From 22372a24c3b9c6fe4d293583c9808fe570e24032 Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Tue, 14 Jan 2025 22:42:12 +0200 Subject: [PATCH 1/2] Add SELECT template Signed-off-by: Raul Metsma --- lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp | 5 +++ src/electronic-ids/pcsc/EIDIDEMIA.cpp | 32 ++++++------------- src/electronic-ids/pcsc/FinEID.cpp | 19 +++-------- src/electronic-ids/pcsc/LatEIDIDEMIAv1.cpp | 4 +-- .../select-certificate-script-EST-IDEMIA.hpp | 19 ++++------- .../mock/select-certificate-script-FIN-V3.hpp | 10 ++---- .../mock/select-certificate-script-FIN-V4.hpp | 10 ++---- .../mock/select-certificate-script-LAT-V1.hpp | 20 ++++-------- .../mock/select-certificate-script-LAT-V2.hpp | 25 +++++---------- 9 files changed, 46 insertions(+), 98 deletions(-) diff --git a/lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp b/lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp index fc927ff..ae32778 100644 --- a/lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp +++ b/lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp @@ -170,6 +170,11 @@ struct CommandApdu constexpr operator const byte_vector&() const { return d; } + static PCSC_CPP_CONSTEXPR_VECTOR CommandApdu select(byte_type p1, byte_vector file) + { + return {0x00, 0xA4, p1, 0x0C, std::move(file)}; + } + byte_vector d; }; diff --git a/src/electronic-ids/pcsc/EIDIDEMIA.cpp b/src/electronic-ids/pcsc/EIDIDEMIA.cpp index 471a670..76f5061 100644 --- a/src/electronic-ids/pcsc/EIDIDEMIA.cpp +++ b/src/electronic-ids/pcsc/EIDIDEMIA.cpp @@ -38,9 +38,6 @@ const byte_type AUTH_PIN_REFERENCE = 0x01; byte_vector EIDIDEMIA::getCertificateImpl(const CertificateType type) const { transmitApduWithExpectedResponse(*card, selectApplicationID().MAIN_AID); - transmitApduWithExpectedResponse(*card, - type.isAuthentication() ? selectApplicationID().AUTH_AID - : selectApplicationID().SIGN_AID); return electronic_id::getCertificate(*card, type.isAuthentication() ? selectCertificate().AUTH_CERT : selectCertificate().SIGN_CERT); @@ -107,25 +104,16 @@ const SelectApplicationIDCmds& EIDIDEMIA::selectApplicationID() const { static const SelectApplicationIDCmds selectAppIDCmds { // Main AID. - {0x00, - 0xA4, - 0x04, - 0x00, - {0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, - 0x00}}, + CommandApdu::select(0x04, + {0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, + 0x00, 0x00, 0x01, 0x00}), // AWP AID. - {0x00, - 0xA4, - 0x04, - 0x0C, - {0xe8, 0x28, 0xbd, 0x08, 0x0f, 0xf2, 0x50, 0x4f, 0x54, 0x20, 0x41, 0x57, 0x50}}, + CommandApdu::select( + 0x04, {0xe8, 0x28, 0xbd, 0x08, 0x0f, 0xf2, 0x50, 0x4f, 0x54, 0x20, 0x41, 0x57, 0x50}), // QSCD AID. - {0x00, - 0xA4, - 0x04, - 0x0C, - {0x51, 0x53, 0x43, 0x44, 0x20, 0x41, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, - 0x6E}}, + CommandApdu::select(0x04, + {0x51, 0x53, 0x43, 0x44, 0x20, 0x41, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, + 0x74, 0x69, 0x6F, 0x6E}), }; return selectAppIDCmds; } @@ -134,9 +122,9 @@ const SelectCertificateCmds& EIDIDEMIA::selectCertificate() const { static const