Remove Gemalto card support

WE2-839

Signed-off-by: Raul Metsma <[email protected]>

CMakeLists.txt

@@ -19,8 +19,6 @@ add_library(${PROJECT_NAME}
   src/electronic-ids/x509.hpp
   src/electronic-ids/pcsc/EIDIDEMIA.cpp
   src/electronic-ids/pcsc/EIDIDEMIA.hpp
-  src/electronic-ids/pcsc/EstEIDGemalto.cpp
-  src/electronic-ids/pcsc/EstEIDGemalto.hpp
   src/electronic-ids/pcsc/EstEIDIDEMIA.cpp
   src/electronic-ids/pcsc/EstEIDIDEMIA.hpp
   src/electronic-ids/pcsc/FinEID.cpp
@@ -77,7 +75,6 @@ add_executable(${MOCK_TEST_EXE}
   tests/common/verify.hpp
   tests/mock/atrs.hpp
   tests/mock/select-certificate-script.hpp
-  tests/mock/select-certificate-script-EST-GEMALTO.hpp
   tests/mock/select-certificate-script-EST-IDEMIA.hpp
   tests/mock/select-certificate-script-FIN-V3.hpp
   tests/mock/select-certificate-script-FIN-V4.hpp

src/electronic-id.cpp

@@ -20,7 +20,6 @@
  * SOFTWARE.
  */
 
-#include "electronic-ids/pcsc/EstEIDGemalto.hpp"
 #include "electronic-ids/pcsc/EstEIDIDEMIA.hpp"
 #include "electronic-ids/pcsc/FinEID.hpp"
 #include "electronic-ids/pcsc/LatEIDIDEMIAv1.hpp"
@@ -58,14 +57,6 @@ constexpr auto constructor(const Reader& /*reader*/)
 
 // Supported cards.
 const std::map<byte_vector, ElectronicIDConstructor> SUPPORTED_ATRS {
-    // EstEID Gemalto v3.5.8 cold
-    {{0x3b, 0xfa, 0x18, 0x00, 0x00, 0x80, 0x31, 0xfe, 0x45, 0xfe,
-      0x65, 0x49, 0x44, 0x20, 0x2f, 0x20, 0x50, 0x4b, 0x49, 0x03},
-     constructor<EstEIDGemaltoV3_5_8>},
-    // EstEID Gemalto v3.5.8 warm
-    {{0x3b, 0xfe, 0x18, 0x00, 0x00, 0x80, 0x31, 0xfe, 0x45, 0x80, 0x31, 0x80,
-      0x66, 0x40, 0x90, 0xa4, 0x16, 0x2a, 0x00, 0x83, 0x0f, 0x90, 0x00, 0xef},
-     constructor<EstEIDGemaltoV3_5_8>},
     // EstEID Idemia v1.0
     {{0x3b, 0xdb, 0x96, 0x00, 0x80, 0xb1, 0xfe, 0x45, 0x1f, 0x83, 0x00,
       0x12, 0x23, 0x3f, 0x53, 0x65, 0x49, 0x44, 0x0f, 0x90, 0x00, 0xf1},
@@ -156,7 +147,7 @@ ElectronicID::ptr getElectronicID(const pcsc_cpp::Reader& reader)
 
 bool ElectronicID::isSupportedSigningHashAlgorithm(const HashAlgorithm hashAlgo) const
 {
-    const auto &supported = supportedSigningAlgorithms();
+    const auto& supported = supportedSigningAlgorithms();
     return std::find(supported.cbegin(), supported.cend(), hashAlgo) != supported.cend();
 }
 
@@ -187,20 +178,17 @@ HashAlgorithm::HashAlgorithm(const std::string& algoName)
 HashAlgorithm::operator std::string() const
 {
     const auto algoNameValuePair =
-        std::find_if(SUPPORTED_ALGORITHMS.begin(), SUPPORTED_ALGORITHMS.end(),
+        std::find_if(SUPPORTED_ALGORITHMS.cbegin(), SUPPORTED_ALGORITHMS.cend(),
                      [this](const auto& pair) { return pair.second == value; });
-    return algoNameValuePair != SUPPORTED_ALGORITHMS.end() ? algoNameValuePair->first : "UNKNOWN";
+    return algoNameValuePair != SUPPORTED_ALGORITHMS.cend() ? algoNameValuePair->first : "UNKNOWN";
 }
 
