[Tokend-Dev] Building Tokend on Leopard?

Shawn A. Geddis geddis at apple.com
Sun Mar 22 22:24:25 PDT 2009

On Mar 17, 2009, at 12:10 PM, Henry B. Hotz wrote:
> On Mar 16, 2009, at 6:22 PM, Shawn A. Geddis wrote:
>>> OpenSC Tokend and ActiveIdentity Tokend can do that, but they  
>>> can't unlock the card with a PIN.
>> Why can't they unlock the card ?
> If I knew that I might try to fix it (in OpenSC anyway).  ;-)
> That raises the question of how you could find out what the problem  
> is.  Can you usefully attach a debugger to a tokend?

The best method for debugging communication with a card is to set the  
debugging level in the reader driver.

For example, if your reader is being handled by the CCID Class Driver  
(ifd-ccid.bundle) then you can modify:

File:		/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/ 
Key:	ifdLogLevel

Original Value:	0x0001
Debug Value:	0x0007

Reader and Token insertions/removal are logged to:		/var/log/secure.log
Information between Host & Reader (Card Activity):		/var/log/system.log

	<!-- Possible values for ifdLogLevel
	1: CRITICAL  important error messages
	2: INFO      informative messages like what reader was detected
	4: COMM      a dump of all the bytes exchanged between the host and  
the reader
	8: PERIODIC  periodic info when pcscd test if a card is present  
(every 1/10 of a second)

	The final value is a OR of these values

	Default value: 3 (CRITICAL + INFO)

Shawn Geddis				  			   geddis at mac.com
Security Consulting Engineer

MacOSForge Project Lead:                           Smart Card Services
	Web:	http://smartcardservices.macosforge.org/
	Lists:	http://lists.macosforge.org/mailman/listinfo

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3864 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/tokend-dev/attachments/20090323/c06bcec2/attachment.bin>

More information about the Tokend-Dev mailing list