Use CCID interface instead of CryptoTokenKit API

App & System Services Drivers
spochic OP
Created 3d
Replies 1
Boosts 0
Views 37
Participants 2

Hi,

Is it possible for a macOS (or iOS/ipadOS) app to communicate with a CCID-compliant reader using the CCID interface (i.e., directly sending the PC_TO_RDR_* messages) instead of using the CryptoTokenKit API?

Apple's CCID driver (/System/Library/CryptoTokenKit/usbsmartcardreaderd.slotd) seems to support all the PC_TO_RDR and RDR_TO_PC messages: https://blog.apdu.fr/posts/2023/11/apple-own-ccid-driver-in-sonoma/#enable-my-ccid-driver

The background for this question is that we develop smartcard products and we'd like to use the finer grained settings provided by the CCID specification for testing/demo purposes.

Thank you.

Replies  1
Boosts  0
Views  37
Participants  2
DTS Engineer OP
Apple
10h

Is it possible for a macOS (or iOS/iPadOS) app to communicate with a CCID-compliant reader using the CCID interface (i.e., directly sending the PC_TO_RDR_* messages) instead of using the CryptoTokenKit API?

It depends on exactly what you're trying/willing to do:

  • If you specifically want a CCID "level" interface, then no, we don't really have an API for that.

  • If you're willing to send USB commands, then the IOUSBHost Framework can be used to interact directly with the device (this is the API our driver actually uses)*. Note that this might require using a codeless DEXT to prevent our implementation from claiming the device.

*The framework documentation says the framework is used to "Create host-mode user space drivers for USB devices", however, that's just a complicated way of saying “let apps directly send USB commands to devices".

__
Kevin Elliott
DTS Engineer, CoreOS/Hardware

0
Use CCID interface instead of CryptoTokenKit API
First post date Last post date
 
 
Q