Fix reading certificate with some readers (#1340)

metsma · web-flow · commit e2476d064552 · 2025-05-26T09:20:59.000+03:00
IB-8468

Signed-off-by: Raul Metsma &lt;raul@metsma.ee&gt;
diff --git a/client/QSmartCard.cpp b/client/QSmartCard.cpp
@@ -103,13 +103,13 @@ QPCSCReader::Result Card::transfer(QPCSCReader *reader, bool verify, const QByte
 }
 
 
-QHash<quint8,QByteArray> Card::parseFCI(const QByteArray &data)
+QByteArrayView Card::parseFCI(const QByteArray &data, quint8 expectedTag)
 {
-	QHash<quint8,QByteArray> result;
 	for(auto i = data.constBegin(); i != data.constEnd(); ++i)
 	{
 		quint8 tag(*i), size(*++i);
-		result[tag] = QByteArray(i + 1, size);
+		if(tag == expectedTag)
+			return QByteArrayView(i + 1, size);
 		switch(tag)
 		{
 		case 0x6F:
@@ -119,14 +119,16 @@ QHash<quint8,QByteArray> Card::parseFCI(const QByteArray &data)
 		default: i += size; break;
 		}
 	}
-	return result;
+	return QByteArrayView();
 }
 
 
 
 const QByteArray IDEMIACard::AID = APDU("00A4040C 10 A000000077010800070000FE00000100");
 const QByteArray IDEMIACard::AID_OT = APDU("00A4040C 0D E828BD080FF2504F5420415750");
 const QByteArray IDEMIACard::AID_QSCD = APDU("00A4040C 10 51534344204170706C69636174696F6E");
+const QByteArray IDEMIACard::ATR_COSMO8 = QByteArrayLiteral("3BDB960080B1FE451F830012233F536549440F9000F1");
+const QByteArray IDEMIACard::ATR_COSMOX = QByteArrayLiteral("3BDC960080B1FE451F830012233F54654944320F9000C3");
 
 QPCSCReader::Result IDEMIACard::change(QPCSCReader *reader, QSmartCardData::PinType type, const QString &pin_, const QString &newpin_) const
 {
@@ -153,8 +155,7 @@ QPCSCReader::Result IDEMIACard::change(QPCSCReader *reader, QSmartCardData::PinT
 
 bool IDEMIACard::isSupported(const QByteArray &atr)
 {
-	return atr == "3BDB960080B1FE451F830012233F536549440F9000F1" ||
-		atr == "3BDC960080B1FE451F830012233F54654944320F9000C3";
+	return atr == ATR_COSMO8 || atr == ATR_COSMOX;
 }
 
 bool IDEMIACard::loadPerso(QPCSCReader *reader, QSmartCardDataPrivate *d) const
@@ -198,15 +199,19 @@ bool IDEMIACard::loadPerso(QPCSCReader *reader, QSmartCardDataPrivate *d) const
 		QPCSCReader::Result data = reader->transfer(path);
 		if(!data)
 			return QSslCertificate();
-		QHash<quint8,QByteArray> fci = parseFCI(data.data);
-		if(!fci.contains(0x80))
+		auto sizeTag = parseFCI(data.data, 0x80);
+		if(sizeTag.isEmpty())
 			return QSslCertificate();
 		QByteArray cert;
 		QByteArray cmd = READBINARY;
-		for(int size = quint8(fci[0x80][0]) << 8 | quint8(fci[0x80][1]); cert.size() < size; )
+		qsizetype maxLe = 0;
+		if(reader->atr() == ATR_COSMOX)
+			maxLe = 0xC0;
+		for(qsizetype size = quint8(sizeTag[0]) << 8 | quint8(sizeTag[1]); cert.size() < size; )
 		{
 			cmd[2] = char(cert.size() >> 8);
 			cmd[3] = char(cert.size());
+			cmd[4] = char(std::min(size - cert.size(), maxLe));
 			data = reader->transfer(cmd);
 			if(!data)
 				return QSslCertificate();
diff --git a/client/QSmartCard_p.h b/client/QSmartCard_p.h
@@ -41,7 +41,7 @@ class Card
 		QSmartCardData::PinType type, quint8 newPINOffset, bool requestCurrentPIN);
 	virtual bool updateCounters(QPCSCReader *reader, QSmartCardDataPrivate *d) const = 0;
 
-	static QHash<quint8,QByteArray> parseFCI(const QByteArray &data);
+	static QByteArrayView parseFCI(const QByteArray &data, quint8 expectedTag);
 
 	static const QByteArray CHANGE;
 	static const QByteArray READBINARY;
@@ -61,7 +61,7 @@ class IDEMIACard: public Card
 	static bool isSupported(const QByteArray &atr);
 	static QByteArray pinTemplate(const QString &pin);
 