SelectCertificateCmds selectCert1Cmds { // Authentication certificate. - {0x00, 0xA4, 0x02, 0x0C, {0x34, 0x01}}, + CommandApdu::select(0x09, {0xAD, 0xF1, 0x34, 0x01}), // Signing certificate. - {0x00, 0xA4, 0x02, 0x0C, {0x34, 0x1F}}, + CommandApdu::select(0x09, {0xAD, 0xF2, 0x34, 0x1F}), }; return selectCert1Cmds; } diff --git a/src/electronic-ids/pcsc/FinEID.cpp b/src/electronic-ids/pcsc/FinEID.cpp index 3b4fb12..6aeadf1 100644 --- a/src/electronic-ids/pcsc/FinEID.cpp +++ b/src/electronic-ids/pcsc/FinEID.cpp @@ -41,18 +41,11 @@ using namespace pcsc_cpp; namespace { -const CommandApdu SELECT_MAIN_AID { - 0x00, - 0xA4, - 0x04, - 0x00, - {0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, 0x31, 0x35}}; - -const CommandApdu SELECT_MASTER_FILE {0x00, 0xa4, 0x00, 0x0C, {0x3f, 0x00}}; - -const CommandApdu SELECT_AUTH_CERT_FILE {0x00, 0xA4, 0x08, 0x0C, {0x43, 0x31}}; -const CommandApdu SELECT_SIGN_CERT_FILE_V3 {0x00, 0xA4, 0x08, 0x0C, {0x50, 0x16, 0x43, 0x35}}; -const CommandApdu SELECT_SIGN_CERT_FILE_V4 {0x00, 0xA4, 0x08, 0x0C, {0x50, 0x16, 0x43, 0x32}}; +const auto SELECT_MAIN_AID = CommandApdu::select( + 0x04, {0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, 0x31, 0x35}); +const auto SELECT_AUTH_CERT_FILE = CommandApdu::select(0x08, {0x43, 0x31}); +const auto SELECT_SIGN_CERT_FILE_V3 = CommandApdu::select(0x08, {0x50, 0x16, 0x43, 0x35}); +const auto SELECT_SIGN_CERT_FILE_V4 = CommandApdu::select(0x08, {0x50, 0x16, 0x43, 0x32}); constexpr byte_type PIN_PADDING_CHAR = 0x00; constexpr byte_type AUTH_PIN_REFERENCE = 0x11; @@ -133,8 +126,6 @@ byte_vector FinEIDv3::sign(const HashAlgorithm hashAlgo, const byte_vector& hash THROW(ArgumentFatalError, "No OID for algorithm " + std::string(hashAlgo)); } - transmitApduWithExpectedResponse(*card, SELECT_MASTER_FILE); - verifyPin(*card, pinReference, std::move(pin), pinMinMaxLength.first, pinMinMaxLength.second, PIN_PADDING_CHAR); // Select security environment for COMPUTE SIGNATURE. diff --git a/src/electronic-ids/pcsc/LatEIDIDEMIAv1.cpp b/src/electronic-ids/pcsc/LatEIDIDEMIAv1.cpp index 14ec7f2..499ee90 100644 --- a/src/electronic-ids/pcsc/LatEIDIDEMIAv1.cpp +++ b/src/electronic-ids/pcsc/LatEIDIDEMIAv1.cpp @@ -53,9 +53,9 @@ const SelectCertificateCmds& LatEIDIDEMIAV1::selectCertificate() const { static const SelectCertificateCmds selectCertCmds { // Authentication certificate. - {0x00, 0xA4, 0x01, 0x0C, {0xA0, 0x02}}, + CommandApdu::select(0x09, {0xAD, 0xF1, 0xA0, 0x02}), // Signing certificate. - {0x00, 0xA4, 0x01, 0x0C, {0xA0, 0x01}}, + CommandApdu::select(0x09, {0xAD, 0xF1, 0xA0, 0x01}), }; return selectCertCmds; } diff --git a/tests/mock/select-certificate-script-EST-IDEMIA.hpp b/tests/mock/select-certificate-script-EST-IDEMIA.hpp index e88fada..f628184 100644 --- a/tests/mock/select-certificate-script-EST-IDEMIA.hpp +++ b/tests/mock/select-certificate-script-EST-IDEMIA.hpp @@ -26,15 +26,12 @@ const PcscMock::ApduScript ESTEID_IDEMIA_V1_SELECT_AUTH_CERTIFICATE_AND_AUTHENTICATE = { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, // Select AWP AID. - {{0x00, 0xA4, 0x04, 0x0C, 0x0D, 