Wednesday, January 13, 2021

macOS Big Sur and smart card source code

Apple released the source code of the open source components they use in Big Sur (macOS 11.0, released in October 2020). The components are available at macOS X 11.0.1 Source.


SmartcardCCID

The SmartcardCCID component moved from version SmartcardCCID-55018.0.2 in Catalina 10.15.0 to SmartcardCCID-55021.40.1 in Big Sur 11.0.1.

Incomplete diff:

diff -ru SmartcardCCID-55018.0.2/SmartcardCCID.plist SmartcardCCID-55021.40.1/SmartcardCCID.plist
--- SmartcardCCID-55018.0.2/SmartcardCCID.plist	2019-08-21 00:16:22.000000000 +0200
+++ SmartcardCCID-55021.40.1/SmartcardCCID.plist	2020-04-28 20:53:09.000000000 +0200
@@ -6,13 +6,13 @@
 		<key>OpenSourceProject</key>
 		<string>ccid</string>
 		<key>OpenSourceVersion</key>
-		<string>1.4.31</string>
+		<string>1.4.32</string>
 		<key>OpenSourceWebsiteURL</key>
 		<string>https://ccid.apdu.fr</string>
 		<key>OpenSourceURL</key>
-		<string>https://ccid.apdu.fr/files/ccid-1.4.31.tar.bz2</string>
+		<string>https://ccid.apdu.fr/files/ccid-1.4.32.tar.bz2</string>
 		<key>OpenSourceImportDate</key>
-		<string>2019-08-20</string>
+		<string>2020-04-27</string>
 		<key>OpenSourceModifications</key>
 		<array>
 			<string>destDirFix.patch - makefile.in, customized destination directory</string>
diff -ru SmartcardCCID-55018.0.2/ccid/Makefile SmartcardCCID-55021.40.1/ccid/Makefile
--- SmartcardCCID-55018.0.2/ccid/Makefile	2019-08-21 00:16:21.000000000 +0200
+++ SmartcardCCID-55021.40.1/ccid/Makefile	2020-08-06 20:06:44.000000000 +0200
@@ -24,11 +24,12 @@
 	find $(DSTROOT)/ -name 'usb*.h' -exec rm \{\} \;
 	rm -r $(DSTROOT)/usr/include
 	rm -r $(DSTROOT)/usr/lib
-	install_name_tool -id $(CCIDDriversPath)$(CCIDdylib) $(DSTROOT)$(CCIDDriversPath)$(CCIDdylib) 
+	install_name_tool -id $(CCIDDriversPath)$(CCIDdylib) $(DSTROOT)$(CCIDDriversPath)$(CCIDdylib)
+	codesign -s - $(DSTROOT)$(CCIDDriversPath)$(CCIDdylib)
 
 # Automatic Extract & Patch
 AEP_Project    = ccid
-AEP_Version    = 1.4.31
+AEP_Version    = 1.4.32
 AEP_ProjVers   = $(AEP_Project)-$(AEP_Version)
 AEP_Filename   = $(AEP_ProjVers).tar.bz2
 AEP_ExtractDir = $(AEP_ProjVers)
[...]

As we already saw in macOS Big Sur and smart cards status the CCID driver was updated from version 1.4.31 to version 1.4.32. You can find the patches Apple applies to the CCID driver in the ccid/files/ directory. Nothing special to say.

In fact, after checking the different releases of Catalina 10.15.x in https://opensource.apple.com/ I found that the CCID driver was upgraded from 1.4.31 to 1.4.32 in Catalina itself from 10.15.5 to 10.15.6.

So Apple upgraded the CCID driver within the same major version version of macOS.
And they missed the opportunity to upgrade to 1.4.33 in Big Sur. Maybe it is planned for a future minor version upgrade of Big Sur?


libusb

SmartcardCCID includes the libusb component used by the CCID driver.

This libusb library is statically linked to the CCID driver and can't be used by another project.

The version is 1.0.9. This is a very old version of libusb that was released in April 2012. The current libusb version is 1.0.24 released in December 2020.

I guess Apple does not want to upgrade a component that works fine enough from them.


SecurityTokend

This component is the same as in Catalina. It is SecurityTokend-55113.

It is strange to still find a tokend related component. Tokend technology is deprecated since Mac OS X Lion in 2011 (Mac OS X Lion and tokend).

Tokend was disabled by default in Catalina but was still usable (macOS Catalina and smart cards status).

In Big Sur tokend are not usable at all.

This component SecurityTokend does not contain any tokend plugin. There were in the Tokend component, not SecurityTokend. This component generates two file: SecurityTokend.framework and libsecurity_tokend_client.a. I am not sure what they are used for.


Conclusion

Interesting parts of the smart card stack would be the CryptoTokenKit and WinSCard layers. But since Apple moved away from the Free Software project pcsc-lite in macOS Yosemite in 2014 (OS X Yosemite and smart cards status) these components are not open source.

