Running PIVToken example [SOLVED]

I have downloaded PIVToken example from here https://developer.apple.com/library/content/samplecode/PIVToken/Introduction/Intro.html and trying to run it. I have put several breakpoints in the source code, but when I run it from XCode, none of them gets hit. It doesn't look like smartcard extension is properly registered or maybe there's some other problem.


I have YubiKey NEO PIV smart card.

I disabled built-in PIV token as mentioned in the README.md and restarted my machine.


sudo defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken


But when I insert YubiKey NEO, I still get SmartCard Pairing popup:


Do you want to connect the inserted SmartCard with the current user?

Card Identity: Certificate for digital signature (Test)


| Do not show again | | Cancel | | Pair |



The README also mentions that the new extension will be automatically installed when the hosting application is installed. Does it mean I need to install the application and not just run it from the XCode?


I'm running macOS Sierra & XCode 8

Up vote post of romanp.nexus Down vote post of romanp.nexus
3.4k views
Posted by
romanp.nexus
Reply
Add a Comment

Accepted Reply

> but when I run it from XCode, none of them gets hit. It doesn't look like smartcard extension is properly registered or maybe there's some other problem.

select PIVTokenApp scheme, run it, and once it is run, select Debug -> Attach to Process and select PIVtoken from the list of running processes

Insert smartcard in your reader and "createTokenForSmartCard" will get hit if you set a breakpoint there.


> The README also mentions that the new extension will be automatically installed when the hosting application is installed.

Correct


> Does it mean I need to install the application and not just run it from the XCode?

Nope, just run it as described above


Michael

Posted by
michaelang12345
Up vote reply of michaelang12345 Down vote reply of michaelang12345
Post marked as solved
Add a Comment

Replies

> but when I run it from XCode, none of them gets hit. It doesn't look like smartcard extension is properly registered or maybe there's some other problem.

select PIVTokenApp scheme, run it, and once it is run, select Debug -> Attach to Process and select PIVtoken from the list of running processes

Insert smartcard in your reader and "createTokenForSmartCard" will get hit if you set a breakpoint there.


> The README also mentions that the new extension will be automatically installed when the hosting application is installed.

Correct


> Does it mean I need to install the application and not just run it from the XCode?

Nope, just run it as described above


Michael

Posted by
michaelang12345
Up vote reply of michaelang12345 Down vote reply of michaelang12345
Post marked as solved
Add a Comment

>select PIVTokenApp scheme, run it, and once it is run, select Debug -> Attach to Process and select PIVtoken from the list of running processes

Insert smartcard in your reader and "createTokenForSmartCard" will get hit if you set a breakpoint there.


but when I run it from XCode,NO PIVtoken Process in the list of running processes.so I select PIVToken scheme and chose PIVTokenApp to run, Insert smartcard in smartcard reader , but none of breakpoints in the source code gets hit.And I can‘t find the PIVToken process in the activity monitor,none Extension is find in the System Preferences->Extension.

It doesn't look like smartcard extension is properly work or maybe there's some other problem.

I disabled built-in PIV token as mentioned in the README.md and restarted my machine.

sudo defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken

I'm running macOS Sierra & XCode 8

Posted by
workhardman
Up vote reply of workhardman Down vote reply of workhardman
Add a Comment

Oh my god, this was very confusing, but thank's a lot, you helped me to figure out what to do.


Steps:

1) Disable PIV with sudo defaults write ... and reboot

2) Insert smart card

3) Run example from XCode

4) Wait a little bit

5) Click Debug -> Attach and find "PIVToken" process. NOTE: Not PIVTokenApp procees, but PIVToken process

6) Remove smart card and insert it again! createTokenForSmartCard will be triggered

Posted by
romanp.nexus
Up vote reply of romanp.nexus Down vote reply of romanp.nexus
Add a Comment

I'm writing a new Token for italian eID card. I followed the example PIVToken and I implemented CIETokenApp and CIEToken..


As in workhardman post, when I run the CIETokenApp I cannot see any CIEToken process to attach to the debugger.


My questions are

1) should I disable the default PIV even if my card is different from the PIV?

2) May I have several different token extensions for different cards or should I have only one token at a time configured in the system?

3) is there something else that doesn't allow me to see the CIEToken process?

Posted by
ugos
Up vote reply of ugos Down vote reply of ugos
Add a Comment