-	static const QByteArray AID, AID_OT, AID_QSCD;
+	static const QByteArray AID, AID_OT, AID_QSCD, ATR_COSMO8, ATR_COSMOX;
 };
 
 class QSmartCard::Private

Original file line number	Diff line number	Diff line change
`@@ -103,13 +103,13 @@ QPCSCReader::Result Card::transfer(QPCSCReader *reader, bool verify, const QByte`
`103`	`103`	`}`
`104`	`104`
`105`	`105`
`106`		`-QHash<quint8,QByteArray> Card::parseFCI(const QByteArray &data)`
	`106`	`+QByteArrayView Card::parseFCI(const QByteArray &data, quint8 expectedTag)`
`107`	`107`	`{`
`108`		`- QHash<quint8,QByteArray> result;`
`109`	`108`	`for(auto i = data.constBegin(); i != data.constEnd(); ++i)`
`110`	`109`	`{`
`111`	`110`	`quint8 tag(i), size(++i);`
`112`		`- result[tag] = QByteArray(i + 1, size);`
	`111`	`+ if(tag == expectedTag)`
	`112`	`+ return QByteArrayView(i + 1, size);`
`113`	`113`	`switch(tag)`
`114`	`114`	`{`
`115`	`115`	`case 0x6F:`
`@@ -119,14 +119,16 @@ QHash<quint8,QByteArray> Card::parseFCI(const QByteArray &data)`
`119`	`119`	`default: i += size; break;`
`120`	`120`	`}`
`121`	`121`	`}`
`122`		`- return result;`
	`122`	`+ return QByteArrayView();`
`123`	`123`	`}`
`124`	`124`
`125`	`125`
`126`	`126`
`127`	`127`	`const QByteArray IDEMIACard::AID = APDU("00A4040C 10 A000000077010800070000FE00000100");`
`128`	`128`	`const QByteArray IDEMIACard::AID_OT = APDU("00A4040C 0D E828BD080FF2504F5420415750");`
`129`	`129`	`const QByteArray IDEMIACard::AID_QSCD = APDU("00A4040C 10 51534344204170706C69636174696F6E");`
	`130`	`+const QByteArray IDEMIACard::ATR_COSMO8 = QByteArrayLiteral("3BDB960080B1FE451F830012233F536549440F9000F1");`
	`131`	`+const QByteArray IDEMIACard::ATR_COSMOX = QByteArrayLiteral("3BDC960080B1FE451F830012233F54654944320F9000C3");`
`130`	`132`
`131`	`133`	`QPCSCReader::Result IDEMIACard::change(QPCSCReader *reader, QSmartCardData::PinType type, const QString &pin_, const QString &newpin_) const`
`132`	`134`	`{`
`@@ -153,8 +155,7 @@ QPCSCReader::Result IDEMIACard::change(QPCSCReader *reader, QSmartCardData::PinT`
`153`	`155`
`154`	`156`	`bool IDEMIACard::isSupported(const QByteArray &atr)`
`155`	`157`	`{`
`156`		`- return atr == "3BDB960080B1FE451F830012233F536549440F9000F1" \|\|`
`157`		`- atr == "3BDC960080B1FE451F830012233F54654944320F9000C3";`
	`158`	`+ return atr == ATR_COSMO8 \|\| atr == ATR_COSMOX;`
`158`	`159`	`}`
`159`	`160`
`160`	`161`	`bool IDEMIACard::loadPerso(QPCSCReader reader, QSmartCardDataPrivate d) const`
`@@ -198,15 +199,19 @@ bool IDEMIACard::loadPerso(QPCSCReader reader, QSmartCardDataPrivate d) const`
`198`	`199`	`QPCSCReader::Result data = reader->transfer(path);`
`199`	`200`	`if(!data)`
`200`	`201`	`return QSslCertificate();`
`201`		`- QHash<quint8,QByteArray> fci = parseFCI(data.data);`
`202`		`- if(!fci.contains(0x80))`
	`202`	`+ auto sizeTag = parseFCI(data.data, 0x80);`
	`203`	`+ if(sizeTag.isEmpty())`
`203`	`204`	`return QSslCertificate();`
`204`	`205`	`QByteArray cert;`
`205`	`206`	`QByteArray cmd = READBINARY;`
`206`		`- for(int size = quint8(fci[0x80][0]) << 8 \| quint8(fci[0x80][1]); cert.size() < size; )`
	`207`	`+ qsizetype maxLe = 0;`
	`208`	`+ if(reader->atr() == ATR_COSMOX)`
	`209`	`+ maxLe = 0xC0;`
	`210`	`+ for(qsizetype size = quint8(sizeTag[0]) << 8 \| quint8(sizeTag[1]); cert.size() < size; )`
`207`	`211`	`{`
`208`	`212`	`cmd[2] = char(cert.size() >> 8);`
`209`	`213`	`cmd[3] = char(cert.size());`
	`214`	`+ cmd[4] = char(std::min(size - cert.size(), maxLe));`
`210`	`215`	`data = reader->transfer(cmd);`
`211`	`216`	`if(!data)`
`212`	`217`	`return QSslCertificate();`