 std::string HashAlgorithm::allSupportedAlgorithmNames()
 {
-    static auto SUPPORTED_ALGORITHM_NAMES = std::string {};
-    if (SUPPORTED_ALGORITHM_NAMES.empty()) {
-        SUPPORTED_ALGORITHM_NAMES = std::accumulate(
-            std::next(SUPPORTED_ALGORITHMS.begin()), SUPPORTED_ALGORITHMS.end(),
-            SUPPORTED_ALGORITHMS.begin()->first,
-            [](auto result, const auto& value) { return result + ", "s + value.first; });
-    }
+    static const auto SUPPORTED_ALGORITHM_NAMES = std::accumulate(
+        std::next(SUPPORTED_ALGORITHMS.begin()), SUPPORTED_ALGORITHMS.end(),
+        std::string(SUPPORTED_ALGORITHMS.begin()->first),
+        [](auto result, const auto& value) { return result + ", "s + std::string(value.first); });
     return SUPPORTED_ALGORITHM_NAMES;
 }
 

src/electronic-ids/pcsc/EIDIDEMIA.cpp

@@ -41,11 +41,9 @@ byte_vector EIDIDEMIA::getCertificateImpl(const CertificateType type) const
     transmitApduWithExpectedResponse(*card,
                                      type.isAuthentication() ? selectApplicationID().AUTH_AID
                                                              : selectApplicationID().SIGN_AID);
-    return electronic_id::getCertificate(
-        *card,
-        {
-            type.isAuthentication() ? selectCertificate().AUTH_CERT : selectCertificate().SIGN_CERT,
-        });
+    return electronic_id::getCertificate(*card,
+                                         type.isAuthentication() ? selectCertificate().AUTH_CERT
+                                                                 : selectCertificate().SIGN_CERT);
 }
 
 byte_vector EIDIDEMIA::signWithAuthKeyImpl(const byte_vector& pin, const byte_vector& hash) const

src/electronic-ids/pcsc/FinEID.cpp

@@ -66,10 +66,9 @@ namespace electronic_id
 
 byte_vector FinEIDv3::getCertificateImpl(const CertificateType type) const
 {
+    transmitApduWithExpectedResponse(*card, SELECT_MAIN_AID);
     return electronic_id::getCertificate(
-        *card,
-        {SELECT_MAIN_AID,
-         type.isAuthentication() ? SELECT_AUTH_CERT_FILE : SELECT_SIGN_CERT_FILE_V3});
+        *card, type.isAuthentication() ? SELECT_AUTH_CERT_FILE : SELECT_SIGN_CERT_FILE_V3);
 }
 
 byte_vector FinEIDv3::signWithAuthKeyImpl(const byte_vector& pin, const byte_vector& hash) const
@@ -190,10 +189,9 @@ ElectronicID::PinRetriesRemainingAndMax FinEIDv3::pinRetriesLeft(byte_type pinRe
 
 byte_vector FinEIDv4::getCertificateImpl(const CertificateType type) const
 {
+    transmitApduWithExpectedResponse(*card, SELECT_MAIN_AID);
     return electronic_id::getCertificate(
-        *card,
-        {SELECT_MAIN_AID,
-         type.isAuthentication() ? SELECT_AUTH_CERT_FILE : SELECT_SIGN_CERT_FILE_V4});
+        *card, type.isAuthentication() ? SELECT_AUTH_CERT_FILE : SELECT_SIGN_CERT_FILE_V4);
 }
 
 byte_vector FinEIDv4::signWithAuthKeyImpl(const byte_vector& pin, const byte_vector& hash) const

src/electronic-ids/pcsc/pcsc-common.hpp

@@ -31,15 +31,12 @@
 namespace electronic_id
 {
 
-inline pcsc_cpp::byte_vector
-getCertificate(pcsc_cpp::SmartCard& card,
-               const std::vector<pcsc_cpp::byte_vector>& selectCertFileCmds)
+inline pcsc_cpp::byte_vector getCertificate(pcsc_cpp::SmartCard& card,
+                                            const pcsc_cpp::byte_vector& selectCertFileCmd)
 {
     static const size_t MAX_LE_VALUE = 0xb5;
 
