Deprecated tokend API is now replacedIn "macOS Sierra and CryptoTokenKit API" I presented the updated CryptoTokenKit API. This API is not completely new but was not really used.
Apple now provides the source code of PIVToken: a token for PIV (Personal Identity Verification) smart cards using the new API instead of the old tokend/CDSA API.
PIVToken : short source codeThe code is available at Code sample: PIVToken: Using CryptoTokenKit to add support for new types of tokens.
I used the tools sloccount to count the number of lines of code.
$ sloccount . SLOC Directory SLOC-by-Language (Sorted) 493 PIVToken objc=493 Totals grouped by language (dominant language first): objc: 493 (100.00%)
$ scloccunt --details . 227 objc PIVToken PIVToken/Token.m 162 objc PIVToken PIVToken/TokenSession.m 50 objc PIVToken PIVToken/NSData_Zip.m 14 objc PIVToken PIVToken/TokenSession.h 36 objc PIVToken PIVToken/Token.h 4 objc PIVToken PIVToken/NSData_Zip.h
The token is only 493 lines of Objective-C.
I am not a PIV expert or even user so I can't really tell if all the PIV features are supported in this token.
Subject to changes
" This sample demonstrates how to write an extension for CryptoTokenKit framework to support new types of SmartCards or any other cryptographic token. "
I would not be surprised if the code changes before the final macOS Sierra release.