Wednesday, June 10, 2015

PCSC framework removed in Mac OS X 10.11 El Capitan?

OS X El Capitan

You may know that Apple announced the new major version of OS during this week Apple WWDC 2015 (Worldwide Developers Conference). The next major version of OS X is 10.11, is planned for this Fall and is called El Capitan. See OS X El Capitan for some more details.

For even more details you have to go to the (public) web page "OS X v.10.11 API Diffs".

PCSC framework

According to the (public) web page "OS X v.10.11 API Diffs" we have:

It looks like Apple decided to remove the PCSC framework and replace it with CryptoTokenKit, already introduced in OS X 10.10 Yosemite (see "OS X Yosemite BETA and smart cards status" and "OS X Yosemite and smart cards status" for the beginning of the replacement story).

CryptoTokenKit

We also have some changes (to make it work for real?) in the CryptoTokenKit side (both framework and modules).

CryptoTokenKit framework

Full page at https://developer.apple.com/library/prerelease/mac/releasenotes/General/APIDiffsMacOSX10_11/frameworks/CryptoTokenKit.html

TKError.h

Added TKErrorCodeBadParameter

TKSmartCard.h

Removed TKSmartCardNoSlot
Removed TKSmartCardSlotEmpty
Removed TKSmartCardSlotMuteCard
Removed TKSmartCardSlotProbing
Removed TKSmartCardSlotValidCard
Added -[TKSmartCard userInteractionForSecurePINChangeWithPINFormat:APDU:currentPINByteOffset:newPINByteOffset:]
Added -[TKSmartCard userInteractionForSecurePINVerificationWithPINFormat:APDU:PINByteOffset:]
Added TKSmartCardPINFormat
Added TKSmartCardPINFormat.charset
Added TKSmartCardPINFormat.encoding
Added TKSmartCardPINFormat.maxPINLength
Added TKSmartCardPINFormat.minPINLength
Added TKSmartCardPINFormat.PINBitOffset
Added TKSmartCardPINFormat.PINBlockByteLength
Added TKSmartCardPINFormat.PINJustification
Added TKSmartCardPINFormat.PINLengthBitOffset
Added TKSmartCardPINFormat.PINLengthBitSize
Added TKSmartCardSlot.screen
Added -[TKSmartCardSlot userInteractionForConfirmation]
Added -[TKSmartCardSlot userInteractionForStringEntry]
Added TKSmartCardSlotScreen
Added -[TKSmartCardSlotScreen displayMessage:x:y:duration:clearScreen:]
Added TKSmartCardSlotScreen.physicalColumnCount
Added TKSmartCardSlotScreen.physicalRowCount
Added TKSmartCardSlotScreen.virtualColumnCount
Added TKSmartCardSlotScreen.virtualRowCount
Added TKSmartCardUserInteraction
Added -[TKSmartCardUserInteraction cancel]
Added TKSmartCardUserInteraction.delegate
Added TKSmartCardUserInteraction.initialTimeout
Added TKSmartCardUserInteraction.interactionTimeout
Added -[TKSmartCardUserInteraction runWithReply:]
Added TKSmartCardUserInteractionDelegate
Added -[TKSmartCardUserInteractionDelegate characterEnteredInUserInteraction:]
Added -[TKSmartCardUserInteractionDelegate correctionKeyPressedInUserInteraction:]
Added -[TKSmartCardUserInteractionDelegate invalidCharacterEnteredInUserInteraction:]
Added -[TKSmartCardUserInteractionDelegate newPINConfirmationRequestedInUserInteraction:]
Added -[TKSmartCardUserInteractionDelegate newPINRequestedInUserInteraction:]
Added -[TKSmartCardUserInteractionDelegate oldPINRequestedInUserInteraction:]
Added -[TKSmartCardUserInteractionDelegate validationKeyPressedInUserInteraction:]
Added TKSmartCardUserInteractionForConfirmation
Added TKSmartCardUserInteractionForConfirmation.result
Added TKSmartCardUserInteractionForPINOperation
Added TKSmartCardUserInteractionForPINOperation.locale
Added TKSmartCardUserInteractionForPINOperation.PINCompletion
Added TKSmartCardUserInteractionForPINOperation.PINMessageIndices
Added TKSmartCardUserInteractionForPINOperation.resultData
Added TKSmartCardUserInteractionForPINOperation.resultSW
Added TKSmartCardUserInteractionForSecurePINChange
Added TKSmartCardUserInteractionForSecurePINChange.PINConfirmation
Added TKSmartCardUserInteractionForSecurePINVerification
Added TKSmartCardUserInteractionForStringEntry
Added TKSmartCardUserInteractionForStringEntry.result
Added TKSmartCardPINCharset
Added TKSmartCardPINCharsetAlphanumeric
Added TKSmartCardPINCharsetNumeric
Added TKSmartCardPINCharsetUpperAlphanumeric
Added TKSmartCardPINCompletion
Added TKSmartCardPINCompletionKey
Added TKSmartCardPINCompletionMaxLength
Added TKSmartCardPINCompletionTimeout
Added TKSmartCardPINConfirmation
Added TKSmartCardPINConfirmationCurrent
Added TKSmartCardPINConfirmationNew
Added TKSmartCardPINConfirmationNone
Added TKSmartCardPINEncoding
Added TKSmartCardPINEncodingASCII
Added TKSmartCardPINEncodingBCD
Added TKSmartCardPINEncodingBinary
Added TKSmartCardPINJustification
Added TKSmartCardPINJustificationLeft
Added TKSmartCardPINJustificationRight

