diff --git a/MoppApp/MoppApp/AddresseeActions.swift b/MoppApp/MoppApp/AddresseeActions.swift index bf27e14cd..53741beff 100644 --- a/MoppApp/MoppApp/AddresseeActions.swift +++ b/MoppApp/MoppApp/AddresseeActions.swift @@ -21,6 +21,7 @@ * */ import Foundation +import CryptoLib protocol AddresseeActions { func displayAddresseeType(_ policyIdentifiers: [String]) -> String diff --git a/MoppApp/MoppApp/ContainerActions.swift b/MoppApp/MoppApp/ContainerActions.swift index 1c203f607..bab5a5230 100644 --- a/MoppApp/MoppApp/ContainerActions.swift +++ b/MoppApp/MoppApp/ContainerActions.swift @@ -23,6 +23,7 @@ import Foundation import SkSigningLib +import CryptoLib protocol ContainerActions { func openExistingContainer(with url: URL, cleanup: Bool, isEmptyFileImported: Bool, isSendingToSivaAgreed: Bool) diff --git a/MoppApp/MoppApp/ContainerAddAllButtonCell.swift b/MoppApp/MoppApp/ContainerAddAllButtonCell.swift index e62dad4f7..957563394 100644 --- a/MoppApp/MoppApp/ContainerAddAllButtonCell.swift +++ b/MoppApp/MoppApp/ContainerAddAllButtonCell.swift @@ -22,6 +22,7 @@ */ import Foundation +import CryptoLib class ContainerAddAllButtonCell: UITableViewCell { diff --git a/MoppApp/MoppApp/ContainerFoundAddresseeCell.swift b/MoppApp/MoppApp/ContainerFoundAddresseeCell.swift index cf896b2f9..4050b4e0a 100644 --- a/MoppApp/MoppApp/ContainerFoundAddresseeCell.swift +++ b/MoppApp/MoppApp/ContainerFoundAddresseeCell.swift @@ -22,6 +22,7 @@ */ import Foundation +import CryptoLib protocol ContainerFoundAddresseeCellDelegate : AnyObject { func addAddresseeToSelectedArea(index: Int, completionHandler: @escaping () -> Void) diff --git a/MoppApp/MoppApp/CryptoActions.swift b/MoppApp/MoppApp/CryptoActions.swift index 3d0a21d86..6786ff262 100644 --- a/MoppApp/MoppApp/CryptoActions.swift +++ b/MoppApp/MoppApp/CryptoActions.swift @@ -21,6 +21,7 @@ * */ import Foundation +import CryptoLib protocol CryptoActions { func startEncryptingProcess() diff --git a/MoppApp/MoppApp/CryptoContainerViewController.swift b/MoppApp/MoppApp/CryptoContainerViewController.swift index 053ca0b00..5c6d40cb0 100644 --- a/MoppApp/MoppApp/CryptoContainerViewController.swift +++ b/MoppApp/MoppApp/CryptoContainerViewController.swift @@ -22,6 +22,7 @@ */ import UIKit +import CryptoLib class CryptoContainerViewController : ContainerViewController, CryptoActions { diff --git a/MoppApp/MoppApp/IdCardViewController.swift b/MoppApp/MoppApp/IdCardViewController.swift index 1b618aa85..565d3d964 100644 --- a/MoppApp/MoppApp/IdCardViewController.swift +++ b/MoppApp/MoppApp/IdCardViewController.swift @@ -579,7 +579,7 @@ extension IdCardViewController : MoppLibCardReaderManagerDelegate { // Give some time for UI to update before executing data requests DispatchQueue.main.asyncAfter(deadline: .now() + 0.1, execute: { [weak self] in guard let strongSelf = self else { return } - MoppLibCardActions.minimalCardPersonalData(success: { [weak self] moppLibPersonalData in + MoppLibCardActions.cardPersonalData(success: { [weak self] moppLibPersonalData in DispatchQueue.main.async { self?.idCardPersonalData = moppLibPersonalData self?.state = .readyForTokenAction diff --git a/MoppApp/MoppApp/MyeIDInfoManager.swift b/MoppApp/MoppApp/MyeIDInfoManager.swift index 0cec767e2..4f3ff6107 100644 --- a/MoppApp/MoppApp/MyeIDInfoManager.swift +++ b/MoppApp/MoppApp/MyeIDInfoManager.swift @@ -178,7 +178,7 @@ class MyeIDInfoManager { self?.delegate?.didCompleteInformationRequest(success: false) } - MoppLibCardActions.minimalCardPersonalData(success: { moppLibPersonalData in + MoppLibCardActions.cardPersonalData(success: { moppLibPersonalData in MoppLibCardActions.authenticationCertificate(success: { moppLibAuthCertData in MoppLibCardActions.signingCertificate(success: { [weak self] moppLibSignCertData in self?.requestRetryCounts(with: viewController, success: { [weak self] (pin1RetryCount, pin2RetryCount, pukRetryCount) in @@ -220,7 +220,7 @@ class MyeIDInfoManager { guard let personalData = personalData else { return } let certOrganization = authCertData?.organization ?? MoppLibCertificateOrganization.Unknown personalInfo.items.append((type: .myeID, value: organizationDisplayString(certOrganization))) - personalInfo.items.append((type: .givenNames, value: personalData.givenNames())) + personalInfo.items.append((type: .givenNames, value: personalData.givenNames)) personalInfo.items.append((type: .surname, value: personalData.surname)) personalInfo.items.append((type: .personalCode, value: personalData.personalIdentificationCode)) personalInfo.items.append((type: .citizenship, value: personalData.nationality)) diff --git a/MoppApp/MoppApp/RecentContainersViewController.swift b/MoppApp/MoppApp/RecentContainersViewController.swift index 09a7e73cf..b0b4106a0 100644 --- a/MoppApp/MoppApp/RecentContainersViewController.swift +++ b/MoppApp/MoppApp/RecentContainersViewController.swift @@ -22,6 +22,7 @@ */ import UIKit +import CryptoLib class RecentContainersViewController : MoppModalViewController { var requestCloseSearch: (() -> Void) = {} @IBOutlet weak var tableView: UITableView! diff --git a/MoppLib/MoppLib.xcodeproj/project.pbxproj b/MoppLib/MoppLib.xcodeproj/project.pbxproj index 2902beca6..f4ba46e9a 100644 --- a/MoppLib/MoppLib.xcodeproj/project.pbxproj +++ b/MoppLib/MoppLib.xcodeproj/project.pbxproj @@ -21,7 +21,6 @@ 545111721E13BBA800296B80 /* MoppLibPersonalData.h in Headers */ = {isa = PBXBuildFile; fileRef = 545111701E13BBA800296B80 /* MoppLibPersonalData.h */; settings = {ATTRIBUTES = (Public, ); }; }; 545111731E13BBA800296B80 /* MoppLibPersonalData.m in Sources */ = {isa = PBXBuildFile; fileRef = 545111711E13BBA800296B80 /* MoppLibPersonalData.m */; }; 5463DA4C1E12927A008A1714 /* CardCommands.h in Headers */ = {isa = PBXBuildFile; fileRef = 5463DA4A1E12927A008A1714 /* CardCommands.h */; }; - 5463DA4D1E12927A008A1714 /* CardCommands.m in Sources */ = {isa = PBXBuildFile; fileRef = 5463DA4B1E12927A008A1714 /* CardCommands.m */; }; 546E57611E2E07C7009A568D /* PinVerificationTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 546E57601E2E07C7009A568D /* PinVerificationTests.m */; }; 546E57631E2E07C7009A568D /* MoppLib.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = E4250CE71E09695100530370 /* MoppLib.framework */; }; 546E576B1E2E1555009A568D /* MoppLibPinActions+Tests.m in Sources */ = {isa = PBXBuildFile; fileRef = 546E576A1E2E1555009A568D /* MoppLibPinActions+Tests.m */; }; @@ -116,7 +115,6 @@ 545111701E13BBA800296B80 /* MoppLibPersonalData.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MoppLibPersonalData.h; sourceTree = ""; }; 545111711E13BBA800296B80 /* MoppLibPersonalData.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MoppLibPersonalData.m; sourceTree = ""; }; 5463DA4A1E12927A008A1714 /* CardCommands.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CardCommands.h; sourceTree = ""; }; - 5463DA4B1E12927A008A1714 /* CardCommands.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = CardCommands.m; sourceTree = ""; }; 546E575E1E2E07C7009A568D /* MoppLibTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = MoppLibTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; }; 546E57601E2E07C7009A568D /* PinVerificationTests.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = PinVerificationTests.m; sourceTree = ""; }; 546E57621E2E07C7009A568D /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; @@ -305,7 +303,6 @@ 54DC0DFB1E0D196D00C62B3D /* CardActionsManager.h */, 54DC0DFC1E0D196D00C62B3D /* CardActionsManager.m */, 5463DA4A1E12927A008A1714 /* CardCommands.h */, - 5463DA4B1E12927A008A1714 /* CardCommands.m */, ); name = CardActions; sourceTree = ""; @@ -619,7 +616,6 @@ C5E41C5E2180602B00D79B54 /* Idemia.m in Sources */, 54DC0DFE1E0D196D00C62B3D /* CardActionsManager.m in Sources */, AE0A844B1E43853800CC1465 /* MoppLibMobileCreateSignatureResponse.m in Sources */, - 5463DA4D1E12927A008A1714 /* CardCommands.m in Sources */, 39266A5320CFC0F4002E3F23 /* SmartToken.m in Sources */, 542DCB6D1E23968000899534 /* MoppLibPinActions.m in Sources */, C54EA732204D5E860039AC78 /* CardReaderiR301.m in Sources */, diff --git a/MoppLib/MoppLib/CardActionsManager.h b/MoppLib/MoppLib/CardActionsManager.h index 12c2c70b7..16636567a 100644 --- a/MoppLib/MoppLib/CardActionsManager.h +++ b/MoppLib/MoppLib/CardActionsManager.h @@ -21,10 +21,11 @@ * */ -#import -#import -#import "CardCommands.h" -#import "MoppLibRoleAddressData.h" +#import "MoppLibConstants.h" + +typedef NS_ENUM(NSUInteger, CodeType); +@class MoppLibRoleAddressData; +@protocol CardReaderWrapper; @interface CardActionsManager : NSObject + (CardActionsManager *)sharedInstance; @@ -33,15 +34,11 @@ - (void)setReader:(id)cardReader; -- (void)minimalCardPersonalDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure; - - (void)cardPersonalDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure; -- (void)signingCertWithPin2:(NSString *)pin2 success:(CertDataBlock)success failure:(FailureBlock)failure; -- (void)authenticationCertWithSuccess:(CertDataBlock)success failure:(FailureBlock)failure; +- (void)signingCertWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure; -- (void)authenticationCertDataWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure; -- (void)signingCertDataWithPin2:(NSString *)pin2 success:(DataSuccessBlock)success failure:(FailureBlock)failure; +- (void)authenticationCertWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure; - (void)changePin:(CodeType)type withPuk:(NSString *)puk to:(NSString *)newPin success:(VoidBlock)success failure:(FailureBlock)failure; @@ -53,13 +50,11 @@ - (void)addSignature:(NSString *)containerPath withPin2:(NSString *)pin2 roleData:(MoppLibRoleAddressData *)roleData success:(void (^)(MoppLibContainer *container, BOOL signatureWasAdded))success failure:(FailureBlock)failure; -- (void)calculateSignatureFor:(NSData *)hash pin2:(NSString *)pin2 useECC:(BOOL)useECC success:(DataSuccessBlock)success failure:(FailureBlock)failure; - -- (void)decryptData:(NSData *)hash pin1:(NSString *)pin1 useECC:(BOOL)useECC success:(DataSuccessBlock)success failure:(FailureBlock)failure; +- (void)authenticateFor:(NSData *)hash pin1:(NSString *)pin2 success:(DataSuccessBlock)success failure:(FailureBlock)failure; -- (void)isCardInserted:(BoolBlock)completion; +- (void)calculateSignatureFor:(NSData *)hash pin2:(NSString *)pin2 success:(DataSuccessBlock)success failure:(FailureBlock)failure; -- (BOOL)isReaderConnected; +- (void)decryptData:(NSData *)hash pin1:(NSString *)pin1 success:(DataSuccessBlock)success failure:(FailureBlock)failure; - (void)resetCardActions; @end diff --git a/MoppLib/MoppLib/CardActionsManager.m b/MoppLib/MoppLib/CardActionsManager.m index fbeb138d8..5592f8e0c 100644 --- a/MoppLib/MoppLib/CardActionsManager.m +++ b/MoppLib/MoppLib/CardActionsManager.m @@ -22,19 +22,15 @@ */ #import "CardActionsManager.h" -#import "CardReaderiR301.h" +#import "CardReaderWrapper.h" #import "ReaderInterface.h" -#import "wintypes.h" #import "MoppLibError.h" -#import "NSData+Additions.h" #import "Idemia.h" #import "MoppLibCertificate.h" #import "MoppLibDigidocManager.h" #import "MoppLibCardReaderManager.h" -#import typedef NS_ENUM(NSUInteger, CardAction) { - CardActionReadMinPublicData = 0, CardActionReadPublicData = 1, CardActionChangePin = 2, CardActionChangePinWithPuk = 3, @@ -42,18 +38,16 @@ typedef NS_ENUM(NSUInteger, CardAction) { CardActionPinRetryCount = 5, CardActionReadSigningCert = 6, CardActionReadAuthenticationCert = 7, - CardActionReadSecretKey = 8, CardActionCalculateSignature = 9, CardActionDecryptData = 10, - CardActionGetCardStatus = 11 + CardActionGetCardStatus = 11, + CardActionAuth = 12, }; NSString *const kCardActionDataHash = @"Hash"; NSString *const kCardActionDataCodeType = @"Code type"; NSString *const kCardActionDataNewCode = @"New code"; NSString *const kCardActionDataVerify = @"Verify"; -NSString *const kCardActionDataRecord = @"Record"; -NSString *const kCardActionDataUseECC = @"Use ECC"; @interface CardActionObject : NSObject @property (nonatomic, assign) CardAction action; @@ -63,7 +57,6 @@ @interface CardActionObject : NSObject @property (nonatomic, strong) NSDictionary *data; @property (nonatomic, assign) NSUInteger retryCount; @property (nonatomic, strong) NSString *pin; -@property (nonatomic) BOOL useECC; @end @implementation CardActionObject @@ -71,7 +64,7 @@ @implementation CardActionObject @end -@interface CardActionsManager() +@interface CardActionsManager() @property (nonatomic, strong) NSMutableArray *cardActions; @property (nonatomic, assign) BOOL isActionExecuting; @@ -107,40 +100,17 @@ - (void)resetCardActions { - (void)setReader:(id)cardReader { _reader = cardReader; - [[NSNotificationCenter defaultCenter] postNotificationName:kMoppLibNotificationReaderStatusChanged object:nil]; -} - -- (void)minimalCardPersonalDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure { - [self addCardAction:CardActionReadMinPublicData data:nil success:success failure:failure]; } - (void)cardPersonalDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure { [self addCardAction:CardActionReadPublicData data:nil success:success failure:failure]; } -- (void)signingCertWithPin2:(NSString *)pin2 success:(CertDataBlock)success failure:(FailureBlock)failure { - MoppLibCerificatetData *certData = [MoppLibCerificatetData new]; - - [self signingCertDataWithPin2:pin2 success:^(NSData *data) { - [MoppLibCertificate certData:certData updateWithDerEncoding:data]; - success(certData); - } failure:failure]; -} - -- (void)signingCertDataWithPin2:(NSString *)pin2 success:(DataSuccessBlock)success failure:(FailureBlock)failure { - [self addCardAction:CardActionReadSigningCert data:@{kCardActionDataVerify: pin2} success:success failure:failure]; +- (void)signingCertWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { + [self addCardAction:CardActionReadSigningCert data:nil success:success failure:failure]; } -- (void)authenticationCertWithSuccess:(CertDataBlock)success failure:(FailureBlock)failure { - MoppLibCerificatetData *certData = [MoppLibCerificatetData new]; - - [self authenticationCertDataWithSuccess:^(NSData *data) { - [MoppLibCertificate certData:certData updateWithDerEncoding:data]; - success(certData); - } failure:failure]; -} - -- (void)authenticationCertDataWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { +- (void)authenticationCertWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { [self addCardAction:CardActionReadAuthenticationCert data:nil success:success failure:failure]; } @@ -166,19 +136,23 @@ - (void)code:(CodeType)type retryCountWithSuccess:(void (^)(NSNumber *))success - (void)unblockCode:(CodeType)type withPuk:(NSString *)puk newCode:(NSString *)newCode success:(VoidBlock)success failure:(FailureBlock)failure { NSDictionary *data = @{kCardActionDataCodeType:[NSNumber numberWithInt:type], kCardActionDataVerify:puk, kCardActionDataNewCode:newCode}; [self addCardAction:CardActionUnblockPin data:data success:^(id data) { - [[NSNotificationCenter defaultCenter] postNotificationName:kMoppLibNotificationRetryCounterChanged object:nil]; success(); } failure:failure]; } -- (void)calculateSignatureFor:(NSData *)hash pin2:(NSString *)pin2 useECC:(BOOL)useECC success:(DataSuccessBlock)success failure:(FailureBlock)failure { - NSDictionary *data = @{kCardActionDataHash:hash, kCardActionDataVerify:pin2, kCardActionDataUseECC:[NSNumber numberWithBool:useECC]}; +- (void)authenticateFor:(NSData *)hash pin1:(NSString *)pin1 success:(DataSuccessBlock)success failure:(FailureBlock)failure { + NSDictionary *data = @{kCardActionDataHash:hash, kCardActionDataVerify:pin1}; + [self addCardAction:CardActionAuth data:data success:success failure:failure]; +} + +- (void)calculateSignatureFor:(NSData *)hash pin2:(NSString *)pin2 success:(DataSuccessBlock)success failure:(FailureBlock)failure { + NSDictionary *data = @{kCardActionDataHash:hash, kCardActionDataVerify:pin2}; [self addCardAction:CardActionCalculateSignature data:data success:success failure:failure]; } -- (void)decryptData:(NSData *)hash pin1:(NSString *)pin1 useECC:(BOOL)useECC success:(DataSuccessBlock)success failure:(FailureBlock)failure { - NSDictionary *data = @{kCardActionDataHash:hash, kCardActionDataVerify:pin1, kCardActionDataUseECC:[NSNumber numberWithBool:useECC]}; - [self addCardAction:CardActionDecryptData data:data success:success failure:failure]; +- (void)decryptData:(NSData *)hash pin1:(NSString *)pin1 success:(DataSuccessBlock)success failure:(FailureBlock)failure { + NSDictionary *data = @{kCardActionDataHash:hash, kCardActionDataVerify:pin1}; + [self addCardAction:CardActionDecryptData data:data success:success failure:failure]; } - (void)addSignature:(NSString *)containerPath withPin2:(NSString *)pin2 roleData:(MoppLibRoleAddressData *)roleData success:(void(^)(MoppLibContainer *container, BOOL signatureWasAdded))success failure:(FailureBlock)failure { @@ -195,19 +169,13 @@ - (void)addSignature:(NSString *)containerPath withPin2:(NSString *)pin2 roleDat } - (void)addSignatureTo:(NSString *)containerPath pin2:(NSString *)pin2 roleData:(MoppLibRoleAddressData *)roleData success:(void(^)(MoppLibContainer *container, BOOL signatureWasAdded))success andFailure:(FailureBlock)failure { - [self signingCertDataWithPin2:pin2 success:^(NSData *certData) { + [self signingCertWithSuccess:^(NSData *certData) { [[MoppLibDigidocManager sharedInstance] addSignature:containerPath pin2:pin2 cert:certData roleData:roleData success:^(MoppLibContainer *container) { success(container, YES); } andFailure:failure]; } failure:failure]; } -- (void)notifyIdNeeded:(NSError *)error { - if (error.code == moppLibErrorWrongPin) { - [[NSNotificationCenter defaultCenter] postNotificationName:kMoppLibNotificationRetryCounterChanged object:nil]; - } -} - /** * Adds card action to queue. One card action may require sending multiple commands to id card. These commands often must be executed in specific order. For that reason we must make sure commands from different card actions are not mixed. * @@ -221,7 +189,6 @@ - (void)addCardAction:(NSUInteger)action data:(NSDictionary *)data success:(void CardActionObject *cardAction = [CardActionObject new]; cardAction.successBlock = success; cardAction.failureBlock = ^(NSError *error) { - [self notifyIdNeeded:error]; failure(error); }; cardAction.action = action; @@ -360,11 +327,6 @@ - (void)executeAction:(CardActionObject *)actionObject { break; } - case CardActionReadMinPublicData: { - [self.cardCommandHandler readMinimalPublicDataWithSuccess:success failure:failure]; - break; - } - case CardActionChangePin: { CodeType type = ((NSNumber *)[actionObject.data objectForKey:kCardActionDataCodeType]).integerValue; NSString *verifyCode = [actionObject.data objectForKey:kCardActionDataVerify]; @@ -377,13 +339,7 @@ - (void)executeAction:(CardActionObject *)actionObject { CodeType type = ((NSNumber *)[actionObject.data objectForKey:kCardActionDataCodeType]).integerValue; NSString *verifyCode = [actionObject.data objectForKey:kCardActionDataVerify]; NSString *newCode = [actionObject.data objectForKey:kCardActionDataNewCode]; - - // Changing PIN with PUK requires blocking PIN and then performing unblock action. To make sure we don't block PIN without reason, we will verify PUK first. - [self.cardCommandHandler verifyCode:verifyCode ofType:CodeTypePuk withSuccess:^(NSData *data) { - [self blockPin:type completion:^{ - [self.cardCommandHandler unblockCode:type withPuk:verifyCode newCode:newCode success:success failure:failure]; - }]; - } failure:failure]; + [self.cardCommandHandler unblockCode:type withPuk:verifyCode newCode:newCode success:success failure:failure]; break; } @@ -405,33 +361,32 @@ - (void)executeAction:(CardActionObject *)actionObject { } case CardActionReadSigningCert: { - [self readCert:CardActionReadSigningCert success:success failure:failure]; + [self.cardCommandHandler readSignatureCertificateWithSuccess:success failure:failure]; break; } case CardActionReadAuthenticationCert: { - [self readCert:CardActionReadAuthenticationCert success:success failure:failure]; + [self.cardCommandHandler readAuthenticationCertificateWithSuccess:success failure:failure]; break; } case CardActionCalculateSignature: { NSString *pin2 = [actionObject.data objectForKey:kCardActionDataVerify]; NSData *hash = [actionObject.data objectForKey:kCardActionDataHash]; - BOOL useECC = [(NSNumber *)[actionObject.data objectForKey:kCardActionDataUseECC] boolValue]; - [self.cardCommandHandler calculateSignatureFor:hash withPin2:pin2 useECC:useECC success:success failure:failure]; + [self.cardCommandHandler calculateSignatureFor:hash withPin2:pin2 success:success failure:failure]; break; } - case CardActionDecryptData: { + case CardActionAuth: { NSString *pin1 = [actionObject.data objectForKey:kCardActionDataVerify]; NSData *hash = [actionObject.data objectForKey:kCardActionDataHash]; - BOOL useECC = [(NSNumber *)[actionObject.data objectForKey:kCardActionDataUseECC] boolValue]; - [self.cardCommandHandler decryptData:hash withPin1:pin1 useECC:useECC success:success failure:failure]; + [self.cardCommandHandler authenticateFor:hash withPin1:pin1 success:success failure:failure]; break; } - case CardActionReadSecretKey: { - NSNumber *record = [actionObject.data objectForKey:kCardActionDataRecord]; - [self.cardCommandHandler readSecretKeyRecord:record.integerValue withSuccess:success failure:failure]; + case CardActionDecryptData: { + NSString *pin1 = [actionObject.data objectForKey:kCardActionDataVerify]; + NSData *hash = [actionObject.data objectForKey:kCardActionDataHash]; + [self.cardCommandHandler decryptData:hash withPin1:pin1 success:success failure:failure]; break; } @@ -440,51 +395,6 @@ - (void)executeAction:(CardActionObject *)actionObject { } } -- (void) blockPin:(CodeType)pinId completion:(VoidBlock)completion { - [self blockPin:pinId withCode:@"00000" completion:completion]; -} - -NSString *blockBackupCode = @"00001"; -- (void)blockPin:(CodeType)pinId withCode:(NSString *)code completion:(VoidBlock)completion { - void (^failure)(NSError *) = ^(NSError *error) { - if (error.code == moppLibErrorWrongPin) { - NSNumber *count = [error.userInfo objectForKey:kMoppLibUserInfoRetryCount]; - if (count.intValue > 0) { - [self blockPin:pinId completion:completion]; - } else { - completion(); - } - } else { - completion(); - } - }; - - void (^success)(NSData *) = ^(NSData *data) { - if ([code isEqualToString:blockBackupCode]) { - [self blockPin:pinId withCode:blockBackupCode completion:completion]; - } else { - // This should not happen - completion(); - } - }; - - if (pinId == 1) { - [self.cardCommandHandler verifyCode:code ofType:CodeTypePin1 withSuccess:success failure:failure]; - } else { - [self.cardCommandHandler verifyCode:code ofType:CodeTypePin2 withSuccess:success failure:failure]; - } -} - -- (void)readCert:(CardAction)certAction success:(DataSuccessBlock)success failure:(FailureBlock)failure { - - if (certAction == CardActionReadSigningCert) { - [self.cardCommandHandler readSignatureCertificateWithSuccess:success failure:failure]; - } else if (certAction == CardActionReadAuthenticationCert) { - [self.cardCommandHandler readAuthenticationCertificateWithSuccess:success failure:failure]; - } - -} - - (void)finishCurrentAction { @synchronized (self) { if (self.isActionExecuting) { @@ -539,9 +449,6 @@ - (void)clearActionsWithError:(NSError *)error { #pragma mark - CardReaderWrapperDelegate - (void)cardStatusUpdated:(CardStatus)status { - - [[NSNotificationCenter defaultCenter] postNotificationName:kMoppLibNotificationReaderStatusChanged object:nil]; - if (status == CardStatusAbsent) { //Making sure we don't get stuck with some action, that can't be completed anymore [self.reader resetReader]; diff --git a/MoppLib/MoppLib/CardCommands.h b/MoppLib/MoppLib/CardCommands.h index 608a33983..1063f5441 100644 --- a/MoppLib/MoppLib/CardCommands.h +++ b/MoppLib/MoppLib/CardCommands.h @@ -21,11 +21,7 @@ * */ -#import -#import "CardReaderWrapper.h" -#import "NSString+Additions.h" -#import "NSData+Additions.h" -#import "MoppLibPersonalData.h" +#import "MoppLibConstants.h" typedef NS_ENUM(NSUInteger, CodeType) { CodeTypePuk = 0, @@ -33,44 +29,8 @@ typedef NS_ENUM(NSUInteger, CodeType) { CodeTypePin2 = 2 }; -extern NSString *const kCommandSelectFileMaster; -extern NSString *const kCommandSelectFileEEEE; -extern NSString *const kCommandSelectFile0016; -extern NSString *const kCommandSelectFile5044; -extern NSString *const kCommandSelectFile; -extern NSString *const kCommandFileDDCE; -extern NSString *const kCommandFileAACE; -extern NSString *const kCommandSelectFile0013; -extern NSString *const kCommandReadRecord; -extern NSString *const kCommandReadBytes; -extern NSString *const kCommandGetCardVersion; -extern NSString *const kCommandReadBinary; -extern NSString *const kCommandChangeReferenceData; -extern NSString *const kCommandSetSecurityEnv; -extern NSString *const kCommandVerifyCode; -extern NSString *const kCommandCalculateSignature; -extern NSString *const kCommandOngoingDecryption; -extern NSString *const kCommandFinalDecryption; - -extern NSString *const kCommandResetRetryCounter; - - -extern NSString *const kAlgorythmIdentifyerSHA1; -extern NSString *const kAlgorythmIdentifyerSHA224; -extern NSString *const kAlgorythmIdentifyerSHA256; -extern NSString *const kAlgorythmIdentifyerSHA384; -extern NSString *const kAlgorythmIdentifyerSHA512; - @protocol CardCommands -/** - * Reads only minimal public data from card. That includes name, id code, birth date, nationality, document number and document expiry date. - * - * @param success block to be executed when action is completed successfully - * @param failure block to be executed when action fails - */ -- (void)readMinimalPublicDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure; - /** * Reads public data from card. * @@ -95,15 +55,6 @@ extern NSString *const kAlgorythmIdentifyerSHA512; */ - (void)readSignatureCertificateWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure; -/** - * Reads secret key record from card. - * - * @param record Record to be read - * @param success block to be executed when action is completed successfully - * @param failure block to be executed when action fails - */ -- (void)readSecretKeyRecord:(NSInteger)record withSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure; - /** * Reads