    • SCM Microsystems Inc. SCL010 Contactless Reader
    •  SCM Microsystems Inc. SDI011 Contactless Reader
    • THRC reader
  • Better management of time extension requests
  • parse: better support of devices with bInterfaceClass = 0xFF
  • udev rule file: Remove setting group to pcscd, remove support of Linux kernel < 2.6.35 for auto power up management
  • some minor bugs removed

Friday, June 7, 2013

CCID descriptor statistics: bLength

Article from the serie "CCID descriptor statistics"

The bLength field is a number value from the USB descriptor: Size of this descriptor in bytes

bLength#%
0x36254100.00 %


The CCID descriptor has a fixed size. So all the CCID devices use the same value.

CCID descriptor statistics: bInterfaceSubClass

Article from the serie "CCID descriptor statistics"

The bInterfaceSubClass field is a number value from the CCID USB descriptor: Subclass code.

bInterfaceSubClass#%
024897.64 %
9251.97 %
110.39 %


The only value documented in the CCID specification is 0. I have no idea why some readers use a different value.

According to USB specification version 2.0:
Subclass code (assigned by the USB-IF). These codes are qualified by the value of the bInterfaceClass field.
If the bInterfaceClass field is reset to zero, this field must also be reset to zero.
If the bInterfaceClass field is not set to FFH, all values are reserved for assignment by the USB-IF.

Device with bInterfaceSubClass = 1 is:
  • ActivCard ActivCard USB Reader V2

Devices with bInterfaceSubClass = 92 are:
  • Dell keyboard SK-3106
  • Gemalto Gem e-Seal Pro USB Token
  • MYSMART MySMART PAD V2.0
  • Verisign Secure Storage Token
  • Verisign Secure Token

CCID descriptor statistics: bInterfaceProtocol

Article from the serie "CCID descriptor statistics"

The bInterfaceProtocol field is a number value from the CCID USB descriptor: Protocol code
For Integrated Circuit(s) Cards Interface Devices (CCID) 00h
Note: For competitiveness, values 01h and 02h are reserved for Integrated Circuit(s) Cards Devices (USB-ICC) and other values are reserved for future use. USB-ICCs are out of the scope of this specification.

bInterfaceProtocol#%
024395.67 %
283.15 %
131.18 %




USB-ICC devices are USB devices with the same chip for reader and smart card. They are aften called token.
They follow a different USB specificiation: "Device Class: Smart Card ICCD", Revision 1.0, April 2005.
According to this specification:
The given value indicates the transfer mode used for the communication between the host and the USB-ICC.
00h bulk transfers optional interrupt-IN
01h version A, Control transfers, (no interrupt-IN)
02h version B, Control transfers (optional interrupt-IN).
Version A ICCD tokens are:
  • ActivCard ActivCard USB Reader V2
  • BIFIT iBank2Key
  • SchlumbergerSema SchlumbergerSema Cyberflex Access

Version B ICCD tokens are:
  • Gemalto PDT
  • Giesecke & Devrient GmbH Star Sign Card Token 350 (ICCD)
  • Giesecke & Devrient GmbH Star Sign Card Token 550 (ICCD)
  • KEBTechnology KONA USB SmartCard
  • OCS ID-One Cosmo Card USB Smart Chip Device
  • Philips Semiconductors JCOP41V221
  • Philips Semiconductors SmartMX Sample

CCID descriptor statistics: bInterfaceClass

Article from the serie "CCID descriptor statistics"

The bInterfaceClass field is a number value from the USB descriptor: Class code (assigned by the USB-IF).
A value of zero is reserved for future standardization.
If this field is set to FFH, the interface class is vendor-specific.
All other values are reserved for assignment by the USB-IF.

bInterfaceClass#%
0x0B [Chip Card Interface Device Class (CCID)]24094.49 %
0xFF145.51 %


The CCID 1.1 specification gives/imposes the value 0Bh. FFh is for proprietary devices.

As with the bDescriptorType field it is not suprising that thevast majority of devices use the standardized value 0Bh.

The 14 devices with bInterfaceClass = 0xFF are:
  • Cherry GmbH SmartTerminal ST-2xxx
  • Dell keyboard SK-3106
  • Gemalto Gem e-Seal Pro USB Token
  • MYSMART MySMART PAD V2.0
  • NTT Communications Corp. SCR3310-NTTCom USB SmartCard Reader
  • OCS ID-One Cosmo Card USB Smart Chip Device
  • SCM Microsystems Inc. SCR 331-DI
  • SCM Microsystems Inc. SCR331-DI USB Smart Card Reader
  • SCM Microsystems Inc. SDI010 Smart Card Reader
  • SCM Microsystems Inc. SDI011 Contactless Reader
  • SCM Microsystems Inc. SPR 532
  • SchlumbergerSema SchlumbergerSema Cyberflex Access
  • Verisign Secure Storage Token
  • Verisign Secure Token


CCID descriptor statistics: bDescriptorType

Article from the serie "CCID descriptor statistics"

The bDescriptorType field is a number value from the USB CCID descriptor: Functional Descriptor type.

bDescriptorType#%
0x2124998.03 %
0xFF51.97 %


The CCID 1.1 specification gives/imposes the value 21h. FFh is for proprietary devices.
It is then not suprising that thevast majority of devices use the standardized value 21h.

The 5 devices with bDescriptorType = 0xFF are:
  • Dell keyboard SK-3106
  • Gemalto Gem e-Seal Pro USB Token
  • MYSMART MySMART PAD V2.0
  • Verisign Secure Storage Token
  • Verisign Secure Token

Wednesday, May 22, 2013

CCID descriptor statistics: bClassGetResponse

Article from the serie "CCID descriptor statistics"

The bClassGetResponse field is a number value from the USB CCID descriptor:
Significant only for CCID that offers an APDU level for exchanges.

Indicates the default class value used by the CCID when it sends a Get Response command to perform the transportation of an APDU by T=0 protocol.

Value FFh indicates that the CCID echoes the class of the APDU.

bClassGetResponse#%
0xFF15159.45 %
0x0010340.55 %


The statistics here are the same as for the bClassEnvelope field.

All the readers have bClassEnvelope = bClassGetResponse set to either 0x00 or 0xFF.
It is not surprising to have bClassEnvelope = bClassGetResponse since the two fields are used to manage APDU (short or extended) with T=0 cards.

CCID descriptor statistics: bClassEnvelope

Article from the serie "CCID descriptor statistics"

The bClassEnvelope field is a number value from the USB CCID descriptor:
" Significant only for CCID that offers an extended APDU level for exchanges.

Indicates the default class value used by the CCID when it sends an Envelope command to perform the transportation of an extended APDU by T=0 protocol.

Value FFh indicates that the CCID echoes the class of the APDU. "

bClassEnvelope#%
0xFF15159.45 %
0x0010340.55 %

CCID descriptor statistics: bAlternateSetting

Article from the serie "CCID descriptor statistics"

The bAlternateSetting field is a number value from the USB descriptor: Value used to select this alternate setting for the interface identified in the prior field.

All the CCID readers I have in my list have the same value: 0.

bAlternateSetting#%
0254100.00 %

Monday, May 20, 2013

CCID descriptor statistics: iProduct

Article from the serie "CCID descriptor statistics"

