Hello,
Introduction
===
I am co-author and present maintainer of pcsc-lite [1] and some other
smart card related software like a CCID driver [2].
Mac OS X provides a version of pcsc-lite based on pcsc-lite 1.1.2
(according to "pcscd -v" and the source code in [3]) and has some
improvements made by Apple.
So we have a pcsc-lite version maintained by Apple and based on
pcsc-lite 1.1.2 and the "official" pcsc-lite version 1.2.9-beta9 [1]
used by every other Unix-based operating systems.
The user API between 1.1.2 and 1.2.9 changed for one function:
SCardControl(). This change was made to be compatible with the PC/SC
API used under Windows. The goal of pcsc-lite is to provide a PC/SC
(also known as winscard) API under Unix. The new SCardControl()
function has one more parameter. This parameter is dwControlCode
"Control code for the operation. This value identifies the specific
operation to be performed." [5].
The problem
===
The function SCardControl() is used to talk directly to the smart card
reader instead of talking to the smart card. This function was not
really used until the creation of smart card readers with a keyboard
(and a screen for some of them). These smart card readers are also
called PIN pad readers. You can find a list of some of them at [2].
So to be able to use a PIN pad reader under Mac OS X the function
SCardControl() must be used by the application. For portability
reasons it would be a waste of time to have a source code different
for the application running under Mac OS X and for the same
application running under another Unix. The smart card reader driver
used by pcsc-lite would also have to be different for Mac OS X and for
another Unix.
Note also that the management of a PIN pad reader is
described/standardized in PC/SC version 2 part 10 [4]. This
specification uses the "correct" SCardControl() function.
I think we should try to solve the problem and have a common PC/SC API
before it's too late.
Proposal
===
The idea is to update pcsc-lite included in Mac OS X to benefit from
all the improvements that are present in pcsc-lite 1.2.9. pcsc-lite
would also benefit of the improvements made by Apple on pcsc-lite
included in Mac OS X.
To be short the idea is to merge or synchronise both source codes.
I am ready to work on pcsc-lite to integrate the modifications needed
for Mac OS X. I am also ready to help Apple update its pcsc-lite.
Technical details
===
The changes we need:
1. support the IFD handler API v3.0 [6] to use the new IFDHControl() API
2. support the new SCardControl() API at the application level
3. change pcsc-lite internal to always call the driver
IFDHSetProtocolParameters() function
Change 3 is needed to correctly configure the driver regarding the
protocol and speed to use.
Changes 1 & 2 are needed to support the "normal" SCardControl()
function. This function is very important since it is used by an
application to talk to a pinpad readers. Without this function it is
not possible to use a PIN pad reader under Mac OS X.
I know that the change 2 could break existing applications. But AFAIK
the only driver supported by Apple is the one written by Jean-Luc
Giraud [7, 8] and this driver does not use IFDHControl(). So the risk
to effectively break something is (very) low.
Conclusion
===
I opened a bug in Apple Bug Reporter as n° 4418047 and wanted to
present the situation here. Feel free to comment.
Regards,
[1] http://pcsclite.alioth.debian.org/
[2] http://pcsclite.alioth.debian.org/ccid.html
[3] http://darwinsource.opendarwin.org/10.4/SmartCardServices-31/src/PCSC/
[4] http://www.pcscworkgroup.com/specifications/specdownload.php
[5] http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthn/security/scardcontrol.asp
[6] http://pcsclite.alioth.debian.org/ifdhandler-3/
[7] http://darwinsource.opendarwin.org/10.4/SmartCardServices-31/src/CCIDDriver/
[8] http://homepage.mac.com/jlgiraud/ifd-CCID/ifd-CCID.html
--
Dr. Ludovic Rousseau
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden
This email sent to email@hidden
