Bug 2007544

Summary: The esc provides outdated configuration for opensc
Product: Red Hat Enterprise Linux 9 Reporter: Jakub Jelen <jjelen>
Component: escAssignee: Jack Magne <jmagne>
Status: CLOSED ERRATA QA Contact: PKI QE <bugzilla-pkiqe>
Severity: unspecified Docs Contact:
Priority: high    
Version: 9.0CC: aakkiang, ckelley, mharmsen, pcech, skhandel, sveerank
Target Milestone: rcKeywords: Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: esc-1.1.2-15.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-05-17 13:39:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jakub Jelen 2021-09-24 08:21:25 UTC 
Description of problem:
The opensc configuration file /usr/lib64/esc-1.1.2/opensc.esc.conf shipped by the ESC is outdated and does not reflect recent changes in RHEL8.

Issues:
 * missing the new ATRs with pkcs11_enable_InitToken = true
 * card_drivers lists "piv" instead of "PIV-II", which is valid reader name
 * card_drivers is missing the "cac1" drivers
 * The file caching is missing
 * (bonus) we could clean up the empty unused blocks

Version-Release number of selected component (if applicable):
esc-1.1.2-11.el9.x86_64


How reproducible:
always

Steps to Reproduce:
1. Try to detect PIV card, old CAC1 or some of newer un-enrolled cards

Actual results:
esc fails to detect these


Expected results:
esc should detect all supported cards

Additional info:
It would be great if also fedora package could be updated to provide current configuration.
Comment 4 shalini 2021-12-20 13:09:56 UTC 
Updating the esc BZ ITMs because of Year End Leave Plans.
Comment 13 errata-xmlrpc 2022-05-17 13:39:29 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (new packages: esc), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:2557