Package: opensc-pkcs11 Version: 0.19.0-1 Severity: important Tags: patch Dear Maintainer,
Recent PIV enabled CAC cards are not handled by the opensc 0.19.0 release. Yet all current CAC cards are scheduled to enable PIV authentication by March 31, 2019. For users of these cards, this bug is of grave severity. This problem has been solved recently upstream https://github.com/OpenSC/OpenSC although the fixes have not yet been included in an upstream release. I have cherry-picked from upstream commits a small set that provides working card support. It works for me using pkcs11-tool --module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -l -t ssh-keygen -D /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so ssh -I /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so and Firefox browser smart card token support. Attached is a debdiff of my test package. I think Buster will be much better if we can release it with support for this use case. Thanks, -Maitland enc: opensc-pkcs11-Dual-CAC-PIV-and-PIVK-support.debdiff
opensc-pkcs11-Dual-CAC-PIV-and-PIVK-support.debdiff
Description: Binary data