The iProduct field is a text field from the USB descriptor: describing product

iProduct#%
588051.97 %
Weneo41.57 %
AT90SCR05020.79 %
AT90SCR10020.79 %
CryptoIdentity CCID20.79 %
DIGIPASS KEY 20020.79 %
DIGIPASS KEY 20220.79 %
DIGIPASS KEY 86020.79 %
Ezio Shield20.79 %
Identive CLOUD 4500 F Dual Interface Reader20.79 %
Identive CLOUD 4510 F Contactless + SAM Reader20.79 %
Identive CLOUD 4700 F Dual Interface Reader20.79 %
Identive CLOUD 4710 F Contactless + SAM Reader20.79 %
Micro Oz77620.79 %
Prox Dual USB PC LinkReader20.79 %
Prox SU USB PC LinkReader20.79 %
Smart Card Reader20.79 %
Smart Enterprise Guardian Secure USB Device20.79 %
USB GemPCPinpad SmartCard Reader20.79 %
XI-SIGN USB V220.79 %
13.56MHz RFID (CCID)10.39 %
6321 CLi USB10.39 %
ACR 38U-CCID10.39 %
ACR10010.39 %
ACR101 ICC Reader10.39 %
ACR122U10.39 %
ACR122U PICC Interface10.39 %
ACR38 plugin10.39 %
AET6510.39 %
AK-CR-0310.39 %
ALYA10.39 %
APG8201 PINhandy 110.39 %
APG8201 USB Reader10.39 %
ASE IIIe10.39 %
ASEDrive IIIe KB10.39 %
AT90SCR20010.39 %
AT91SC192192CT-USB ICCD reader10.39 %
AT91SO CCID Smart Card Reader10.39 %
AT98SC032CT-USB10.39 %
AU952010.39 %
AU952210.39 %
AU954010.39 %
ActivCard USB Reader V210.39 %
Activkey_Sim10.39 %
Argos Mini II10.39 %
Auriga10.39 %
BLUDRIVE II CCID10.39 %
CCID SmartCard Controller10.39 %
CI69210.39 %
CKey410.39 %
CL1356A_HID10.39 %
CL1356T10.39 %
CL1356T510.39 %
CLOUD 2700 F Smart Card Reader10.39 %
CLOUD 2700 R Smart Card Reader10.39 %
CPL10810.39 %
CSB6 Basic10.39 %
CSB6 Secure10.39 %
CSB6 Ultimate10.39 %
CX0010.39 %
Card Reader10.39 %
CardMan 102110.39 %
CardMan 302110.39 %
CardMan 312110.39 %
CardMan 362110.39 %
CardMan 382110.39 %
CardMan 432110.39 %
CardMan 512110.39 %
CardMan 512510.39 %
CardMan 532110.39 %
CardMan 612110.39 %
CrazyWriter10.39 %
Crypto Stick v1.210.39 %
CryptoMate6410.39 %
D2CIM-DVUSB VM/CCID10.39 %
DIGIPASS 92010.39 %
DIGIPASS KEY 10110.39 %
DOMINO-Key TWIN10.39 %
DP85510.39 %
DP86510.39 %
DP905v1.110.39 %
Dell Smart Card Reader Keyboard10.39 %
Digipass 86010.39 %
EMV CAP - SecOVID Reader III10.39 %
EZIO CB+10.39 %
EasyFinger Standard10.39 %
EasyFinger Ultimate10.39 %
Ezio Shield Branch Reader10.39 %
FT SCR31010.39 %
Gem e-Seal Pro USB Token10.39 %
GemCore POS Pro Smart Card Reader10.39 %
GemCore SIM Pro Smart Card Reader10.39 %
GemPC Express10.39 %
Gemplus USB SmartCard Reader 433-Swap10.39 %
Gnuk10.39 %
H512 Series10.39 %
H663 Series10.39 %
HP USB CCID Smartcard Keyboard10.39 %
HP USB Smart Card Keyboard10.39 %
HP USB Smartcard Reader10.39 %
Hybrid Smartcard Reader10.39 %
ID-ONE TOKEN SLIM v210.39 %
IDBridge K300010.39 %
IDProtect Key v210.39 %
IDToken10.39 %
Integrated Smart Card Reader10.39 %
JCOP41V22110.39 %
KAAN Advanced10.39 %
KAAN Base10.39 %
KAAN SIM III10.39 %
KBR3610.39 %
KONA USB SmartCard10.39 %
LTC31 v210.39 %
LTC3210.39 %
LTC3610.39 %
LTC3x USB10.39 %
Leo v210.39 %
MFP Smart Card Reader10.39 %
MSO1350 Fingerprint Sensor & SmartCard Reader10.39 %
MSO350/MSO351 Fingerprint Sensor & SmartCard Reader10.39 %
Multi-Reader10.39 %
MyLeo10.39 %
MySMART PAD V2.010.39 %
NFC CCID eNetPad10.39 %
NFC'Roll10.39 %
PC Twin Reader10.39 %
PDT10.39 %
PINPad Ex10.39 %
PINPad In10.39 %
PIV Token10.39 %
PR53310.39 %
Panasonic USB Smart Card Reader 7A-Smart10.39 %
Precise 200 MC10.39 %
Precise 250 MC10.39 %
Prox'N'Roll10.39 %
RSA SecurID (R) Authenticator10.39 %
Reflex USB v310.39 %
Rutoken ECP10.39 %
Rutoken Magistra10.39 %
Rutoken lite10.39 %
SA .NET Dual10.39 %
SC Reader 37110.39 %
SCL01x Contactless Reader10.39 %
SCR 33110.39 %
SCR 331-DI10.39 %
SCR 331010.39 %
SCR 331110.39 %
SCR 33510.39 %
SCR 35510.39 %
SCR00110.39 %
SCR30110.39 %
SCR331-DI USB Smart Card Reader10.39 %
SCR3310 USB Smart Card Reader10.39 %
SCR3310-NTTCom USB SmartCard Reader10.39 %
SCR3320 - Smart Card Reader10.39 %
SCR3340 - ExpressCard54 Smart Card Reader10.39 %
SCR33x USB Smart Card Reader10.39 %
SCR35xx v2.0 USB SC Reader10.39 %
SDI010 Smart Card Reader10.39 %
SDI011 Contactless Reader10.39 %
SIM Reader10.39 %
SPR 53210.39 %
STD20010.39 %
SafeTouch10.39 %
SchlumbergerSema Cyberflex Access10.39 %
Secure Storage Token10.39 %
Secure Token10.39 %
SecureToken10.39 %
Sense MC10.39 %
Sitecom USB simcard reader MD-01010.39 %
Smart Pocket10.39 %
Smart Token10.39 %
SmartBoard XX1X10.39 %
SmartBoard XX3310.39 %
SmartBoard XX4410.39 %
SmartCard Keyboard USB 2A10.39 %
SmartCard USB 2A10.39 %
SmartCase KB SCR eSIG10.39 %
SmartMX Sample10.39 %
SmartMouse USB10.39 %
SmartTerminal ST-127510.39 %
SmartTerminal ST-2xxx10.39 %
SmartTerminal XX1X10.39 %
SmartTerminal XX4410.39 %
Star Sign Card Token 350 (ICCD)10.39 %
Star Sign Card Token 550 (ICCD)10.39 %
StarReader SMART10.39 %
StarSign Crypto USB Token10.39 %
TLTC2USB10.39 %
TSC12xxFV.0910.39 %
Teo10.39 %
TianYu CCID SmartKey10.39 %
TokenA sl vt10.39 %
USB Reader V310.39 %
USB Shell Token V210.39 %
USB Smart Chip Device10.39 %
USB-Token iBank2key10.39 %
USB2.0-CRW10.39 %
VEGA-ALPHA10.39 %
VaultIC 420 Smart Object10.39 %
VaultIC 440 Smart Object10.39 %
VaultIC 460 Smart Object10.39 %
VaultIC420 Smart Object10.39 %
VaultIC44010.39 %
VaultIC46010.39 %
Virtual USB CCID10.39 %
XecureHSM10.39 %
Yubikey NEO CCID10.39 %
Yubikey NEO OTP+CCID10.39 %
cryptokey10.39 %
cyberJack RFID basis10.39 %
cyberJack go10.39 %
ePass200310.39 %
eSafeLD10.39 %
eToken PRO USB 72K Java10.39 %
iAM10.39 %
iBank2Key10.39 %
keyboard SK-310610.39 %
mIDentity 4smart10.39 %
mIDentity 4smart AES10.39 %
mIDentity M10.39 %
mIDentity XL10.39 %
mIDentity fullsize10.39 %
mIDentity fullsize AES10.39 %
mIDentity visual10.39 %
miniLector10.39 %
miniLector-s10.39 %
plug'n'crypt CCID token10.39 %
uKeyCI800-K1810.39 %



