Add support of Luxembourg cards￼

mrts · mrts · commit 36a19cabeb26 · 2025-01-13T11:56:33.000+02:00
WE2-1032

Signed-off-by: Mart Somermaa &lt;mrts@users.noreply.github.com&gt;
Co-authored-by: RCDevs Security &lt;yumisign&gt;
diff --git a/include/electronic-id/electronic-id.hpp b/include/electronic-id/electronic-id.hpp
@@ -50,6 +50,8 @@ class ElectronicID
         HrvEID,
         BelEID,
         CzeEID,
+        LuxtrustV2,
+        LuxEID,
 #ifdef _WIN32
         MsCryptoApiEID,
 #endif
diff --git a/src/electronic-id.cpp b/src/electronic-id.cpp
@@ -139,6 +139,78 @@ const std::vector<MaskedATREntry> MASKED_ATRS = {
     {{0x3b, 0x98, 0x13, 0x40, 0x0a, 0xa5, 0x03, 0x01, 0x01, 0x01, 0xad, 0x13, 0x11},
      {0xff, 0xff, 0x00, 0xff, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00},
      constructor<ElectronicID::Type::BelEID>},
+    // LuxtrustV2
+    {{0x3B, 0x7D, 0x00, 0x00, 0x00, 0x80, 0x31, 0x80, 0x65, 0xB0, 0x00, 0x00, 0x00, 0x00, 0x83,
+      0x00, 0x90, 0x00},
+     {0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF,
+      0x00, 0xFF, 0xFF},
+     constructor<ElectronicID::Type::LuxtrustV2>},
+    // LuxEID
+    {{0x3B, 0x7F, 0x00, 0x00, 0x00, 0x80, 0x31, 0x80, 0x65, 0xB0,
+      0x00, 0x03, 0x00, 0x00, 0x12, 0x0F, 0xFF, 0x82, 0x90, 0x00},
+     {0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+      0x00, 0xFF, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3B, 0xFF, 0x00, 0x00, 0x00, 0x81, 0x31, 0x00, 0x43, 0x80, 0x31, 0x80, 0x65,
+      0xB0, 0x00, 0x03, 0x00, 0x00, 0x12, 0x0F, 0xFF, 0x82, 0x90, 0x00, 0x00},
+     {0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+      0xFF, 0x00, 0xFF, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3B, 0x8F, 0x00, 0x01, 0x80, 0x31, 0x80, 0x65, 0xB0, 0x00,
+      0x03, 0x00, 0x00, 0x12, 0x0F, 0xFF, 0x82, 0x90, 0x00, 0x00},
+     {0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00,
+      0xFF, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3B, 0x88, 0x00, 0x01, 0xE1, 0xF3, 0x5E, 0x11, 0x00, 0x87, 0x95, 0x00, 0x00},
+     {0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0x00},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3b, 0x7f, 0x00, 0x00, 0x00, 0x80, 0x31, 0x80, 0x65, 0xb0,
+      0x00, 0x04, 0x00, 0x00, 0x12, 0x0f, 0xff, 0x82, 0x90, 0x00},
+     {0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+      0x00, 0xFF, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3b, 0xff, 0x00, 0x00, 0x00, 0x81, 0x31, 0x00, 0x43, 0x80, 0x31, 0x80, 0x65,
+      0xb0, 0x00, 0x04, 0x00, 0x00, 0x12, 0x0f, 0xff, 0x82, 0x90, 0x00, 0x00},
+     {0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+      0xFF, 0x00, 0xFF, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3B, 0x8F, 0x80, 0x01, 0x80, 0x31, 0x80, 0x65, 0xB0, 0x00,
+      0x04, 0x00, 0x00, 0x12, 0x0F, 0xFF, 0x82, 0x90, 0x00, 0x00},
+     {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00,
+      0xFF, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3b, 0x88, 0x80, 0x01, 0x00, 0x88, 0x3c, 0x1f, 0x77, 0x81, 0x95, 0x00, 0xc1},
+     {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3b, 0x7f, 0x00, 0x00, 0x00, 0x80, 0x31, 0x80, 0x65, 0xb0,
+      0x00, 0x05, 0x00, 0x00, 0x12, 0x0f, 0xff, 0x82, 0x90, 0x00},
+     {0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+      0x00, 0xFF, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3b, 0xff, 0x00, 0x00, 0x00, 0x81, 0x31, 0x00, 0x43, 0x80, 0x31, 0x80, 0x65,
+      0xb0, 0x00, 0x05, 0x00, 0x00, 0x12, 0x0f, 0xff, 0x82, 0x90, 0x00, 0x00},
+     {0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+      0xFF, 0x00, 0xFF, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3B, 0x8F, 0x80, 0x01, 0x80, 0x31, 0x80, 0x65, 0xB0, 0x00,
+      0x05, 0x00, 0x00, 0x12, 0x0F, 0xFF, 0x82, 0x90, 0x00, 0x00},
+     {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00,
+      0xFF, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00},
+     constructor<ElectronicID::Type::LuxEID>},
+    // LuxEID
+    {{0x3b, 0x88, 0x80, 0x01, 0xe1, 0xf3, 0x5e, 0x11, 0x77, 0xa1, 0x97, 0x00, 0x15},
+     {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+     constructor<ElectronicID::Type::LuxEID>},
 };
 
 std::string byteVectorToHexString(const byte_vector& bytes)
diff --git a/src/electronic-ids/pkcs11/Pkcs11ElectronicID.cpp b/src/electronic-ids/pkcs11/Pkcs11ElectronicID.cpp
@@ -118,6 +118,18 @@ inline fs::path czechPkcs11ModulePath()
 #endif
 }
 
+inline fs::path luxembourgPkcs11ModulePath()
+{
+#ifdef _WIN32
+    return programFilesPath() / L"Gemalto/Classic Client/BIN/gclib.dll";
+#elif defined __APPLE__
+    return "/Library/Frameworks/Pkcs11ClassicClient.framework/Versions/A/Pkcs11ClassicClient/"
+           "libgclib.dylib";
+#else // Linux
+    return "/usr/lib/pkcs11/libgclib.so";
+#endif
+}
+
 const std::map<ElectronicID::Type, Pkcs11ElectronicIDModule> SUPPORTED_PKCS11_MODULES {
     // EstEID configuration is here only for testing,
     // it is not enabled in getElectronicID().
@@ -171,6 +183,26 @@ const std::map<ElectronicID::Type, Pkcs11ElectronicIDModule> SUPPORTED_PKCS11_MO
          true,
          false,
      }},
+    {ElectronicID::Type::LuxtrustV2,
+     {
+         "LuxtrustV2 eID (PKCS#11)"s, // name
+         ElectronicID::Type::LuxtrustV2, // type
+         luxembourgPkcs11ModulePath().make_preferred(), // path
+
+         3,
+         true,
+         false,
+     }},
+    {ElectronicID::Type::LuxEID,
+     {
+         "Luxembourg eID (PKCS#11)"s, // name
+         ElectronicID::Type::LuxEID, // type
+         luxembourgPkcs11ModulePath().make_preferred(), // path
+
+         3,
+         true,
+         true,
+     }},
 };
 
 const Pkcs11ElectronicIDModule& getModule(ElectronicID::Type eidType)
