# DoD CAC

## rubicon

Has anyone had any success on installing coolkey and esc from Redhat.

I am on 2006.1,

pcsc-lite-1.3.2

ccid-1.1.0

opensc-0.11.1-r1

I can not get ifd-egate to install from emerge.

When I try to make coolkey I get the following:

```
make  all-recursive

make[1]: Entering directory `/home/matthew/coolkey'

Making all in src/libckyapplet

make[2]: Entering directory `/home/matthew/coolkey/src/libckyapplet'

make[3]: Entering directory `/home/matthew/coolkey/src/libckyapplet'

if /bin/sh ../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I. -I../..    -g -O2 -DSCARD_LIB_NAME=\"libpcsclite.so.1\"  -g -O2 -MT libckyapplet_la-cky_applet.lo -MD -MP -MF ".deps/libckyapplet_la-cky_applet.Tpo" -c -o libckyapplet_la-cky_applet.lo `test -f 'cky_applet.c' || echo './'`cky_applet.c; \

        then mv -f ".deps/libckyapplet_la-cky_applet.Tpo" ".deps/libckyapplet_la-cky_applet.Plo"; else rm -f ".deps/libckyapplet_la-cky_applet.Tpo"; exit 1; fi

 gcc -DHAVE_CONFIG_H -I. -I. -I../.. -g -O2 -DSCARD_LIB_NAME=\"libpcsclite.so.1\" -g -O2 -MT libckyapplet_la-cky_applet.lo -MD -MP -MF .deps/libckyapplet_la-cky_applet.Tpo -c cky_applet.c  -fPIC -DPIC -o .libs/libckyapplet_la-cky_applet.o

In file included from cky_applet.h:24,

                 from cky_applet.c:21:

cky_card.h:23: error: expected '=', ',', ';', 'asm' or '__attribute__' before '<' token

In file included from cky_applet.h:24,

                 from cky_applet.c:21:

cky_card.h:44: error: expected ')' before '*' token

cky_card.h:45: error: expected ')' before '*' token

cky_card.h:52: error: expected ')' before '*' token

cky_card.h:53: error: expected ';', ',' or ')' before '*' token

cky_card.h:54: error: expected ')' before '*' token

cky_card.h:56: error: expected ';', ',' or ')' before '*' token

cky_card.h:57: error: expected ';', ',' or ')' before '*' token

cky_card.h:58: error: expected ';', ',' or ')' before '*' token

cky_card.h:60: error: expected '=', ',', ';', 'asm' or '__attribute__' before '*' token

cky_card.h:63: error: expected ')' before '*' token

cky_card.h:66: error: expected ')' before '*' token

cky_card.h:73: error: expected '=', ',', ';', 'asm' or '__attribute__' before '*' token

cky_card.h:75: error: expected ')' before '*' token

cky_card.h:77: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'CKYCardContext_GetContext'

cky_card.h:79: error: expected ')' before '*' token

cky_card.h:82: error: expected ')' before '*' token

cky_card.h:86: error: expected ')' before '*' token

cky_card.h:90: error: expected ')' before '*' token

cky_card.h:96: error: expected ')' before '*' token

cky_card.h:98: error: expected ';', ',' or ')' before '*' token

cky_card.h:106: error: expected ';', ',' or ')' before '*' token

cky_card.h:126: error: expected '=', ',', ';', 'asm' or '__attribute__' before '*' token

make[3]: *** [libckyapplet_la-cky_applet.lo] Error 1

make[3]: Leaving directory `/home/matthew/coolkey/src/libckyapplet'

make[2]: *** [all-recursive] Error 1

make[2]: Leaving directory `/home/matthew/coolkey/src/libckyapplet'

make[1]: *** [all-recursive] Error 1

make[1]: Leaving directory `/home/matthew/coolkey'

make: *** [all] Error 2

```

I don't know if I am missing an additional library or anything.

The card reader I have is scr331, with updated firmware.

The card I have is axalto 64K (Which a javacard)

openct doesn't read the card either. Which is why I started looking at coolkey. Got brief info on gentoo-wiki.com

----------

## barcode_linux

Dont feel bad.  I have the exact same error at the same point during the build.

Im googling around and will let you know if I find something.

----------

## rubicon

I tried a number of different things. Not being a coder hurts. I judt don't know enought to look through RedHat's coolkey.

----------

## barcode_linux

I created a bug report on RH.

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227697

Check that regularly.

----------

## hawaiian717

Coolkey 1.1.0 just got added to Portage today.  It's in ~x86 (as is its dependency ccid).  I had the earlier 1.0.1 release working as well (based on the Fedora Core 6 SRPM), but the decision was made to wait until 1.1.0 (released yesterday) to put it in Portage.

Note that while I've been able to successfully build 1.1.0 and load the module in Firefox and Seamonkey, I won't be able to test it with a smart card until Tuesday night.  I did have 1.0.1 working with a smart card.

I also had some issues with trying to build CVS HEAD a couple of weeks ago on Fedora Core 5; it worked better when I checked out the 1.0.1 tag instead.

I haven't tried esc yet; that's next on my todo list now that Coolkey is taken care of.

----------

## barcode_linux

I have successfully emerged coolkey-1.1.0 tonight.  Many thanks to whomever made the ebuild, cause I couldnt get the CVS source to compile.

----------

## hawaiian717

That would be me, with the help of Alon Bar-Lev.  You're welcome.   :Smile: 

----------

## rubicon

I am going to try it today. You guys rock.

----------

## hawaiian717

 *barcode_linux wrote:*   

> I created a bug report on RH.
> 
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227697
> 
> Check that regularly.

 

barcode_linux,

I just checked your Red Hat bug report and noticed that you're using x86_64 (what Gentoo calls amd64).  I'm not sure how things are split up between x86 and amd64, but if you have tested it on a system running amd64 you might want to open a bug report requesting that coolkey be keyworded for that platform.  Fedora Core 6 provides binary RPMs for i386 (x86), x86_64 (amd64), ppc, and ppc64 so it should work on all of those platforms, but since I could only test on x86, that's the only keyword I included in the ebuild.

----------

## rubicon

I am waiting about a year before I start upgrading my servers to any 64Bit Linux OS's. SO this works great for now. I am able to get into the Citrix servers just fine now. Only problem now are the sites using CAC only. But that is more of a browser to site issue.

----------

## hawaiian717

 *rubicon wrote:*   

> I am waiting about a year before I start upgrading my servers to any 64Bit Linux OS's. SO this works great for now. I am able to get into the Citrix servers just fine now. Only problem now are the sites using CAC only. But that is more of a browser to site issue.

 

If you're using Firefox 2.0.0.1 or 2.0.0.2 (not sure about equivalent versions of SeaMonkey), you need to change the setting for "When a website requests a certificate" to "Ask me every time".  Look for this setting in Edit->Preferences->Advanced->Security.  Looks like the fix to make automatic certificate selection work properly again will be in 2.0.0.3.

A couple of relevant Mozilla Bugzilla entries:

https://bugzilla.mozilla.org/show_bug.cgi?id=364587

https://bugzilla.mozilla.org/show_bug.cgi?id=370136

And if you're really curious as to the change they made that broke it in the first place:

https://bugzilla.mozilla.org/show_bug.cgi?id=328346

----------

## dakster

I'm using amd64, however I run my firefox as a 32 bit application (mozilla-firefox-bin package). Any idea how to force coolkey and such to compile as 32 bit on an amd64 system?  I need one extra firefox plugin called firepass or something for our base, that only comes in a 32bit linux version...

----------