The graphics for iProduct is not really informative. I removed the legend since it is very long.

The iProduct is an arbitrary string chosen by the reader manufacturer. The same product name may be reused in different cases.
  • The same product name is used for different devices.
    • Broadcom Corp 5880 is the winner in this category (5 readers)
    • Neowave Weneo is second (4 readers)
    • Eutron CryptoIdentity CCID (2 readers)
    • VASCO DIGIPASS KEY 200 (2 readers)
    • VASCO DIGIPASS KEY 202 (2 readers)
    • VASCO DIGIPASS KEY 860 (2 readers)
    • Gemalto Ezio Shield (2 readers)
    • O2 Micro Oz776 (2 readers)
    • Gemalto Smart Enterprise Guardian Secure USB Device (2 readers)
  • The manufacturer has changed its name but kept the product name
    • AT90SCR050 is used in ATMEL AT90SCR050 and Inside Secure AT90SCR050
    • AT90SCR100 is used in ATMEL AT90SCR100 and Inside Secure AT90SCR100
  • The reader is a composite device with 2 CCID interfaces and then listed 2 times.
    It is the case for:
    • Identive CLOUD 4500 F Dual Interface Reader
    • Identive CLOUD 4510 F Contactless + SAM Reader
    • Identive CLOUD 4700 F Dual Interface Reader
    • Identive CLOUD 4710 F Contactless + SAM Reader
  • The product name is generic and reused by mistake
    • Smart Card Reader used by Tianyu Smart Card Reader, THRC Smart Card Reader

CCID descriptor statistics: idProduct

Article from the serie "CCID descriptor statistics"

The idProduct field is a 32-bit field from the USB descriptor: Product ID (assigned by the manufacturer)