-    for (const auto& commandApdu : selectCertFileCmds) {
-        transmitApduWithExpectedResponse(card, commandApdu);
-    }
+    transmitApduWithExpectedResponse(card, selectCertFileCmd);
 
     const auto length = readDataLengthFromAsn1(card);
 

tests/common/selectcard.hpp

@@ -14,3 +14,8 @@ inline electronic_id::CardInfo::ptr autoSelectSupportedCard() {
 
     return  cardList[0];
 }
+
+inline std::ostream &operator<<(std::ostream &os, const pcsc_cpp::byte_vector &data)
+{
+    return os << pcsc_cpp::bytes2hexstr(data);
+}

tests/integration/test-authenticate.cpp

@@ -43,9 +43,12 @@ TEST(electronic_id_test, authenticate)
     std::cout << "Does the reader have a PIN-pad? "
               << (cardInfo->eid().smartcard().readerHasPinPad() ? "yes" : "no") << '\n';
 
-    if (cardInfo->eid().authSignatureAlgorithm() != JsonWebSignatureAlgorithm::ES384
-        && cardInfo->eid().authSignatureAlgorithm() != JsonWebSignatureAlgorithm::RS256
-        && cardInfo->eid().authSignatureAlgorithm() != JsonWebSignatureAlgorithm::PS256) {
+    switch (cardInfo->eid().authSignatureAlgorithm()) {
+    case JsonWebSignatureAlgorithm::ES384:
+    case JsonWebSignatureAlgorithm::RS256:
+    case JsonWebSignatureAlgorithm::PS256:
+        break;
+    default:
         // TODO: Add other algorithms as required.
         throw std::runtime_error(
             "TEST authenticate: Only ES384, RS256 and PS256 signature algorithm "
@@ -54,9 +57,7 @@ TEST(electronic_id_test, authenticate)
 
     GTEST_ASSERT_GE(cardInfo->eid().authPinRetriesLeft().first, 0U);
 
-    const auto &pin = cardInfo->eid().name() == "EstEID Gemalto v3.5.8"
-        ? byte_vector {'0', '0', '9', '0'} // Gemalto test card default PIN1
-        : byte_vector {'1', '2', '3', '4'};
+    const byte_vector pin {'1', '2', '3', '4'};
 
     std::cout << "WARNING! Using hard-coded PIN "
               << std::string(reinterpret_cast<const char*>(pin.data()), pin.size()) << '\n';
@@ -66,7 +67,7 @@ TEST(electronic_id_test, authenticate)
     const byte_vector hash = calculateDigest(hashAlgo.hashAlgorithm(), dataToSign);
     auto signature = cardInfo->eid().signWithAuthKey(pin, hash);
 
-    std::cout << "Authentication signature: " << pcsc_cpp::bytes2hexstr(signature) << '\n';
+    std::cout << "Authentication signature: " << signature << '\n';
 
     if (!verify(hashAlgo.hashAlgorithm(), cert, dataToSign, signature,
                 hashAlgo == JsonWebSignatureAlgorithm::PS256)) {

tests/integration/test-get-certificate.cpp

@@ -22,8 +22,6 @@
 
 #include "../common/selectcard.hpp"
 
-#include "electronic-id/electronic-id.hpp"
-
 #include "gtest/gtest.h"
 
 #include <iostream>
@@ -36,13 +34,13 @@ TEST(electronic_id_test, getCertificate)
 
     EXPECT_TRUE(cardInfo);
 
-    std::cout << "Selected card: " << cardInfo->eid().name() << std::endl;
+    std::cout << "Selected card: " << cardInfo->eid().name() << '\n';
 
     auto certificate = cardInfo->eid().getCertificate(CertificateType::AUTHENTICATION);
 
-    std::cout << "Authentication certificate: " << pcsc_cpp::bytes2hexstr(certificate) << std::endl;
+    std::cout << "Authentication certificate: " << certificate << '\n';
 
     certificate = cardInfo->eid().getCertificate(CertificateType::SIGNING);
 
-    std::cout << "Signing certificate: " << pcsc_cpp::bytes2hexstr(certificate) << std::endl;
+    std::cout << "Signing certificate: " << certificate << '\n';
 }