pin or puk code counter record * @@ -145,6 +96,16 @@ extern NSString *const kAlgorythmIdentifyerSHA512; */ - (void)unblockCode:(CodeType)type withPuk:(NSString *)puk newCode:(NSString *)newCode success:(DataSuccessBlock)success failure:(FailureBlock)failure; +/** + * Calculates signature for hash + * + * @param hash hash to be signed + * @param pin1 PIN 1 to be used for verification + * @param success block to be executed when action is completed successfully + * @param failure block to be executed when action fails + */ +- (void)authenticateFor:(NSData *)hash withPin1:(NSString *)pin1 success:(DataSuccessBlock)success failure:(FailureBlock)failure; + /** * Calculates signature for hash * @@ -153,7 +114,7 @@ extern NSString *const kAlgorythmIdentifyerSHA512; * @param success block to be executed when action is completed successfully * @param failure block to be executed when action fails */ -- (void)calculateSignatureFor:(NSData *)hash withPin2:(NSString *)pin2 useECC:(BOOL)useECC success:(DataSuccessBlock)success failure:(FailureBlock)failure; +- (void)calculateSignatureFor:(NSData *)hash withPin2:(NSString *)pin2 success:(DataSuccessBlock)success failure:(FailureBlock)failure; /** * Decrypt data @@ -163,9 +124,6 @@ extern NSString *const kAlgorythmIdentifyerSHA512; * @param success block to be executed when action is completed successfully * @param failure block to be executed when action fails */ -- (void)decryptData:(NSData *)hash withPin1:(NSString *)pin1 useECC:(BOOL)useECC success:(DataSuccessBlock)success failure:(FailureBlock)failure; - -- (void)setSecurityEnvironment:(NSUInteger)env withSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure; - +- (void)decryptData:(NSData *)hash withPin1:(NSString *)pin1 success:(DataSuccessBlock)success failure:(FailureBlock)failure; @end diff --git a/MoppLib/MoppLib/CardCommands.m b/MoppLib/MoppLib/CardCommands.m deleted file mode 100644 index 30912c922..000000000 --- a/MoppLib/MoppLib/CardCommands.m +++ /dev/null @@ -1,52 +0,0 @@ -// -// CardCommands.m -// MoppLib -// -/* - * Copyright 2017 - 2024 Riigi Infosüsteemi Amet - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2.1 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - */ - -#import "CardCommands.h" - -// Navigation commands -NSString *const kCommandSelectFileMaster = @"00 A4 00 0C"; -NSString *const kCommandSelectFileEEEE = @"00 A4 01 0C 02 EE EE"; -NSString *const kCommandSelectFile0016 = @"00 A4 02 0C 02 00 16"; -NSString *const kCommandSelectFile5044 = @"00 A4 02 04 02 50 44"; -NSString *const kCommandSelectFile = @"00 A4 02 04 02 %@"; -NSString *const kCommandSelectFile0013 = @"00 A4 02 04 02 00 13"; -NSString *const kCommandFileDDCE = @"DD CE"; -NSString *const kCommandFileAACE = @"AA CE"; - -NSString *const kCommandReadRecord = @"00 B2 %02X 04 00"; -NSString *const kCommandReadBytes = @"00 C0 00 00 %@"; -NSString *const kCommandGetCardVersion = @"00 CA 01 00 00"; -NSString *const kCommandReadBinary = @"00 B0 %@ %@"; -NSString *const kCommandChangeReferenceData = @"00 24 00 %02X %02X %@"; -NSString *const kCommandSetSecurityEnv = @"00 22 F3 %02X"; -NSString *const kCommandVerifyCode = @"00 20 00 %02X %02X %@"; -NSString *const kCommandCalculateSignature = @"00 2A 9E 9A %@"; -NSString *const kCommandOngoingDecryption = @"10 2A 80 86 %@"; -NSString *const kCommandFinalDecryption = @"00 2A 80 86 %@"; -NSString *const kCommandResetRetryCounter = @"00 2C 00 %02X %02X %@ %@"; - -NSString *const kAlgorythmIdentifyerSHA1 = @"3021300906052B0E03021A05000414"; -NSString *const kAlgorythmIdentifyerSHA224 = @"302D300D06096086480165030402040500041C"; -NSString *const kAlgorythmIdentifyerSHA256 = @"3031300D060960864801650304020105000420"; -NSString *const kAlgorythmIdentifyerSHA384 = @"3041300D060960864801650304020205000430"; -NSString *const kAlgorythmIdentifyerSHA512 = @"3051300D060960864801650304020305000440"; diff --git a/MoppLib/MoppLib/Category/NSData+Additions.h b/MoppLib/MoppLib/Category/NSData+Additions.h index 815ff3f34..81e375bc1 100644 --- a/MoppLib/MoppLib/Category/NSData+Additions.h +++ b/MoppLib/MoppLib/Category/NSData+Additions.h @@ -25,8 +25,6 @@ @interface NSData (Additions) - (NSString *)hexString; -- (NSData *)trailingTwoBytes; -- (NSString *)codePage1252String; - (NSData *)trailingTwoBytesTrimmed; -- (NSData *)utf8String; +- (UInt16)sw; @end diff --git a/MoppLib/MoppLib/Category/NSData+Additions.m b/MoppLib/MoppLib/Category/NSData+Additions.m index bd6be2358..8b5005cd2 100644 --- a/MoppLib/MoppLib/Category/NSData+Additions.m +++ b/MoppLib/MoppLib/Category/NSData+Additions.m @@ -27,31 +27,24 @@ @implementation NSData (Additions) - (NSString *)hexString { - return [self hexStringFromByteArray:[self bytes] length:[self length]]; - -} - -- (NSString *)hexStringFromByteArray:(const uint8_t *)buffer length:(NSUInteger)length { - - NSString *hexString = @""; - NSUInteger i = 0; - - for (i = 0; i < length; i++) { - if (i == 0) { - hexString = [hexString stringByAppendingFormat:@"%02X", buffer[i]]; - } else { - hexString = [hexString stringByAppendingFormat:@" %02X", buffer[i]]; + UInt8 *buffer = (UInt8*)self.bytes; + NSString *hexString = @""; + for (NSUInteger i = 0; i < self.length; i++) { + if (i == 0) { + hexString = [hexString stringByAppendingFormat:@"%02X", buffer[i]]; + } else { + hexString = [hexString stringByAppendingFormat:@" %02X", buffer[i]]; + } } - } - - return hexString; + return hexString; } -- (NSData *)trailingTwoBytes { - if (self.length >= 2) - return [self subdataWithRange:NSMakeRange(self.length - 2, 2)]; - - return nil; +- (UInt16)sw { + UInt16 value = 0; + if (self.length < 2) + return value; + [self getBytes:&value range:NSMakeRange(self.length - 2, 2)]; + return CFSwapInt16BigToHost(value); } - (NSData *)trailingTwoBytesTrimmed { @@ -61,17 +54,4 @@ - (NSData *)trailingTwoBytesTrimmed { return [self subdataWithRange:NSMakeRange(0, self.length - 2)]; } -- (NSString *)codePage1252String { - //Removing trailer - NSData *responseData = [self trailingTwoBytesTrimmed]; - NSString *string = [[NSString alloc] initWithData:responseData encoding:NSWindowsCP1252StringEncoding]; - return [string stringByTrimmingCharactersInSet:[NSCharacterSet whitespaceAndNewlineCharacterSet]]; -} - -- (NSString *)utf8String { - NSData *responseData = [self trailingTwoBytesTrimmed]; - NSString *string = [[NSString alloc] initWithData:responseData encoding:NSUTF8StringEncoding]; - return [string stringByTrimmingCharactersInSet:[NSCharacterSet whitespaceAndNewlineCharacterSet]]; -} - @end diff --git a/MoppLib/MoppLib/Idemia.h b/MoppLib/MoppLib/Idemia.h index 93414715e..229435275 100644 --- a/MoppLib/MoppLib/Idemia.h +++ b/MoppLib/MoppLib/Idemia.h @@ -21,10 +21,10 @@ * */ -#import #import "CardCommands.h" -@interface Idemia : NSObject +@protocol CardReaderWrapper; +@interface Idemia : NSObject @property (nonatomic, strong) id reader; @end diff --git a/MoppLib/MoppLib/Idemia.m b/MoppLib/MoppLib/Idemia.m index 0f064c027..88ea087ee 100644 --- a/MoppLib/MoppLib/Idemia.m +++ b/MoppLib/MoppLib/Idemia.m @@ -22,84 +22,82 @@ */ #import "Idemia.h" + +#import "CardReaderWrapper.h" #import "NSData+Additions.h" #import "NSString+Additions.h" #import "MoppLibError.h" -#import - +#import "MoppLibPersonalData.h" -NSString *kAID = @"00 A4 04 00 10 A0 00 00 00 77 01 08 00 07 00 00 FE 00 00 01 00"; +NSString *kAID = @"00 A4 04 0C 10 A0 00 00 00 77 01 08 00 07 00 00 FE 00 00 01 00"; NSString *kAID_QSCD = @"00 A4 04 0C 10 51 53 43 44 20 41 70 70 6C 69 63 61 74 69 6F 6E"; -NSString *kAID_OT = @"00 A4 04 0C 0D E8 28 BD 08 0F F2 50 4F 54 20 41 57 50"; NSString *kAID_Oberthur = @"00 A4 04 0C 0D E8 28 BD 08 0F F2 50 4F 54 20 41 57 50"; -NSString *kSelectMasterFile = @"00 A4 00 0C"; -NSString *kSelectRecord = @"00 A4 01 0C 02 50 %02X"; -NSString *kReadBinary = @"00 B0 %02X %02X 00"; NSString *kSelectPersonalFile = @"00 A4 01 0C 02 50 00"; -NSString *kSelectAuthAdf = @"00 A4 01 0C 02 AD F1"; -NSString *kSelectAuthCert = @"00 A4 01 0C 02 34 01"; -NSString *kSelectSignAdf = @"00 A4 01 0C 02 AD F2 00"; -NSString *kSelectSignCert = @"00 A4 02 04 02 34 1F 00"; +NSString *kSelectRecord = @"00 A4 02 0C 02 50 %02X"; +NSString *kSelectAuthCert = @"00 A4 09 0C 04 AD F1 34 01"; +NSString *kSelectSignCert = @"00 A4 09 0C 04 AD F2 34 1F"; NSString *kReadCodeCounter = @"00 CB 3F FF 0A 4D 08 70 06 BF 81 %02X 02 A0 80 00"; -NSString *kChangeCode = @"00 24 00 %02X %02X"; -NSString *kVerify = @"00 20 00 %02X %02X"; -NSString *kMutualAuth = @"00 88 00 00 %02X"; -NSString *kSetSecEnv = @"00 22 41 B6 09 80 04 FF 15 08 00 84 01 9F"; -NSString *kSetSecEnvCrypt = @"00 22 41 B8 09 80 04 FF 30 04 00 84 01 81"; -NSString *kSign = @"00 2A 9E 9A %02X"; +NSString *kReadBinary = @"00 B0 %02X %02X E7"; +NSString *kChangeCode = @"00 24 00 %02X %02X %@ %@"; +NSString *kVerify = @"00 20 00 %02X %02X %@"; NSString *kReplaceCode = @"00 2C 02 %02X %02X %@"; -NSString *kDecrypt = @"00 2A 80 86 %02X %@"; +NSString *kSetSecEnvAuth = @"00 22 41 A4 09 80 04 FF 20 08 00 84 01 81"; +NSString *kSetSecEnvSign = @"00 22 41 B6 09 80 04 FF 15 08 00 84 01 9F"; +NSString *kSetSecEnvDerive = @"00 22 41 B8 09 80 04 FF 30 04 00 84 01 81"; +NSString *kAuth = @"00 88 00 00 %02X %@ 00"; +NSString *kSign = @"00 2A 9E 9A %02X %@ 00"; +NSString *kDerive = @"00 2A 80 86 %02X 00 %@ 00"; @implementation Idemia -- (void)readMinimalPublicDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure { +- (void)readPublicDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure { [_reader transmitCommand:kAID success:^(NSData *responseData) { - [self->_reader transmitCommand:kSelectMasterFile success:^(NSData *responseData) { - [self->_reader transmitCommand:kSelectPersonalFile success:^(NSData *responseData) { - MoppLibPersonalData *personalData = [MoppLibPersonalData new]; - __block BOOL failureOccurred = NO; - for (int recordNr = 1; recordNr < 16 && !failureOccurred; recordNr++) { - NSString *cmd = [NSString stringWithFormat:kSelectRecord, recordNr]; - [self->_reader transmitCommand:cmd success:^(NSData *responseData) { - NSString *readBinaryCmd = [NSString stringWithFormat:kReadBinary, 0, 0]; - - [self->_reader transmitCommand:readBinaryCmd success:^(NSData *responseData) { - NSString *record = [responseData utf8String]; - switch (recordNr) { - case 1: personalData.surname = record; break; - case 2: personalData.firstNameLine1 = record; break; - case 3: personalData.sex = record; break; - case 4: personalData.nationality = [record length] > 0 ? record : @"-"; break; - case 5: { - if ([record class] == [NSString class]) { - NSArray *arr = [record componentsSeparatedByString:@" "]; - if (arr.count > 1) { - personalData.birthDate = arr[0]; - personalData.birthPlace = arr[1]; - } - } else { - personalData.birthDate = @"-"; - personalData.birthPlace = @"-"; + [self->_reader transmitCommand:kSelectPersonalFile success:^(NSData *responseData) { + MoppLibPersonalData *personalData = [MoppLibPersonalData new]; + __block BOOL failureOccurred = NO; + for (int recordNr = 1; recordNr < 16 && !failureOccurred; recordNr++) { + NSString *cmd = [NSString stringWithFormat:kSelectRecord, recordNr]; + [self->_reader transmitCommand:cmd success:^(NSData *responseData) { + NSString *readBinaryCmd = [NSString stringWithFormat:kReadBinary, 0, 0]; + + [self->_reader transmitCommand:readBinaryCmd success:^(NSData *responseData) { + NSData *utf8 = [responseData trailingTwoBytesTrimmed]; + NSString *record = [[NSString alloc] initWithData:utf8 encoding:NSUTF8StringEncoding]; + //record = [record stringByTrimmingCharactersInSet:[NSCharacterSet whitespaceAndNewlineCharacterSet]]; + switch (recordNr) { + case 1: personalData.surname = record; break; + case 2: personalData.givenNames = record; break; + case 3: personalData.sex = record; break; + case 4: personalData.nationality = [record length] > 0 ? record : @"-"; break; + case 5: { + if ([record class] == [NSString class]) { + NSArray *arr = [record componentsSeparatedByString:@" "]; + if (arr.count > 1) { + personalData.birthDate = arr[0]; + personalData.birthPlace = arr[1]; } + } else { + personalData.birthDate = @"-"; + personalData.birthPlace = @"-"; } - break; - case 6: personalData.personalIdentificationCode = record; break; - case 7: personalData.documentNumber = record; break; - case 8: personalData.expiryDate = [self expiryDateEstFormatWith:record]; break; - case 9: personalData.dateIssued = record; break; - case 10: personalData.residentPermitType = record; break; - case 11: personalData.notes1 = record; break; - case 12: personalData.notes2 = record; break; - case 13: personalData.notes3 = record; break; - case 14: personalData.notes4 = record; break; } - } failure:^(NSError* error){ failure(error); failureOccurred = YES; }]; + break; + case 6: personalData.personalIdentificationCode = record; break; + case 7: personalData.documentNumber = record; break; + case 8: personalData.expiryDate = [self expiryDateEstFormatWith:record]; break; + case 9: personalData.dateIssued = record; break; + case 10: personalData.residentPermitType = record; break; + case 11: personalData.notes1 = record; break; + case 12: personalData.notes2 = record; break; + case 13: personalData.notes3 = record; break; + case 14: personalData.notes4 = record; break; + } } failure:^(NSError* error){ failure(error); failureOccurred = YES; }]; - } - if (!failureOccurred) { - success(personalData); - } - } failure:failure]; + } failure:^(NSError* error){ failure(error); failureOccurred = YES; }]; + } + if (!failureOccurred) { + success(personalData); + } } failure:failure]; } failure:failure]; } @@ -111,10 +109,6 @@ - (NSString*)expiryDateEstFormatWith:(NSString*)record { range:NSMakeRange(0, record.length)]; } -- (void)readPublicDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure { - [self readMinimalPublicDataWithSuccess:success failure:failure]; -} - - (void)readBinaryRecursivelyWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure data:(NSData*)data { __block Idemia *me = self; NSString *readBinaryCmd = [NSString stringWithFormat:kReadBinary, @@ -122,53 +116,31 @@ - (void)readBinaryRecursivelyWithSuccess:(DataSuccessBlock)success failure:(Fail (UInt8)data.length ]; [_reader transmitCommand:readBinaryCmd success:^(NSData *responseData) { - bool done = false; - if(responseData.length > 1) { - UInt8 *bytes = (UInt8*)responseData.bytes; - if(bytes[responseData.length-2] == 0x6B - && bytes[responseData.length-1] == 0x00) { - done = true; - } - } - if (done) { - success(data); - } else { - NSMutableData *newData = [[NSMutableData alloc] initWithData:data]; - [newData appendData:[responseData subdataWithRange:NSMakeRange(0, responseData.length-2)]]; - - [me readBinaryRecursivelyWithSuccess:success failure:failure data:newData]; + if([responseData sw] == 0x6B00) { + return success(data); } + NSMutableData *newData = [data mutableCopy]; + [newData appendData:[responseData trailingTwoBytesTrimmed]]; + [me readBinaryRecursivelyWithSuccess:success failure:failure data:newData]; } failure:failure]; } - (void)readAuthenticationCertificateWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { [_reader transmitCommand:kAID success:^(NSData *responseData) { - [self->_reader transmitCommand:kSelectMasterFile success:^(NSData *responseData) { - [self->_reader transmitCommand:kSelectAuthAdf success:^(NSData *responseData) { - [self->_reader transmitCommand:kSelectAuthCert success:^(NSData *responseData) { - [self readBinaryRecursivelyWithSuccess:success failure:failure data:[NSData new]]; - } failure:failure]; - } failure:failure]; + [self->_reader transmitCommand:kSelectAuthCert success:^(NSData *responseData) { + [self readBinaryRecursivelyWithSuccess:success failure:failure data:[NSData new]]; } failure:failure]; } failure:failure]; } - (void)readSignatureCertificateWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { [_reader transmitCommand:kAID success:^(NSData *responseData) { - [self->_reader transmitCommand:kSelectMasterFile success:^(NSData *responseData) { - [self->_reader transmitCommand:kSelectSignAdf success:^(NSData *responseData) { - [self->_reader transmitCommand:kSelectSignCert success:^(NSData *responseData) { - [self readBinaryRecursivelyWithSuccess:success failure:failure data:[NSData new]]; - } failure:failure]; - } failure:failure]; + [self->_reader transmitCommand:kSelectSignCert success:^(NSData *responseData) { + [self readBinaryRecursivelyWithSuccess:success failure:failure data:[NSData new]]; } failure:failure]; } failure:failure]; } -- (void)readSecretKeyRecord:(NSInteger)record withSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { - -} - - (void)readCodeCounterRecord:(CodeType)codeType withSuccess:(NumberBlock)success failure:(FailureBlock)failure { UInt8 recordNr = 0; NSString *aid; @@ -196,19 +168,16 @@ - (void)readCodeCounterRecord:(CodeType)codeType withSuccess:(NumberBlock)succes } - (NSData *)pinTemplate:(NSString *)pin { - NSMutableData *result = [pin dataUsingEncoding:NSUTF8StringEncoding]; - NSUInteger paddingSize = 12 - result.length; - for (int i=0; i_reader transmitCommand:[fullCmd hexString] success:^(NSData *responseData) { + NSData *newPin = [self pinTemplate:code]; + NSData *pin = [self pinTemplate:verifyCode]; + NSString *change = [NSString stringWithFormat:kChangeCode, recordNr, pin.length + newPin.length, [pin hexString], [newPin hexString]]; + [self->_reader transmitCommand:change success:^(NSData *responseData) { NSError *error = [self errorForPinActionResponse:responseData]; if (error) { failure(error); @@ -241,34 +209,24 @@ - (void)changeCode:(CodeType)type