idProduct#%
0x000751.97 %
0x90CC51.97 %
0x000241.57 %
0x572041.57 %
0x572141.57 %
0x000131.18 %
0x000831.18 %
0x580231.18 %
0x952031.18 %
0x000020.79 %
0x000320.79 %
0x000920.79 %
0x001020.79 %
0x001120.79 %
0x001320.79 %
0x002520.79 %
0x003620.79 %
0x005220.79 %
0x011220.79 %
0x020020.79 %
0x0C0020.79 %
0x100620.79 %
0x302120.79 %
0x347820.79 %
0x512120.79 %
0x541020.79 %
0x550320.79 %
0x550420.79 %
0x814120.79 %
0xA02220.79 %
0x000410.39 %
0x000510.39 %
0x000610.39 %
0x000C10.39 %
0x000D10.39 %
0x001210.39 %
0x001410.39 %
0x001710.39 %
0x001910.39 %
0x001D10.39 %
0x002610.39 %
0x002D10.39 %
0x003010.39 %
0x003310.39 %
0x003710.39 %
0x003810.39 %
0x003E10.39 %
0x004010.39 %
0x005010.39 %
0x005B10.39 %
0x006010.39 %
0x007010.39 %
0x007210.39 %
0x008010.39 %
0x008110.39 %
0x010110.39 %
0x010210.39 %
0x010B10.39 %
0x011110.39 %
0x011510.39 %
0x011710.39 %
0x011910.39 %
0x012010.39 %
0x012210.39 %
0x016110.39 %
0x016510.39 %
0x016910.39 %
0x022010.39 %
0x040110.39 %
0x040210.39 %
0x040F10.39 %
0x050310.39 %
0x050410.39 %
0x050510.39 %
0x062010.39 %
0x080110.39 %
0x080710.39 %
0x081010.39 %
0x082410.39 %
0x085510.39 %
0x086510.39 %
0x090010.39 %
0x092010.39 %
0x0B0010.39 %
0x0BDF10.39 %
0x0C0110.39 %
0x100310.39 %
0x100410.39 %
0x100510.39 %
0x101710.39 %
0x102110.39 %
0x102310.39 %
0x102410.39 %
0x107810.39 %
0x110110.39 %
0x110210.39 %
0x117A10.39 %
0x120110.39 %
0x120410.39 %
0x122710.39 %
0x135910.39 %
0x140010.39 %
0x200710.39 %
0x210010.39 %
0x210110.39 %
0x210510.39 %
0x220010.39 %
0x220210.39 %
0x222110.39 %
0x232110.39 %
0x292410.39 %
0x300110.39 %
0x300210.39 %
0x300310.39 %
0x301010.39 %
0x301410.39 %
0x301D10.39 %
0x311110.39 %
0x343710.39 %
0x343810.39 %
0x347910.39 %
0x348010.39 %
0x34C010.39 %
0x34C210.39 %
0x34C310.39 %
0x34C510.39 %
0x34EC10.39 %
0x362110.39 %
0x381510.39 %
0x382110.39 %
0x400010.39 %
0x400110.39 %
0x404210.39 %
0x410710.39 %
0x418910.39 %
0x41A910.39 %
0x428910.39 %
0x432110.39 %
0x438910.39 %
0x43A910.39 %
0x443310.39 %
0x507210.39 %
0x511110.39 %
0x511310.39 %
0x511510.39 %
0x511610.39 %
0x511710.39 %
0x511910.39 %
0x511A10.39 %
0x511C10.39 %
0x511D10.39 %
0x511F10.39 %
0x512010.39 %
0x512510.39 %
0x512B10.39 %
0x529310.39 %
0x532110.39 %
0x571010.39 %
0x574310.39 %
0x580010.39 %
0x580110.39 %
0x581010.39 %
0x600410.39 %
0x600910.39 %
0x600B10.39 %
0x601010.39 %
0x601110.39 %
0x601210.39 %
0x601410.39 %
0x601610.39 %
0x630010.39 %
0x630110.39 %
0x630210.39 %
0x632110.39 %
0x635410.39 %
0x640310.39 %
0x640410.39 %
0x640710.39 %
0x662210.39 %
0x711310.39 %
0x712110.39 %
0x712310.39 %
0x712410.39 %
0x713610.39 %
0x713810.39 %
0x714110.39 %
0x776210.39 %
0x777210.39 %
0x800010.39 %
0x800710.39 %
0x800A10.39 %
0x803310.39 %
0x810810.39 %
0x820110.39 %
0x820210.39 %
0x90DB10.39 %
0x910210.39 %
0x91B110.39 %
0x952210.39 %
0x954010.39 %
0xA02110.39 %
0xA1A110.39 %
0xACE010.39 %
0xB11110.39 %
0xCC1D10.39 %
0xCCB210.39 %
0xE00110.39 %
0xE00310.39 %




Since the idProduct field is at the discretion of the manufacturer it can be anything between 0x0000 and 0xFFFF. But we find different products with the same idProduct value.

The same value is reused in different cases:
  • The same value is used by different manufacturers by accident. It is the case for the values:
    • 0x0007 used for: COVADIS ALYA, Eutron CryptoIdentity CCID, C3PO TLTC2USB, Kingtrust Multi-Reader, Softforum Co., Ltd XecureHSM.
    • 0x0002 used for: MYSMART MySMART PAD V2.0, BIFIT iBank2Key, charismathics plug'n'crypt CCID token, GIS Ltd SmartMouse USB
    • 0x0001 used for BIFIT USB-Token iBank2key, Validy TokenA sl vt, VASCO DP905v1.1
    • 0x0008 used for Eutron CryptoIdentity CCID, COVADIS VEGA-ALPHA, ActivCard ActivCard USB Reader V2
    • 0x0000 used for Free Software Initiative of Japan Gnuk, Teridian Semiconductors TSC12xxFV.09
    • 0x0003 used for SchlumbergerSema SchlumbergerSema Cyberflex Access, C3PO LTC3x USB
    • 0x0009 used for C3PO KBR36, ubisys 13.56MHz RFID (CCID)
    • 0x0010 used for Cherry GmbH SmartBoard XX44, C3PO LTC32
    • 0x0013 used for ActivIdentity USB Reader V3, Neowave Weneo
    • 0x0025 used for Aktiv Rutoken lite, HDZB uKeyCI800-K18
    • 0x0036 used for C3PO LTC36, Hewlett-Packard Company HP USB CCID Smartcard Keyboard
    • 0x0052 used for Morpho MSO1350 Fingerprint Sensor & SmartCard Reader, Todos CX00
    • 0x0112 used for VASCO DIGIPASS KEY 860, Yubico Yubikey NEO CCID
    • 0x1006 used for Fujitsu Siemens Computers SmartCard USB 2A, Raritan D2CIM-DVUSB VM/CCID
    • 0x5121 used for OMNIKEY AG CardMan 5121, SCM Microsystems Inc. SDI010 Smart Card Reader
    • 0x8141 used for Gemalto IDBridge K3000, SpringCard NFC'Roll
  • The same value is used by the same manufacturer but for different products.
    • 0x90CC is used for many ACS readers: ACS ACR 38U-CCID, ACS ACR122U, ACS ACR100, ACS ACR38 plugin, ACS AET65.
    • 0x5720 is used for 2 Identive readers but they are composite devices with 2 CCID interfaces so they are listed 2 x 2 = 4 times: Identive CLOUD 4500 F Dual Interface Reader, Identive CLOUD 4700 F Dual Interface Reader
    • 0x5721: same remark as above for Identive CLOUD 4510 F Contactless + SAM Reader, Identive CLOUD 4710 F Contactless + SAM Reader
    • 0x5802 used for 3 readers called Broadcom Corp 5880.
      Here the iProduct is even the same for the different readers.
    • 0x9520 used for Alcor Micro AU9520, Akasa AK-CR-03, Alcor Micro SCR001.
      Here Alcor and Akasa also use the same IdVendor: 0x058F.
    • 0x0011 used for 2 readers XIRING XI-SIGN USB V2
    • 0x0200 used for id3 Semiconductors CL1356T, id3 Semiconductors CL1356T5
    • 0x0C00 used for Eutron Card Reader, Eutron SIM Reader
    • 0x3021 used for OMNIKEY AG CardMan 3121, OMNIKEY AG CardMan 3021
    • 0x3478 used by 2 readers Gemalto USB GemPCPinpad SmartCard Reader
    • 0x5410 used for SCM Microsystems Inc. SCR 355, SCM Microsystems Inc. SCR35xx v2.0 USB SC Reader
    • 0x5503 used by a composite dual interface Gemalto Prox Dual USB PC LinkReader
    • 0x5504 used by a composite dual interface Gemalto Prox SU USB PC LinkReader
    • 0xA022 used for Precise Biometrics Sense MC, XIRING Teo
      Here the IdVendor is also the same 0x076B for OMNIKEY

