Tuesday, October 29, 2013

OS X Mavericks and smart cards status

The new version of OS X 10.9 called Mavericks is now available since 22th October 2013. The operating system is now called OS X and not Mac OS X.



As I did with the previous major versions of Mac OS X Mountain Lion (and Lion) I will list changes in Maveriks regarding the smart card world.

pcsc-lite

Same version as in Mountain Lion. But seen bellow.

CCID driver

Same as in Mountain Lion.
CCID driver version 1.3.11.

$ grep -A 1 CFBundleShortVersionString /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist 
  <key>CFBundleShortVersionString</key>
  <string>1.3.11</string>

The binary is now 64-bits only in Mavericks when it was 32-bits only in Mountain Lion and previous versions.

$ file /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/MacOS/libccid.dylib
/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/MacOS/libccid.dylib: Mach-O 64-bit dynamically linked shared library x86_64

Source code

The source code is provided by Apple from the web site OS X 10.9 Source. The two components are available in:
The source code is not yet available in the subversion repository of the SmartCard Services project.

The source code for the smart card components in Mac OS X 10.8 is available at Mac OS X 10.8 Source. It is then easy to compare the two versions.

Changes


pcsc-lite


$ diff -ru SmartCardServices-55105 SmartCardServices-55111 | diffstat 
 Info-PCSC.plist                             |    2 
 SmartCardServices.xcodeproj/project.pbxproj |    7 -
 src/PCSC/PCSCDevice.h                       |    2 
 src/PCSC/PCSCDriverBundle.h                 |    2 
 src/PCSC/hotplug_macosx.cpp                 |    2 
 src/PCSC/pcscd_reader.h                     |    2 
 src/PCSC/pcscdaemon.c                       |   54 -----------
 src/PCSC/pcscdmonitor.h                     |    2 
 src/PCSC/pcscdserver.h                      |    2 
 src/PCSC/readerfactory.c                    |  127 ----------------------------
 src/PCSC/readerstate.h                      |    2 
 src/PCSC/sys_macosx.cpp                     |    2 
 12 files changed, 14 insertions(+), 192 deletions(-)

The respawn feature has been removed from pcscd. This feature has been added in Lion and allows a 64-bits pcscd to restart in 32-bits if it find a 32-bits only driver. See Mac OS X Lion and smart cards status for some more details.

I also note that the support of Rosetta is still present. This has been added during Tiger (10.4 released in 2006) to support the migration from PowerPC and Intel processors. The idea is to be able to use a PowerPC (big endian) PC/SC client talking to an Intel (little endian) pcscd server. Some functions inside pcsc-lite are used to do the needed conversions like SHSharedSegmentMsgToNetworkOrder() and SHSharedSegmentMsgToHostOrder() in src/PCSC/winscard_msg.cpp.

libccid


$ diff -ru SmartcardCCID-55000 SmartcardCCID-55005 | diffstat 
diff: SmartcardCCID-55000/libusb/libusb/compile: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/config.guess: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/config.sub: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/depcomp: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/install-sh: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/ltmain.sh: No such file or directory
diff: SmartcardCCID-55000/libusb/libusb/missing: No such file or directory
 Makefile                       |    2 
 files/automake_copy.patch      |only
 files/darwin_no_seize.patch    |only
 libusb/Makefile.in             |  372 -
 libusb/aclocal.m4              | 1404 +++-
 libusb/autogen.sh              |    4 
 libusb/autom4te.cache/output.0 |11877 +++++++++++++++++++----------------------
 libusb/autom4te.cache/output.1 |11877 +++++++++++++++++++----------------------
 libusb/autom4te.cache/requests |   80 
 libusb/autom4te.cache/traces.0 |  754 +-
 libusb/autom4te.cache/traces.1 |  155 
 libusb/config.h.in             |   20 
 libusb/configure               |11767 +++++++++++++++++++---------------------
 libusb/darwin.c                |    6 
 libusb/doc/Makefile.in         |   51 
 libusb/tests/Makefile.in       |  168 
 16 files changed, 18722 insertions(+), 19815 deletions(-)

Only some files needed to rebuild the binary have been updated. libusb version is still libusb-0.1.13b and libccid is still ccid-1.3.11.

Impacts of the changes


Since the respawn feature has been removed from pcscd a 32-bits (Intel) only driver will not be usable on Mavericks. You have to provide a 64-bits (or Universal Binary with 32-bits and 64-bits) so it can be used on Mavericks.


Conclusion

Apple has not really updated the smart card components in Mavericks, or Mountain Lion or Lion. No bug or limitation has been fixed. And no new bug have been introduced.
Only 64-bits smart card drivers are usable on Mavericks.

The CCID driver provided (version 1.3.11) has been released on July 2009, 4 years ago. Since this version 146 readers have been added (112% more). Yes, more readers have been added since 1.3.11 than readers supported in version 1.3.11.