Host Interfaces Network TCP Server CCID (PCSC)
September 3, 2025 at 3:28 AMCCID (PC/SC) over TCP
Overview
SpringCard USB-enabled devices running in PC/SC Mode implement the USB CCID specification. For convenience and efficiency, most SpringCard non-USB couplers also implement the CCID protocol on top of whatever communication interface they feature. This is known as “PC/SC-like” operation.
This chapter details the implementation of CCID over the network interface of a SpringCore device, using a TCP channel.
CCID protocol over TCP
Every message starts with the Endpoint number (copied from USB), then the CCID Header and Payload. The receiver uses the length field (from the Header) to separate one message from another.
Warning: Because of fragmentation and reassembly introduced by the underlying communication layers, a single TCP segment may carry multiple messages, just as a single message may be split across multiple TCP segments. A client implementation must take this into account in order to correctly reconstruct and process the CCID messages.
| Byte | Name | Description |
|---|---|---|
| 0 | Endpoint | |
| 1-10 | CCID header | Always present |
| 11-N | CCID payload | Absent if not payload |
Values for the Endpoint byte
| Value | Endpoint | Purpose | Protocol |
|---|---|---|---|
00 |
ControlOut | Control endpoint, PC to RDR | See Non-USB Control |
80 |
ControlIn | Control endpoint, RDR to PC | See Non-USB Control |
02 |
BulkOut | PC to RDR commands | CCID_PC_To_RDR, see CCID protocol |
81 |
BulkIn | RDR to PC responses | CCID_RDR_To_PC, see CCID protocol |
83 |
InterruptIn | RDR to PC notification of card(s) insertion/removal | CCID_Interrupts, see CCID protocol |
Format of the CCID header
The format conforms to the CCID specification for BulkOut and BulkIn endpoints. For the other endpoints, the format is exactly the same (hence not conform).
| Byte | Name | Description |
|---|---|---|
| 1 | Message type | Command or response opcode. See tables in the CCID protocol chapter. |
| 2-5 | Length of payload | DWORD, LSB-first |
| 6-10 | Parameters | BulkOut/BulkIn endpoints: slot number and sequence number followed by 3 bytes of context-specific parameters or error/status Other endpoints: free |
Supported length
- The shortest messages are 11-byte long (length=0, no payload),
- BulkOut/BulkIn endpoints support 64kB of payload, i.e. messages up to 65547 bytes (max length is
0001000in hex), - Other endpoints are limited to 256B of payload, i.e. messages up to 267 bytes (max length is
00000100in hex).
Security considerations
This protocol is intrinsically insecure: it provides neither confidentiality nor integrity protection. It must therefore only be used on a trusted local or private network.