The idProduct is not very informative. The value is arbitrary.

Wednesday, May 1, 2013

cardpeek now available as a Debian package


The nice cardpeek software I presented in "cardpeek: A tool to read the contents of smartcards" is now available as the cardpeek Debian package. You do not need to install lua and rebuild the application yourself anymore.

cardpeek is a graphical application to read EMV, SIM and other types of smart cards.

Friday, April 26, 2013

Associated Google+ page

Some days ago I disabled the comments on this blog for reasons I explained in "Comments are now disabled".

I will now try something else/new to allow comments on blog articles: a Google+ page.

The same rules apply:
  • Please, do only post comments related to the related article.
  • For general questions or bug reports, subscribe to and use the muscle mailing list.

Thursday, April 25, 2013

CCID descriptor statistics: idVendor

Article from the serie "CCID descriptor statistics"

The idVendor field is a text field from the USB descriptor: Vendor ID (assigned by the USB-IF)

As always the "#" column indicate the number of readers with the given idVendor. For example 28 readers have the same idVendor 0x04E6 (now Gemalto).

idVendor#%
0x04E62811.02 %
0x08E6259.84 %
0x076B145.51 %
0x0D46135.12 %
0x1A44114.33 %
0x072F103.94 %
0x1C34103.94 %
0x03EB83.15 %
0x046A72.76 %
0x073D62.36 %
0x078362.36 %
0x240662.36 %
0x058F51.97 %
0x0A5C51.97 %
0x0A8951.97 %
0x25DD51.97 %
0x03F041.57 %
0x0B8141.57 %
0x0F1441.57 %
0x1E0D41.57 %
0x096E31.18 %
0x098231.18 %
0x09C331.18 %
0x0BDA31.18 %
0x0BF831.18 %
0x0DC331.18 %
0x105931.18 %
0x079B20.79 %
0x08C320.79 %
0x0B0C20.79 %
0x0B9720.79 %
0x0C4B20.79 %
0x105020.79 %
0x15CF20.79 %
0x1A7420.79 %
0x23A020.79 %
0x413C20.79 %
0xA62520.79 %
0x041610.39 %
0x047110.39 %
0x048310.39 %
0x04B910.39 %
0x04CC10.39 %
0x04DA10.39 %
0x04E810.39 %
0x052910.39 %
0x08AE10.39 %
0x097310.39 %
0x09BE10.39 %
0x0DF610.39 %
0x0E0F10.39 %
0x0F1A10.39 %
0x120610.39 %
0x14DD10.39 %
0x15E110.39 %
0x167710.39 %
0x17EF10.39 %
0x186210.39 %
0x19A610.39 %
0x19C810.39 %
0x19E710.39 %
0x1B0E10.39 %
0x1CF010.39 %
0x1FC910.39 %
0x1FD310.39 %
0x20A010.39 %
0x234B10.39 %
0x24A210.39 %
0x882910.39 %


We have only 69 different idVendor but we had 86 different iManufacturer (see the previous article CCID descriptor statistics: iManufacturer). So the same idVendor is used for different iManufacturer.

As I wrote the in previous blog article the same chip from a "major" smart card reader manufacturer is also used (sold) under unother manufacturer name.

