feat(cards): add support for MS CryptoAPI tokens

WE2-716

Signed-off-by: Mart Somermaa <[email protected]>

Author: mrts

.gitignore

@@ -16,3 +16,5 @@ src/app/web-eid
 tests-build/
 tests/tests/web-eid-tests
 build-web-eid-*/
+CMakeSettings.json
+.vs/

lib/libelectronic-id

@@ -85,7 +85,11 @@ void CertificateReader::run(const std::vector<CardInfo::ptr>& cards)
     std::vector<CardCertificateAndPinInfo> certInfos;
     certInfos.reserve(cards.size());
     for (const auto& card : cards) {
-        certInfos.emplace_back(getCertificateWithStatusAndInfo(card, certificateType));
+        try {
+            certInfos.push_back(getCertificateWithStatusAndInfo(card, certificateType));
+        } catch (const WrongCertificateTypeError&) {
+            // Ignore eIDs that don't support the given ceritifcate type.
+        }
     }
 
     if (certInfos.empty()) {

src/controller/command-handlers/certificatereader.cpp

@@ -48,7 +48,7 @@ QPair<QString, QVariantMap> signHash(const ElectronicID& eid, const pcsc_cpp::by
 
 Sign::Sign(const CommandWithArguments& cmd) : CertificateReader(cmd)
 {
-    const auto arguments = cmd.second;
+    const auto& arguments = cmd.second;
 
     requireArgumentsAndOptionalLang(
         {"hash", "hashFunction", "certificate", "origin"}, arguments,
@@ -119,7 +119,9 @@ QVariantMap Sign::onConfirm(WebEidUI* window, const CardCertificateAndPinInfo& c
         default:
             emit verifyPinFailed(failure.status(), failure.retries());
         }
-        if (failure.retries() > 0) {
+        // Retries > 0 means that there are retries remaining,
+        // < 0 means that retry count is unknown, == 0 means that the PIN is blocked.
+        if (failure.retries() != 0) {
             throw CommandHandlerVerifyPinFailed(failure.what());
         }
         throw;

src/controller/command-handlers/sign.cpp

@@ -25,13 +25,13 @@
 #include <QJsonDocument>
 #include <QJsonObject>
 
-#ifdef _WIN32
+#ifdef Q_OS_WIN
 #include <stdio.h>
 #include <io.h>
 #include <fcntl.h>
 #endif
 
-#ifdef _WIN32
+#ifdef Q_OS_WIN
 // On Windows, the default I/O mode is O_TEXT. Set this to O_BINARY
 // to avoid unwanted modifications of the input/output streams.
 // See http://msdn.microsoft.com/en-us/library/tw4k6df8.aspx
@@ -64,7 +64,7 @@ void writeResponseLength(std::ostream& stream, const uint32_t responseLength)
 CommandWithArgumentsPtr readCommandFromStdin()
 {
 
-#ifdef _WIN32
+#ifdef Q_OS_WIN
     setIoStreamsToBinaryMode();
 #endif
 

src/controller/inputoutputmode.cpp

@@ -24,13 +24,6 @@
 
 #include "pcsc-cpp/pcsc-cpp-utils.hpp"
 
-#define REQUIRE_NON_NULL(val)                                                                      \
-    if (!val) {                                                                                    \
-        throw std::logic_error("Null " + std::string(#val) + " in "                                \
-                               + pcsc_cpp::removeAbsolutePathPrefix(__FILE__) + ':'                \
-                               + std::to_string(__LINE__) + ':' + __func__);                       \
-    }
-
 #define REQUIRE_NOT_EMPTY_CONTAINS_NON_NULL_PTRS(vec)                                              \
     if (vec.empty()) {                                                                             \
         throw std::logic_error(std::string(#vec) + " is empty in "                                 \

