Bug 1592206

This bug appears to have been reported against 'rawhide' during the Fedora 29 development cycle.
Changing version to '29'.

Today is the '100% code complete deadline' Change Checkpoint[1], meaning that Fedora 29 Changes must now be code complete. All the code required to enable to the new change should now be finished. If your Change is code complete, please update the status of this tracker back to "ON_QA". The change does not have to be fully tested by this deadline.

We have now reached the Beta freeze. If your Change is not code complete, you need to request a Freeze Exception[2] or invoke the contingency plan.

[1] https://fedoraproject.org/wiki/Changes/Policy#Beta_deadline.2Faccepted_changes_100.25_complete

[2] https://fedoraproject.org/wiki/QA:SOP_freeze_exception_bug_process

[root@dhcp129-78 ~]# rpm -qi p11-kit
Name        : p11-kit
Version     : 0.23.14
Release     : 4.el8
Architecture: x86_64
Install Date: Mon 05 Nov 2018 02:13:28 PM EST
Group       : Unspecified
Size        : 1395029
License     : BSD
Signature   : RSA/SHA256, Tue 30 Oct 2018 11:06:11 AM EDT, Key ID 938a80caf21541eb
Source RPM  : p11-kit-0.23.14-4.el8.src.rpm
Build Date  : Mon 29 Oct 2018 05:33:51 AM EDT
Build Host  : x86-vm-10.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
URL         : http://p11-glue.freedesktop.org/p11-kit.html
Summary     : Library for loading and sharing PKCS#11 modules
Description :
p11-kit provides a way to load and enumerate PKCS#11 modules, as well
as a standard configuration setup for installing PKCS#11 modules in
such a way that they're discoverable.
[root@dhcp129-78 ~]# rpm -qi opensc
Name        : opensc
Version     : 0.19.0
Release     : 2.el8
Architecture: x86_64
Install Date: Mon 05 Nov 2018 02:15:50 PM EST
Group       : System Environment/Libraries
Size        : 3783991
License     : LGPLv2+
Signature   : RSA/SHA256, Mon 22 Oct 2018 10:22:29 AM EDT, Key ID 199e2f91fd431d51
Source RPM  : opensc-0.19.0-2.el8.src.rpm
Build Date  : Mon 22 Oct 2018 09:02:15 AM EDT
Build Host  : x86-vm-05.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
URL         : https://github.com/OpenSC/OpenSC/wiki
Summary     : Smart card library and applications
Description :
OpenSC provides a set of libraries and utilities to work with smart cards. Its
main focus is on cards that support cryptographic operations, and facilitate
their use in security applications such as authentication, mail encryption and
digital signatures. OpenSC implements the PKCS#11 API so applications
supporting this API (such as Mozilla Firefox and Thunderbird) can use it. On
the card OpenSC implements the PKCS#15 standard and aims to be compatible with
every software/card that does so, too.
[root@dhcp129-78 ~]# rpm -qi nss
Name        : nss
Version     : 3.39.0
Release     : 1.1.el8
Architecture: x86_64
Install Date: Mon 05 Nov 2018 02:14:46 PM EST
Group       : System Environment/Libraries
Size        : 3993849
License     : MPLv2.0
Signature   : RSA/SHA256, Mon 22 Oct 2018 05:33:18 AM EDT, Key ID 938a80caf21541eb
Source RPM  : nss-3.39.0-1.1.el8.src.rpm
Build Date  : Thu 18 Oct 2018 11:11:45 AM EDT
Build Host  : x86-vm-07.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
URL         : http://www.mozilla.org/projects/security/pki/nss/
Summary     : Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.

The following testes were successfully run:

Using the following default modules under nssdb:
[root@dhcp129-78 ~]# modutil -list -dbdir /etc/pki/nssdb/

Listing of PKCS #11 Modules
-----------------------------------------------------------
  1. NSS Internal Crypto Services
	   uri: pkcs11:library-manufacturer=Mozilla%20Foundation;library-description=NSS%20Internal%20Crypto%20Services;library-version=3.39
	 slots: 2 slots attached
	status: loaded

	 slot: NSS Internal Cryptographic Services
	token: NSS Generic Crypto Services
	  uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203

	 slot: NSS User Private Key and Certificate Services
	token: NSS Certificate DB
	  uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203

  2. p11-kit-proxy
	library name: p11-kit-proxy.so
	   uri: pkcs11:library-manufacturer=PKCS%2311%20Kit;library-description=PKCS%2311%20Kit%20Proxy%20Module;library-version=1.1
	 slots: 1 slot attached
	status: loaded

	 slot: OMNIKEY AG CardMan 3121 00 00
	token: Test Cardholder
	  uri: pkcs11:token=Test%20Cardholder;manufacturer=piv_II;serial=c9d45c86501843e2;model=PKCS%2315%20emulated


1. Smartcard detection by pkcs11-tool
2. Smartcard authentication using one and multiple smartcards
3. Smartcard detection by Firefox using p11-kit module

This Change appears to have been implemented for Fedora 29. If it is not closed, please let me know so I can re-open it against Rawhide.