I would like to install PKCS#11 Tokend to my Mac OS X El Capitan (10.11.2) so I can access PKCS#11 enabled devices from Safari.
I downloaded and install Smart Card Services for El Capitan from https://smartcardservices.macosforge.org/trac/wiki/installers.
Now I have Tokend installed in /Library/Security/tokend but there is no PKCS11.tokend, there are the following:
- BELPIC.tokend
- CAC.tokend
- CACNG.tokend
- JPKI.tokend
- PIV.tokend
So I read on the following site that it should be included, or it can be built and copied to tokend directory to access PKCS#11 libraries stored in /usr/lib/pkcs11 or /usr/local/lib/pkcs11: http://ludovicrousseau.blogspot.cz/2010/04/free-software-tokend-above-pkcs11-for.html.
But I am not even able to successfully install darwinbuild.
Also I don't want to build the whole Smart Card Services solution, I would like to build just PKCS#11.tokend and use it with KeyChain.
The building steps are not very clear for me.
How to do it for El Capitan? Or is there any version that is already built and can be used?
El Capitan is tricky because Apple has implemented SIP (System Integrity Protection) which prevents write access to various system folders... (\system\library\security\ , \library\security, etc)
If you want to move forward with installing SCS or if you want to try manually adding/removing tokend files... you'll have to disable SIP first.
Some extra advice regarding PKCS... If you know what type of card you have, contact the manufacturer to get the appropriate PKCS tokend file. One size does not fit all unfortunately.
If you want to determine what type of card you have, plug in your reader, plug in the card, open Terminal and type pcsctest. When it asks for reader number type 01 and hit enter.
On that page, you'll find an ATR code. Grab that code and paste it here:
You should then have a manufacturer result. Search specifically for that smartcard manufacturer's PKCS libraries online (typically a .tokend file)
Good luck!!