= Leopard Bugs = This page is intended to document the problems with smartcard usage on MacOSX10.5 (Leopard). We provide the Apple's Problem ID, if available, and workarounds. Feel free to submit your problems directly to this wiki page, or via the mailing-list. '''December 2008 update:''' Please upgrade to Mac OS X 10.5.6, available via Software Update. It includes the [http://pcsclite.alioth.debian.org/ccid.html open source CCID library v1.3.8] and fixes at least some of the problems listed here. == ATR reporting error (2) == * '''Description''' Insert a first card, then remove it and reinsert a second different card. The ATR displayed by {{{/Library/OpenSC/bin/opensc-tool --atr}}} after the second card is a mix of the ATR of the second card and the ATR of the first card. This intereferes with the card type recognition. You can also use the Mac OS X tool {{{pcsctest}}} to display the card ATR. The result is the same and does not involve any OpenSC program. * '''Problem ID''' 5759329 * '''Workaround''' Disconnect the card reader between the 2 cards. == Pcscd choose a bad communication protocol == * '''Description''' Cards declaring T=0 and T=15 protocols will be configured by pcscd as T=1. This is documented with SetCOS 4.4.1 (ATR: 3B 9F 94 80 1F C3 00 68 11 44 05 01 46 49 53 45 31 C8 07 90 00 19). With some readers (ACR38U), the card simply doesn't answer to any APDU. * '''Problem ID''' 5757076, 6920676 * '''Workaround''' None == Token unlock in !KeyChainAccess == * '''Description''' By clicking on the lock icon in !KeyChainAccess, and after a correct PIN in the dialog box, the lock didn't get unlocked. This is probably just a cosmetic bug. * '''Problem ID''' None * '''Workaround''' None == SCardIsValidContext == * '''Description''' The PCSC framework library provides the SCardIsValidContext() function but this function is not declared in the PCSC framework header file /System/Library/Frameworks/PCSC.framework/Versions/A/Headers/winscard.h * '''Problem ID''' 5612527 * '''Workaround''' Declare the function yourself using: {{{ #ifdef __APPLE__ #ifdef __cplusplus extern "C" { #endif int32_t SCardIsValidContext(SCARDHANDLE hCard); #ifdef __cplusplus } #endif #endif }}} == multi-slot smart card readers == * '''Description''' If I use a smart card reader with 2 slots (and a driver supporting this feature) then the PCSC framework creates 2 readers (one for each slot) and also create a non-existing reader. This non-existing reader is still present after removing the multi-slot reader. * '''Problem ID''' 5697379 * '''Workaround''' None == TAG_IFD_THREAD_SAFE == * '''Description''' pcscd does not correctly implement the TAG_IFD_THREAD_SAFE feature of a smart card reader. Connecting a second reader will crash pcscd * '''Problem ID''' 5697388 * '''Workaround''' Ludovic Rousseau CCID driver [http://pcsclite.alioth.debian.org/ccid.html] already includes a [http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2008-January/002926.html patch] to avoid this bug. TAG_IFD_THREAD_SAFE is just not supported on Leopard. == Keychain services collapsing == * '''Descritpion''' Plugging/unplugging the reader and using some applications that access keychain result in a crash that takes down all Keychain using applications on PPC {{{ Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000000c1080000 Crashed Thread: 0 Thread 0 Crashed: 0 libSystem.B.dylib 0x945082a0 tiny_malloc_from_free_list + 80 1 libSystem.B.dylib 0x94501ba8 szone_malloc + 200 2 libSystem.B.dylib 0x94501a8c malloc_zone_malloc + 112 3 libSystem.B.dylib 0x945019ec malloc + 64 4 libstdc++.6.dylib 0x93f120cc operator new(unsigned long) + 112 5 libstdc++.6.dylib 0x93ef5d94 std::basic_string, std::allocator >::_Rep::_S_create(unsigned long, unsigned long, std::allocator const&) + 172 6 libstdc++.6.dylib 0x93ef618c char* std::basic_string, std::allocator >::_S_construct(char const*, char const*, std::allocator const&, std::forward_iterator_tag) + 112 7 libstdc++.6.dylib 0x93ef62a4 std::basic_string, std::allocator >::basic_string(char const*, std::allocator const&) + 64 8 com.apple.security 0x93056bdc Security::DLDbListCFPref::loadPropertyList(bool) + 104 9 com.apple.security 0x93056f8c Security::DLDbListCFPref::revert(bool) + 20 10 com.apple.security 0x9308974c Security::KeychainCore::StorageManager::getSearchList(std::vector >&) + 84 11 com.apple.security 0x9307a794 SecKeychainCopySearchList + 128 12 com.apple.CFNetwork 0x913051b0 _KeychainListChanged + 32 13 com.apple.CFNetwork 0x913059e8 _WatchKeychainCallback + 264 14 com.apple.security 0x9304db54 Security::KeychainCore::CCallbackMgr::AlertClients(std::list > const&, unsigned long, int, Security::KeychainCore::Keychain const&, Security::KeychainCore::Item const&) + 168 15 com.apple.security 0x9304df08 Security::KeychainCore::CCallbackMgr::consume(unsigned int, unsigned int, Security::CssmData const&) + 552 16 com.apple.security 0x931487ac Security::SecurityServer::NotificationPort::receive(Security::MachPlusPlus::Message const&) + 284 17 com.apple.security 0x9316a758 }}} Another one when testing today, and the activity can be traced to numerous plug-removals of the reader/card: {{{ 4 ??? [0xe0bec] 4 ??? [0xe0b70] 4 _SecKeychainFindGenericPassword + 388 (in Security) [0x9307aec8] 4 __ZN8Security12KeychainCore8ItemImpl7getDataERNS_17CssmDataContainerE + 108 (in Security) [0x9305f044] 4 __ZN8Security12KeychainCore15KCEventNotifier17PostKeychainEventEmRKNS0_8KeychainERKNS0_4ItemE + 172 (in Security) [0x930615d4] 4 __ZN8Security12KeychainCore15KCEventNotifier17PostKeychainEventEmRKNS_14DLDbIdentifierERKNS0_10PrimaryKeyE + 304 (in Security) [0x930614d4] }}} * '''Problem ID''' None * '''Workaround''' None == PC/SC never returns the warm ATR of a dual-ATR card == * '''Description''' Even after SCardReconnect(SCARD_RESET_CARD) the ATR returned by SCardStatus() is still the cold ATR * '''Problem ID''' 5964019 * '''Workaround''' None