src/controller/utils.hpp

@@ -171,10 +171,6 @@
         <source>The card in the reader is not supported. Make sure that the entered ID-card is supported by the Web eID application.</source>
         <translation>The card in the reader is not supported. Make sure that the entered ID-card is supported by the Web eID application.</translation>
     </message>
-    <message>
-        <source>The certificates of the ID-card have expired. Valid certificates are required for the electronic use of the ID-card.</source>
-        <translation>The certificates of the ID-card have expired. Valid certificates are required for the electronic use of the ID-card.</translation>
-    </message>
     <message>
         <source>Unknown error</source>
         <translation>Unknown error</translation>
@@ -259,5 +255,17 @@
         <source>The certificate of the ID card in the reader does not match the originally submitted certificate. Please insert the original ID card.</source>
         <translation>The certificate of the ID card in the reader does not match the originally submitted certificate. Please insert the original ID card.</translation>
     </message>
+    <message>
+        <source>The inserted ID-card does not contain a certificate for the requested operation. Please insert an ID-card that supports the requested operation.</source>
+        <translation>The inserted ID-card does not contain a certificate for the requested operation. Please insert an ID-card that supports the requested operation.</translation>
+    </message>
+    <message>
+        <source>Please enter PIN for authentication in the PIN dialog window that opens.</source>
+        <translation>Please enter PIN for authentication in the PIN dialog window that opens.</translation>
+    </message>
+    <message>
+        <source>Please enter PIN for signing in the PIN dialog window that opens.</source>
+        <translation>Please enter PIN for signing in the PIN dialog window that opens.</translation>
+    </message>
 </context>
 </TS>

src/ui/translations/en.ts

@@ -167,10 +167,6 @@
         <source>The card in the reader is not supported. Make sure that the entered ID-card is supported by the Web eID application.</source>
         <translation>Lugejas on mittetoetatud kaart. Palun veendu, et sisestatud ID-kaart on Web eID rakenduses toetatud.</translation>
     </message>
-    <message>
-        <source>The certificates of the ID-card have expired. Valid certificates are required for the electronic use of the ID-card.</source>
-        <translation>ID-kaardi sertifikaadid on aegunud. ID-kaardi elektrooniliseks kasutamiseks on vaja kehtivaid sertifikaate.</translation>
-    </message>
     <message>
         <source>Unknown error</source>
         <translation>Tundmatu viga</translation>
@@ -259,5 +255,17 @@
         <source>The certificate of the ID card in the reader does not match the originally submitted certificate. Please insert the original ID card.</source>
         <translation>Lugejas oleva ID-kaardi sertifikaat ei ühti algselt esitatud sertifikaadiga. Palun sisesta algne ID-kaart.</translation>
     </message>
+    <message>
+        <source>The inserted ID-card does not contain a certificate for the requested operation. Please insert an ID-card that supports the requested operation.</source>
+        <translation>Sisestatud ID-kaardil ei ole sertifikaati soovitud toimingu jaoks. Palun sisestage soovitud toimingut toetav ID-kaart.</translation>
+    </message>
+    <message>
+        <source>Please enter PIN for authentication in the PIN dialog window that opens.</source>
+        <translation>Palun sisesta avanevas PIN-dialoogiaknas isikutuvastuseks PIN-kood.</translation>
+    </message>
+    <message>
+        <source>Please enter PIN for signing in the PIN dialog window that opens.</source>
+        <translation>Palun sisesta avanevas PIN-dialoogiaknas allkirjastamiseks PIN-kood.</translation>
+    </message>
 </context>
 </TS>

