italia / cie-middleware Goto Github PK

View Code? Open in Web Editor NEW

62.0 18.0 21.0 112.97 MB

Middleware della CIE (Carta di identità elettronica)

License: BSD 3-Clause "New" or "Revised" License

C++ 71.20% C 27.85% C# 0.87% NSIS 0.03% ASP.NET 0.01% CMake 0.03% Batchfile 0.01%

cie cpp smartcard

cie-middleware's Introduction

MIDDLEWARE CSP-PKCS11 PER LA CIE 3.0

CASO D’USO

Il middleware CIE è una libreria software che implementa le interfacce crittografiche standard PKCS#11 e CSP. Esso consente agli applicativi integranti di utilizzare il certificato di autenticazione e la relativa chiave privata memorizzati sul chip della CIE astraendo dalle modalità di comunicazione di basso livello.

ARCHITETTURA

La libreria è sviluppata in C++ su Visual Studio 2017 Community; per compilare il modulo di installazione (progetto Setup) è inoltre necessario NSIS 3.02.1. Allo stato attuale è utilizzabile esclusivamente in ambiente Windows. Entrambe le interfacce sono esposte della stessa libreria (CIEPKI.dll), che viene compilata dal progetto CSP. La libreria viene compilata sia in versione a 32 bit che a 64 bit.

L’interfaccia CSP è conforme alla versione 7 delle specifiche dei Minidriver pubblicate da Microsoft a questo indirizzo. L’interfaccia PKCS11 è conforme alla specifica RSA 2.11.

CSP

Il Minidriver CIE gestisce la carta in modalità Read-Only, come previsto dalle specifiche §7.4, pertanto i comandi di creazione e cancellazione di oggetti non sono supportati. Si faccia riferimento alla specifica Microsoft per i dettagli su quali operazioni possono essere effettuate su una carta Read Only. Il modulo CSP implementa anche uno store provider per i certificati, in modo tale da non richiedere l’operazione di propagazione dei certificati nello store di sistema.

PKCS11

Allo stesso modo del CSP, anche il PKCS11 gestisce la carta in modalità read-only. Pertanto le operazioni di creazione, modifica e distruzione di qualsiasi oggetto restituiranno un errore.

Setup

Il modulo di installazione del Middleware si compila tramite il progetto Setup, che richiede l'installazione di NSIS 3.02.1. Il setup installa sia la versione a 32 che a 64 bit, ed effettua la registrazione del CSP e dello Store provider. Il modulo PKCS11 non richiede registrazione, ma il nome del modulo (CIEPKI.dll) deve essere noto alle applicazioni che lo utilizzano.

cie-middleware's People

Contributors

Stargazers

Watchers

cie-middleware's Issues

Modificare il messaggio

"Avvicina il dispositivo al documento per la lettura del chip" -> lo modificherei con "Avvicina il dispositivo al documento per la lettura del chip. Un suono ti dirà quando inizia la lettura del chip. mantieni il dispositivio vicino al documento fino a lettura completata."

O qualcosa di simile.

Se non si capisce dove è questo punto, posso mandare foto.

Nel meccanismo CKM_SHA1_PKCS manca il calcolo del DigestInfo

L'implementazione del meccanismo CKM_SHA1_PKCS del modulo PKCS#11 non calcola il DigestInfo come descritto nelle specifiche PKCS#11. Pertanto tutte le firme apposte con tale algoritmo quando sottoposte a verifica risultano errate. I software ritornano l'errore "firma non valida"

[Dipendenza esterna] Upgrade e gestione aggiornamenti - OpenSSL

Il progetto CSP ha un’unica dipendenza esterna a OpenSSL, versione 1.0.0d, a 32 e 64 bit. La libreria viene linkata staticamente, quindi non è necessaria la presenza delle librerie a runtime.

Dobbiamo:

Assicurarci che nel momento del rilascio il tutto venga testato linkando staticamente OpenSSL ad una versione supportata.
Vi sia una procedura di upgrade del binario che aggiorni in maniera corretta anche le dipendenze esterne (linkate staticamente)

Da https://www.openssl.org/source/:

Note: The latest stable version is the 1.1.0 series of releases. Also available is the 1.0.2 series. This is also our Long Term Support (LTS) version (support will be provided until 31st December 2019). The 0.9.8, 1.0.0 and 1.0.1 versions are now out of support and should not be us

Da https://www.openssl.org/policies/releasestrat.html (Release Strategy):

Version 1.1.0 will be supported until 2018-08-31.
Version 1.0.2 will be supported until 2019-12-31 (LTS).
Version 1.0.1 is no longer supported.
Version 1.0.0 is no longer supported.
Version 0.9.8 is no longer supported.

Tempi di esecuzione della firma digitale molto lunghi

I tempi di esecuzione della firma digitale sono eccessivamente lunghi (il problema è molto evidente quando si esegue una autenticazione https) a causa del fatto che il DAPP viene eseguito ogni volta che si appone una firma e non esclusivamente all’apertura della sessione e al fatto che la procedura di lettura del certificato di firma è errata in quanto viene letto per intero l’EF che contiene il certificato (buona parte del quale è vuota) piuttosto che il solo certificato (in tal modo la lettura sarebbe molto più veloce).

Abbinamento carta a seguito di disinstallazione

In fase di uninstall del pacchetto non vengono rimossi in modo pulito i files contenenti le informazioni di abbinamento della carta. Ad una successiva installazione, il tasto "Rimuovi carta" restituisce un errore.

Indicazione di almeno un sito di test

Nella documentazione manca l'indicazione di almeno un sito dove poter testare l'autenticazione via CIE e quindi la corretta installazione del middleware.

PoC webapp

@fottavi sarebbe fantastico se riuscissi ad aggiungere nel repository GIT anche il PoC legato alla webapp mostrataci durante la demo, così da iniziare a pensare come sviluppare il costruttore di risposte SAML insieme a @umbros

/cc @aantetomaso

Firma

Io aggiungere la firma FEA tramite IDEA, altrimenti l'utilità dell'app è relativa, con la firma FEA invece mi sembra molto più utile.

Usare la funzione "Release" di GitHub per i rilasci

Al momento i rilasci binari sono pubblicati all'interno del repository, nella directory Setup/Release/.
Per maggiore praticità andrebbero invece pubblicati attraverso la funzione Releases di GitHub, che è fatta apposta. In questo modo nel repository teniamo solo il codice sorgente e non confondiamo gli utenti. Inoltre il clone risulta più leggero.

Code Climate Cppcheck Engine

@fottavi, we do use Code Climate already for other projects. For the CIE's middleware, we can potentially use it well. To be specific, codeclimate-cppcheck (https://github.com/antiagainst/codeclimate-cppcheck) - a Code Climate engine that wraps Cppcheck. Cppcheck is a static analysis tool for C/C++ code.

Code Climate is free-of-charge for OSS projects and we can set it up very easily. We can see if we like the output or not and decide based on that :-)

@cloudify any thoughts? /cc @rasky @alexrj

Test suite per tutte le versioni di Windows supportate

Bisogna prevedere una test suite completa per le versioni di Windows supportate (32 e 64 bit)

Refactoring

Il cuore del Middleware, compresa la gestione della crittografia e dei protocolli di sicurezza, deve girare in un servizio dedicato, in un contesto utente ad alti privilegi. I processi che richiedono l'uso della CIE si commettono al servizio tramite RPC ed espongono i metodi per la comunicazione con la Smart card.
Il servizio è meno esposto ad attacchi, poiché richiede elevati privilegi per essere debuggato. I file della cache, in questo modo, possono essere resi leggibili solo all'utente che esegue il servizio.
È un sensibile miglioramento della sicurezza del Middleware.

macOS version

Review - static code analysis (flawfinder)

CSP/Array.h:576:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
CSP/log.cpp:240:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
CSP/log.cpp:292:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
CSP/Array.h:180:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). use a more secure technique for
  acquiring random values.
CSP/Array.h:347:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). use a more secure technique for
  acquiring random values.
CSP/IAS.cpp:397:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). use a more secure technique for
  acquiring random values.
CSP/IAS.cpp:416:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). use a more secure technique for
  acquiring random values.
CSP/IAS.cpp:443:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). use a more secure technique for
  acquiring random values.
CSP/IAS.cpp:831:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). use a more secure technique for
  acquiring random values.
CSP/PKCS11/CIEP11Template.cpp:51:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). use a more secure technique for
  acquiring random values.
CSP/PKCS11/CardTemplate.cpp:117:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
CSP/SyncroEvent.cpp:37:  [3] (misc) AddAccessAllowedAce:
  This doesn't set the inheritance bits in the access control entry (ACE)
  header (CWE-732). Make sure that you set inheritance by hand if you wish it
  to inherit.
CSP/SyncroMutex.cpp:38:  [3] (misc) AddAccessAllowedAce:
  This doesn't set the inheritance bits in the access control entry (ACE)
  header (CWE-732). Make sure that you set inheritance by hand if you wish it
  to inherit.
CSP/atlcontrols.h:4941:  [3] (misc) EnterCriticalSection:
  On some versions of Windows, exceptions can be thrown in low-memory
  situations. Use InitializeCriticalSectionAndSpinCount instead.
CSP/Array.h:62:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
CSP/Array.h:139:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/Array.h:149:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/Array.h:159:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/Array.h:169:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/Array.h:307:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/CBase64.cpp:235:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/CBase64.h:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/CBase64.h:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/CSP.cpp:34:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/DES3.cpp:39:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/DES3.cpp:97:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/IAS.cpp:818:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/IAS.cpp:877:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/IniSettings.cpp:135:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/MAC.cpp:41:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/MAC.cpp:70:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/ModuleInfo.cpp:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/ModuleInfo.cpp:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/ModuleInfo.cpp:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/PIN.h:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/PKCS11/CIEP11Template.cpp:14:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/Mechanism.cpp:142:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/Mechanism.cpp:209:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/P11Object.cpp:73:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/PKCS11Functions.cpp:485:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/PKCS11Functions.cpp:490:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/PKCS11Functions.cpp:973:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/Slot.cpp:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/PKCS11/Slot.cpp:365:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/Slot.cpp:370:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/Slot.cpp:398:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/Slot.cpp:400:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/Slot.cpp:414:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/Slot.cpp:417:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/PKCS11/Slot.cpp:448:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/SystemTraySDK.cpp:489:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/SystemTraySDK.cpp:503:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/SystemTraySDK.cpp:508:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
CSP/SystemTraySDK.cpp:863:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/Token.cpp:727:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/Token.cpp:733:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/UtilException.cpp:150:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/atlcontrols.h:3648:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/atlcontrols.h:3738:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/atlcontrols.h:3760:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/atlcontrols.h:3791:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/atlcontrols.h:3834:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
CSP/funccallinfo.cpp:102:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/funccallinfo.cpp:129:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/log.cpp:72:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/log.cpp:198:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/log.cpp:271:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/log.cpp:324:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/util.cpp:384:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/util.cpp:390:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/util.cpp:391:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
CSP/Array.h:522:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/Array.h:528:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/Array.h:543:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/Array.h:562:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/CBase64.cpp:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/CBase64.cpp:233:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/PKCS11/CIEP11Template.cpp:205:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/PKCS11/Slot.cpp:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/PKCS11/Slot.cpp:276:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/PKCS11/Slot.cpp:291:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/PKCS11/Slot.cpp:398:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/PKCS11/Slot.cpp:400:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/PKCS11/Slot.cpp:417:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/SystemTraySDK.cpp:134:  [1] (buffer) _tcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/SystemTraySDK.cpp:473:  [1] (buffer) _tcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/UtilException.cpp:79:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/abilitaCIE.cpp:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/abilitaCIE.cpp:130:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/abilitaCIE.cpp:155:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/log.cpp:157:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/log.cpp:167:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/log.cpp:249:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/log.cpp:251:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/log.cpp:299:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/log.cpp:301:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/sbloccoPIN.cpp:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/sbloccoPIN.cpp:82:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/util.cpp:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/util.cpp:88:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
CSP/util.cpp:127:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).

EsempioPKCS11 doesn't build

The file win32.h is missing from the include path. See pull request #32 for a fix

Esibizione del numero di serie (NUN) della CIE su CIE ID

È necessario che a seguito dell'abbinamento della CIE venga mostrato sulla schermata principale dell'applicazione CIE ID il numero di serie della carta e non il NIS attualmente mostrato, fonte di confusione.

Develop demo application for web service authentication

In order to show how to use CIE for TLS/SSL client authentication, it would be nice to provide developers with source code of a demo application that performs a connection to a secure web service, which would in turn log or display the contents of the client certificate.

Example code for this task can be found in https://github.com/italia/cie-middleware/tree/master/EsempioCSP

(Note for people participating in Hack.Developers: this is the root certificate used for signing the authentication certificate of the test CIE cards available during the event: TestCA.cer.zip It should be added to the trust list of the target server.)

Avoid reading Elementary File beyond the EOF

Currently the read_file() reads in chunk of 128 bytes till it obtains a 'wrong length' error from the card. The behaviour on the EOF could be vendor-specific and could not work with future manufacturer, so it would be best to read the File Control Block (containing the file size) and then read the exact length, thus avoiding the EOF.

Same as: italia/cie-nis-cpp-sdk#39 (comment)

[Windows] Code Signing - verifica supporto SHA2

Bisogna assicurarsi che i certificati SHA2 usati per il signing siano supportati da tutti gli OS che il middleware supporterà (Windows 7 -> Windows 10?)

Verificare con IPZS i problemi riscontrati in fase di code signing su determinati OS e/o Service Pack(s).

Codesign failure in AppVeyor Release builds

When building with the Release configuration in AppVeyor, the following error is raised:

SignTool error : No certificates were found that met all the given criteria.
3>C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\V140\Microsoft.CppCommon.targets(133,5): error MSB3073: The command ""C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1A\Bin\signtool.exe" sign /fd sha256 /sha1 e0402d01f6292e55540e018df14130234ec08306 /tr http://sha256timestamp.ws.symantec.com/sha256/timestamp /td sha256 C:\projects\cie-middleware\Win32\Release\CIEPKI.dll

Tool di gestione PIN CIE

Necessario corredare il middleware con un tool per la gestione del PIN della CIE mediante il PUK.

iOS version

Abbinamento e gestione di più di una CIE

La versione attuale del Software CIE consente l'abbinamento di al più una CIE.
E' necessario prevedere la gestione di più carte sul medesimo terminale/sulla medesima postazione.

Utilizzo del code signing per l'installer

L'installer MSI ufficiale dovrebbe essere firmato con un certificato valido di code-signing, al momento in cui faremo il primo rilascio ufficiale, per facilitare l'installazione su sistemi Windows in cui le policy di sicurezza non consentono l'installazione di software non firmato.

Windows version

Refactoring parti di codice per Security Review

Occorre eseguire un refactoring di alcune parti del codice come suggerito nella security security review per la versione Mac-OS

Buffer security checks are disabled for Release builds of CIEPKI.dll

For no good reason, Release builds of CIEPKI.dll are compiled with /GS-, disabling a basic and extremely important security mitigation. I have opened pull request #33 with a fix

Carta emessa 20 Agosto + CIE Middleware 1.3.0.8 = CRASH

Come da titolo...CIE emessa il 20 di Agosto manda in crash il programma tutte le volte, una volta che arriva alla lettura dei certificati.

Documentazione

Porting documentazione esistente su ReadTheDocs
Creazione manuale utente
Creazione manuale sviluppatore / reference guide (non appena pianificato il rilascio opensource dei componenti)

Finestre del middleware in parte trasparenti

Le finestre di abilitazione CIE, Cambio PIN e Sblocco PIN, su Windows 10 non sono visibili per intero (si veda gli screenshot seguenti). Ci sono delle parti trasparenti.

Refactoring per localizzazione messaggi

Per poter tradurre le stringhe in altre lingue è necessario integrare una libreria e fare un refactoring. Conviene usare gettext? In questo modo, anche se questo middleware per ora è Windows-only, potremo condividere i file .po anche con le implementazioni del middleware per altri sistemi operativi.

EsempioPKCS11.cpp non funziona...

Salve,
l'esempio CPP presente non sembra funzionare.
Se eseguito fallisce sistematicamente la C_OpensSession con:
result = E1 (token not recognized)

I lettore utilizzato è specifico per CIE; fornitore bit4id.

Noto che nella CIEPKI.dll ci sono 4 funzioni in più delle solite pkcs11: vengono chiamate dal programma in c# (che invece funziona correttamente) e fanno uno scambio di chiavi diffie-hellman.

E' possibile per favore avere qualche indicazione?
Grazie

Eseguibile per l'installazione

Dov'è?
Usando il null soft installer:
!error: InstallLib: The library ..\x64${Config}\CIEPKI.dll could not be found.

Aggiungere la possibilità di dare il permesso fotocamera

Dopo aver installato l'app, se voglio fare una scansione della CIE, l'app va in crash fino a che manualmente non le dò il permesso di accesso alla fotocamera. Visto che non tutti sono in grado di capire questo e poi attivare l'accesso alla fotocamera, propongo di mettere la richiesta di default in installazione oppure di mettere un popup che chieda l'accesso alla fotocamera nel momento in cui uno vuole fare la scansione.

Altrimenti la user experience è terribile, ovvero l'app va in crash e si riavvia ogni volta.

Supporto nuovo chip fornito da ST Microelectronics

E' necessario adeguare il Software CIE affinchè supporti il nuovo microchip RF fornito da ST e di prossima distribuzione.

Documentazione per sviluppatori

Bisogna scrivere una guida (su Docs Italia/ReadTheDocs) sulle API offerte dal middleware agli sviluppatori: cosa ci si può fare, quali dati si possono leggere, come si gestiscono gli errori eccetera.

Windows installation package - unneeded dependencies

https://github.com/italia/cie-middleware/tree/master/Setup currently relies on Javascript and ActiveX objects for performing all the available installer options (install, uninstall).

We should be probably looking at removing those unneeded dependencies by evaluating/adopting different frameworks:

Best in my opinion would be to use Nullsoft Scriptable Install System (NSIS), a script-driven installer authoring tool for Microsoft Windows. Starting with v2.x, it supports LZMA compression, multiple languages, and an easy-to-use plugin system.
WIX
a combination of WIX and NSIS for wrapping MSI executables
InstallShield

Linux version

Funzioni di Encryption/Decription da eliminare dal PKCS#11

La CIE non implementa le funzioni di Encryption/Decription mentre il modulo PKCS#11 implementa le funzioni e i meccanismi relativi a Encryption/Decription che quindi andrebbero rimosse.

ottimizzazione del codice

Review codice relativamente alle if utilizzando switch per una questione di pulizia e ottimizzazione

Algoritmi non implementati da eliminare dal PKCS#11

La CIE implementa esclusivamente il meccanismo di firma CKM_RSA_PKCS mentre il modulo PKCS#11 implementa e dichiara di esportare le funzioni e i meccanismi CKM_RSA_X_509, CKM_SHA1_RSA_PKCS, CKM_MD5_RSA_PKCS che quindi andrebbero rimossi.
Allo stato attuale quindi chi usa il PKCS#11 secondo le specifiche standard, quando interroga il PKCS#11 per conoscere i meccanismi implementati apprende che i meccanismi CKM_RSA_X_509, CKM_SHA1_RSA_PKCS, CKM_MD5_RSA_PKCS sono implementati per ricevere successivamente un errore apparentemente incomprensibile quando chiama la funzione C_Sign specificando uno dei suddetti meccanismi.
Questo è uno dei motivi per cui alcuni software di firma digitale sul mercato non funzionano correttamente con il middleware della CIE.

Porting manuale utente su ReadTheDocs/Docs Italia

Il manuale utente è al momento disponibile nei formati DOCX e PDF. La consultazione in questi formati è un po' faticosa, perché sono lunghi a causa dei molti screenshot (ad esempio le istruzioni per Firefox sono molto lunghe e possono confondere/spaventare gli utenti non interessati a Firefox).

Come per tutti i documenti tecnici di Developers Italia dobbiamo portare questo manuale su Docs Italia/ReadTheDocs per consentire la consultazione via web, con un menu di navigazione.

Dimensioni finestra CIE ID

La release 1.3.2.0 del Software CIE presenta un problema di ridimensionamento della finestra dell'app CIE ID ad alcune risoluzioni.
Tale problema impedisce nella maggior parte dei casi di inserire correttamente il PIN in fase di abbinamento della carta.

Il modulo PKCS#11 non implementata gli algoritmi inerenti SHA256

Il modulo PKCS#11 non implementa gli algoritmi inerenti SHA256 come invece richiesto dalla delibera CNIPA 45/2009. Tale delibera stabilisce che l’unica funzione di hash utilizzabile per la generazione della firma digitale italiana, deve essere quella basata sull’algoritmo SHA256.
Nella fattispecie il PKCS#11 dovrebbe implementare almeno i meccanismi:
CKM_SHA256_RSA_PKCS
CKM_SHA256

Procedura di upgrade del software

Va prevista la possibilità di aggiornare il software attraverso una verifica online (in maniera automatica e manuale, su scelta dell'utente) e le sue dipendenze (linkate staticamente).

Develop demo application for reading and displaying card contents

In order to facilitate developers to understand how to use this middleware, it would be useful to provide them with the source code of a full desktop application that reads the card DGs and displays data and photo.

An example scenario for such an app would be a hotel check-in, where people could just provide their CIE to the receptionist instead of having their paper ID photocopied. The app would even provide a quick way for sending data to the Police (which collects information about guests) through a web service.

Compliancy con specifiche ICAO V7

Le nuove specifiche ICAO V7 introducono nuovi algoritmi con cui il file EF.SOD viene firmato (HASH con SHA-512, firma con RSA-PSS ecc.).
Occorre adeguare le funzioni di verifica dell'EF.SOD in fase di enrollment della carta, per fare in modo da risolvere dinamicamente da esso gli algoritmi da usare.

Nome installer nella documentazione

Nel manuale utente si dice:

Effettuare un doppio click sul file "MiddlewareCIE_<VERSIONE>.msi" scaricato.

Nel repository trovo però un file Setup/Release/CIE-Middleware.exe che credo sia il nuovo installer. Bisogna aggiornare la documentazione? O correggere il nome del file? (La versione nel nome del file è utile.)

La firma digitale con meccanismo CKM_MD5_RSA_PKCS ritorna errore 0x05

La funzione C_Sign chiamata con meccanismo CKM_MD5_RSA_PKCS ritorna errore 0x05

Android version

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.