Date: Sat, 28 Jan 2006 20:02:02 +0200
From: Martin Paljak <email@hidden>
Subject: Re: Update PC/SC (smart card interface) to suppport PIN pad
readers?
To: Ludovic Rousseau <email@hidden>
Cc: email@hidden
Message-ID: <email@hidden>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Just to add to fuel to the fire:
...hopefully to clear 'some' of this up..
I've had many weird problems with apple pcscd/ccid driver.
Some time in December, some update caused two readers that used to
work, start to spit usb errors in the dmesg. 10.4.4 fixed it - it
works for a while now. But again - cards and readers 'disappear'
from the system because of this:
What readers, what smart cards and which tokend is supporting those
smart cards ?
At the same time it works without problems on linux and other unixes
(os OSX with Ludovic's CCID driver and a private pcscd instance)
No need for a swapped out CCID driver nor a private pcscd instance,
but I guess we need more info as to what is potentially the conflict
for you.
I've tested different CCID compatible readers from SCM as well as
Omnikey and Eutron and Gemplus.
There are many CCID compliant readers that will just work and it is
apparent that you have had success with this.
Also, I tried a PCMCIA reader (SCR241) that seems to be supported by
apple (/usr/libexec/SmartCardServices/drivers/SCR24XHndlr.bundle) but
with no luck. pcscd was not started, and even after manual start
there were no readers found.
The issue here is NOT with the pre-installed bundle nor with the lack
of readers found, well, almost...
Currently, as of 10.4.4, you need to make two minor modifications to
use the PC Card readers.
* Move the CCIDClass driver aside - current conflict prevents use
with a PCCard reader
- need to physically move the CCIDClassDriver.bundle out
* Set securityd.plist to auto-launch pcscd on startup
-- modify: /private/etc/mach_init.d/securityd.plist
Change FROM: <string>/usr/sbin/securityd</string>
Change TO: <string>/usr/sbin/securityd -s on</string>
This will allow you to work with the PC Card readers with bundles pre-
installed.
If you want to simultaneously use a USB CCID compliant reader, you
would need to install a specific driver for that reader, since you
had to move the CCIDClassDriver.bundle aside for now. A good
example most people do is install the OMNIKey 3121 driver to use that
CCID Compliant reader while also using the PCCard readers.
This is a work-a-round for this currently outstanding issue.
So in real life this is really important or it is very hard to roll
out any serious eID applications when the only place something
works is developers testbed (and i seriously DO want to have a
tokend running in parallel with pkcs#11, but currently the only way
to get a stable pkcs#11 implementation is to have a private pcscd
running and /usr/sbin/pcscd made chmod -x :()
There are other developers deploying Smart Card solutions with their
own tokend. I can verify it does work in real world cases because I
was part of those deployments. :)
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden
This email sent to email@hidden
