Dan Griffin's Blog

Comments on security, PKI, smart cards, cryptography, and entrepreneurship.

Check out this case study, just published, which discusses a project we recently completed with Scorpion Software. Namely, their AuthAnvil Credential Provider for Windows Vista.

Permalink | Comments (0)

I stumbled across a bug in a couple of the .NET P/Invoke wrapper classes that I wrote for the (native/win32) Windows Smart Card API for this MSDN article.

To understand the bug, take a look at this article on P/Invoke. Scroll down to the bottom and click on Figure 3 to expand it (otherwise IE wont be able to find some of the search terms you might want to use to jump directly to it - lame).

As an aside, the smart card API is one of the most challenging Ive seen for writing .NET wrapper classes, because it has multiple layers of embedded structures, each with input and output parameters, and a mix of ANSI and Unicode strings. Fun!

Anyway, the mistake I made is in handling output string parameters. As Fig 3 in the second article above shows, you need to use the System.Text.StringBuilder class for that since it gives you a read-write array. In contrast, the string type, which is what I used in a couple of places, is read-only.

The result of such a bug can be a little frustrating to diagnose, since the underlying API doesnt fail. Instead, what you receive back in managed code is an unmodified string. Be sure to test P/Invoke interfaces carefully to catch problems such as this.

Permalink | Comments (0)

SmartUtil update

November 18, 2008

A new version of the smart card utility is available here.

The latest version includes a bug fix for doing smart card root certificate update on Windows Vista with UAC enabled.

Permalink | Comments (0)

Good cloud computing blogs

November 17, 2008

  • Amazon Web Services: Werner Vogel (CTO of Amazon) blog
  • Google App Engine: blog
  • Microsoft Windows Azure: blog
Permalink | Comments (0)

Video interview can be found here.

Permalink | Comments (1)

HP is working with the US DoD to provide multi-function printers that allow document scanning only after a valid smart card has been produced. Read more here.

It’s an interesting scenario, although it got me thinking about some other things. For example, I wonder how they implemented the authentication. Did they create a custom protocol? Not usually a good idea. I wonder how they handle certificate revocation checking, cert extension/usage requirements, and validating the private key. What happens if the printer is unplugged from the network - I can’t scan?

Might be better to use TLS client auth, although it’s still a question of where the server is running, what root certs are trusted, etc.

I was also thinking that a more interesting scenario would be to protect documents left in the printer output tray. In the scanning scenario, I’ve already got my hands on the original document, so what difference does it make that I have to authenticate in order to scan it?

Better that I can’t get my hands on the print out in the first place. Requiring authentication at the printer in order to retrieve the copy would help address that, rather than risking that a document is stolen between the time the print command is issued at the client computer and when the employee walks over to the printer to pick it up.

Permalink | Comments (0)

A good friend of mine just founded ekeepo, an application lifecycle management consulting firm.

Small businesses are what run the US economy, a fact that tends to get overlooked during presidential election years, and pretty much any other time. So it’s always good to see new ones!

Permalink | Comments (0)

Check out the ToorCon 2008 episode of Hak5 here. I’m interviewed; we discuss my Hacking SharePoint talk.

Permalink | Comments (0)

Here’s a cool real-time graphic that shows the current health of the internet, from the perspective of carrier-to-carrier latency.

Permalink | Comments (0)

Checkout the download point here (it’s hosted on codeplex).

The Blueprints Manager is an extension to Visual Studio that allows you to embed guidance into a kind of project template (called a Blueprint).

For example, suppose your organization builds a lot of web services and you have standard best practices and requirements for how that’s done. Some of the requirements can be delivered as boilerplate code, some are comments and documentation, and some of it comes in the form of references to other templates (e.g. such as an installer). The Blueprint payload can include all of those things, and Blueprints are composable.

One complaint - there’s nothing listed under Source Code. I predict that Microsoft will see greater usage of tools like this when they provide the code!

Permalink | Comments (0)
Newer Posts »