Bug#911465: ITP: libciepki1 -- PKCS11 driver for Italian CIE
Hi,
what are the key and IV used for, encryption/decryption? What's the idea
behind using the same key and IV for everybody? Why does this program
need them if the program user cannot decrypt them? Or is the decryption
key stored on the Italian CIE? If so, what's the point of encrypting the
key and IV if the first user can immediately share the plain text
version of them with the rest of the world?
Have you checked if there is already such a program that works with the
Italian CIE? List of these programs can be found from
<https://wiki.debian.org/Smartcards#Drivers>.
Joonas
On Sat, 20 Oct 2018 16:00:21 +0200 Andrea della Porta
<sfaragnaus@gmail.com> wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Andrea della Porta <sfaragnaus@gmail.com>
>
> * Package name : libciepki1
> Version : 1.0-1
> Upstream Author : Andrea della Porta <sfaragnaus@gmail.com>
> * URL : http://github.com/italia/cie-middleware-linux
> * License : (BSD-3-Clause)
> Programming Lang: (C++)
> Description : PKCS11 driver for Italian CIE
>
> ciepki allows any PKCS11 enabled application to leverage
> the cryptographic and authentication facilities of
> the Italian CIE.
> Binaries to change/unlock PIN are also provided.
> This will be the main middleware to use with any Italian ID card.
> Source code is provided through github as above but this package
> will be a binary only one since teh cachelib will be slightly changed
> to provide added security though encryption, and the key/iv should
> not be exposed. Cachelib reference implementation on github is almost
> identical except for the lacking encrypted data.
> I guess I will need a sponsor to push it to non-free repository.
>
>
Reply to: