Important!

Blog moved to https://blog.apdu.fr/

I moved my blog from https://ludovicrousseau.blogspot.com/ to https://blog.apdu.fr/ . Why? I wanted to move away from Blogger (owne...

Friday, January 17, 2014

New version of pcsc-tools: 1.4.22

I just released a new version of pcsc-tools. 2 new features in this version:
  1. automatic fetch of a new version of the ATR file if it was not upgraded in the last 10 hours.
  2. propose to use http://smartcard-atr.appspot.com/ to submit a new ATR
It should be easier to use with less manual work for you (to resynch the ATR list) and also less work for me (to update the ATR list) since the information should be complete and in the expected format.

Changes:
1.4.22 - 17 January 2014, Ludovic ROUSSEAU

Sunday, January 12, 2014

CCID descriptor statistics: bcdDevice

Article from the serie "CCID descriptor statistics"

The bcdDevice field is a number value from the USB descriptor: Device release number in binary-coded decimal

bcdDevice#%
1.00 (firmware release?)8433.07 %
1.01 (firmware release?)114.33 %
1.02 (firmware release?)114.33 %
0.00 (firmware release?)93.54 %
2.03 (firmware release?)93.54 %
1.47 (firmware release?)72.76 %
1.10 (firmware release?)62.36 %
2.00 (firmware release?)62.36 %
0.30 (firmware release?)51.97 %
5.23 (firmware release?)51.97 %
0.01 (firmware release?)41.57 %
0.10 (firmware release?)31.18 %
1.12 (firmware release?)31.18 %
1.20 (firmware release?)31.18 %
2.04 (firmware release?)31.18 %
50.00 (firmware release?)31.18 %
0.08 (firmware release?)20.79 %
0.50 (firmware release?)20.79 %
1.08 (firmware release?)20.79 %
1.11 (firmware release?)20.79 %
1.19 (firmware release?)20.79 %
1.71 (firmware release?)20.79 %
1.72 (firmware release?)20.79 %
12.01 (firmware release?)20.79 %
2.10 (firmware release?)20.79 %
20.01 (firmware release?)20.79 %
3.00 (firmware release?)20.79 %
5.00 (firmware release?)20.79 %
5.10 (firmware release?)20.79 %
5.25 (firmware release?)20.79 %
6.00 (firmware release?)20.79 %
61.23 (firmware release?)20.79 %
F0.F0 (firmware release?)20.79 %
0.02 (firmware release?)10.39 %
0.03 (firmware release?)10.39 %
0.05 (firmware release?)10.39 %
0.06 (firmware release?)10.39 %
0.13 (firmware release?)10.39 %
0.38 (firmware release?)10.39 %
0.40 (firmware release?)10.39 %
0.96 (firmware release?)10.39 %
0.99 (firmware release?)10.39 %
1.03 (firmware release?)10.39 %
1.04 (firmware release?)10.39 %
1.06 (firmware release?)10.39 %
1.16 (firmware release?)10.39 %
1.17 (firmware release?)10.39 %
1.21 (firmware release?)10.39 %
1.24 (firmware release?)10.39 %
1.50 (firmware release?)10.39 %
1.57 (firmware release?)10.39 %
1.60 (firmware release?)10.39 %
10.00 (firmware release?)10.39 %
11.63 (firmware release?)10.39 %
2.01 (firmware release?)10.39 %
2.02 (firmware release?)10.39 %
2.05 (firmware release?)10.39 %
2.06 (firmware release?)10.39 %
2.07 (firmware release?)10.39 %
2.11 (firmware release?)10.39 %
2.13 (firmware release?)10.39 %
2.21 (firmware release?)10.39 %
2.71 (firmware release?)10.39 %
3.01 (firmware release?)10.39 %
3.02 (firmware release?)10.39 %
3.10 (firmware release?)10.39 %
5.02 (firmware release?)10.39 %
5.08 (firmware release?)10.39 %
5.18 (firmware release?)10.39 %
5.21 (firmware release?)10.39 %
5.22 (firmware release?)10.39 %
5.30 (firmware release?)10.39 %
5.34 (firmware release?)10.39 %
52.57 (firmware release?)10.39 %
6.07 (firmware release?)10.39 %
6.27 (firmware release?)10.39 %
6.32 (firmware release?)10.39 %
61.10 (firmware release?)10.39 %
7.27 (firmware release?)10.39 %
7.36 (firmware release?)10.39 %
9.14 (firmware release?)10.39 %


