Source Code for the SmartCard Services that shipped in Mac OS X 10.6.0 have been posted!

Now that Mac OS X 10.6.0 has been released by Apple on August 28, 2009, we were able to post the corresponding source code to our project for immediate access and development.

64-Bit Development

Keep in mind that Mac OS X 10.6 "Snow Leopard" requires many of you to shift to full 64-bit development environments depending on what layer of the OS your solution targets.  If you have been leveraging the darwinbuild process, be sure to acquire an updated copy before proceeding with development here.

Source Code Postings

Source Code releases have now been posted under a new directory of "/releases".  From this point forward, we will always post new source from Apple under the appropriate Mac OS X release name as in:

/releases
 /Apple
  /OSX-10.5.6
  /OSX-10.6.0

All releases coming directly from the work here will be posted under this new directory as well.  SmartCardServices will be posted with their own release sequence name.

/releases
 /SCS

On August 17, 2009, we had a new component added to our project...

Component: TokendPKCS11 

Short Description: PKCS-11 Shim on top of Tokend

This new component allows use of any installed tokend from a PKCS-11 based Application (i.e. Firefox, Thunderbird, etc.).  This P11overTokend approach eliminates the need for users to have multiple SmartCard abstraction layers.  Having more Smart Card Architectures (other than the built-in Tokend) active at the same time can be extremely problematic, since there is no inherent arbitration between them.  Apple's Smart Card Services assumes exclusive ownership of any recognized and supported Smart Card that has been attached to the hardware.  If the Smart Card inserted was not supported by any installed Tokend then there was no conflict with the PKCS-11 based application.

The intent of this TokendPKCS11 was not to provide a complete PKCS-11 library replacement, but rather to provide a bridging technology for access to smart cards already supported by an installed Tokend.  There is no support for writing back to the cards (i.e. personalization).  Any application or service needing to modify the card contents in any manner other than the PIN, would still need to rely on a separate fully capable PKCS-11 library.  Note that Apple no longer provides a fully capable PKCS-11 library on Mac OS X, that you can use, as of 10.5.0.

This component has been under development against the Mac OS X 10.5.x source code and is available currently as separate source code <here>.  Now that Mac OS X 10.6 is out (released on August 28, 2009) and the corresponding source code is posted as well, you will find this component has already been integrated into the Tokend Component as of Mac OS X 10.6.0 - no separate component will be maintained going forward.

• Smart Card Tokend Wiki Page
• TokendPKCS11 Source for Mac OS X 10.5.x development
• Tokend component for Mac OS X 10.6.x development

Welcome

Welcome to the SmartCardServices project for Mac OS X. This MacOSForge project is intended as a central clearing house for activity and development related to the seamless integration of smart cards, readers, relevant third-party software, and Mac OS X's identity system and credential stores (i.e., keychains).

The goal of this project is to provide early access to community-driven development of novel capabilities and enhancements. Over time, as these innovations mature, they will be evaluated for inclusion in future releases of Mac OS X.

The Smart Way to do Smart Cards

Smart Card Services are the abstraction layer for integrating smart cards into Apple's Common Data Security Architecture (CDSA).  Once a smart card is recognized by these services, it is represented as a dynamic keychain and is made available to all services and applications using Mac OS X's credential environment. Applications use credentials from smart cards just as they have for years with file-based keychains, without needing any knowledge of smart card technology.

This project will serve as a working environment for experimenting with new and enhanced versions of the various components which make up Smart Card Services. The components initially included in this project are:

• pcscd (PCSC Daemon)
• ifd-ccid.bundle  (USB CCID Class Driver)
• *.Tokend  (Tokend modules for utilizing smart cards)

Come Together, Right Now

Since its debut in Mac OS X version 10.4, an incredible number of developers, administrators and users have wanted to do more and actively contribute to the success of Smart Card Services -- knowing that the better the integration, the better their experience would be.  Many card, reader, and application partners have been anxious to join this active community and extend the services to capabilities not yet available.

To that end, the SmartCardServices project provides a central forum, repository, and build environment to enable collaborative development and testing. This will enable our security-conscious developers and customers to take this rich environment to the next level of seamless integration. 

Start Your Engines

Now that you are here, we encourage you to engage in this project through:

- discussions on the various mailing lists

- source code review

- code submission (note licensing terms!)

and of course ingesting the ongoing documentation, tips & tricks, and reference material that will be developed and posted here on a regular basis.

Visit us weekly -- or better yet, click the RSS subscription link to the right to ensure you do not miss a single tidbit of development, news or activity coming out of this exciting new project.

Sincerely,

The SmartCardServices Dev Team