New version of pcsc-tools: 1.6.1

 I just released a new version of pcsc-tools, a suite of tools for PC/SC. 

Changes:

1.6.1 - 30 December 2022, Ludovic ROUSSEAU

• 196 new ATRs
• use colors on NetBSD ("wsvt25" terminal)
• pcsc_scan: always print the version in verbose mode

PySCard (smartcard Python wrapper) API documentation update

The documentation for the PySCard API was not updated since 2017 (5 years ago).

epydoc → pydoctor

The tool used to generate the HTML documentation is epydoc. The latest epydoc version was released in 2008 (14 years ago). This tool is no more available in Debian so I had to move to something else.

The (new) tool to replace epydoc is pydoctor. It is actively maintained and generates nicer HTML pages.

For example, nice changes are:

• use of HTML list
• use syntax colorization for sample source code
• provide indexes for names, classes and modules
• no use of HTML frame so the URL is always correct and can be shared
  

Previous documentation

 

The old (epydoc) documentation is still available online at https://pyscard.sourceforge.io/epydoc/

New documentation

Conclusion

The new API documentation is available at https://pyscard.sourceforge.io/apidocs/index.html or from the project main documentation page https://pyscard.sourceforge.io/index.html

I guess I could improve the documentation. Feel free to report issues or suggest improvements.

AlcorMicro AU9560 reader and fast smart cards: help from crowd needed

The AlcorMicro AU9560 smart card reader has problems with high speed smart cards.

The reported problem

The same problem is already reported in different places:

• "HP Zbook AU9540"
• "Problem with Alcor MicroAU9540"
• "Alcor AU9540 NotRecognizing New PIV" 

Example of cards in reported problems

The reader is always the same but used with different cards.

• NASA Personal Identity Verification (PIV) card (eID)
  
• Aktiv Rutoken ECP 3.0 NFC (PKI)
  
• Oberthur Technologies ID-One PIV/CIV on V8 Device (eID) 
  

The card must have a TA₁ > 0x95. To know the TA₁ of your smart card you need to get and parse the card's ATR, for example using pcsc_scan program from pcsc-tools.

The problem

The reader declares it can support card/reader communication speed up to 688 172 bps.
See dwMaxDataRate field in AlcorMicro_AU9560.txt.

It is fast but I have 4.5 % of readers in my list that declare to be faster (not including contactless readers).

But speeds above ~200 000 bps are problematic with the AlcorMicro AU9560. It works fine, until an APDU exchange fails with a "Hardware error" (for example) message from the reader:

00000009 APDU: 00 A4 00 00 02 3F 00 00
00000007 ifdhandler.c:1333:IFDHTransmitToICC() usb:058f/9540:libudev:0:/dev/bus/usb/001/002 (lun: 0)
00000006 commands.c:1670:CmdXfrBlockAPDU_extended() T=0 (extended): 8 bytes
00000017 -> 000000 6F 08 00 00 00 00 0E 00 00 00 00 A4 00 00 02 3F 00 00
02734396 <- 000000 80 00 00 00 00 00 0E 41 FB 00
00000025 commands.c:1563:CCID_Receive Hardware error
00000009 APDU: 00 A4 00 00 02 3F 00 00

Where are the bogus readers?

The AlcorMicro AU9560 is not a stand alone USB reader. It must be integrated in a laptop. For example it is present in these laptop models:

• Lenovo Thinkpad P17
• Lenovo Thinkpad L15
• Lenovo X1 Extreme Gen 2
• HP Zbook
• HP EliteBook.

I guess the same AlcorMicro AU9560 reader is present in a lot of other Lenovo or HP laptops and also laptops from other brands. 

Patch

I worked on a patch to remove the highest speeds so that the CCID driver will negotiate a lower speed that is still supported by the reader. 

Problem with the patch

My patch works fine with one card I have (NXP JCOP 4). But it generates problems with another card (Acos-ID).