This field is the firmware release number. So it can be realy anything. The most common value is 1.00. But you can also find strange values as F0.F0 are also possible.

CCID descriptor statistics: bcdCCID

Article from the serie "CCID descriptor statistics"

The bcdCCID field is a number value from the CCID USB descriptor:
Integrated Circuit(s) Cards Interface Devices (CCID) Specification Release Number in Binary-Coded decimal (i.e., 2.10 is 0210h).

bcdCCID#%
1.1012348.43 %
1.0012147.64 %
1.0151.97 %
10.0131.18 %
2.0020.79 %


The only valid realeases of the CCID specifications are 1.0 and 1.1. ICCD has only one released version: 1.00. So the other values are bogus.

Devices with bcdCCID = 1.01 are:
  • Broadcom Corp 5880
  • Broadcom Corp 5880
  • Cherry GmbH SmartBoard XX1X
  • Cherry GmbH SmartTerminal ST-1275
  • Cherry GmbH SmartTerminal XX1X
  • Dell Dell Smart Card Reader Keyboard
  • Gemalto IDBridge CT30
  • Gemalto IDBridge K30
Theses readers are bogus. 1.1 shall be coded as 1.10 (or 0x0110) as indicated in the specification.

Devices with bcdCCID = 10.01 are:
  • Avtor SC Reader 371
  • Avtor SecureToken
  • COVADIS Auriga
These readers are bogus. The 2 bytes of bcdCCID are reversed and are 0x1001 instead of 0x0110.

Devices with bcdCCID = 2.00 are:
  • OCS ID-One Cosmo Card USB Smart Chip Device
  • Philips Semiconductors JCOP41V221
These readers are declaring to comply to a CCID specification that is not yet released. Maybe they come from the future?

CCID descriptor statistics: bVoltageSupport

Article from the serie "CCID descriptor statistics"

The bVoltageSupport field is a number value from the CCID USB descriptor:
This value indicates what voltages the CCID can supply to its slots.
It is a bitwise OR operation performed on the following values:
  • 01h 5.0V
  • 02h 3.0V
  • 04h 1.8V
Other bits are RFU.

bVoltageSupport#%
0x0711043.31 %
0x018734.25 %
0x033714.57 %
0x02197.48 %
0x0010.39 %


The devices with bVoltageSupport = 0x00 is bogus. Even if the reader has the "Automatic ICC voltage selection" feature it should indicate the supported voltages.

Not all the possible combination are used. Readers are in one of the following categories (sorted by number of readers):
  • 0x07: 1.8V, 3V and 5V
  • 0x01: 5V only
  • 0x03: 3V and 5V
  • 0x02: 3V only
  • 0x00: bogus

CCID descriptor statistics: bPINSupport

Article from the serie "CCID descriptor statistics"

The bPINSupport field is a number value from the CCID USB descriptor:
This value indicates what PIN support features the CCID has.
The value is a bitwise OR operation performed on the following values:
  • 01h PIN Verification supported
  • 02h PIN Modification supported

bPINSupport#%
0x0021584.65 %
0x033614.17 %
0x0131.18 %


The vast majority of smart card readers do not have PIN support, they are not pinpad or keyboard readers.

Devices with bPINSupport = 0x01
  • Cherry GmbH SmartBoard XX33
  • Dell keyboard SK-3106
The devices with bPINSupport = 0x01 are all keyboards with a smart card reader integrated. The 2 readers above only support PIN verification. PIN modification is not supported.

Devices with bPINSupport = 0x03
  • ACS APG8201 PINhandy 1
  • ACS APG8201 USB Reader
  • Athena ASEDrive IIIe KB
  • C3PO KBR36
  • C3PO LTC32
  • COVADIS VEGA-ALPHA
  • Cherry GmbH SmartBoard XX1X
  • Cherry GmbH SmartBoard XX44
  • Cherry GmbH SmartTerminal ST-2xxx
  • Dell Dell Smart Card Reader Keyboard
  • Fujitsu Siemens Computers SmartCard Keyboard USB 2A
  • Fujitsu Siemens Computers SmartCard USB 2A
  • FujitsuTechnologySolutions GmbH SmartCase KB SCR eSIG
  • Gemalto EZIO CB+
  • Gemalto Ezio Shield Branch Reader
  • Gemalto Ezio Shield
  • Gemalto Ezio Shield
  • Gemalto ING Shield Pro SC
  • Gemalto USB GemPCPinpad SmartCard Reader
  • Gemalto USB GemPCPinpad SmartCard Reader
  • Hewlett-Packard Company HP USB CCID Smartcard Keyboard
  • Hewlett-Packard Company HP USB Smart Card Keyboard
  • KOBIL EMV CAP - SecOVID Reader III
  • KOBIL KAAN Advanced
  • KOBIL Systems mIDentity visual
  • Lenovo Lenovo USB Smartcard Keyboard
  • OMNIKEY AG CardMan 3621
  • OMNIKEY AG CardMan 3821
  • REINER SCT cyberJack go
  • SCM Microsystems Inc. SPR 532
  • VASCO DIGIPASS 920
  • VASCO DIGIPASS KEY 200
  • VASCO DIGIPASS KEY 860
  • VASCO DP855
  • VASCO DP865
  • VMware Virtual USB CCID
  • XIRING Leo v2
  • XIRING MyLeo
  • XIRING XI-SIGN USB V2
Devices with bPINSupport = 0x03 can do both PIN verification and PIN modification. Some devices are also keyboards with a smart card reader.

If you want to be able to securely modify the PIN you should select a reader in the second category.

CCID descriptor statistics: bNumEndpoints

Article from the serie "CCID descriptor statistics"

The bNumEndpoints field is a number value from the CCID USB descriptor: Number of endpoints used by this interface (excluding endpoint zero).

bNumEndpoints#%
322889.76 %
2166.30 %
062.36 %
141.57 %


According to the CCID specification: For Integrated Circuit(s) Cards Interface Devices (CCID)
  • 02h uses bulk-IN and bulk-OUT
  • 03h uses bulk-IN, bulk-OUT and interrupt –IN

So the possible values are 2 or 3 for a CCID device.

According to the ICCD specification:
  • 00h does not use further endpoint
  • 01h uses interrupt-IN
  • 02h uses bulk-IN and bulk-OUT
  • 03h uses bulk-IN, bulk-OUT and interrupt –IN
NOTE 01h indicates that the control endpoints are used for data transmission and interrupt-IN for notification of card specific events sent from the USB-ICC to the host.

Devices with bNumEndpoints = 0
  • Aktiv Co., ProgramPark Rutoken Magistra
  • BIFIT iBank2Key
  • Gemalto PDT
  • OCS ID-One Cosmo Card USB Smart Chip Device
  • Philips Semiconductors JCOP41V221
  • SchlumbergerSema SchlumbergerSema Cyberflex Access

Devices with bNumEndpoints = 1
  • Giesecke & Devrient GmbH Star Sign Card Token 350 (ICCD)
  • Giesecke & Devrient GmbH Star Sign Card Token 550 (ICCD)
  • KEBTechnology KONA USB SmartCard
  • Philips Semiconductors SmartMX Sample

To know if a device is a CCID or ICCD device use the bInterfaceProtocol field. We find again the 10 ICCD devices as found in bInterfaceProtocol. But we note that there is no matching between bNumEndpoints = 0 or 1 and Version A or B of ICCD protocol.