and many functions modified.

CryptoTokenKit modules

Full page at https://developer.apple.com/library/prerelease/mac/releasenotes/General/APIDiffsMacOSX10_11/modules/CryptoTokenKit.html

Removed TKSmartCardProtocol.init(_: UInt)
Added TKErrorCode.CodeBadParameter
Added TKSmartCard.userInteractionForSecurePINChangeWithPINFormat(_: TKSmartCardPINFormat, APDU: NSData, currentPINByteOffset: Int, newPINByteOffset: Int) -> TKSmartCardUserInteractionForSecurePINChange?
Added TKSmartCard.userInteractionForSecurePINVerificationWithPINFormat(_: TKSmartCardPINFormat, APDU: NSData, PINByteOffset: Int) -> TKSmartCardUserInteractionForSecurePINVerification?
Added TKSmartCardPINCharset [enum]
Added TKSmartCardPINCharset.Alphanumeric
Added TKSmartCardPINCharset.Numeric
Added TKSmartCardPINCharset.UpperAlphanumeric
Added TKSmartCardPINCompletion [struct]
Added TKSmartCardPINCompletion.init(rawValue: UInt)
Added TKSmartCardPINCompletion.Key
Added TKSmartCardPINCompletion.MaxLength
Added TKSmartCardPINCompletion.Timeout
Added TKSmartCardPINConfirmation [struct]
Added TKSmartCardPINConfirmation.Current
Added TKSmartCardPINConfirmation.init(rawValue: UInt)
Added TKSmartCardPINConfirmation.New
Added TKSmartCardPINConfirmation.None
Added TKSmartCardPINEncoding [enum]
Added TKSmartCardPINEncoding.ASCII
Added TKSmartCardPINEncoding.BCD
Added TKSmartCardPINEncoding.Binary
Added TKSmartCardPINFormat
Added TKSmartCardPINFormat.charset
Added TKSmartCardPINFormat.encoding
Added TKSmartCardPINFormat.maxPINLength
Added TKSmartCardPINFormat.minPINLength
Added TKSmartCardPINFormat.PINBitOffset
Added TKSmartCardPINFormat.PINBlockByteLength
Added TKSmartCardPINFormat.PINJustification
Added TKSmartCardPINFormat.PINLengthBitOffset
Added TKSmartCardPINFormat.PINLengthBitSize
Added TKSmartCardPINJustification [enum]
Added TKSmartCardPINJustification.Left
Added TKSmartCardPINJustification.Right
Added TKSmartCardSlot.screen
Added TKSmartCardSlot.userInteractionForConfirmation() -> TKSmartCardUserInteractionForConfirmation?
Added TKSmartCardSlot.userInteractionForStringEntry() -> TKSmartCardUserInteractionForStringEntry?
Added TKSmartCardSlotScreen
Added TKSmartCardSlotScreen.displayMessage(_: String, x: Int, y: Int, duration: NSTimeInterval, clearScreen: Bool) -> Bool
Added TKSmartCardSlotScreen.physicalColumnCount
Added TKSmartCardSlotScreen.physicalRowCount
Added TKSmartCardSlotScreen.virtualColumnCount
Added TKSmartCardSlotScreen.virtualRowCount
Added TKSmartCardUserInteraction
Added TKSmartCardUserInteraction.cancel() -> Bool
Added TKSmartCardUserInteraction.delegate
Added TKSmartCardUserInteraction.initialTimeout
Added TKSmartCardUserInteraction.interactionTimeout
Added TKSmartCardUserInteraction.runWithReply(_: (Bool, NSError?) -> Void)