The error occurs when the driver set the communication speed. The Set Parameters commands fails and the driver gets a "Card absent or mute" error.

00000004 [140396399142464] commands.c:2324:SetParameters() length: 7 bytes
00000006 [140396399142464] -> 000000 61 07 00 00 00 00 07 01 00 00 95 10 FF 46 00 FE 00
01646726 [140396415927872] ccid_usb.c:1532:InterruptRead() after (0) (2)
00621370 [140396399142464] <- 000000 82 00 00 00 00 00 07 41 FE 00
00000025 [140396399142464] commands.c:2351:SetParameters Card absent or mute
00000005 [140396399142464] prothandler.c:141:PHSetProtocol() Set PTS failed (612)

I suspect the problem to be specific to this card. But I am not sure. That is why I need your help to test with as much possible combinations as possible.

Your help is welcome

 If your have:

1. a laptop with the AlcorMicro AU9560 smart card reader
   
2. a fast enough smart card (i.e. TA₁ > 0x95)

then you can help me.

The AlcorMicro AU9560 and the AlcorMicro AU9540 both use the same USB idProduct value of 0x9540 even if the two readers are a bit different. So even if you have a AU9560 the PC/SC name will be "Alcor Micro AU9540 xx yy". If you do not know what reader you have just suppose you have a AU9560.

You can check the 2 conditions above (AlcorMicro and TA1 value) using the pcsc_scan tools. See

$ pcsc_scan 
Using reader plug'n play mechanism
Scanning present readers...
0: Alcor Micro AU9540 00 00
 
Sat Dec 17 11:02:51 2022
 Reader 0: Alcor Micro AU9540 00 00
  Event number: 0
  Card state: Card inserted, Shared Mode, 
  ATR: 3B DC 96 FF 81 11 FE 80 31 C8 54 43 56 35 07 73 FF A1 C0 3C

ATR: 3B DC 96 FF 81 11 FE 80 31 C8 54 43 56 35 07 73 FF A1 C0 3C
+ TS = 3B --> Direct Convention
+ T0 = DC, Y(1): 1101, K: 12 (historical bytes)
  TA(1) = 96 --> Fi=512, Di=32, 16 cycles/ETU
    250000 bits/s at 4 MHz, fMax for Fi = 5 MHz => 312500 bits/s
  TC(1) = FF --> Extra guard time: 255 (special value)
  TD(1) = 81 --> Y(i+1) = 1000, Protocol T = 1 
-----
  TD(2) = 11 --> Y(i+1) = 0001, Protocol T = 1 
-----
  TA(3) = FE --> IFSC: 254
+ Historical bytes: 80 31 C8 54 43 56 35 07 73 FF A1 C0
[...]
+ TCK = 3C (correct checksum)

Possibly identified card (using /home/rousseau/.cache/smartcard_list.txt):
3B DC 96 FF 81 11 FE 80 31 C8 54 43 56 35 07 73 FF A1 C0 3C
	NXP JCOP 4, J3R200P0X3U/0ZA16CP NXD6.2 (JavaCard)

Please do:

1. download, build and install the patched version of the CCID driver from https://ccid.apdu.fr/files/ccid-1.5.1-3ac3a1a.tar.bz2
   
2. test it fixes the problems you had with the previous CCID driver
3. test it does not create new problems that were not present with the previous CCID driver
4. if a new problem appears I would like you to report it including:
1. the exact computer model you use
2. the name and ATR of the smart card you use
3. a complete pcscd trace as documented in How to get support

You can report your results using different channels:

1. on the MUSCLE mailing list
2. by email to me
3. by creating a new issue on the CCID project
   

Conclusion

Your help will greatly improve support of this reader commonly found in laptops.

Thank you.

[Update: Jan, 20th 2023]

The patch is now included in the CCID driver and will be present in the CCID release 1.5.2 (to be released later).

[Update: Jan, 31th 2023]

The CCID driver version 1.5.2 is now available.

Support of the AlcorMicro AU9560 should be better now.