Product SiteDocumentation Site

1.23. coolkey

1.23.1. RHBA-2010:0068: bug fix update

Note

This update has already been released (prior to the GA of this release) as FASTRACK errata RHBA-2010:0068
Updated coolkey packages that resolve several issues are now available.
The coolkey packages contain driver support for CoolKey and Common Access Card (CAC) smart card products.
These updated coolkey packages provide fixes for the following bugs:
* the Department of Defense's alternative CAC tokens are now supported by CoolKey. (BZ#226790)
* the libcoolkeypk11.so shared object library, when it was not linked with the pthreads library, became unresponsive when the C_Initialize() function was called following a call to syslog(). This update ensures that libcoolkeypk11.so does not hang when it is not linked with the pthreads threading library and the aforementioned scenario occurs. (BZ#245529)
* CoolKey's PKCS#11 module failed to initialize when the C_Initialize() function was called and the CKF_OS_LOCKING flag was set. This issue is related to the fix for BZ#245529. With this update, the PKCS#11 module successfully initializes. (BZ#443127)
* the Red Hat Enterprise Security Client (ESC) incorrectly identified CAC cards as CoolKey cards, and mistakenly opened the Phone Home dialog after doing so. With this update, CoolKey correctly identifies CAC cards and assigns the correct functionality to them.
With this fix, it is still possible to view certificates and diagnostics for CAC cards, though the management functions are now disabled. Finally, note that the RHBA-2010:0066 esc update must be installed in order to fully resolve this issue. (BZ#499976)
* CoolKeys is now able to recognize smart cards that use the T1 protocol, such as the SafeNet 330J, in addition to the T0-protocol cards supported previously. (BZ#514298)
* CoolKey now correctly handles cryptographic operations such as digital signing when using cards with 2048-bit keys. Previously, only 1024-bit keys were supported. (BZ#514299)
All users of coolkey are advised to upgrade to these updated packages, which resolve these issues.

Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.