Important!

Blog moved to https://blog.apdu.fr/

I moved my blog from https://ludovicrousseau.blogspot.com/ to https://blog.apdu.fr/ . Why? I wanted to move away from Blogger (owne...

Tuesday, November 18, 2014

OS X Yosemite and smart card source code

Apple released the source code of the open source components they use in Yosemite (OS X 10.10 released October 2014). The components are available at OS X 10.10 Source.

The smart card related components are:
  • SecurityTokend
  • SmartCardServices
  • SmartcardCCID
  • Tokend
See "OS X Yosemite and smart cards status" for a general discussion of the changes in Yosemite.

SmartcardCCID

The version changed from 55005 in Mavericks to 55008 in Yosemite.

This reflect the change of the CCID driver from version 1.3.11 to version 1.4.14.
Apple also upgraded libusb from version 0.1.13b to version 1.0.9.

The CCID driver is now compiled with USE_COMPOSITE_AS_MULTISLOT option. That explains why composite devices are now supported.
It would have been better to support composite devices at the pcscd (or equivalent, com.apple.ifdreader.slotd?) level. USE_COMPOSITE_AS_MULTISLOT is a hack that does work only for Gemalto Prox DU and Prox SU readers.

SmartCardServices

The version changed from 55111 in Mavericks to ... 55111 in Yosemite.

The version have not changed dven if Apple made large changes in the PC/SC middleware: pcscd has been removed and replaced by something even more bizarre and inexplicable. So it is surprising to see that SmartCardServices has not been updated.

Tokend

Tokend and CDSA was deprecated since Lion (10.7 released in July 2011) more than 3 years and 4 major releases ago. See "Mac OS X Lion and tokend".

The Tokend component is no more delivered since its deprecation in 10.7. The latest version is 36720 from Mac OS X 10.6 (Snow Leopard).

This component contains (or contained) the BELBIC, CAC, MuscleCard and PIV tokend.

SecurityTokend

The version of SecurityTokend changed from 55107 to 55108.

The change is really minimal. The mig.mk script changed to use the command xcrun (xcrun - Run or locate development tools and properties) to run the command mig (mig - Mach Interface Generator).

The tokend is deprecated but still maintained (a bit). This project provides the SecurityTokend framework used by the different tokend in the Tokend component. The SecurityTokend framework is still provided by Xcode in /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/
SDKs/MacOSX10.10.sdk/System/Library/PrivateFrameworks/SecurityTokend.framework
.

Conlusion

New version of the CCID driver.

New PC/SC layer. The source code of the replacement of pcsc-lite (com.apple.ctkpcscd.xpc and com.apple.ifdreader.slotd) is not (yet) available. Maybe Apple will never release it. So only Apple will be able to fix the numerous bugs present in this new component.

I do not like the evolution of the smart card layer to a closed source software.