Microsoft Class Drivers for USB CCID Smart Cards

This article addresses issues related to the development of the Microsoft CCID class driver for Windows, including a list of the features in the USB CCID (Chip/Smart Card Interface Devices) specification that the driver will support.

This article provides USB smart card class-driver (Usbccid.sys) release information for devices that are compliant with the USB Chip/Smart Card Interface Devices (CCID) Specification (revision 1.0 or later). Usbccid.sys is compliant with all supported versions of Microsoft Windows operating systems, and is available on Windows Update.

For additional details on the class-driver architecture as well as the guidelines associated with USB CCID device development and testing requirements, read this article and see Smart Card Technology.

Introduction

The USB CCID class driver reduces the need for hardware vendors to create a device-specific driver for smart card readers. Eliminating the need for a device-specific driver will potentially reduce the driver development cost, improve driver and system stability, reduce time to market, and lead to a simplified plug and play experience for customers using devices compliant with the USB Chip/Smart Card Interface Devices (CCID) Specification (revision 1.0 or later).

The USB CCID class driver is compatible with all SKUs and locales that are associated with Windows.

The USB CCID class driver is currently available on Windows Update and also through the Windows Update Catalog. This article provides details on Windows support for USB CCID devices.

The “USB CCID Architecture” section later in this article describes the structure of the USB CCID stack. The “USB CCID Class Driver Details” section later in this article describes the features that are explicitly supported by this release of the USB CCID driver. The features planned for future releases are also discussed in the “USB CCID Class Driver Details” section.

The last section provides references to related information and action items to enhance your USB CCID device experience.

USB CCID Architecture

Figure 1 illustrates the functionality of the USB CCID class driver and the associated smart-card subsystem. The USB CCID class driver (Usbccid.sys) is the only driver, developed outside of the original Windows development cycle, to support USB CCID compliant devices. The balance of the class-driver infrastructure is already in-box in Windows.

Figure 1: USB CCID Architecture Stack

To confirm that you have the latest USB CCID driver, the following components must be included in your system.

Prior to Windows 7:

• INF (this INF will be an OEN*.inf file if obtained from Windows Update):
  • DriverVer: 04/01/2003,5.2.3790.0
  • ID match: USB\Class_0B&SubClass_00
• Driver file (Usbccid.sys):
  • File Version: 5.2.3788.0

For Windows 7 and later:

• INF:
  • DriverVer: 06/21/2006,6.1.7601.17514
  • ID match: USB\Class_0B&SubClass_00
• Driver file (WUDFUsbccidDriver.dll):
  • File Version: 6.1.7601.17514

Driver or INF version information that is newer (later date or higher version number) than the information listed above is acceptable.

To ensure compatibility with the USB CCID class driver, the Windows USB Team encourages all CCID-compliant devices to be qualified by the latest compatibility tests found on the WHDC Web site.

USB CCID Class Driver Details

The Microsoft CCID class driver is compatible with the USB Chip/Smart Card Interface Devices (CCID) Specification (revision 1.0 or later), which specifies a protocol that a host (computer) can use to interact with CCID class devices or interface (on a composite device). Neither the mechanics of the smart-card interface or the content of the data are described in the CCID specification. However, the CCID specification does provide detailed information with respect to the USB-related configuration and communication channels.

The current release of the Microsoft CCID class driver implements a majority of the features defined in the USB CCID specification. The Microsoft CCID class driver will support the following items that are based on the USB CCID Class specification:

