Can't see the signing certificate on Italian CNS

[DiegoMarcia]

Problem Description

I have an Italian CNS, with an authentication certificate and a signing certificate.
The lector managing software, Firefox and OS X's keychain show me that the card has two certificates: one for logins, and one for signing. I've successfully used both.

When inspecting the card contents with pkcs11-tool --list-objects or pkcs15-tool -D I can see a RSA keypair, the authentication certificate (which I can export) and data fields, but not the signing certificate.

Am I missing the tool/option to see it?

Version number

OpenSC-0.23.0, rev: 5497519, commit-time: 2022-11-29 09:34:43 +0100

Operating system

OS X 10.11.6

Card type

Athena

Reader

Bit4id miniLector

[Jakuje]

I assume that the signing certificate will be on the another slot (under different pin). Please, try pkcs11-tool -L which will list all the slots. You can then use the --slot ID argument to the pkcs11-tool to show the certificates from the given slot.

[amreo]

I have a similar issue:

$ opensc-tool -i
OpenSC 0.23.0 [gcc  12.2.0]
Enabled features: locking zlib readline openssl pcsc(libpcsclite.so.1)

$ opensc-tool --name
Using reader with a card: Generic Smart Card Reader Interface [Smart Card Reader Interface] (20070818000000000) 00 00
CNS card

pkcs11-tool -L 
https://gist.github.com/amreo/2b6d5071260e4dcdb542ff0de2b698e9

pkcs11-tool --list-objects
https://gist.github.com/amreo/c67cb52729e63ee91570a7e7276acce6

Output using the proprietary bit4id module for reference:

[amreo@amreo-manjaro-pc ~]$ pkcs11-tool --module /usr/lib/bit4id/libbit4xpki.so -L
Available slots:
Slot 0 (0x0): Generic Smart Card Reader Interface [Smart Card Reader Interface
  token label        : CNS
  token manufacturer : Bit4id
  token model        : JS2048 (LB)
  token flags        : login required, rng, token initialized, PIN initialized
  hardware version   : 0.0
  firmware version   : 0.0
  serial num         : 7420020840008853
  pin min/max        : 4/8
[amreo@amreo-manjaro-pc ~]$ pkcs11-tool --module /usr/lib/bit4id/libbit4xpki.so -O
Using slot 0 with a present token (0x0)
Certificate Object; type = X.509 cert
  label:      CNS User Certificate
  subject:    DN: O=Camera di Commercio, OU=CCIAA Bergamo, C=IT, SN=Laisa, CN=<my CF>\/<serial number>.A58bMkmgS8bfOibJMXZ\/SbJx\/kM=/dnQualifier=AUT0000005008966, GN=Andrea
  ID:         434e5330
Data object 1002
  label:          'PDATA'
  application:    'PDATA'
  app_id:         2.0.68.65.84.65
  flags:           modifiable
Public Key Object; RSA 1024 bits
  label:      CNS User Public Key
  ID:         434e5330
  Usage:      encrypt, verify
  Access:     none
Certificate Object; type = X.509 cert
  label:      DS User Certificate3
  subject:    DN: C=IT, SN=Laisa/serialNumber=TINIT-<my CF>, CN=Laisa Andrea/dnQualifier=SIGSP00005008966, GN=Andrea
  ID:         445333
Public Key Object; RSA 2048 bits
  label:      DS User Public Key3
  ID:         445333
  Usage:      encrypt, verify
  Access:     none

Notice the presence of the certificate with label "DS User Certificate3"

I'm available for further clarification

[amreo]

I'm not sure it is a CNS because it is a infocamere camere even there is written "Carta Nazionale dei Servizi" (CNS)

[DiegoMarcia]

I only see one slot:

laptop:~ diego$ pkcs11-tool -L
Available slots:
Slot 0 (0x0): Bit4id miniLector
  token label        : DIEGO MARCIA (PIN CNS0)
  token manufacturer : IC: STMicroelectronics; mask:...
  token model        : PKCS#15 emulated
  token flags        : login required, token initialized, PIN initialized, user PIN locked
  hardware version   : 0.0
  firmware version   : 0.0
  serial num         : ----------------
  pin min/max        : 5/8

[frankmorgner]

pkcs15-itacns.c tries to work around the differences between itacns implementations from multiple vendors. please add a debug log to check what exactly is going wrong, e.g. by running

pkcs15-tool -D -vvvv

@3v1n0 @resoli

[resoli]

Ordinarily signing cert and keys on italian cards are not available for floss pkcs11 implementations because they are protected with Secure Messaging, with a static symmetric key embedded in proprietary pkcs11 implementations.
Moreover, while object locations were standard as of CNS specification, they are not for digital signatire ones, every implementor decide on his own. Recently CNS specificaton has been relaxed, so even non DS objects locations are arbitrary; hence the complexity of pkcs15-itacns.c task nowadays, as mentioned by @frankmorgner .

[amreo]

pkcs15-tool -D -vvvv

https://gist.github.com/amreo/33c9584125a2e521be6e2fbc23bb8d52

[frankmorgner]

The trace from pkcs15-tool doesn't reveal anything out of the ordinary. so it is likely the problem with the deliberately hidden certificate/key.

pkcs11 libraries are not a good way to hide secrets, they are easily reverse engineered. for example, we have some magic key that was hidden in the official eoi middleware. maybe someone dedicated will do the same for itacns...

I would expect that there are not many entities putting DS objects onto the card, so it would not be unrealistic to add support for all of them in OpenSC at some point. If you want to start digging, maybe you can produce a PC/SC trace of the "official" pkcs11 module to at least locate the missing files on the card.

[amreo]

PC/SC trace of opensc (captured using pcsc-spy)
https://gist.github.com/amreo/ff28899aa85c09402a5b26c19421672f

PC/SC trace of bit4id, the official proprietary middleware
https://gist.github.com/amreo/8fc16c4411749f0b19d171e6ed44a1d9

[dd9jn]

FWIW: Let me know if someone got hold of a copy of the secure messaging key; in this case we have a reason to finally implement SM in GnuPG and also support that Italian QeS card in Okular.