Monday, January 4, 2021

MUSCLE mailing list statistics for 2020

As I did in 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018 and 2019 I propose some statistics of the MUSCLE mailing list usage.

Evolution

YearTotal number of messages Progression
2009603
2010718+19 %
2011999+39 %
2012207-79 %
2013198-4 %
2014194-2 %
2014194-2 %
2015120-38 %
2016125+4 %
2017128+2 %
201866-51 %
201929-56 %
202076+162 %

Comments

A high increase in the number of messages. Maybe the mailing list is not dead after all.

Statistics from 3.1.2020 to 24.11.2020
for pcsclite-muscle@lists.infradead.org


People who have written most messages:

  Author  Msg  Percent 
1ludovic.rousseau@gmail.com36 47.37 %
2Marc.Kewitz.ext@rohde-schwarz.com4 5.26 %
3axel.braun@gmx.de4 5.26 %
4trenta.sis@gmail.com3 3.95 %
5emaxx@google.com3 3.95 %
6suffsuccotash@gmail.com3 3.95 %
7stephan.guilloux@crisalid.com3 3.95 %
8zeroconf@zeroconf.ee3 3.95 %
9thomas@schlenkhoff.me2 2.63 %
10izh1979@gmail.com2 2.63 %
11sebastien@lorquet.fr2 2.63 %
12gregor.waltz@raritan.com1 1.32 %
13gsvelto@mozilla.com1 1.32 %
14Gabriele Svelto1 1.32 %
15tristan.degroof@multiversum.broedersvanliefde.be1 1.32 %
16t-pcsc@girst.at1 1.32 %
17mstjohns@comcast.net1 1.32 %
18mauro@faresoftware.it1 1.32 %
19Axel.braun@gmx.de1 1.32 %
20godfreyhkchung@gmail.com1 1.32 %
21jonathan.verner@nexusgroup.com1 1.32 %
 other1 1.32 %

Best authors, by total size of their messages (w/o quoting):

  Author  KBytes 
1ludovic.rousseau@gmail.com1032.8
2stephan.guilloux@crisalid.com 38.4
3zeroconf@zeroconf.ee 31.9
4emaxx@google.com 31.7
5Marc.Kewitz.ext@rohde-schwarz.com 30.6
6sebastien@lorquet.fr 29.5
7izh1979@gmail.com 23.3
8suffsuccotash@gmail.com 17.2
9gsvelto@mozilla.com 13.6
10trenta.sis@gmail.com 12.4
11mstjohns@comcast.net 11.3
12axel.braun@gmx.de 10.8
13godfreyhkchung@gmail.com 10.0
14t-pcsc@girst.at 9.7
15Gabriele Svelto 8.2
16Axel.braun@gmx.de 4.1
17thomas@schlenkhoff.me 2.9
18tristan.degroof@multiversum.broedersvanliefde.be 2.7
19jonathan.verner@nexusgroup.com 2.0
20gregor.waltz@raritan.com 1.4
21mauro@faresoftware.it 1.1

Best authors, by average size of their message (w/o quoting):

  Author  bytes 
1ludovic.rousseau@gmail.com29376
2sebastien@lorquet.fr15120
3gsvelto@mozilla.com13970
4stephan.guilloux@crisalid.com13096
5izh1979@gmail.com11923
6mstjohns@comcast.net11535
7zeroconf@zeroconf.ee10893
8emaxx@google.com10814
9godfreyhkchung@gmail.com10216
10t-pcsc@girst.at9922
11Gabriele Svelto8439
12Marc.Kewitz.ext@rohde-schwarz.com7844
13suffsuccotash@gmail.com5869
14trenta.sis@gmail.com4218
15Axel.braun@gmx.de4210
16tristan.degroof@multiversum.broedersvanliefde.be2798
17axel.braun@gmx.de2753
18jonathan.verner@nexusgroup.com2032
19thomas@schlenkhoff.me1490
20gregor.waltz@raritan.com1462
21mauro@faresoftware.it1143

Table showing the most successful subjects:

