8.19. coolkey

Updated coolkey packages that fix several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6.

Coolkey is a smart card support library for the CoolKey, Common Access Card (CAC), and Personal Identity Verification (PIV) smart cards.

Bug Fixes

BZ#806038: In previous versions, coolkey always created a bogus e-gate smart card reader to avoid problems with Network Security Services (NSS) and the PC/SC Lite framework when no smart card reader was available. However, e-gate smart cards are no longer available for smart card authentication, and the NSS and pcsc-lite packages have been updated to handle a situation with no e-gate reader attached. Therefore, this bogus reader in coolkey became unnecessary and could cause problems to some applications under certain circumstances. This update modifies the respective code so that coolkey no longer creates a bogus e-gate smart card.
BZ#906537: With a previous version of coolkey, some signature operations, such as PKINIT, could fail on PIV endpoint cards that support both CAC and PIV interfaces. The underlying coolkey code has been modified so these PIV endpoint cards now works with coolkey as expected.
BZ#991515: The coolkey library registered only with the NSS DBM database, however, NSS now uses also the SQLite database format, which is preferred. This update modifies coolkey to register properly with both NSS databases.

Enhancement

BZ#951272: Support for tokens containing Elliptic Curve Cryptography (ECC) certificates has been added to the coolkey packages so the coolkey library now works with ECC provisioned cards.

Users of coolkey are advised to upgrade to these updated packages, which fix these bugs and add this enhancement.