xamarin-macios Support for CryptoTokenKit

Are there any plans when Xamarin.Mac supports the new CryptoTokenKit API. Currently we have to build with Sharpie.

Feb 12 '20 21:02 martinscholz83

The fact that we are missing this binding shows up in our binding todos:

https://gist.github.com/chamons/b74a1133a44143c13ea438febbb9e2da

I don't have a timetable right now to give you, but this is on our radar.

Feb 13 '20 18:02 chamons

I'm not sure if you were using my "instructions" in https://github.com/chamons/mac-samples/tree/master/SystemFrameworkBinding

Part of what makes this framework non-trivial is that you need specific hardware to test.

Feb 13 '20 18:02 chamons

Yeap, that the is the one I'm using. What you mean with special hardware? We have lot of different PIV tokens from Feitian, Yubico or Gemalto we could test with. Is this what you mean with hardware?

Feb 13 '20 18:02 martinscholz83

I'm trying to get a Dev cert from Apple to add in VS to enable the com.apple.security.smartcard entitlement. Because currently I'm getting Null when trying to get TKSmartCardSlotManager.DefaultManager.

Feb 13 '20 18:02 martinscholz83

You will likely need to add com.apple.security.smartcard by hand to your entitlement, as there is not IDE support to my knowledge.

Feb 13 '20 19:02 chamons

That’s what I meant with add it to VS :o)

Feb 13 '20 19:02 martinscholz83

I'm currently have a problem using the API. I'm trying to send some simple verify pin commands to a YubiKey. Here is my sample code

card.BeginSessionWithReply((bool reply, NSError error) =>
                {
                    if (reply)
                    {
                        List<Byte> _AID_PIV = new List<byte> { 0xa0, 0x00, 0x00, 0x03, 0x08 };
                        List<byte> apdu = new List<byte> { 0x00, 0xA4, 0x04, 0x00, (byte)(_AID_PIV.Count), 0x00 };
                        apdu.InsertRange(5, _AID_PIV);

                        card.TransmitRequest(NSData.FromArray(apdu.ToArray()), (NSData data, NSError error) =>
                        {
                            if (error == null)
                            {
                                List<byte> pin = new List<byte> { 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38 };
                                List<byte> apduVerify = new List<byte> { 0x00, 0x20, 0x00, 0x80, 0x08, 0x00 };
                                apduVerify.InsertRange(5, pin);

                                card.TransmitRequest(NSData.FromArray(apduVerify.ToArray()), (NSData data, NSError error) =>
                                {
                                    if (error == null)
                                    {
                                        if (data != null)
                                            // Do something with data
                                    }
                                    else
                                    {
                                        // Do something with error
                                    }
                                });                                
                            }
                        });                        
                    }
                });

The native functions BeginWithSessionReply and TransmitRequest are using some kind completionHandler, closures which are mapped to Action<type, type>. Unfortunately these Actions never called, except you debug the code and wait long enough for it. I also tried with Task.Run... but that didn't helped. Do you have any idea how to make theses closures awaitable?

Mar 18 '20 10:03 martinscholz83

Where is that code being run from? Do you have something running a message pump (such as a NSApplication/UIApplication)?

Mar 18 '20 15:03 chamons

It's running in normal NSViewController (simple UI/Window project)

Mar 18 '20 15:03 martinscholz83

I tried with semaphore like in this example. But that didn't helper either.

Mar 18 '20 15:03 martinscholz83

i think the signature

// -(void)beginSessionWithReply:(void (^ _Nonnull)(BOOL, NSError * _Nullable))reply;
[Export ("beginSessionWithReply:")]
void BeginSessionWithReply (Action<bool, NSError> reply);

needs to be something like

Func<bool, NSError, Task> reply

Mar 18 '20 16:03 martinscholz83

I just hit this missing binding hard today too. This prevents us from doing any CAC card support on iOS/Catalyst.

May 07 '24 22:05 dotMorten

In order to test this:

Install the latest version of .NET 8 (should be .NET 8.0.300).

Save this json to ~/Downloads/WorkloadRollback.json:

{
"microsoft.net.sdk.ios": "17.2.8473-ci.main/8.0.100",
"microsoft.net.sdk.tvos": "17.2.8473-ci.main/8.0.100",
"microsoft.net.sdk.maccatalyst": "17.2.8473-ci.main/8.0.100",
"microsoft.net.sdk.macos": "14.2.8473-ci.main/8.0.100"
}

Add this NuGet.config to your project directory:

 <?xml version="1.0" encoding="utf-8"?>
 <configuration>
   <packageSources>
     <clear />
     <add key="xamarin-impl" value="https://pkgs.dev.azure.com/azure-public/vside/_packaging/xamarin-impl/nuget/v3/index.json" />
     <add key="dotnet8" value="https://dnceng.pkgs.visualstudio.com/public/_packaging/dotnet8/nuget/v3/index.json" />
   </packageSources>
 </configuration>

If you're already have a NuGet.config, just add these package sources.

Install the iOS workload:

$ sudo dotnet workload install ios --from-rollback-file ~/Downloads/WorkloadRollback.json

Try it out in your project:
```
private void Tapped()
{
#pragma warning disable APL0001
    Console.WriteLine (typeof (CryptoTokenKit.TKTokenOperation));
#pragma warning restore APL0001
}
```
Note that all CryptoTokenKit code must ignore the APL0001 warning, since this is preview API (https://github.com/xamarin/xamarin-macios/blob/main/docs/preview-apis.md#cryptotokenkit-apl0001)

May 30 '24 09:05 rolfbjarne