Leopard Bugs
This page is intended to document the problems with smartcard usage on MacOSX10.5 (Leopard). We provide the Apple's Problem ID, if available, and workarounds. Feel free to submit your problems directly to this wiki page, or via the mailing-list.
December 2008 update: Please upgrade to Mac OS X 10.5.6, available via Software Update. It includes the open source CCID library v1.3.8 and fixes at least some of the problems listed here.
ATR reporting error (2)
- Description
Insert a first card, then remove it and reinsert a second different card. The ATR displayed by /Library/OpenSC/bin/opensc-tool --atr after the second card is a mix of the ATR of the second card and the ATR of the first card. This intereferes with the card type recognition.
You can also use the Mac OS X tool pcsctest to display the card ATR. The result is the same and does not involve any OpenSC program.
- Problem ID
5759329
- Workaround
Disconnect the card reader between the 2 cards.
Pcscd choose a bad communication protocol
- Description
Cards declaring T=0 and T=15 protocols will be configured by pcscd as T=1. This is documented with SetCOS 4.4.1 (ATR: 3B 9F 94 80 1F C3 00 68 11 44 05 01 46 49 53 45 31 C8 07 90 00 19). With some readers (ACR38U), the card simply doesn't answer to any APDU.
- Problem ID
5757076, 6920676
- Workaround
None
Token unlock in KeyChainAccess
- Description
By clicking on the lock icon in KeyChainAccess, and after a correct PIN in the dialog box, the lock didn't get unlocked. This is probably just a cosmetic bug.
- Problem ID
None
- Workaround
None
SCardIsValidContext
- Description
The PCSC framework library provides the SCardIsValidContext() function but this function is not declared in the PCSC framework header file /System/Library/Frameworks/PCSC.framework/Versions/A/Headers/winscard.h
- Problem ID
5612527
- Workaround
Declare the function yourself using:
#ifdef __APPLE__
#ifdef __cplusplus
extern "C"
{
#endif
int32_t SCardIsValidContext(SCARDHANDLE hCard);
#ifdef __cplusplus
}
#endif
#endif
multi-slot smart card readers
- Description
If I use a smart card reader with 2 slots (and a driver supporting this feature) then the PCSC framework creates 2 readers (one for each slot) and also create a non-existing reader.
This non-existing reader is still present after removing the multi-slot reader.
- Problem ID
5697379
- Workaround
None
TAG_IFD_THREAD_SAFE
- Description
pcscd does not correctly implement the TAG_IFD_THREAD_SAFE feature of a smart card reader. Connecting a second reader will crash pcscd
- Problem ID
5697388
- Workaround
Ludovic Rousseau CCID driver http://pcsclite.alioth.debian.org/ccid.html already includes a patch to avoid this bug. TAG_IFD_THREAD_SAFE is just not supported on Leopard.
Keychain services collapsing
- Descritpion
Plugging/unplugging the reader and using some applications that access keychain result in a crash that takes down all Keychain using applications on PPC
Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000000c1080000 Crashed Thread: 0 Thread 0 Crashed: 0 libSystem.B.dylib 0x945082a0 tiny_malloc_from_free_list + 80 1 libSystem.B.dylib 0x94501ba8 szone_malloc + 200 2 libSystem.B.dylib 0x94501a8c malloc_zone_malloc + 112 3 libSystem.B.dylib 0x945019ec malloc + 64 4 libstdc++.6.dylib 0x93f120cc operator new(unsigned long) + 112 5 libstdc++.6.dylib 0x93ef5d94 std::basic_string<char, std::char_traits<char>, std::allocator<char> >::_Rep::_S_create(unsigned long, unsigned long, std::allocator<char> const&) + 172 6 libstdc++.6.dylib 0x93ef618c char* std::basic_string<char, std::char_traits<char>, std::allocator<char> >::_S_construct<char const*>(char const*, char const*, std::allocator<char> const&, std::forward_iterator_tag) + 112 7 libstdc++.6.dylib 0x93ef62a4 std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) + 64 8 com.apple.security 0x93056bdc Security::DLDbListCFPref::loadPropertyList(bool) + 104 9 com.apple.security 0x93056f8c Security::DLDbListCFPref::revert(bool) + 20 10 com.apple.security 0x9308974c Security::KeychainCore::StorageManager::getSearchList(std::vector<Security::KeychainCore::Keychain, std::allocator<Security::KeychainCore::Keychain> >&) + 84 11 com.apple.security 0x9307a794 SecKeychainCopySearchList + 128 12 com.apple.CFNetwork 0x913051b0 _KeychainListChanged + 32 13 com.apple.CFNetwork 0x913059e8 _WatchKeychainCallback + 264 14 com.apple.security 0x9304db54 Security::KeychainCore::CCallbackMgr::AlertClients(std::list<Security::KeychainCore::CallbackInfo, std::allocator<Security::KeychainCore::CallbackInfo> > const&, unsigned long, int, Security::KeychainCore::Keychain const&, Security::KeychainCore::Item const&) + 168 15 com.apple.security 0x9304df08 Security::KeychainCore::CCallbackMgr::consume(unsigned int, unsigned int, Security::CssmData const&) + 552 16 com.apple.security 0x931487ac Security::SecurityServer::NotificationPort::receive(Security::MachPlusPlus::Message const&) + 284 17 com.apple.security 0x9316a758
Another one when testing today, and the activity can be traced to numerous plug-removals of the reader/card:
4 ??? [0xe0bec]
4 ??? [0xe0b70]
4 _SecKeychainFindGenericPassword + 388 (in Security) [0x9307aec8]
4 __ZN8Security12KeychainCore8ItemImpl7getDataERNS_17CssmDataContainerE + 108 (in Security) [0x9305f044]
4 __ZN8Security12KeychainCore15KCEventNotifier17PostKeychainEventEmRKNS0_8KeychainERKNS0_4ItemE + 172 (in Security) [0x930615d4]
4 __ZN8Security12KeychainCore15KCEventNotifier17PostKeychainEventEmRKNS_14DLDbIdentifierERKNS0_10PrimaryKeyE + 304 (in Security) [0x930614d4]
- Problem ID
None
- Workaround
None
PC/SC never returns the warm ATR of a dual-ATR card
- Description
Even after SCardReconnect(SCARD_RESET_CARD) the ATR returned by SCardStatus() is still the cold ATR
- Problem ID
5964019
- Workaround
None
