This branch implements necessary code changes in the https://github.com/Muzosh/Smart-Card-Authentication-On-The-Web project. It adopts the InfinitEID interface in order to allow users to authenticate with custom-built non-state-issued smart cards.
git clone https://github.com/web-eid/web-eid-app && cd web-eid-app
git submodule set-url lib/libelectronic-id https://github.com/Muzosh/libelectronic-id && git submodule set-branch --branch feature-InfinitEID lib/libelectronic-id
git submodule update --init --remote --recursive
- add line
{JsonWebSignatureAlgorithm::ES256, QCryptographicHash::Sha256},
to the map increateSignature
function insrc/controller/command-handlers/authenticate.cpp
- change the ATR according to your card in
lib/libelectronic-id/src/electronic-id.cpp
inSUPPORTED_ATRS
map
Build modified Web-eID native application or download it from Releases
- follow the build instructions in official Web-eID repository
- builded app will work with InfinitEID
- it is better to build an installer instead of just single app:
- see the .github workflows for OS-specific cmake targets
- for example on MacOS:
cmake --build ${BUILD_DIR} --config ${BUILD_TYPE} --target installer
for Chrome and Firefoxcmake --build ${BUILD_DIR} --config ${BUILD_TYPE} --target installer-safari
for Safari
C++ library for performing cryptographic operations with electronic identification (eID) cards.
Currently supports Finnish, Estonian, Latvian and Lithuanian eID cards. Please submit an issue if you want to request support for your country's eID card.
If possible, communicates with the eID card directly via PC/SC using APDUs according to the card specification.
When APDU communication is not possible (e.g. Lithuanian eID), uses PKCS#11 and requires the corresponding PKCS#11 module to be installed.
Example how to automatically select and connect to a supported eID card, and read the authentication certificate:
const auto cardInfo = autoSelectSupportedCard();
std::cout << "Reader " << cardInfo->reader().name << " has supported card "
<< cardInfo->eid().name();
const auto certificateBytes = cardInfo->eid().getCertificate(CertificateType::AUTHENTICATION);
See more examples in tests.
apt install build-essential pkg-config cmake libgtest-dev valgrind libpcsclite-dev
sudo bash -c 'cd /usr/src/googletest && cmake . && cmake --build . --target install'
cd build
cmake .. # optionally with -DCMAKE_BUILD_TYPE=Debug
cmake --build . # optionally with VERBOSE=1
Build as described above, then run inside build
directory:
ctest # or 'valgrind --leak-check=full ctest'
ctest
runs tests that use the libscard-mock library to mock PC/SC API calls.
There are also integration tests that use the real operating system PC/SC
service, run them inside build
directory with:
./libpcsc-cpp-test-integration
- Format code with
scripts/clang-format.sh
before committing - See docs/DEVELOPMENT.md