Bug#911465: ITP: libciepki1 -- PKCS11 driver for Italian CIE

2018-10-27 Thread Joonas Kylmälä 
Hi,

what are the key and IV used for, encryption/decryption? What's the idea
behind using the same key and IV for everybody? Why does this program
need them if the program user cannot decrypt them? Or is the decryption
key stored on the Italian CIE? If so, what's the point of encrypting the
key and IV if the first user can immediately share the plain text
version of them with the rest of the world?

Have you checked if there is already such a program that works with the
Italian CIE? List of these programs can be found from
.

Joonas

On Sat, 20 Oct 2018 16:00:21 +0200 Andrea della Porta
 wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Andrea della Porta 
> 
> * Package name: libciepki1
>   Version : 1.0-1
>   Upstream Author : Andrea della Porta 
> * URL : http://github.com/italia/cie-middleware-linux
> * License : (BSD-3-Clause)
>   Programming Lang: (C++)
>   Description : PKCS11 driver for Italian CIE
> 
> ciepki allows any PKCS11 enabled application to leverage
> the cryptographic and authentication facilities of
> the Italian CIE. 
> Binaries to change/unlock PIN are also provided.
> This will be the main middleware to use with any Italian ID card.
> Source code is provided through github as above but this package 
> will be a binary only one since teh cachelib will be slightly changed
> to provide added security though encryption, and the key/iv should
> not be exposed. Cachelib reference implementation on github is almost 
> identical except for the lacking encrypted data.
> I guess I will need a sponsor to push it to non-free repository.
> 
>

Bug#911465: ITP: libciepki1 -- PKCS11 driver for Italian CIE

2018-10-20 Thread Andrea della Porta 
Package: wnpp
Severity: wishlist
Owner: Andrea della Porta 

* Package name: libciepki1
  Version : 1.0-1
  Upstream Author : Andrea della Porta 
* URL : http://github.com/italia/cie-middleware-linux
* License : (BSD-3-Clause)
  Programming Lang: (C++)
  Description : PKCS11 driver for Italian CIE

ciepki allows any PKCS11 enabled application to leverage
the cryptographic and authentication facilities of
the Italian CIE. 
Binaries to change/unlock PIN are also provided.
This will be the main middleware to use with any Italian ID card.
Source code is provided through github as above but this package 
will be a binary only one since teh cachelib will be slightly changed
to provide added security though encryption, and the key/iv should
not be exposed. Cachelib reference implementation on github is almost 
identical except for the lacking encrypted data.
I guess I will need a sponsor to push it to non-free repository.