CCID descriptor statistics: dwMaxCCIDMessageLength

Article from the serie "CCID descriptor statistics"

The dwMaxCCIDMessageLength field is a number value from the CCID USB descriptor:

For extended APDU level the value shall be between 261 + 10 (header) and 65544 +10, otherwise the minimum value is the wMaxPacketSize of the Bulk-OUT endpoint.

dwMaxCCIDMessageLength # %
271 bytes 184 72.44 %
1034 bytes 9 3.54 %
263 bytes 9 3.54 %
512 bytes 9 3.54 %
261 bytes 7 2.76 %
272 bytes 6 2.36 %
270 bytes 5 1.97 %
1400 bytes 2 0.79 %
273 bytes 2 0.79 %
278 bytes 2 0.79 %
432 bytes 2 0.79 %
65550 bytes 2 0.79 %
1014 bytes 1 0.39 %
1024 bytes 1 0.39 %
1041 bytes 1 0.39 %
138 bytes 1 0.39 %
2048 bytes 1 0.39 %
2100 bytes 1 0.39 %
256 bytes 1 0.39 %
262 bytes 1 0.39 %
266 bytes 1 0.39 %
280 bytes 1 0.39 %
288 bytes 1 0.39 %
522 bytes 1 0.39 %
536 bytes 1 0.39 %
586 bytes 1 0.39 %
64 bytes 1 0.39 %


The standard value for dwMaxCCIDMessageLength is 271.

On the 271 bytes :
  • 10 bytes are used for the CCID header
  • 4 bytes are used for the CLA, INS, P1, P2 APDU header
  • 1 byte for the data size
  • 256 bytes for the data

In the PC_to_RDR_XfrBlock CCID CCID command we note:
The block should never exceed the dwMaxCCIDMessageLength-10 in the Class Descriptor.
The value dwMaxCCIDMessageLength is related to dwMaxIFSD. See also "CCID descriptor statistics: dwMaxIFSD".

CCID Readers with dwMaxCCIDMessageLength < 271 and that are Short APDU level exchange readers are suspect. They are:
  • Aktiv Co., ProgramPark Rutoken Magistra: 261 bytes and ICCD Version B
  • Gemalto PDT: 261 bytes and ICCD Version B
  • IIT E.Key Almaz-1C: 264 bytes
  • OCS ID-One Cosmo Card USB Smart Chip Device: 261 bytes and ICCD Version B
  • Philips Semiconductors JCOP41V221: 261 bytes and ICCD Version B
  • Philips Semiconductors SmartMX Sample: 261 bytes and ICCD Version B
ICCD Version B devices are a special version of CCID and in this case the normal value is 261 bytes since the CCID header is not used. The command is sent using a control request and not a bulk message.

So only the IIT E.Key Almaz-1C reader is bogus and limited to a maximum of 249 bytes of data in an APDU.