Here is a list of the 69 different idVendor and the iManufacturer used with the given idVendor.

idVendor#iManufacturer(s)
0x04E64Identive, Axalto, SCM Microsystems Inc., NTT Communications Corp.
0x076B4XIRING, Precise Biometrics, OMNIKEY AG, OMNIKEY
0x03F03SCM Microsystems Inc., Hewlett Packard, Hewlett-Packard Company
0x08E63Gemalto, Gemplus, Verisign
0x0BDA3Generic, Dectel, MSI
0x058F2Alcor Micro, Akasa
0x096E2Feitian Technologies, Feitian
0x09C32ActivIdentity, ActivCard
0x0A892Aktiv, Aktiv Co., ProgramPark
0x0B812Secure Device Solutions, id3 Semiconductors
0x0BF82Fujitsu Siemens Computers, FujitsuTechnologySolutions GmbH
0x0D462KOBIL Systems, KOBIL
0x1A742OCS ID-One Cosmo Card, OBERTHUR TECHNOLOGIES
0xA6252Tianyu, TianYu CCID Key
0x03EB1ATMEL
0x04161Winbond
0x046A1Cherry GmbH
0x04711Philips Semiconductors
0x04831Kingtrust
0x04B91Philips Semiconductors
0x04CC1KEBTechnology
0x04DA1Panasonic
0x04E81Softforum Co., Ltd
0x05291Aladdin
0x072F1ACS
0x073D1Eutron
0x07831C3PO
0x079B1Morpho
0x08AE1Macally
0x08C31Precise Biometrics
0x09731SchlumbergerSema
0x09821COVADIS
0x09BE1MYSMART
0x0A5C1Broadcom Corp
0x0B0C1Todos
0x0B971O2
0x0C4B1REINER SCT
0x0DC31Athena
0x0DF61Sitecom
0x0E0F1VMware
0x0F141XIRING
0x0F1A1GIS Ltd
0x10501Yubico
0x10591Giesecke & Devrient GmbH
0x12061SYNNIX
0x14DD1Raritan
0x15CF1Avtor
0x15E11RSA
0x16771HDZB
0x17EF1Lenovo
0x18621Teridian Semiconductors
0x19A61ubisys
0x19C81GoldKey Security
0x19E71charismathics
0x1A441VASCO
0x1B0E1BLUTRONICS
0x1C341SpringCard
0x1CF01Validy
0x1E0D1Neowave
0x1FC91NXP
0x1FD31ASK-RFID
0x20A01German Privacy Foundation
0x234B1Free Software Initiative of Japan
0x23A01BIFIT
0x24061Inside Secure
0x24A21SafeTech
0x25DD1Bit4id
0x413C1Dell
0x88291CCB

Comments


Renaming


Some manufacturer have changed their names:
  • Gemplus has been renamed to Gemalto
  • SCM has been renamed to Identive

Rewording


Some manufacturer uses different wording for the same name:
  • Feitian Technologies, Feitian
  • ActivIdentity, ActivCard
  • Fujitsu Siemens Computers, FujitsuTechnologySolutions GmbH
  • KOBIL Systems, KOBIL
  • OCS ID-One Cosmo Card, OBERTHUR TECHNOLOGIES
  • Tianyu, TianYu CCID Key

Licencing


Some manufacturers sell their technology to others:
  • SCM (now Identive) sell to Axalto and NTT Communications Corp.
  • OMNIKEY AG sell to XIRING and Precise Biometrics
  • Gemplus (now Gemalto) sell to Verisign
  • Hewlett Packard sell to SCM
  • Realtek Semiconductor Corp. (0x0bda) sell to Generic, Dectel and MSI
  • id3 Semiconductors sell to Secure Device Solutions

Other


Some manufacturer (and associated idVendor) have a complex history:
  • SchlumbergerSema (0x0973) has been renamed Axalto (0x04E6) and then Gemalto (0x08E6)

Saturday, April 20, 2013

CCID descriptor statistics: iManufacturer

Article from the serie "CCID descriptor statistics"

The iManufacturer field is a text field from the USB descriptor: describing manufacturer