src/ui/translations/et.ts

@@ -183,10 +183,6 @@
         <source>By signing, I agree to the transfer of my name and personal identification code to the service provider.</source>
         <translation>Kirjautumalla suostun antamaan nimeni ja henkilötunnukseni palveluntarjoajalle.</translation>
     </message>
-    <message>
-        <source>The certificates of the ID-card have expired. Valid certificates are required for the electronic use of the ID-card.</source>
-        <translation>Henkilökortin varmenteet ovat vanhentuneet. Varmenteiden tulee olla voimassa, jotta henkilökorttia voi käyttää sähköisesti.</translation>
-    </message>
     <message>
         <source>An error occurred in the Smart Card service required to use the ID-card. Make sure that the ID-card and the card reader are connected correctly or relaunch the Smart Card service.</source>
         <translation>Henkilökortin käyttöön vaadittavassa älykorttipalvelussa tapahtui virhe. Varmista, että henkilökortti ja kortinlukija on kytketty oikein tai käynnistä älykorttipalvelu uudelleen.</translation>
@@ -259,5 +255,17 @@
         <source>The certificate of the ID card in the reader does not match the originally submitted certificate. Please insert the original ID card.</source>
         <translation>Lukijassa oleva henkilökortin varmenne ei vastaa alun perin lähetettyä varmennetta. Aseta alkuperäinen henkilökortti kortinlukijaan.</translation>
     </message>
+    <message>
+        <source>The inserted ID-card does not contain a certificate for the requested operation. Please insert an ID-card that supports the requested operation.</source>
+        <translation type="unfinished">Asennettu henkilökortti ei sisällä varmennetta pyydettyä toimintoa varten. Aseta sisään henkilökortti, joka tukee pyydettyä toimintoa.</translation>
+    </message>
+    <message>
+        <source>Please enter PIN for authentication in the PIN dialog window that opens.</source>
+        <translation type="unfinished">Syötä PIN todennusta varten avautuvaan PIN-valintaikkunaan.</translation>
+    </message>
+    <message>
+        <source>Please enter PIN for signing in the PIN dialog window that opens.</source>
+        <translation type="unfinished">Syötä PIN kirjautumista varten avautuvaan PIN-valintaikkunaan.</translation>
+    </message>
 </context>
 </TS>

src/ui/translations/fi.ts

@@ -47,7 +47,7 @@
     </message>
     <message>
         <source>Get help here: &lt;a href=&quot;https://www.id.ee&quot;&gt;id.ee&lt;/a&gt;</source>
-        <translation type="unfinished"></translation>
+        <translation>Pomoć potražite ovdje: &lt;a href=&quot;https://www.id.ee&quot;&gt;id.ee&lt;/a&gt;</translation>
     </message>
     <message>
         <source>Select a certificate</source>
@@ -249,10 +249,6 @@
         <source>The card in the reader is not supported. Make sure that the entered ID-card is supported by the Web eID application.</source>
         <translation>Osobna iskaznica u čitaču nije podržana. Provjerite je li umetnuta osobna iskaznica podržana od strane Web eID aplikacije.</translation>
     </message>
-    <message>
-        <source>The certificates of the ID-card have expired. Valid certificates are required for the electronic use of the ID-card.</source>
-        <translation>Vjerodajnica na osobnoj iskaznici je istekla. Valjana osobna iskaznica je neophodna za elektroničku uporabu.</translation>
-    </message>
     <message>
         <source>Operation failed. Make sure that the driver of the corresponding card reader is used. Read more &lt;a href=&quot;https://www.id.ee/en/article/using-pinpad-card-reader-drivers/&quot;&gt;here&lt;/a&gt;.</source>
         <translation>Radnja nije uspjela. Provjerite koristi li se ispravan pokretački program za osobnu iskaznicu. Pročitajte više o tome na &lt;a href=&quot;https://www.id.ee/en/article/using-pinpad-card-reader-drivers/&quot;&gt;ovdje&lt;/a&gt;.</translation>
@@ -261,5 +257,17 @@
         <source>Unknown error</source>
         <translation>Nepoznata greška</translation>
     </message>
+    <message>
+        <source>The inserted ID-card does not contain a certificate for the requested operation. Please insert an ID-card that supports the requested operation.</source>
+        <translation type="unfinished">Umetnuta iskaznica ne sadrži potvrdu za traženu operaciju. Molimo umetnite osobnu iskaznicu koja podržava traženu operaciju.</translation>
+    </message>
+    <message>
+        <source>Please enter PIN for authentication in the PIN dialog window that opens.</source>
+        <translation type="unfinished">Unesite PIN za autentifikaciju u dijaloški prozor PIN-a koji se otvara.</translation>
+    </message>
+    <message>
+        <source>Please enter PIN for signing in the PIN dialog window that opens.</source>
+        <translation type="unfinished">Unesite PIN za prijavu u dijaloški prozor PIN-a koji se otvara.</translation>
+    </message>
 </context>
 </TS>