On Mar 17, 2009, at 12:10 PM, Henry B. Hotz wrote:
On Mar 16, 2009, at 6:22 PM, Shawn A. Geddis wrote:
OpenSC Tokend and ActiveIdentity Tokend can do that, but they can't unlock the card with a PIN.
Why can't they unlock the card ?
If I knew that I might try to fix it (in OpenSC anyway). ;-)
That raises the question of how you could find out what the problem is. Can you usefully attach a debugger to a tokend?
The best method for debugging communication with a card is to set the debugging level in the reader driver. For example, if your reader is being handled by the CCID Class Driver (ifd-ccid.bundle) then you can modify: File: /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/ Info.plist Key: ifdLogLevel Original Value: 0x0001 Debug Value: 0x0007 Reader and Token insertions/removal are logged to: /var/log/secure.log Information between Host & Reader (Card Activity): /var/log/system.log <!-- Possible values for ifdLogLevel 1: CRITICAL important error messages 2: INFO informative messages like what reader was detected 4: COMM a dump of all the bytes exchanged between the host and the reader 8: PERIODIC periodic info when pcscd test if a card is present (every 1/10 of a second) The final value is a OR of these values Default value: 3 (CRITICAL + INFO) __________________________________________________ Shawn Geddis geddis@mac.com Security Consulting Engineer MacOSForge Project Lead: Smart Card Services Web: http://smartcardservices.macosforge.org/ Lists: http://lists.macosforge.org/mailman/listinfo __________________________________________________