Added TKSmartCardUserInteractionDelegate
Added TKSmartCardUserInteractionDelegate.characterEnteredInUserInteraction(_: TKSmartCardUserInteraction)
Added TKSmartCardUserInteractionDelegate.correctionKeyPressedInUserInteraction(_: TKSmartCardUserInteraction)
Added TKSmartCardUserInteractionDelegate.invalidCharacterEnteredInUserInteraction(_: TKSmartCardUserInteraction)
Added TKSmartCardUserInteractionDelegate.newPINConfirmationRequestedInUserInteraction(_: TKSmartCardUserInteraction)
Added TKSmartCardUserInteractionDelegate.newPINRequestedInUserInteraction(_: TKSmartCardUserInteraction)
Added TKSmartCardUserInteractionDelegate.oldPINRequestedInUserInteraction(_: TKSmartCardUserInteraction)
Added TKSmartCardUserInteractionDelegate.validationKeyPressedInUserInteraction(_: TKSmartCardUserInteraction)
Added TKSmartCardUserInteractionForConfirmation
Added TKSmartCardUserInteractionForConfirmation.result
Added TKSmartCardUserInteractionForPINOperation
Added TKSmartCardUserInteractionForPINOperation.locale
Added TKSmartCardUserInteractionForPINOperation.PINCompletion
Added TKSmartCardUserInteractionForPINOperation.PINMessageIndices
Added TKSmartCardUserInteractionForPINOperation.resultData
Added TKSmartCardUserInteractionForPINOperation.resultSW
Added TKSmartCardUserInteractionForSecurePINChange
Added TKSmartCardUserInteractionForSecurePINChange.PINConfirmation
Added TKSmartCardUserInteractionForSecurePINVerification
Added TKSmartCardUserInteractionForStringEntry
Added TKSmartCardUserInteractionForStringEntry.result

and many functions modified.

WWDC sessions

Apple provides 2 security related sessions at the WWDC according to the schedule.

Security and Your Apps
System Frameworks
Your reputation depends on protecting your users' data. Do this by taking advantage of the Security frameworks built into iOS, OS X and watchOS. Find out about new developments in Security and learn the best practices to develop secure apps and protect your users' data.

Security and Privacy Lab
System Frameworks
Get together with the Apple security and privacy teams for expert advice on protecting your apps, safeguarding your users' data, and honoring your users' privacy. Bring your code and your questions.
It may be interesting to watch the videos of the sessions once they are available. Or may they are not related to smart card at all.

Conclusion

PC/SC application developers, maintainers and vendors will have some work to port/rewrite the PC/SC code to CryptoTokenKit. And the delay is very short to be ready for the release of OS X El Capitan (in 3 months ?).

Thanks to Karl T. for the notice.

Update

PCSC framework will be present in El Capitan. See "PCSC framework will stay in Mac OS X 10.11 El Capitan".