Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] CAC cards with Firefox/Mozilla

Bill,

Since you are probably using a 64K card and you realize that the commonAccessCard.bundle that is used for the legacy pkcs#11 may not have the newer ATR value related to your card you need to update the associated bundle via the 'pcsctool' command running as root.  

root# pcsctool
Select the approprate token driver:
-----------------------------------
  1.     commonAccessCard.bundle
  2.     GSCISPlugin.bundle
  3.     mscMuscleCard.bundle
  4.     slbCryptoflex.bundle
-----------------------------------
Enter the number: 1

Insert your token in: CCID Smart Card Reader 0 0

Token support updated successfully !

What happens is that the ATR values are updated in the Info.plist within the commonAccessCard.bundle:

/usr/libexec/SmartCardServices/services/commonAccessCard.bundle/Contents/Info.plist

        <key>spAtrValue</key>
        <string>3B6B00008065B08301047483009000</string>
        <array>
                <string>3B6500009C02020102</string>
                <string>3B7D110000003180718E6486D60100819000</string>
                <string>3B7F1100000031C053CAC4016452D90400829000</string>
                <string>3B6500009C02020702</string>
        </array>


NOTE:
This of course is only needed since you are using a PKCS#11 application and are using a newer card (newer ATR value) then was updated back for 10.3.x.  Apple has invested heavily in the abstraction of Smart Cards in Mac OS X 10.4 via Keychains which does not rely on the ATR values.  Applications that rely on "Smart Cards as Keychains"  (Sec* APIs) automatically get support for the 64K cards and CAC/GSC-IS/PIV with no additional coding needed.

-Shawn

On May 15, 2006, at 12:14 PM, Bill Jackson wrote:


Anyone else having a problem getting a CAC card to work with Firefox.

I am running 10.4.6 Mac OSX, firefox 1.5.0.3, SCRx31 USB Smart Card Reader: Version: 5.18.

When I do the following to setup Firefox:

Click Manage Security Devices, then click Load.
Enter a name in the Module Name box (for example, “CAC SmartCard”),
    then type the  location of the file in the Module Filename box:

   /usr/libexec/SmartCardServices/pkcs11/pkcs11.bundle/Contents/MacOS/pkcs11

Click OK.

Firefox thinks about it for a few seconds and then crashes.  Every time I try to restart
FIrefox it just crashes.

I have successfully configured Firefox on numerous Mac's of identical configurations,
but 2 of my machines just will not work.

Any suggestions would be greatly appreciated.

Thanks,
Bill Jackson
SPAWAR Systems Center San Diego
(619)553-2291

- Shawn
___________________________________________
Shawn Geddis
Security Consulting Engineer
Apple Enterprise Division    (Public & Private Sector)


 

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/fed-talk/email@hidden

This email sent to email@hidden
References: 
 >[Fed-Talk] CAC cards with Firefox/Mozilla (From: Bill Jackson <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.