Saturday, January 4, 2014

MUSCLE mailing list statistics for 2013

As I did in 2009, 2010, 2011 and 2012 I propose some statistics of the MUSCLE mailing list usage.

Year Total number of messages Progression
2009603
2010718+19 %
2011999+39 %
2012207-79 %
2013198-4 %

This year we do not have a clear drop in the number of messages sent to the MUSCLE mailing list.


Statistics from 1.1.2013 to 21.12.2013
for muscle@lists.musclecard.com



People who have written most messages:

  Author  Msg  Percent 
1ludovic.rousseau@gmail.com37 18.69 %
2sebastien@lorquet.fr10 5.05 %
3rp@referencepoint.co.uk10 5.05 %
4christopherarges@gmail.com9 4.55 %
5fdimitriou@tmm-software.com9 4.55 %
6anand.renju.mailing.list@gmail.com9 4.55 %
7frank@apsu.be8 4.04 %
8samduke474@gmail.com7 3.54 %
9deengert@anl.gov7 3.54 %
10martin@martinpaljak.net7 3.54 %
11michael.traut@gmail.com6 3.03 %
1200cpxxx@gmail.com6 3.03 %
13helpcrypto@gmail.com6 3.03 %
14fgrieu@gmail.com5 2.53 %
15murilo.duarte@unitau.com.br4 2.02 %
16muscle-bounces@lists.musclecard.com4 2.02 %
17cmar@eurotux.com3 1.52 %
18alon.barlev@gmail.com3 1.52 %
19fdeybach@gmail.com3 1.52 %
20h0wdyd3wdy@gmail.com3 1.52 %
21munoz0raul@gmail.com3 1.52 %
22yoann.juet@univ-nantes.fr2 1.01 %
23r.rezaian@earthlink.net2 1.01 %
24kalevlember@gmail.com2 1.01 %
25lists@home.gofferje.net2 1.01 %
26wdick@urgewalten.de2 1.01 %
27nmav@redhat.com2 1.01 %
28ignacio.casal@nice-software.com2 1.01 %
29linuxprocess@free.fr2 1.01 %
30f.disciascio@dromedian.com1 0.51 %
 other2211.11 %

Best authors, by total size of their messages (w/o quoting):

  Author  KBytes 
1christopherarges@gmail.com2580.6
2ludovic.rousseau@gmail.com 251.3
3alon.barlev@gmail.com 80.0
4deengert@anl.gov 76.8
5helpcrypto@gmail.com 73.3
6sebastien@lorquet.fr 73.3
700cpxxx@gmail.com 48.2
8rp@referencepoint.co.uk 45.4
9fdimitriou@tmm-software.com 43.7
10frank@apsu.be 43.6
11michael.traut@gmail.com 39.3
12anand.renju.mailing.list@gmail.com 38.9
13martin@martinpaljak.net 37.6
14samduke474@gmail.com 34.5
15fdeybach@gmail.com 32.2
16murilo.duarte@unitau.com.br 30.4
17fgrieu@gmail.com 29.4
18wdick@urgewalten.de 28.1
19nmav@redhat.com 24.3
20xmm@c3po.es 22.2
21munoz0raul@gmail.com 20.8
22h0wdyd3wdy@gmail.com 17.3
23cmar@eurotux.com 12.8
24lists@home.gofferje.net 11.3
25muscle-bounces@lists.musclecard.com 11.2
26linuxprocess@free.fr 10.2
27leventak88@hotmail.com 8.9
28kwanhonluen@gmail.com 8.5
29crosser@average.org 8.0
30freescale@abv.bg 7.9

Best authors, by average size of their message (w/o quoting):