0xe8, 0x28, 0xbd, 0x08, 0x0f, 0xf2, 0x50, 0x4f, 0x54, 0x20, - 0x41, 0x57, 0x50}, - {0x90, 0x00}}, // Select authentication certificate file. - {{0x00, 0xA4, 0x02, 0x0C, 0x02, 0x34, 0x01}, {0x90, 0x00}}, + {{0x00, 0xA4, 0x09, 0x0C, 0x04, 0xAD, 0xF1, 0x34, 0x01}, {0x90, 0x00}}, // Read data length. {{0x00, 0xb0, 0x00, 0x00, 0x04}, {0x30, 0x82, 0x04, 0x03, 0x90, 0x00}}, @@ -130,7 +127,7 @@ const PcscMock::ApduScript ESTEID_IDEMIA_V1_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI // 2. PIN Retry count // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, @@ -143,7 +140,7 @@ const PcscMock::ApduScript ESTEID_IDEMIA_V1_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI // 3. Authenticate. // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, @@ -180,15 +177,11 @@ const PcscMock::ApduScript ESTEID_IDEMIA_V1_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI const PcscMock::ApduScript ESTEID_IDEMIA_V1_SELECT_SIGN_CERTIFICATE_AND_SIGNING = { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, - // Select QSCD AID. - {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0x51, 0x53, 0x43, 0x44, 0x20, 0x41, - 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E}, - {0x90, 0x00}}, // Select signing certificate file. - {{0x00, 0xA4, 0x02, 0x0C, 0x02, 0x34, 0x1F}, {0x90, 0x00}}, + {{0x00, 0xA4, 0x09, 0x0C, 0x04, 0xAD, 0xF2, 0x34, 0x1F}, {0x90, 0x00}}, // Read data length. {{0x00, 0xb0, 0x00, 0x00, 0x04}, {0x30, 0x82, 0x03, 0xec, 0x90, 0x00}}, diff --git a/tests/mock/select-certificate-script-FIN-V3.hpp b/tests/mock/select-certificate-script-FIN-V3.hpp index 3072102..1bef1cc 100644 --- a/tests/mock/select-certificate-script-FIN-V3.hpp +++ b/tests/mock/select-certificate-script-FIN-V3.hpp @@ -26,7 +26,7 @@ const PcscMock::ApduScript FINEID_V3_SELECT_AUTH_CERTIFICATE_AND_AUTHENTICATE = { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x0C, 0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, + {{0x00, 0xA4, 0x04, 0x0C, 0x0C, 0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, 0x31, 0x35}, {0x90, 0x00}}, // Select authentication certificate file. @@ -186,9 +186,6 @@ const PcscMock::ApduScript FINEID_V3_SELECT_AUTH_CERTIFICATE_AND_AUTHENTICATE = 0x02, 0xff, 0xff, 0xdf, 0x28, 0x01, 0x0c, 0xdf, 0x2f, 0x01, 0x01, 0x90, 0x00}}, // 3. Authenticate. - // Select master file - {{0x00, 0xa4, 0x00, 0x0C, 0x02, 0x3f, 0x00}, {0x90, 0x00}}, - // Verify PIN. {{0x00, 0x20, 0x00, 0x11, 0x0c, 0x31, 0x32, 0x33, 0x34, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, @@ -226,7 +223,7 @@ const PcscMock::ApduScript FINEID_V3_SELECT_AUTH_CERTIFICATE_AND_AUTHENTICATE = const PcscMock::ApduScript FINEID_V3_SELECT_SIGN_CERTIFICATE_AND_SIGNING = { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x0C, 0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, + {{0x00, 0xA4, 0x04, 0x0C, 0x0C, 0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, 0x31, 0x35}, {0x90, 0x00}}, // Select signing certificate file. @@ -371,9 +368,6 @@ const PcscMock::ApduScript FINEID_V3_SELECT_SIGN_CERTIFICATE_AND_SIGNING = { 0x02, 0xff, 0xff, 0xdf, 0x28, 0x01, 