to:(NSString *)code withVerifyCode:(NSString * } - (NSError *)errorForPinActionResponse:(NSData *)response { - NSData *trailerData = [response trailingTwoBytes]; - const unsigned char *trailer = [trailerData bytes]; - - if (trailerData.length >= 2 && trailer[0] == 0x90 && trailer[1] == 0x00) { - // Action was completed successfully. No error here - return nil; - - } else if (trailerData.length >= 1 && trailer[0] == 0x63) { - // For pin codes this means verification failed due to wrong pin - NSString *dataHex = [trailerData hexString]; - // Last char in trailer holds retry count - NSString *retryCount = [dataHex substringFromIndex:dataHex.length - 1]; - return [MoppLibError wrongPinErrorWithRetryCount:retryCount.intValue]; - - } else if (trailerData.length >= 2 && trailer[0] == 0x6A && trailer[1] == 0x80) { - // New pin is invalid - return [MoppLibError pinMatchesOldCodeError]; - - } else if (trailerData.length >= 2 && trailer[0] == 0x69 && trailer[1] == 0x83) { - // Authentication method blocked - return [MoppLibError pinBlockedError]; - } - - return [MoppLibError generalError]; + UInt16 sw = [response sw]; + switch (sw) { + case 0x9000: // Action was completed successfully. No error here + return nil; + case 0x6A80: // New pin is invalid + return [MoppLibError pinMatchesOldCodeError]; + case 0x63C1: // For pin codes this means verification failed due to wrong pin + case 0x63C2: // Last char in trailer holds retry count + return [MoppLibError wrongPinErrorWithRetryCount:sw & 0x000f]; + case 0x63C0: + case 0x6983: // Authentication method blocked + return [MoppLibError pinBlockedError]; + default: + return [MoppLibError generalError]; + } } - (void)verifyCode:(NSString *)code ofType:(CodeType)type withSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { - NSData *pin = [self pinTemplate:code]; NSString *aid; UInt8 recordNr; switch (type) { @@ -285,18 +243,10 @@ - (void)verifyCode:(NSString *)code ofType:(CodeType)type withSuccess:(DataSucce recordNr = 2; break; } - NSString *cmd = [NSString stringWithFormat:kVerify, recordNr, 12]; [_reader transmitCommand:aid success:^(NSData *responseData) { - NSMutableData *fullCmd = [NSMutableData dataWithData:[cmd toHexData]]; - [fullCmd appendData:pin]; - // Add padding - NSUInteger pinDataLength = 12; - UInt8 paddingByte = 0xFF; - for (int i=0; i<(pinDataLength - [pin length]); i++) { - UInt8 byteZero[1] = { paddingByte }; - [fullCmd appendBytes:&byteZero[0] length:1]; - } - [self->_reader transmitCommand:[fullCmd hexString] success:^(NSData *responseData) { + NSData *pin = [self pinTemplate:code]; + NSString *verify = [NSString stringWithFormat:kVerify, recordNr, pin.length, [pin hexString]]; + [self->_reader transmitCommand:verify success:^(NSData *responseData) { NSError *error = [self errorForPinActionResponse:responseData]; if (error) { failure(error); @@ -313,15 +263,8 @@ - (void)unblockCode:(CodeType)type withPuk:(NSString *)puk newCode:(NSString *)n NSString *aid = type == CodeTypePin1 ? kAID : kAID_QSCD; [self verifyCode:puk ofType:CodeTypePuk withSuccess:^(NSData *responseData) { [self->_reader transmitCommand:aid success:^(NSData *responseData) { - NSMutableData *paddedPin = [NSMutableData dataWithData:[newCode dataUsingEncoding:NSUTF8StringEncoding]]; - - NSUInteger paddingSize = 12 - paddedPin.length; - for (int i=0; i_reader transmitCommand:replaceCmd success:^(NSData *responseData) { NSError *error = [self errorForPinActionResponse:responseData]; if (error) { @@ -334,120 +277,49 @@ - (void)unblockCode:(CodeType)type withPuk:(NSString *)puk newCode:(NSString *)n } failure:failure]; } -- (void)calculateSignatureFor:(NSData *)hash withPin2:(NSString *)pin2 useECC:(BOOL)useECC success:(DataSuccessBlock)success failure:(FailureBlock)failure { +- (void)authenticateFor:(NSData *)hash withPin1:(NSString *)pin1 success:(DataSuccessBlock)success failure:(FailureBlock)failure { + [self verifyCode:pin1 ofType:CodeTypePin1 withSuccess:^(NSData *responseData) { + [self->_reader transmitCommand:kAID_Oberthur success:^(NSData *responseData) { + [self->_reader transmitCommand:kSetSecEnvAuth success:^(NSData *responseData) { + NSUInteger paddedHashLength = MAX(48, hash.length); + NSMutableData *paddedHash = [NSMutableData dataWithLength:paddedHashLength - hash.length]; + [paddedHash appendData:hash]; + NSString *signApdu = [NSString stringWithFormat:kAuth, paddedHashLength, [paddedHash hexString]]; + [self->_reader transmitCommand:signApdu success:^(NSData *responseData) { + success([responseData trailingTwoBytesTrimmed]); + } failure:failure]; + } failure:failure]; + } failure:failure]; + } failure:failure]; +} - NSString *algorithmIdentifyer; - switch (hash.length) { - case CC_SHA1_DIGEST_LENGTH: - printLog(@"Algorithm SHA1"); - algorithmIdentifyer = kAlgorythmIdentifyerSHA1; - break; - - case CC_SHA224_DIGEST_LENGTH: - printLog(@"Algorithm SHA224"); - algorithmIdentifyer = kAlgorythmIdentifyerSHA224; - break; - - case CC_SHA256_DIGEST_LENGTH: - printLog(@"Algorithm SHA256"); - algorithmIdentifyer = kAlgorythmIdentifyerSHA256; - break; - - case CC_SHA384_DIGEST_LENGTH: - printLog(@"Algorithm SHA384"); - algorithmIdentifyer = kAlgorythmIdentifyerSHA384; - break; - - case CC_SHA512_DIGEST_LENGTH: - printLog(@"Algorithm SHA512"); - algorithmIdentifyer = kAlgorythmIdentifyerSHA512; - break; - - default: - break; - } - +- (void)calculateSignatureFor:(NSData *)hash withPin2:(NSString *)pin2 success:(DataSuccessBlock)success failure:(FailureBlock)failure { [self verifyCode:pin2 ofType:CodeTypePin2 withSuccess:^(NSData *responseData) { [self->_reader transmitCommand:kAID_QSCD success:^(NSData *responseData) { - [self->_reader transmitCommand:kSetSecEnv success:^(NSData *responseData) { + [self->_reader transmitCommand:kSetSecEnvSign success:^(NSData *responseData) { NSUInteger paddedHashLength = MAX(48, hash.length); - NSString *cmdString = [NSString stringWithFormat:kSign, paddedHashLength]; - NSMutableData *cmd = [NSMutableData dataWithData:[cmdString toHexData]]; - - NSMutableData *paddedHash = [NSMutableData new]; - for (int i=0; i<(paddedHashLength - [hash length]); i++) { - char byteZero[1] = { 0x0 }; - [paddedHash appendBytes:&byteZero[0] length:1]; - } + NSMutableData *paddedHash = [NSMutableData dataWithLength:paddedHashLength - hash.length]; [paddedHash appendData:hash]; - - [cmd appendData:paddedHash]; - [cmd appendData:[@"00" toHexData]]; - - [self->_reader transmitCommand:[cmd hexString] success:^(NSData *responseData) { - NSData *dataWithoutResponseCode = [responseData subdataWithRange:NSMakeRange(0, responseData.length - 2)]; - success(dataWithoutResponseCode); + NSString *signApdu = [NSString stringWithFormat:kSign, paddedHashLength, [paddedHash hexString]]; + [self->_reader transmitCommand:signApdu success:^(NSData *responseData) { + success([responseData trailingTwoBytesTrimmed]); } failure:failure]; - } failure:failure]; } failure:failure]; } failure:failure]; - - } -- (void)decryptData:(NSData *)hash withPin1:(NSString *)pin1 useECC:(BOOL)useECC success:(DataSuccessBlock)success failure:(FailureBlock)failure { +- (void)decryptData:(NSData *)publicKey withPin1:(NSString *)pin1 success:(DataSuccessBlock)success failure:(FailureBlock)failure { [self verifyCode:pin1 ofType:CodeTypePin1 withSuccess:^(NSData *responseData) { [self->_reader transmitCommand:kAID_Oberthur success:^(NSData *responseData) { - [self->_reader transmitCommand:kSetSecEnvCrypt success:^(NSData *responseData) { - if (useECC) { - NSUInteger paddedHashLength = MAX(48, hash.length); - NSMutableData *paddedHash = [NSMutableData new]; - [paddedHash appendData:[@"00" toHexData]]; - for (int i = 0; i < (paddedHashLength - hash.length); i++) { - char byteZero[1] = { 0x0 }; - [paddedHash appendBytes:&byteZero[0] length:1]; - } - [paddedHash appendData:hash]; - - NSString *decryptApdu = [NSString stringWithFormat:kDecrypt, [paddedHash length], [paddedHash hexString]]; - decryptApdu = [decryptApdu stringByAppendingString:@" 00"]; - - [self.reader transmitCommand:decryptApdu success:^(NSData *responseObject) { - success([responseObject trailingTwoBytesTrimmed]); - } failure:failure]; - - } else { - NSMutableData * data = [NSMutableData dataWithData:hash]; - NSString *commandSuffix; - long hashLength = hash.length; - - if (hashLength>=254) { - long dataLength = 0; - while(hashLength - dataLength >= 254) { - NSData *tempData = [data subdataWithRange:NSMakeRange(dataLength, 254)]; - commandSuffix = [NSString stringWithFormat:@"%02lX 00 %@" ,tempData.length +1 , [tempData hexString]]; - [self.reader transmitCommand:[NSString stringWithFormat:kCommandOngoingDecryption, commandSuffix] success:success failure:failure]; - dataLength +=254; - } - commandSuffix = [NSString stringWithFormat:@"%02lX %@" ,hashLength-dataLength , [[data subdataWithRange:NSMakeRange(dataLength, hashLength-dataLength)] hexString]]; - [self.reader transmitCommand:[NSString stringWithFormat:kCommandFinalDecryption, commandSuffix] success:^(NSData *responseObject) { - success([responseObject trailingTwoBytesTrimmed]); - } failure:failure]; - } else { - commandSuffix = [NSString stringWithFormat:@"%02lX %@" ,data.length , [data hexString]]; - [self.reader transmitCommand:[NSString stringWithFormat:kCommandFinalDecryption, commandSuffix] success:^(NSData *responseObject) { - success([responseObject trailingTwoBytesTrimmed]); - } failure:failure]; - } - } + [self->_reader transmitCommand:kSetSecEnvDerive success:^(NSData *responseData) { + NSString *decryptApdu = [NSString stringWithFormat:kDerive, [publicKey length] + 1, [publicKey hexString]]; + [self.reader transmitCommand:decryptApdu success:^(NSData *responseData) { + success([responseData trailingTwoBytesTrimmed]); + } failure:failure]; } failure:failure]; } failure:failure]; } failure:failure]; } -- (void)setSecurityEnvironment:(NSUInteger)env withSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { - -} - @end diff --git a/MoppLib/MoppLib/MoppLibDigidocManager.mm b/MoppLib/MoppLib/MoppLibDigidocManager.mm index 2d60cb22b..0226acc53 100644 --- a/MoppLib/MoppLib/MoppLibDigidocManager.mm +++ b/MoppLib/MoppLib/MoppLibDigidocManager.mm @@ -21,39 +21,27 @@ * */ -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#import - #import "MoppLibDigidocManager.h" #import "MoppLibManager.h" #import "MoppLibDataFile.h" #import "MLDateFormatter.h" #import "MLFileManager.h" #import "MoppLibError.h" +#import "NSData+Additions.h" #import "CardActionsManager.h" -#import -#import #import "MoppLibDigidocValidateOnline.h" #import "MoppLibProxyConfiguration.h" #include -#include -#include +#include +#include +#include +#include +#include +#include +#include -#include -#include -#include -#import #import class DigiDocConf: public digidoc::ConfCurrent { @@ -772,16 +760,7 @@ - (void)addSignature:(NSString *)containerPath pin2:(NSString *)pin2 cert:(NSDat MoppLibDigidocContainerOpenCB cb(isValidatedOnline); // Create unique_ptr that manages a container in this scope auto managedContainer = digidoc::Container::openPtr(containerPath.UTF8String, &cb); - - // Check if key type in certificate supports ECC algorithm - SecCertificateRef certRef = SecCertificateCreateWithData(kCFAllocatorDefault, (__bridge CFDataRef)cert); - SecKeyRef publicKey = SecCertificateCopyKey(certRef); - CFRelease(certRef); - NSString *publicKeyInfo = CFBridgingRelease(CFCopyDescription(publicKey)); - CFRelease(publicKey); - BOOL useECC = [publicKeyInfo containsString:@"ECPublicKey"]; - - std::unique_ptr signer = std::make_unique([MoppLibDigidocManager getCertFromData:cert]); + auto signer = std::make_unique([MoppLibDigidocManager getCertFromData:cert]); NSLog(@"\nSetting profile info...\n"); NSLog(@"Role data - roles: %@, city: %@, state: %@, zip: %@, country: %@", roleData.ROLES, roleData.CITY, roleData.STATE, roleData.ZIP, roleData.COUNTRY); @@ -812,7 +791,7 @@ - (void)addSignature:(NSString *)containerPath pin2:(NSString *)pin2 cert:(NSDat WebSigner * const unmanagedSignerPointer = signer.release(); - [[CardActionsManager sharedInstance] calculateSignatureFor:[NSData dataWithBytes:dataToSign.data() length:dataToSign.size()] pin2:pin2 useECC: useECC success:^(NSData *calculatedSignature) { + [[CardActionsManager sharedInstance] calculateSignatureFor:[NSData dataWithBytes:dataToSign.data() length:dataToSign.size()] pin2:pin2 success:^(NSData *calculatedSignature) { // Wrap the raw container pointer into a local unique_ptr as the first thing to do std::unique_ptr successManagedContainer(unmanagedContainerPointer); diff --git a/MoppLib/MoppLib/MoppLibPrivateConstants.h b/MoppLib/MoppLib/MoppLibPrivateConstants.h index a9c39bcd8..9c9d200f4 100644 --- a/MoppLib/MoppLib/MoppLibPrivateConstants.h +++ b/MoppLib/MoppLib/MoppLibPrivateConstants.h @@ -22,7 +22,6 @@ */ #import -#import extern NSString *const kRIADigiDocId; extern NSString *const kTestServiceNames; diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibCardActions.h b/MoppLib/MoppLib/PublicInterface/MoppLibCardActions.h index d8f5f9255..7127739a4 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibCardActions.h +++ b/MoppLib/MoppLib/PublicInterface/MoppLibCardActions.h @@ -21,21 +21,10 @@ * */ -#import -#import #import "MoppLibConstants.h" -@protocol MoppLibCardActionsDelegate; - @interface MoppLibCardActions : NSObject -/** Gets minimal public personal data from ID card. This includes name, id code, birth date, nationality, document number and document expiry date. - * - * @param success Block to be called on successful completion of action. Includes card owner public personal data as MoppLibPersonalData. Some of the parameters in MoppLibPersonalData may not be filled. To get all available data use cardPersonalDataWithSuccess:failure: - * @param failure Block to be called when action fails. Includes error. - */ -+ (void)minimalCardPersonalDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure; - /** Gets public personal data from ID card. * * @param success Block to be called on successful completion of action. Includes card owner public personal data as MoppLibPersonalData. @@ -43,27 +32,13 @@ */ + (void)cardPersonalDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure; -/** - * Checks if reader is connected to device. - * - * @return YES if reader is connected, NO otherwise - */ -+ (BOOL)isReaderConnected; - -/** - * Checks if card is inserted to card reader. - * - * @param completion Block to be called when action is complete. Includes BOOL to represent card status - YES if card is detected in reader, NO if card is not found. - */ -+ (void)isCardInserted:(BoolBlock) completion; - /** * Gets signing certificate data. * * @param success Block to be called on successful completion of action. Includes signing certificate data as MoppLibCertData * @param failure Block to be called when action fails. Includes error. */ -+ (void)signingCertificateWithSuccess:(CertDataBlock)success failure:(FailureBlock)failure; ++ (void)signingCertificateWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure; /** * Gets authentication certificate data. @@ -71,7 +46,7 @@ * @param success Block to be called on successful completion of action. Includes authentication certificate data as MoppLibCertData * @param failure Block to be called when action fails. Includes error. */ -+ (void)authenticationCertificateWithSuccess:(CertDataBlock)success failure:(FailureBlock)failure; ++ (void)authenticationCertificateWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure; /** * Gets PIN1 retry counter value. diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibCardActions.m b/MoppLib/MoppLib/PublicInterface/MoppLibCardActions.m index 944701a0e..cdd6af856 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibCardActions.m +++ b/MoppLib/MoppLib/PublicInterface/MoppLibCardActions.m @@ -23,6 +23,7 @@ #import "MoppLibCardActions.h" #import "CardActionsManager.h" +#import "CardCommands.h" @implementation MoppLibCardActions @@ -30,23 +31,11 @@ + (void)cardPersonalDataWithSuccess:(PersonalDataBlock)success failure:(FailureB [[CardActionsManager sharedInstance] cardPersonalDataWithSuccess:success failure:failure]; } -+ (void)minimalCardPersonalDataWithSuccess:(PersonalDataBlock)success failure:(FailureBlock)failure { - [[CardActionsManager sharedInstance] minimalCardPersonalDataWithSuccess:success failure:failure]; ++ (void)signingCertificateWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { + [[CardActionsManager sharedInstance] signingCertWithSuccess:success failure:failure]; } -+ (void)isCardInserted:(BoolBlock)completion { - [[CardActionsManager sharedInstance] isCardInserted:completion]; -} - -+ (BOOL)isReaderConnected { - return [[CardActionsManager sharedInstance] isReaderConnected]; -} - -+ (void)signingCertificateWithSuccess:(CertDataBlock)success failure:(FailureBlock)failure { - [[CardActionsManager sharedInstance] signingCertWithPin2:@"" success:success failure:failure]; -} - -+ (void)authenticationCertificateWithSuccess:(CertDataBlock)success failure:(FailureBlock)failure { ++ (void)authenticationCertificateWithSuccess:(DataSuccessBlock)success failure:(FailureBlock)failure { [[CardActionsManager sharedInstance] authenticationCertWithSuccess:success failure:failure]; } diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibCardReaderManager.h b/MoppLib/MoppLib/PublicInterface/MoppLibCardReaderManager.h index 38f89cff8..4064d6783 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibCardReaderManager.h +++ b/MoppLib/MoppLib/PublicInterface/MoppLibCardReaderManager.h @@ -20,7 +20,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * */ -#import + #import "MoppLibConstants.h" typedef NS_ENUM(NSUInteger, MoppLibCardReaderStatus) { diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibCardReaderManager.m b/MoppLib/MoppLib/PublicInterface/MoppLibCardReaderManager.m index c6b24c37d..d53ee0aab 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibCardReaderManager.m +++ b/MoppLib/MoppLib/PublicInterface/MoppLibCardReaderManager.m @@ -20,14 +20,12 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * */ -#import + #import "MoppLibCardReaderManager.h" #import "CardActionsManager.h" #import "CardReaderiR301.h" +#import "NSString+Additions.h" #import "ReaderInterface.h" -#import "winscard.h" -#import "wintypes.h" -#import "ft301u.h" #import "MoppLibPrivateConstants.h" @interface MoppLibCardReaderManager() diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibConstants.h b/MoppLib/MoppLib/PublicInterface/MoppLibConstants.h index d07f4e470..b9edc6cb3 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibConstants.h +++ b/MoppLib/MoppLib/PublicInterface/MoppLibConstants.h @@ -22,13 +22,6 @@ */ #import -#import -#import "MoppLibCerificatetData.h" -#import "CryptoLib/CryptoDataFile.h" -#import "CryptoLib/CdocInfo.h" -#import "MoppLibPersonalData.h" -#import "MoppLibContainer.h" -#import "MoppLibMobileCreateSignatureResponse.h" typedef NS_ENUM(NSUInteger, MoppLibCardChipType) { ChipType_Unknown, @@ -87,11 +80,14 @@ extern const SigningRequestData signingRequestData; extern NSString *const kMoppLibUserInfoRetryCount; +@class MoppLibMobileCreateSignatureResponse; +@class MoppLibPersonalData; +@class MoppLibContainer; +@class CdocInfo; typedef void (^DataSuccessBlock)(NSData *responseData); typedef void (^ObjectSuccessBlock)(NSObject *responseObject); typedef void (^FailureBlock)(NSError *error); -typedef void (^CertDataBlock)(MoppLibCerificatetData *certData); typedef void (^PersonalDataBlock)(MoppLibPersonalData *personalData); typedef void (^SignatureStatusBlock) (MoppLibContainer *container, NSError *error, NSString *status); typedef void (^ContainerBlock)(MoppLibContainer *container); @@ -105,6 +101,4 @@ typedef void (^NumberBlock)(NSNumber*); /** * Posted when card reader status changes. This can be triggered when connected card reader is turned off or connected card reader detects that card is inserted or removed. */ -extern NSString *const kMoppLibNotificationReaderStatusChanged; -extern NSString *const kMoppLibNotificationRetryCounterChanged; extern NSString *const kMoppLibNotificationRevokeUnsupportedReader; diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibConstants.m b/MoppLib/MoppLib/PublicInterface/MoppLibConstants.m index f53645a55..c827c65ca 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibConstants.m +++ b/MoppLib/MoppLib/PublicInterface/MoppLibConstants.m @@ -25,6 +25,4 @@ NSString *const kMoppLibUserInfoRetryCount = @"kMoppLibRetryCount"; -NSString *const kMoppLibNotificationReaderStatusChanged = @"Mopp Lib - Reader status changed"; -NSString *const kMoppLibNotificationRetryCounterChanged = @"Mopp Lib - Retry counter changed"; NSString *const kMoppLibNotificationRevokeUnsupportedReader = @"Mopp Lib - Revoke unsupported reader"; diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibPersonalData.h b/MoppLib/MoppLib/PublicInterface/MoppLibPersonalData.h index 99a244810..adef384ce 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibPersonalData.h +++ b/MoppLib/MoppLib/PublicInterface/MoppLibPersonalData.h @@ -25,8 +25,7 @@ @interface MoppLibPersonalData : NSObject -@property (nonatomic, strong) NSString *firstNameLine1; -@property (nonatomic, strong) NSString *firstNameLine2; +@property (nonatomic, strong) NSString *givenNames; @property (nonatomic, strong) NSString *surname; @property (nonatomic, strong) NSString *sex; @property (nonatomic, strong) NSString *nationality; @@ -49,10 +48,4 @@ */ - (NSString *)fullName; -/** - * Gives full given name of card owner - * - * @return Given name of card owner - */ -- (NSString *)givenNames; @end diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibPersonalData.m b/MoppLib/MoppLib/PublicInterface/MoppLibPersonalData.m index 676630719..aed11a204 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibPersonalData.m +++ b/MoppLib/MoppLib/PublicInterface/MoppLibPersonalData.m @@ -42,19 +42,4 @@ - (NSString *)fullName { return name; } -- (NSString *)givenNames { - NSMutableString *name = [NSMutableString new]; - if (self.firstNameLine1.length > 0) { - [name appendString:self.firstNameLine1]; - } - - if (self.firstNameLine2.length > 0) { - if (name.length > 0) { - [name appendString:@" "]; - } - [name appendString:self.firstNameLine2]; - } - - return name; -} @end diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibPinActions.h b/MoppLib/MoppLib/PublicInterface/MoppLibPinActions.h index d758073dc..baf927520 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibPinActions.h +++ b/MoppLib/MoppLib/PublicInterface/MoppLibPinActions.h @@ -21,8 +21,6 @@ * */ -#import -#import #import "MoppLibConstants.h" @interface MoppLibPinActions : NSObject diff --git a/MoppLib/MoppLib/PublicInterface/MoppLibPinActions.m b/MoppLib/MoppLib/PublicInterface/MoppLibPinActions.m index d44b5c0c1..8f5d9a6ef 100644 --- a/MoppLib/MoppLib/PublicInterface/MoppLibPinActions.m +++ b/MoppLib/MoppLib/PublicInterface/MoppLibPinActions.m @@ -23,6 +23,7 @@ #import "MoppLibPinActions.h" #import "CardActionsManager.h" +#import "CardCommands.h" #import "MoppLibError.h" #import "MoppLibPrivateConstants.h" diff --git a/MoppLib/MoppLib/SmartToken.h b/MoppLib/MoppLib/SmartToken.h index 005698896..913842112 100644 --- a/MoppLib/MoppLib/SmartToken.h +++ b/MoppLib/MoppLib/SmartToken.h @@ -20,12 +20,7 @@ * */ -#import -#import "CryptoLib/AbstractSmartToken.h" +#import + @interface SmartToken : AbstractSmartToken -- (NSData*)getCertificate; -- (NSData*)decrypt:(NSData*)data pin1:(NSString *)pin1; -- (NSData*)derive:(NSData*)data pin1:(NSString *)pin1; @end - - diff --git a/MoppLib/MoppLib/SmartToken.m b/MoppLib/MoppLib/SmartToken.m index b0e229558..d6efc48ff 100644 --- a/MoppLib/MoppLib/SmartToken.m +++ b/MoppLib/MoppLib/SmartToken.m @@ -35,28 +35,8 @@ @implementation SmartToken - (NSData*)getCertificate { __block NSData *response = nil; - [[CardActionsManager sharedInstance] authenticationCertDataWithSuccess:^(NSData *certDataBlock) { - const void *bytes = [certDataBlock bytes]; - NSUInteger endByteOfCertificate = [certDataBlock length]; - - // Trim nulls from the end of certificate data - BOOL certLengthReduced = NO; - for (NSUInteger i = [certDataBlock length]; i > 0;) { - int8_t elem = OSReadLittleInt(bytes, i - 1); - if(elem != '\0'){ - endByteOfCertificate = i; - break; - } - i -= sizeof(int8_t); - certLengthReduced = YES; - } - - if (certLengthReduced) { - endByteOfCertificate -= 1; - } - - NSData *responseData = [certDataBlock subdataWithRange:NSMakeRange(0, endByteOfCertificate)]; - response = responseData; + [[CardActionsManager sharedInstance] authenticationCertWithSuccess:^(NSData *certDataBlock) { + response = certDataBlock; } failure:^(NSError *error) { [NSException raise:@"Decryption failed" format:@""]; }]; @@ -66,10 +46,11 @@ - (NSData*)getCertificate { } return response; } + - (NSData*)decrypt:(NSData*)data pin1:(NSString *)pin1 { __block NSData *response = nil; __block NSString *errorMessage = nil; - [[CardActionsManager sharedInstance] decryptData:data pin1:pin1 useECC:NO success:^(NSData *certDataBlock){ + [[CardActionsManager sharedInstance] decryptData:data pin1:pin1 success:^(NSData *certDataBlock){ response = certDataBlock; } failure:^(NSError *error) { errorMessage = [self handleErrorMessage:error]; @@ -87,7 +68,25 @@ - (NSData*)decrypt:(NSData*)data pin1:(NSString *)pin1 { - (NSData*)derive:(NSData*)data pin1:(NSString *)pin1 { __block NSData *response = nil; __block NSString *errorMessage = nil; - [[CardActionsManager sharedInstance] decryptData:data pin1:pin1 useECC:YES success:^(NSData *certDataBlock){ + [[CardActionsManager sharedInstance] decryptData:data pin1:pin1 success:^(NSData *certDataBlock){ + response = certDataBlock; + } failure:^(NSError *error) { + errorMessage = [self handleErrorMessage:error]; + }]; + // Need to wait CardActionsManager response with ACS readers. + while(!response) { + if(errorMessage){ + [NSException raise: errorMessage format:@""]; + } + [NSThread sleepForTimeInterval:0.1]; + } + return response; +} + +- (NSData*)authenticate:(NSData*)data pin1:(NSString *)pin1 { + __block NSData *response = nil; + __block NSString *errorMessage = nil; + [[CardActionsManager sharedInstance] authenticateFor:data pin1:pin1 success:^(NSData *certDataBlock){ response = certDataBlock; } failure:^(NSError *error) { errorMessage = [self handleErrorMessage:error];