USB SMART CARD READER DRIVERS
OS X has built-in support for USB CCID class-compliant smart card readers. For other readers, install the reader driver in /usr/libexec/SmartCardServices/drivers. Each driver is a bundle.
The bundle contains an XML file Info.plist which contains the device’s USB vendor ID and product ID. For detailed description of plist format and how to write driver, see <http://pcsclite.alioth.debian.org/api/group__IFDHandler.html>
with macOS Mojave (10.14.6) it is still possible to install your own version of libccid or other PC/SC IFD Handler bundles to /usr/local/libexec/SmartCardServices/drivers.
Non USB-Readers
/etc/reader.conf is read similar to standard pcscd way of doing things but instead of pointing to a library directly, it points to a bundle directry containg the same files as for usb readers, the difference is that Info.plist does not contain any product or vendor ids or friendly names.
SMART CARD APDU LOGGING
It is possible to turn on logging for smart cards. Logging is turned on by setting global preference:
sudo defaults write /Library/Preferences/com.apple.security.smartcard Logging -bool yes
After a smart card reader is connected (or after reboot) all operations including contents of sent and received APDU messages are then logged into system log. Logging uses facility com.apple.security.smartcard.log so it is possible to set up filtering of these logs into custom targets (see asl.conf(5))
Note that logging setting is one-shot; it must be turned on by the command above to start logging again with a new reader. This is to avoid security risk that logging is turned on indefinitely.
So, set this value to yes, plug in your AirID via USB and you should see APDU tracing. After the AirID is unplugged from USB, APDU tracing is disabled again.
Logging PC/SC or IFD Hander activity
Getting information from com.apple.bluetoothd
bash-3.2# defaults read com.apple.bluetoothd
SMPCloudLocalNonce = <9475e7a0 f4e93a9a b51df8d7 0b800896>;
LinkKeys = {
"b8-e8-56-0d-fb-81" = {
"7c-c3-a1-8f-be-4f" = <a21c29c4 a7d6591c 40d5789d 8d8b5675>;
"d8-30-62-39-11-ca" = <4a8b9385 4eb21c5c 68226d58 b7c8501b>;
};
};
SMPCloudLocalNonce = <9475e7a0 f4e93a9a b51df8d7 0b800896>;
SMPCloudLocalPrivateKey = <a2f2a3a8 7b0668e5 0c2d85aa c3761d3e 8c924e90 bd630dd7 4dcf957f bded6289 9ee1948e 9e2710be 43a70171 0911a72f f6e3ce7b 4a37e9f4 6a3c8c7f 43bb8fb6 9a3e9abb fe328a8d f616c9aa 126b42e0 bedc22c9 a5174980 838d2f7d 4d9faf05>;
SMPCloudLocalPublicKey = <a2f2a3a8 7b0668e5 0c2d85aa c3761d3e 8c924e90 bd630dd7 4dcf957f bded6289 9ee1948e 9e2710be 43a70171 0911a72f f6e3ce7b 4a37e9f4 6a3c8c7f 43bb8fb6>;
SMPDistributionKeys = {
"b8-e8-56-0d-fb-81" = {
"d0-cf-5e-06-f9-c4" = {
Address = <d0cf5e06 f9c4>;
AddressType = 0;
IRK = <be6658dd 46c563c1 9b0273be be0ae0e6>;
LTK = <3b2fd57f 7fed7c96 6e0ff8a1 c99ee836>;
LTKLength = <10>;
MITMProtection = 1;
OriginalAddressType = 0;
SecureConnection = <01>;
};
};
};
}
bash-3.2# defaults read blued
{
LinkKeys = {
"b8-e8-56-0d-fb-81" = {
"7c-c3-a1-8f-be-4f" = <a21c29c4 a7d6591c 40d5789d 8d8b5675>;
"d8-30-62-39-11-ca" = <4a8b9385 4eb21c5c 68226d58 b7c8501b>;
};
};
}