0x0c, 0xdf, 0x2f, 0x01, 0x01, 0x90, 0x00}}, // 3. Signing. - // Select master file - {{0x00, 0xa4, 0x00, 0x0C, 0x02, 0x3f, 0x00}, {0x90, 0x00}}, - // Verify PIN. {{0x00, 0x20, 0x00, 0x82, 0x0c, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, diff --git a/tests/mock/select-certificate-script-FIN-V4.hpp b/tests/mock/select-certificate-script-FIN-V4.hpp index 48eb32b..e362332 100644 --- a/tests/mock/select-certificate-script-FIN-V4.hpp +++ b/tests/mock/select-certificate-script-FIN-V4.hpp @@ -26,7 +26,7 @@ const PcscMock::ApduScript FINEID_V4_SELECT_AUTH_CERTIFICATE_AND_AUTHENTICATE { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x0C, 0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, + {{0x00, 0xA4, 0x04, 0x0C, 0x0C, 0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, 0x31, 0x35}, {0x90, 0x00}}, // Select authentication certificate file. @@ -138,9 +138,6 @@ const PcscMock::ApduScript FINEID_V4_SELECT_AUTH_CERTIFICATE_AND_AUTHENTICATE { 0x02, 0xff, 0xff, 0xdf, 0x28, 0x01, 0x0c, 0xdf, 0x2f, 0x01, 0x01, 0x90, 0x00}}, // 3. Authenticate. - // Select master file - {{0x00, 0xa4, 0x00, 0x0C, 0x02, 0x3f, 0x00}, {0x90, 0x00}}, - // Verify PIN. {{0x00, 0x20, 0x00, 0x11, 0x0c, 0x31, 0x32, 0x33, 0x34, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, @@ -168,7 +165,7 @@ const PcscMock::ApduScript FINEID_V4_SELECT_AUTH_CERTIFICATE_AND_AUTHENTICATE { const PcscMock::ApduScript FINEID_V4_SELECT_SIGN_CERTIFICATE_AND_SIGNING { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x0C, 0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, + {{0x00, 0xA4, 0x04, 0x0C, 0x0C, 0xa0, 0x00, 0x00, 0x00, 0x63, 0x50, 0x4b, 0x43, 0x53, 0x2d, 0x31, 0x35}, {0x90, 0x00}}, // Select signing certificate file. @@ -284,9 +281,6 @@ const PcscMock::ApduScript FINEID_V4_SELECT_SIGN_CERTIFICATE_AND_SIGNING { 0x02, 0xff, 0xff, 0xdf, 0x28, 0x01, 0x0c, 0xdf, 0x2f, 0x01, 0x01, 0x90, 0x00}}, // 3. Signing. - // Select master file - {{0x00, 0xa4, 0x00, 0x0C, 0x02, 0x3f, 0x00}, {0x90, 0x00}}, - // Verify PIN. {{0x00, 0x20, 0x00, 0x82, 0x0c, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, diff --git a/tests/mock/select-certificate-script-LAT-V1.hpp b/tests/mock/select-certificate-script-LAT-V1.hpp index 60f1fd9..5be6de0 100644 --- a/tests/mock/select-certificate-script-LAT-V1.hpp +++ b/tests/mock/select-certificate-script-LAT-V1.hpp @@ -26,15 +26,11 @@ const PcscMock::ApduScript LATEID_IDEMIA_V1_SELECT_AUTH_CERTIFICATE_AND_AUTHENTICATE = { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, - // Select AWP AID. - {{0x00, 0xA4, 0x04, 0x0C, 0x0D, 0xe8, 0x28, 0xbd, 0x08, 0x0f, 0xf2, 0x50, 0x4f, 0x54, 0x20, - 0x41, 0x57, 0x50}, - {0x90, 0x00}}, // Select authentication certificate file. - {{0x00, 0xA4, 0x01, 0x0C, 0x02, 0xA0, 0x02}, {0x90, 0x00}}, + {{0x00, 0xA4, 0x09, 0x0C, 0x04, 0xAD, 0xF1, 0xA0, 0x02}, {0x90, 0x00}}, // Read data length. {{0x00, 0xb0, 0x00, 0x00, 0x04}, {0x30, 0x82, 0x07, 0x4d, 0x90, 0x00}}, @@ -201,7 +197,7 @@ const PcscMock::ApduScript LATEID_IDEMIA_V1_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI // 2. PIN Retry count // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, @@ -214,7 +210,7 @@ const PcscMock::ApduScript LATEID_IDEMIA_V1_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI // 3. Authenticate. // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, // Select AWP AID. @@ -259,15 +255,11 @@ const PcscMock::ApduScript LATEID_IDEMIA_V1_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI const PcscMock::ApduScript LATEID_IDEMIA_V1_SELECT_SIGN_CERTIFICATE_AND_SIGNING = { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, - // Select AWP AID. - {{0x00, 0xA4, 0x04, 0x0C, 0x0D, 0xe8, 0x28, 0xbd, 0x08, 0x0f, 0xf2, 0x50, 0x4f, 0x54, 0x20, - 0x41, 0x57, 0x50}, - {0x90, 0x00}}, // Select signing certificate file. - {{0x00, 0xA4, 0x01, 0x0C, 0x02, 0xA0, 0x01}, {0x90, 0x00}}, + {{0x00, 0xA4, 0x09, 0x0C, 0x04, 0xAD, 0xF1, 0xA0, 0x01}, {0x90, 0x00}}, // Read data length. {{0x00, 0xb0, 0x00, 0x00, 0x04}, {0x30, 0x82, 0x08, 0xf0, 0x90, 0x00}}, diff --git a/tests/mock/select-certificate-script-LAT-V2.hpp b/tests/mock/select-certificate-script-LAT-V2.hpp index 1cbd63e..bc5ec52 100644 --- a/tests/mock/select-certificate-script-LAT-V2.hpp +++ b/tests/mock/select-certificate-script-LAT-V2.hpp @@ -26,16 +26,11 @@ const PcscMock::ApduScript LATEID_IDEMIA_V2_SELECT_AUTH_CERTIFICATE_AND_AUTHENTICATE { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, - // Select AWP AID. - {{0x00, 0xA4, 0x04, 0x0C, 0x0D, 0xe8, 0x28, 0xbd, 0x08, 0x0f, 0xf2, 0x50, 0x4f, 0x54, 0x20, - 0x41, 0x57, 0x50}, - {0x90, 0x00}}, - // Select authentication certificate file. - {{0x00, 0xA4, 0x02, 0x0C, 0x02, 0x34, 0x01}, {0x90, 0x00}}, + {{0x00, 0xA4, 0x09, 0x0C, 0x04, 0xAD, 0xF1, 0x34, 0x01}, {0x90, 0x00}}, // Read data length. {{0x00, 0xb0, 0x00, 0x00, 0x04}, {0x30, 0x82, 0x06, 0xc1, 0x90, 0x00}}, @@ -190,7 +185,7 @@ const PcscMock::ApduScript LATEID_IDEMIA_V2_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI // 2. PIN Retry count // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, @@ -203,7 +198,7 @@ const PcscMock::ApduScript LATEID_IDEMIA_V2_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI // 3. Authenticate. // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, @@ -222,7 +217,7 @@ const PcscMock::ApduScript LATEID_IDEMIA_V2_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI {{0x00, 0xB0, 0x00, 0x00, 0x05}, {0x30, 0x02, 0x02, 0x00, 0x81, 0x90, 0x00}}, // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, @@ -265,15 +260,11 @@ const PcscMock::ApduScript LATEID_IDEMIA_V2_SELECT_AUTH_CERTIFICATE_AND_AUTHENTI const PcscMock::ApduScript LATEID_IDEMIA_V2_SELECT_SIGN_CERTIFICATE_AND_SIGNING { // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, - // Select QSCD AID. - {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0x51, 0x53, 0x43, 0x44, 0x20, 0x41, - 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E}, - {0x90, 0x00}}, // Select signing certificate file. - {{0x00, 0xA4, 0x02, 0x0C, 0x02, 0x34, 0x1F}, {0x90, 0x00}}, + {{0x00, 0xA4, 0x09, 0x0C, 0x04, 0xAD, 0xF2, 0x34, 0x1F}, {0x90, 0x00}}, // Read data length. {{0x00, 0xb0, 0x00, 0x00, 