• 5.0V, 3.0V, and 1.8V cards.
• Both T=0 and T=1 protocols.
• Variable clock frequencies and data rates.
• All features in the dwFeatures field, including Character, TPDU, APDU, and extended APDU levels, although TPDU is the preferred exchange level.
• In order to send or receive an Escape command to a reader, the DWORD registry value EscapeCommandEnable must be added and set to a non-zero value under one of the following keys.
  • HKLM\SYSTEM\CCS\Enum\USB\Vid*Pid*\*\Device Parameters (prior to Windows 7).
  • HKLM\SYSTEM\CCS\Enum\USB\Vid*Pid*\*\Device Parameters\WUDFUsbccidDriver (Windows 7 and later).
• Then the vendor IOCTL for the Escape command is defined as follows: #define IOCTL_CCID_ESCAPE SCARD_CTL_CODE(3500).
• With the enabled Escape command, security against malicious escape commands becomes the reader's responsibility.
• USB CCID readers should implement the GET_CLOCK_FREQUENCIES and GET_DATA_RATES properties, even if bit 20h in dwFeatures is set. The values of the bNumDataRatesSupported and bNumClockSupported functions should also be non-zero accordingly. This is due to a problem with the USB CCID Class specification where the driver is supposed to send a PPS request; however, if bit 20h and the values associated with the PPS request are zero, the driver does not know what values to set in the PPS request. If bNumDataRatesSupported and/or bNumClockSupported are set to zero, the driver will make a guess as to what baud rates the reader supports, which may or may not be correct.
• The following features are not currently supported in this initial release of the Microsoft CCID class driver. These features may be supported in future releases of the driver on future operating systems, and will be prioritized based on customer demand.
• Keypad or LCD display support. If these features need to be provided on a smart card, a different interface (generally HID) must be defined.
• Vendor/device-specific string name support in the device manager. Since the INF to load USBCCID is not included with Windows, the INF will be renamed as OEM*.INF. Vendors can not refer to this INF through Include/Needs. This feature may be supported in future Windows operating systems.
• Support for multiple slots on readers. If the reader has multiple slots, only slot 0 will be used. Devices that wish to expose multiple readers may develop a composite device (a CCID-compliant interface would then be required for each reader).
• Driver support for system wake from suspend/hibernate state on card insertion (even if the reader sets the remote wake bit). This feature may be made available as more smart-card readers provide remote wake functionality.
• Selective suspend support. The Windows team did not have selective suspend-capable hardware at the time of driver RTM to test this feature. This feature will be supported depending on the availability of readers that support selective-suspend and errata that are appended to the USB CCID specification to support selective suspend.
• Support for issuing multiple commands to a reader that implements queuing capabilities.
• Support for any of the mechanical driver features. Future support plans will be determined when the driver features are standardized. For more information, see section 4.1.12 of the USB Chip/Smart Card Interface Devices (CCID) Specification.

Windows Logo Program

Future requirements for the “Designed for Windows” logo program, which pertain to USB CCID class devices, may include the following:

USB smart card CCID reader complies with USB Device Class Specification for USB Chip/Smart Card Interface Devices. To ensure that USB smart-card readers interface with the USB host properly, chip/smart card interface device (CCID) readers must comply with all requirements identified in USB Device Class Specification for USB Chip/Smart Card Interface Devices, Revision 1.0 or later.

USB CCID reader issues NAK on the interrupt pipe when device has no interrupt data to transmit. USB smart-card readers must issue negative acknowledgment code (NAK) on an interrupt pipe, unless there is a change in state. This requirement prevents the need to repeatedly poll the device for status from the device’s function driver.

To review future requirements of the logo program, see New Logo Requirements for Hardware.

Call to Action for Building USB CCID-compliant Devices

• Download and review the complete USB Device Class specification for USB Chip/Smart Card Interface Devices Specification from the USB Web site.
• Review the Microsoft Smart Card functions, as described in the Microsoft Platform SDK.
• Build all future USB smart-card devices compliant to the CCID specification to take advantage of the USB CCID class driver.
• Visit the USB Implementers Forum Web site (https://www.usb.org ) and evaluate the USB CCID specification review requests. Ensure that USB-CCID compliant readers follow the USB CCID RR to support selective suspend and remote wake.

References

• USB Device Class specification for USB Chip/Smart Card Interface Devices Specification, Revision 1.0 (CCID Class Specification):

  https://www.usb.org/developers/devclass_docs

• Microsoft Update:

  https://update.microsoft.com/microsoftupdate/

• For information on smart card devices and their interaction with Windows XP, see:

  • "Smart Card" in the Microsoft Platform SDK, available from MSDN:

    https://msdn.microsoft.com/library/ms953430.aspx

  • Smart Card Technology

    Resources and white papers related to Windows support for smart card devices

  • USB Technology

    Resources and white papers related to Windows support for USB devices and drivers

General References

• Windows Hardware Dev Center
• Microsoft Windows Driver Development Kit (WDK)
• Microsoft Windows Logo Program System and Device Requirements
• Windows Logo Program Resources & Support

 

 

Send comments about this topic to Microsoft