[Tokend-Dev] Building Tokend on Leopard?
Shawn A. Geddis
geddis at apple.com
Sun Mar 22 22:24:25 PDT 2009
On Mar 17, 2009, at 12:10 PM, Henry B. Hotz wrote:
> On Mar 16, 2009, at 6:22 PM, Shawn A. Geddis wrote:
>
>>> OpenSC Tokend and ActiveIdentity Tokend can do that, but they
>>> can't unlock the card with a PIN.
>>
>> Why can't they unlock the card ?
>
>
> If I knew that I might try to fix it (in OpenSC anyway). ;-)
>
> That raises the question of how you could find out what the problem
> is. Can you usefully attach a debugger to a tokend?
The best method for debugging communication with a card is to set the
debugging level in the reader driver.
For example, if your reader is being handled by the CCID Class Driver
(ifd-ccid.bundle) then you can modify:
File: /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/
Info.plist
Key: ifdLogLevel
Original Value: 0x0001
Debug Value: 0x0007
Reader and Token insertions/removal are logged to: /var/log/secure.log
Information between Host & Reader (Card Activity): /var/log/system.log
<!-- Possible values for ifdLogLevel
1: CRITICAL important error messages
2: INFO informative messages like what reader was detected
4: COMM a dump of all the bytes exchanged between the host and
the reader
8: PERIODIC periodic info when pcscd test if a card is present
(every 1/10 of a second)
The final value is a OR of these values
Default value: 3 (CRITICAL + INFO)
__________________________________________________
Shawn Geddis geddis at mac.com
Security Consulting Engineer
MacOSForge Project Lead: Smart Card Services
Web: http://smartcardservices.macosforge.org/
Lists: http://lists.macosforge.org/mailman/listinfo
__________________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3864 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/tokend-dev/attachments/20090323/c06bcec2/attachment.bin>
More information about the Tokend-Dev
mailing list