iManufacturer#%
Gemalto228.66 %
SCM Microsystems Inc.176.69 %
VASCO114.33 %
ACS103.94 %
Identive103.94 %
SpringCard103.94 %
KOBIL Systems93.54 %
ATMEL83.15 %
OMNIKEY AG83.15 %
Cherry GmbH72.76 %
C3PO62.36 %
Eutron62.36 %
Inside Secure62.36 %
Bit4id51.97 %
Broadcom Corp51.97 %
XIRING51.97 %
Aktiv41.57 %
Alcor Micro41.57 %
KOBIL41.57 %
Neowave41.57 %
OMNIKEY41.57 %
Athena31.18 %
COVADIS31.18 %
Giesecke & Devrient GmbH31.18 %
Precise Biometrics31.18 %
id3 Semiconductors31.18 %
ActivIdentity20.79 %
Avtor20.79 %
BIFIT20.79 %
Dell20.79 %
Feitian20.79 %
Fujitsu Siemens Computers20.79 %
Hewlett-Packard Company20.79 %
Morpho20.79 %
O220.79 %
Philips Semiconductors20.79 %
REINER SCT20.79 %
Todos20.79 %
Verisign20.79 %
Yubico20.79 %
ASK-RFID10.39 %
ActivCard10.39 %
Akasa10.39 %
Aktiv Co., ProgramPark10.39 %
Aladdin10.39 %
Axalto10.39 %
BLUTRONICS10.39 %
CCB10.39 %
Dectel10.39 %
Feitian Technologies10.39 %
Free Software Initiative of Japan10.39 %
FujitsuTechnologySolutions GmbH10.39 %
GIS Ltd10.39 %
Gemplus10.39 %
Generic10.39 %
German Privacy Foundation10.39 %
GoldKey Security10.39 %
HDZB10.39 %
Hewlett Packard10.39 %
KEBTechnology10.39 %
Kingtrust10.39 %
Lenovo10.39 %
MSI10.39 %
MYSMART10.39 %
Macally10.39 %
NTT Communications Corp.10.39 %
NXP10.39 %
OBERTHUR TECHNOLOGIES10.39 %
OCS ID-One Cosmo Card10.39 %
Panasonic10.39 %
RSA10.39 %
Raritan10.39 %
SYNNIX10.39 %
SafeTech10.39 %
SchlumbergerSema10.39 %
Secure Device Solutions10.39 %
Sitecom10.39 %
Softforum Co., Ltd10.39 %
Teridian Semiconductors10.39 %
TianYu CCID Key10.39 %
Tianyu10.39 %
VMware10.39 %
Validy10.39 %
Winbond10.39 %
charismathics10.39 %
ubisys10.39 %


A lot of readers are from different manufacturers. If you group the manufacturers by the number of readers they have produced we have:

# of reader per iManufacturer# of iManufacturer%
14653.49 %
21416.28 %
355.81 %
455.81 %
533.49 %
633.49 %
711.16 %
822.33 %
911.16 %
1033.49 %
1111.16 %
1711.16 %
2211.16 %


More than half (53%) of the readers are from a manufacturer that made only one CCID reader. 16% are from manufacturers with 2 readers.

My interpretation is that the reader chip has been designed by one of the major reader manufacturers and the reader chip has been sold to another manufacturer.

Wednesday, April 17, 2013

CCID descriptor statistics: section

Article from the serie "CCID descriptor statistics"

section#%
Should work readers17968.32 %
Supported readers5922.52 %
Unsupported readers166.11 %
Disabled readers83.05 %



Readers in the Disabled list are either completly bogus or the reader manufacturer requested me to remove them so they are supported by another CCID driver.

If we ignore the readers in the "disabled" list we have:



A large part of the readers (70%) have not been tested by me. It is not a problem if the reader is working correctly. It is more problematic if the reader is bogus. If a user reports a problem I can identify as a bug in the reader then the reader is moved in the "Unsupported list" with a note about the problem.

CCID descriptor statistics

The list of readers that do work with my CCID driver is now big enough (262 readers) to do some statistics.

I don't know how many CCID readers are available worldwide. I guess that with 262 of them I cover a large part of the market.

I do plan to do statistics with these different fields:

I will create a new blog article for each field and update the list above with links to the articles.

Tuesday, April 16, 2013

New version of libccid: 1.4.10

I just released a version 1.4.10 of libccid the free software CCID class smart card reader driver.

Changes:
1.4.10 - 16 April 2013, Ludovic Rousseau
  • Add support of
    • ACS APG8201 USB Reader with PID 0x8202
    • GIS Ltd SmartMouse USB
    • Gemalto IDBridge K3000
    • Identive CLOUD 2700 F Smart Card Reader
    • Identive CLOUD 2700 R Smart Card Reader
    • Identive CLOUD 4500 F Dual Interface Reader
    • Identive CLOUD 4510 F Contactless + SAM Reader
    • Identive CLOUD 4700 F Dual Interface Reader
    • Identive CLOUD 4710 F Contactless + SAM Reader
    • Inside Secure AT90SCR050
    • Inside Secure AT90SCR100
    • Inside Secure AT90SCR200
    • SCR3310-NTTCom USB SmartCard Reader
    • SafeTech SafeTouch
    • SpringCard H512 Series
    • SpringCard H663 Series
    • SpringCard NFC'Roll
    • Yubico Yubikey NEO CCID
    • Yubico Yubikey NEO OTP+CCID
  • Add support of time extension for Escape commands

Monday, April 1, 2013

New version of pcsc-perl: 1.4.13

I just released a new version 1.4.13 of pcsc-perl, the Perl wrapper for PC/SC.
This version just fixes a warning when you use Perl 5.16.

 

See the article "PCSC sample in Perl" for code sample of PC/SC in Perl.

pcsc-perl is also available at CPAN: pcsc-perl-1.4.13 with the online API documentation for Chipcard::PCSC and Chipcard::PCSC::Card.