macOS Sonoma bug: Race condition in SCardGetStatusChange()?

This is part of the series: "macOS Sonoma and smart cards: known bugs".

I found a problem when using a composite reader i.e. a reader with 2 (or more) smart card reader interfaces.

The PC/SC layer reports a smart card is present when no smart card is inserted.

See also

I reported this problem as FB13184685 "race condition in pcsctest or the PC/SC function used to wait for a smart card reader or smart card".

Details

For my tests I use the Gemalto Prox DU reader. This reader is a single USB device with 2 CCID interfaces: one contact and one contactless interface.

I run the command: echo 1 | pcsctest. The idea is to select the reader 1 just after it is found.

I get the output:

% echo 1 | pcsctest

MUSCLE PC/SC Lite Test Program

Testing SCardEstablishContext    : Command successful.
Testing SCardGetStatusChange
Please insert a working reader   :

Then I connect a composite reader (2 CCID interfaces) with or without a card inserted and I get:

[...]
Please insert a working reader   : Command successful.
Testing SCardListReaders         : Command successful.
Reader 01: Gemalto Prox Dual USB PC Link Reader
Enter the reader number          : Waiting for card insertion
                                                                 : Command successful.
Testing SCardConnect             : No smart card inserted.

  • The command is waiting after displaying Please insert a working reader :.

  • Then I connect my smart card reader. The reader is found.

  • Pcsctest displays Waiting for card insertion : Command successful.

  • But then the SCardConnect fails with No smart card inserted.

I note that NO smart card was inserted in the reader. So the Waiting for card insertion reported as a success but that is an error.

I have the same result if a smart card is inserted in the reader.

If I run again the same command I get the expected result:

% echo 1 | pcsctest

MUSCLE PC/SC Lite Test Program

Testing SCardEstablishContext    : Command successful.
Testing SCardGetStatusChange
Please insert a working reader   : Command successful.
Testing SCardListReaders         : Command successful.
Reader 01: Gemalto Prox Dual USB PC Link Reader
Reader 02: Gemalto Prox Dual USB PC Link Reader 01
Enter the reader number          : Waiting for card insertion
                                                                 : Command successful.
Testing SCardConnect             : Command successful.
Testing SCardStatus              : Command successful.
Current Reader Name              : Gemalto Prox Dual USB PC Link Reader
Current Reader State             : 0x54
Current Reader Protocol          : 0x1
Current Reader ATR Size          : 13 (0xd)
Current Reader ATR Value         : 3B 88 80 01 00 00 00 00 33 71 71 00 3A
Testing SCardDisconnect          : Command successful.
Testing SCardReleaseContext      : Command successful.
Testing SCardEstablishContext    : Command successful.
Testing SCardGetStatusChange
Please insert a working reader   : Command successful.
Testing SCardListReaders         : Command successful.
Reader 01: Gemalto Prox Dual USB PC Link Reader
Reader 02: Gemalto Prox Dual USB PC Link Reader 01
Enter the reader number          : %

I do NOT have the problem with a reader with only 1 smart card slot. It looks like the problem is only with multi-slots and composite readers. It looks like a race condition somewhere in the PC/SC layer (or in the CryptoTokenKit layer bellow PC/SC) of macOS Sonoma.

I do not have the problem if I connect 2 "simple" smart card readers on a USB hub and then connect the hub to the Mac.

pcsc_scan

I note I do not have this problem if I use pcsc_scan from pcsc-tools.

With no reader connected I get:

% ./pcsc_scan
PC/SC device scanner
V 1.6.2 (c) 2001-2022, Ludovic Rousseau <ludovic.rousseau@free.fr>
Plug'n play reader name not supported. Using polling every 3600000 ms.
Scanning present readers...
Waiting for the first reader...

Then I connect the dual interface reader and I get the expected value:

[...]
Waiting for the first reader... found one
Scanning present readers...
0: Gemalto Prox Dual USB PC Link Reader
1: Gemalto Prox Dual USB PC Link Reader 01

Wed Oct  4 09:47:47 2023
 Reader 0: Gemalto Prox Dual USB PC Link Reader
  Event number: 0
  Card state: Card removed,
 Reader 1: Gemalto Prox Dual USB PC Link Reader 01
  Event number: 0
  Card state: Card removed,

  • Both interfaces are listed.

  • No card is wrongly found inserted.

Know workaround

None.

Just wait a bit after you detect a new reader is connected.