e
OS X has a builtin list of supported USB CCID class-compliant smart card readers. For other readers, install the reader driver in /usr/libexec/SmartCardServices/drivers . Each driver is a bundle.
See also USB - CCID compatibility matrix
The bundle contains an XML file Info.plist which contains the device’s USB vendor ID and product ID. For detailed description of plist format and how to write driver, see < http://pcsclite.alioth.debian.org/api/group__IFDHandler.html >
/System/Library/Frameworks/PCSC.framework/Versions/A/XPCServices/com.apple.ctkpcscd.xpc/Contents/MacOS/com.apple.ctkpcscd
/System/Library/CryptoTokenKit/com.apple.ifdreader.slotd/Contents/MacOS/com.apple.ifdreader
Drivers are loaded as dynamic library from the latter one
https://developer.apple.com/documentation/os/logging?language=objc#1682416 and https://www.avanderlee.com/debugging/oslog-unified-logging/
It is possible to turn on logging for smart cards. Logging is turned on by setting global preference:
sudo defaults write /Library/Preferences/com.apple.security.smartcard Logging -bool yes
After a smart card reader is connected (or after reboot) all operations including contents of sent and received APDU messages are then logged into system log. Logging uses facility com.apple.security.smartcard.log so it is possible to set up filtering of these logs into custom targets (see asl.conf(5))
Logging behavior is normally governed by the system. However, while debugging in macOS, you can enable different logging levels for a subsystem using the log
command-line tool’s config
argument while logged in as root.
This shows how to enable debug-level logging for a subsystem.
Enabling debug-level logging for a subsystem
$ sudo log config --mode "level:debug" --subsystem com.your_company.your_subsystem_name
This is the script I use normally to debug PC/SC under macOS Mojave
#! /bin/bash
#
# enable APDU tracing use this
sudo defaults write /Library/Preferences/com.apple.security.smartcard Logging -bool yes
echo "now plug in your certgate AirID device"
sleep 5;
# enable displaying of private fields NOTE enabling private data no longer works on macOS Catalina 10.15+
sudo log config --mode "private_data:on"
# log as stream
sudo log stream --debug --info --source --style syslog --predicate '((subsystem == "com.apple.CryptoTokenKit") || (process == "com.apple.ifdreader"))'
On my machine this leads to the following logging
logging PC/SC on macOS
al@heron ~/bin debug_pcsc.sh
Filtering the log data using "process == "com.apple.ifdreader""
Timestamp Thread Type Activity PID TTL
2019-08-07 15:14:05.668951+0200 0x3a402a Debug 0x0 13149 0 com.apple.ifdreader: [com.apple.CryptoTokenKit:smartcard] deviceRemovalHandler invoked (entryId=4295018162)
2019-08-07 15:14:05.669017+0200 0x3a402a Debug 0x0 13149 0 com.apple.ifdreader: [com.apple.CryptoTokenKit:smartcard] installed device removal notification
2019-08-07 15:14:05.669325+0200 0x3a402a Debug 0x0 13149 0 com.apple.ifdreader: [com.apple.CryptoTokenKit:smartcard] new device arrival: 2dff:b602 14122430 (entryId=4295018162)
2019-08-07 15:14:05.669466+0200 0x3a402a Debug 0x0 13149 0 com.apple.ifdreader: [com.apple.CryptoTokenKit:smartcard] bundle loaded: /usr/local/libexec/SmartCardServices/drivers/ifd-ccid.bundle
2019-08-07 15:14:05.669518+0200 0x3a402a Debug 0x0 13149 0 com.apple.ifdreader: [com.apple.CryptoTokenKit:smartcard] found bundle for device, resolved entryId=4295018162 to deviceName='certgate GmbH AirID2 Mini'
2019-08-07 15:14:05.669621+0200 0x5a7115 Debug 0x0 13149 0 com.apple.ifdreader: [com.apple.CryptoTokenKit:smartcard] -> IFDHCreateChannelByName(00000000, 'certgate GmbH AirID2 Mini')
2019-08-07 15:14:05.669780+0200 0x5a7115 Info 0x0 13149 0 com.apple.ifdreader: (libccid.dylib) 42925798 ifdhandler.c:110:CreateChannelByNameOrChannel() Lun: 0, device: certgate GmbH AirID2 Mini
2019-08-07 15:14:05.669927+0200 0x5a7115 Info 0x0 13149 0 com.apple.ifdreader: (libccid.dylib) 00000158 ccid_usb.c:302:OpenUSBByName() Using: /usr/local/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist
2019-08-07 15:14:05.678628+0200 0x5a7115 Info 0x0 13149 0 com.apple.ifdreader: (libccid.dylib) 00008626 ccid_usb.c:320:OpenUSBByName() ifdManufacturerString: Ludovic Rousseau ([email protected] )
2019-08-07 15:14:05.678760+0200 0x5a7115 Info 0x0 13149 0 com.apple.ifdreader: (libccid.dylib) 00000234 ccid_usb.c:321:OpenUSBByName() ifdProductString: Generic CCID driver
2019-08-07 15:14:05.678916+0200 0x5a7115 Info 0x0 13149 0 com.apple.ifdreader: (libccid.dylib) 00000125 ccid_usb.c:322:OpenUSBByName() Copyright: This driver is protected by terms of the GNU Lesser General Public License version 2.1, or (at your option) any later version.
2019-08-07 15:14:07.127959+0200 0x5a7115 Info 0x0 13149 0 com.apple.ifdreader: (libccid.dylib) 01449055 ccid_usb.c:784:OpenUSBByName() Wait after libusb: 9
2019-08-07 15:14:07.231178+0200 0x5a7115 Info 0x0 13149 0 com.apple.ifdreader: (libccid.dylib) 00103223 ccid_usb.c:660:OpenUSBByName() Found Vendor/Product: 2DFF/B602 (certgate GmbH AirID2 Mini)
2019-08-07 15:14:07.231268+0200 0x5a7115 Info 0x0 13149 0 com.apple.ifdreader: (libccid.dylib) 0000013
2019-08-07 15:14:07.563391+0200 0x5a7405 Debug 0x0 13149 0 com.apple.ifdreader: (CryptoTokenKit) [com.apple.CryptoTokenKit:token] certgate GmbH AirID2 Mini: card reset done -> <TKSmartCardATR: 0x7fe531200840 3b 130000 T=1:--- T=1:fe45-;4a434f5076323431>
2019-08-07 15:14:07.563463+0200 0x5a7405 Default 0x0 13149 0 com.apple.ifdreader: (CryptoTokenKit) [com.apple.CryptoTokenKit:APDULog] ATR: 3b f8 13 .....
2019-08-07 15:14:07.563581+0200 0x5a7405 Debug 0x0 13149 0 com.apple.ifdreader: (CryptoTokenKit) [com.apple.CryptoTokenKit:token] certgate GmbH AirID2 Mini: broadcasting state change { atr = <3bf81300 008131fe 454a434f 50763234 31b7>; power = 1; prevstate = 2; share = 0; state = 4;}
Getting information from com.apple.bluetoothd
bash-3.2# defaults read com.apple.bluetoothd
SMPCloudLocalNonce = <9475e7a0 .... .... ....>;
LinkKeys = {
"..-..-..-..-..-.." = {
"..-..-..-..-..-.." = <a21c29c4 .... .... ....>;
"..-..-..-..-..-.." = <4a8b9385 .... .... ....>;
};
};
SMPCloudLocalNonce = <9475e7a0 .... .... ....>;
SMPCloudLocalPrivateKey = <a2f2a3a8 .... ..... ..... ..... ..... >;
SMPCloudLocalPublicKey = <a2f2a3a8 .... ..... ..... ..... ..... >;
SMPDistributionKeys = {
"..-e8-..-0d-..-.." = {
"..-..-..-..-..-.." = {
Address = <.... ....>;
AddressType = 0;
IRK = <be6658dd ..... ..... .....>;
LTK = <3b2fd57f ..... ..... .....>;
LTKLength = <10>;
MITMProtection = 1;
OriginalAddressType = 0;
SecureConnection = <01>;
};
};
};
}
Getting information from blued
bash-3.2# defaults read blued
{
LinkKeys = {
"..-..-..-..-..-.." = {
"..-..-..-..-..-.." = <a21c29c4 ..... ..... .....>;
"..-..-..-..-..-.." = <4a8b9385 ..... ..... .....>;
};
};
}
$ sudo system_profiler -detailLevel full SPBluetoothDataType
Related Articles
Page:
Page:
Page:
Page:
Page:
Please rate & help us to improve our FAQ.