  Author  bytes 
1christopherarges@gmail.com293611
2alon.barlev@gmail.com27322
3xmm@c3po.es22773
4wdick@urgewalten.de14376
5helpcrypto@gmail.com12511
6nmav@redhat.com12457
7deengert@anl.gov11239
8fdeybach@gmail.com10979
9leventak88@hotmail.com9088
10kwanhonluen@gmail.com8677
1100cpxxx@gmail.com8232
12crosser@average.org8210
13freescale@abv.bg8101
14rob.on.lists@gmail.com7949
15michaelbender@me.com7939
16murilo.duarte@unitau.com.br7786
17eumesmo.ht@gmail.com7735
18lespaul49@gmail.com7639
19nboullis@debian.org7591
20sebastien@lorquet.fr7502
21munoz0raul@gmail.com7092
22ludovic.rousseau@gmail.com6955
23andreas.schwier@cardcontact.de6814
24ml@os2.kiev.ua6769
25michael.traut@gmail.com6708
26mstjohns@comcast.net6144
27fgrieu@gmail.com6022
28h0wdyd3wdy@gmail.com5891
29lists@home.gofferje.net5768
30frank@apsu.be5584

Table showing the most successful subjects:

  Subject  Msg  Percent 
1[Muscle] GP 2.2 INITIALIZE UPDATE (0x50) oddness
16 8.08 %
2[Muscle] CPS card blocking with PCSC
10 5.05 %
3[Muscle] PCSCLite: SCardControl cutting off data?
7 3.54 %
4[Muscle] Alternate javax.smartcardio provider
6 3.03 %
5[Muscle] connection reset/no data returned errors in browser
6 3.03 %
6[Muscle] SmartCard sign number
6 3.03 %
7[Opensc-devel] Issues connecting to OpenVPN with Smartcard
5 2.53 %
8[Muscle] Reader PC/SC not compliant
5 2.53 %
9[Muscle] RES: Parallel Process with readers - pcsc-lite
5 2.53 %
10[Muscle] ACR122U response frames contain wrong sequence numbers
5 2.53 %
11[Muscle] Can't access to read Omnikey Card
4 2.02 %
12[Muscle] RES: RES: Parallel Process with readers - pcsc-lite
4 2.02 %
13[Muscle] Which version onwards pcsc-lite support the Part10 features
4 2.02 %
14[Muscle] pcsc problem with javax.smartcardio package
3 1.52 %
15[Muscle] javax.smartcardio problem/OSX LION
3 1.52 %
16[Opensc-devel] issues with smartcards and openvpn when renegotiating
3 1.52 %
17[Muscle] Off-topic but related (Dont know where to look)
3 1.52 %
18[Muscle] Converting Windows Feature Request IOCTL code to the
3 1.52 %
19[Muscle] RES: RES: Parallel Process with readers - pcsc-lite
3 1.52 %
20[Muscle] Absence du bureau
3 1.52 %
21[Muscle] 16 character PIN
3 1.52 %
22[Opensc-devel] Cheap pinpad smart card reader with "PIN firewall"
3 1.52 %
23[Muscle] New version of libccid: 1.4.13
3 1.52 %
24[Muscle] VDV-KA
3 1.52 %
25[Muscle] Identifyng a contact smartcard
2 1.01 %
26[Muscle] PC/SC issues with Aladdin eToken PRO 64 on Ubuntu
2 1.01 %
27[Opensc-devel] issues with smartcards and openvpn when
2 1.01 %
28[Muscle] What if a handle passed to ScardDisconnect is reused?
2 1.01 %
29[Muscle] Wrong initialize update
2 1.01 %
30[Muscle] Muscle Digest, Vol 110, Issue 10
2 1.01 %
 other7035.35 %

Most used email clients:

  Mailer  Msg  Percent 
1(unknown)125 63.13 %
2Mozilla/5.x55 27.78 %
3Microsoft Office Outlook 11
6 3.03 %
4Evolution 3.4.4 (3.4.4-2.fc17)
3 1.52 %
5QUALCOMM Windows Eudora1 0.51 %
6Roundcube Webmail/0.8.5
1 0.51 %
7MessagingEngine.com Webmail Interface - ajax-25df3f14
1 0.51 %
8Mutt1 0.51 %
9iPhone Mail (11A501)
1 0.51 %
10Apple Mail (2.1510)
1 0.51 %
11Zimbra 7.2.0-GA2598 (ZimbraWebClient - FF3.0 (Linux)/7.2.0-GA2598)
1 0.51 %
12Zimbra 7.2.0-GA2598 (ZimbraWebClient - FF3.0 (Win)/7.2.0-GA2598)
1 0.51 %
13Claws Mail 3.9.0 (GTK+ 2.24.22; x86_64-pc-linux-gnu)
1 0.51 %
 other0 0.00 %

Table of maximal quoting:

  Author  Percent 
1mstjohns@comcast.net 43.40 %
2f.disciascio@dromedian.com 41.76 %
3r.rezaian@earthlink.net 37.40 %
4munoz0raul@gmail.com 32.94 %
5jan@dotplex.de 28.82 %
6mailman@hanez.org 26.76 %
7michaelbender@me.com 26.57 %
8wolfgang.korn@gmx.de 24.81 %
9wdick@urgewalten.de 24.61 %
10ignacio.casal@nice-software.com 23.11 %
11muscle@mail4steve.bestmail.us 23.01 %
12fdeybach@gmail.com 22.99 %
13martin@martinpaljak.net 22.16 %
14murilo.duarte@unitau.com.br 19.95 %
15deengert@anl.gov 19.88 %
16samduke474@gmail.com 19.43 %
17ddelgado@idoneum.net 18.32 %
18crosser@average.org 15.92 %
19michael.traut@gmail.com 15.73 %
2000cpxxx@gmail.com 15.12 %
21fdimitriou@tmm-software.com 13.90 %
22ludovic.rousseau@gmail.com 12.67 %
23frank@apsu.be 12.17 %
24muscle-bounces@lists.musclecard.com 12.04 %
25fgrieu@gmail.com 10.84 %
26rp@referencepoint.co.uk 10.70 %
27anand.renju.mailing.list@gmail.com 10.20 %
28nmav@redhat.com 9.70 %
29JShun@wyse.com 9.53 %
30cmar@eurotux.com 8.58 %
 average 5.02 %

Graph showing number of messages written during hours of day:

msgs
7
|
1
|
1
|
0
|
0
|
0
|
3
|
3
|
12
|
13
|
18
|
14
|
10
|
15
|
20
|
11
|
10
|
19
|
10
|
6
|
7
|
6
|
8
|
4
|
hour
01234567891011121314151617181920212223

Graph showing number of messages written during days of month:

msgs
4
|
6
|
15
|
10
|
5
|
5
|
2
|
10
|
4
|
0
|
4
|
3
|
8
|
7
|
10
|
11
|
10
|
8
|
9
|
19
|
4
|
8
|
3
|
3
|
6
|
6
|
2
|
4
|
7
|
4
|
1
|
day
12345678910111213141516171819202122232425262728293031

Graph showing number of messages written during days of week:

msgs
22
|
39
|
32
|
39
|
48
|
7
|
11
|

MonTueWedThuFriSatSun

Maximal quoting:

Author : samduke474@gmail.com
Subject : [Muscle] PCSCLite: SCardControl cutting off data?

Date : Tue, 14 May 2013 17:02:56 +0100

Quote ratio: 74.93% / 4408 bytes

Longest message:

Author : christopherarges@gmail.com
Subject : [Opensc-devel] issues with smartcards and openvpn when
Date : Thu, 14 Feb 2013 16:05:27 -0600
Size : 2616170 bytes

Most successful subject:

Subject : [Muscle] GP 2.2 INITIALIZE UPDATE (0x50) oddness
No. of msgs: 16
Total size : 88655 bytes

Final summary:

Total number of messages: 198
Total number of different authors: 52
Total number of different subjects: 82
Total size of messages (w/o headers): 4155394 bytes
Average size of a message: 20986 bytes