0x04}, {0x30, 0x82, 0x08, 0x48, 0x90, 0x00}}, @@ -472,7 +463,7 @@ const PcscMock::ApduScript LATEID_IDEMIA_V2_SELECT_SIGN_CERTIFICATE_AND_SIGNING // 3. Signing. // Select main AID. - {{0x00, 0xA4, 0x04, 0x00, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, + {{0x00, 0xA4, 0x04, 0x0C, 0x10, 0xA0, 0x00, 0x00, 0x00, 0x77, 0x01, 0x08, 0x00, 0x07, 0x00, 0x00, 0xFE, 0x00, 0x00, 0x01, 0x00}, {0x90, 0x00}}, From 577d4b823d38016cc54c99a4564906e04f2e9782 Mon Sep 17 00:00:00 2001 From: Mart Somermaa Date: Tue, 28 Jan 2025 14:57:10 +0200 Subject: [PATCH 2/2] Document CommandApdu::select() WE2-1051 Signed-off-by: Mart Somermaa --- lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp | 32 ++++++++++++++++--- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp b/lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp index ae32778..3c7e6ad 100644 --- a/lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp +++ b/lib/libpcsc-cpp/include/pcsc-cpp/pcsc-cpp.hpp @@ -133,24 +133,29 @@ struct ResponseApdu } }; -/** Struct that wraps command APDUs. */ +/** + * Struct that wraps command APDUs. + * + * See for example http://cardwerk.com/iso-7816-smart-card-standard/ for a good overview of the + * ISO 7816 part 4 standard that defines command APDUs. + */ struct CommandApdu { static constexpr size_t MAX_DATA_SIZE = 255; - // Case 1 + // ISO 7816 part 4, Annex B.1, Case 1 PCSC_CPP_CONSTEXPR_VECTOR CommandApdu(byte_type cls, byte_type ins, byte_type p1, byte_type p2) : d {cls, ins, p1, p2} { } - // Case 2 + // ISO 7816 part 4, Annex B.1, Case 2 PCSC_CPP_CONSTEXPR_VECTOR CommandApdu(byte_type cls, byte_type ins, byte_type p1, byte_type p2, byte_type le) : d {cls, ins, p1, p2, le} { } - // Case 3 + // ISO 7816 part 4, Annex B.1, Case 3 PCSC_CPP_CONSTEXPR_VECTOR CommandApdu(byte_type cls, byte_type ins, byte_type p1, byte_type p2, byte_vector data) : d {std::move(data)} { @@ -160,7 +165,7 @@ struct CommandApdu d.insert(d.begin(), {cls, ins, p1, p2, static_cast(d.size())}); } - // Case 4 + // ISO 7816 part 4, Annex B.1, Case 4 PCSC_CPP_CONSTEXPR_VECTOR CommandApdu(byte_type cls, byte_type ins, byte_type p1, byte_type p2, byte_vector data, byte_type le) : CommandApdu {cls, ins, p1, p2, std::move(data)} @@ -170,6 +175,23 @@ struct CommandApdu constexpr operator const byte_vector&() const { return d; } + /** + * A helper function to create a SELECT command APDU. + * + * The ISO 7816-4 Section 6.11 SELECT command has the form: + * CLA = 0x00 + * INS = 0xA4 + * P1 = varies, see below. + * P2 = here hard-coded to 0x0C, no FCI (file control information) returned. + * Lc and Data field = the file/path/AID identifier bytes. + * + * The P1 parameter for the SELECT command controls the selection mode, + * we use the following modes: + * 0x04 = Select AID (application identifier), + * direct selection by DF (dedicated file, directory) name. + * 0x08 = Select from MF (master file, root directory). + * 0x09 = Select from current DF. + */ static PCSC_CPP_CONSTEXPR_VECTOR CommandApdu select(byte_type p1, byte_vector file) { return {0x00, 0xA4, p1, 0x0C, std::move(file)};