  Subject  Msg  Percent 
1[Pcsclite-muscle] Workaround for missing suspend/resume9 11.84 %
2[Pcsclite-muscle] Different behaviour with Select MF on Omnikey7 9.21 %
3[Pcsclite-muscle] Alcor Micro AU9520 not recognized by libccid 1.4.317 9.21 %
4[Pcsclite-muscle] Fwd: dead lock caused by SCardReleaseContext4 5.26 %
5[Pcsclite-muscle] memory consumption3 3.95 %
6[Pcsclite-muscle] pcsc-lite release3 3.95 %
7[Pcsclite-muscle] Exclusive access mode to the smart card reader3 3.95 %
8[Pcsclite-muscle] Lenovo laptops, GNU/Linux and smart card readers?3 3.95 %
9[Pcsclite-muscle] Chrome gets stuck and firefox won't open3 3.95 %
10[Pcsclite-muscle] Confused about extended APDU support2 2.63 %
11Potential security issues in CCID2 2.63 %
12[Pcsclite-muscle] SCardConnect behavior with invalid contexts2 2.63 %
13[Pcsclite-muscle] Missing checks of ATRDecodeAtr returns2 2.63 %
14[Pcsclite-muscle] Race condition during readerstate update2 2.63 %
15[Newsletter] Re: [Pcsclite-muscle] Race condition during2 2.63 %
16[Pcsclite-muscle] Alcor Micro AU9520 not recognized by libccid2 2.63 %
17New version of pcsc-lite: 1.8.261 1.32 %
18[Pcsclite-muscle] Linux Kernel 5.5 / CCID / PCSCLITE change1 1.32 %
19[Pcsclite-muscle] pcsclite-muscle Digest, Vol 24, Issue 21 1.32 %
20[Pcsclite-muscle] [Question] How to read SCARD_READER_CAPABILITIES1 1.32 %
21[Pcsclite-muscle] multi threading from a single pcsc handle /1 1.32 %
22[Pcsclite-muscle] Interfacing 32 bit driver with 64 pcscd1 1.32 %
23Unicode characters in a reader name1 1.32 %
24New version of libccid: 1.4.331 1.32 %
25[Pcsclite-muscle] How to dectect card status?1 1.32 %
26[Pcsclite-muscle] Potential hang in SCardTransmit1 1.32 %
27[Pcsclite-muscle] Instances of Undefined behavior in CCID1 1.32 %
28Incomplete archive between May 2018 and June 20201 1.32 %
29Lenovo laptops, GNU/Linux and smart card readers?1 1.32 %
30[Pcsclite-muscle] Race condition during readerstate1 1.32 %
 other6 7.89 %

Most used email clients:

  Mailer  Msg  Percent 
1(unknown)66 86.84 %
2Mozilla/5.x5 6.58 %
3Evolution 3.36.5 (3.36.5-1.fc32) 3 3.95 %
4K-9 Mail for Android1 1.32 %
 other1 1.32 %

Table of maximal quoting:

  Author  Percent 
1mauro@faresoftware.it 19.95 %
2jonathan.verner@nexusgroup.com 19.71 %
3axel.braun@gmx.de 17.27 %
4Axel.braun@gmx.de 11.83 %
5t-pcsc@girst.at 11.03 %
6tristan.degroof@multiversum.broedersvanliefde.be 10.60 %
7suffsuccotash@gmail.com 9.36 %
8thomas@schlenkhoff.me 7.59 %
9gregor.waltz@raritan.com 6.58 %
10stephan.guilloux@crisalid.com 4.97 %
11ludovic.rousseau@gmail.com 3.57 %
12trenta.sis@gmail.com 3.04 %
13Marc.Kewitz.ext@rohde-schwarz.com 2.29 %
14zeroconf@zeroconf.ee 1.75 %
15godfreyhkchung@gmail.com 1.51 %
16gsvelto@mozilla.com 0.43 %
17emaxx@google.com 0.00 %
18izh1979@gmail.com 0.00 %
19sebastien@lorquet.fr 0.00 %
20Gabriele Svelto 0.00 %
21mstjohns@comcast.net 0.00 %
 average 3.59 %

Maximal quoting:

Author : ludovic.rousseau@gmail.com
Subject : [Pcsclite-muscle] Alcor Micro AU9520 not recognized by libccid 1.4.31
Date : Thu, 5 Nov 2020 14:43:12 +0100
Quote ratio: 62.97% / 18890 bytes

Longest message:

Author : ludovic.rousseau@gmail.com
Subject : [Pcsclite-muscle] Alcor Micro AU9520 not recognized by libccid 1.4.31
Date : Wed, 4 Nov 2020 22:37:47 +0100
Size : 729365 bytes

Most successful subject:

Subject : [Pcsclite-muscle] Workaround for missing suspend/resume
No. of msgs: 9
Total size : 90764 bytes

Final summary:

Total number of messages: 76
Total number of different authors: 21
Total number of different subjects: 35
Total size of messages (w/o headers): 1407974 bytes
Average size of a message: 18525 bytes

Sunday, January 3, 2021

Happy new year 2021

 Dear readers,

I wish you a happy new year for 2021.

In 2020 I published 43 articles on this blog (25 in 2019, 24 in 2018, 34 in 2017 and 49 in 2016 and 51 in 2015). It is a 72% increase compared to 2019.

Audience

The number of readers in 2020 is decreasing (-15%) compared to 2019.


We still have the same 5 top countries in the same order than in 2019. USA is first one by a large margin.

 

I have a lot of readers (40%) coming from a Windows operating system.

It is surprising because I do not have many articles specifically about Windows. But at the same time a lot of my source codes or projects are also working on Windows.


Most read articles

No real surprise here: macOS & smart card and sample codes in different programming languages.

At the 8th place we find the article "pcsc_scan on Windows" I wrote in 2017. This article was not in the top-10 last year.


Thank you

Thank you to you, readers.

This blog has no advertising. If you want to support me you can send me some bitcoins or become a github sponsor.