Add SHA256 and SHA512 to supported ECC hash algorithms

WE2-861

Signed-off-by: Raul Metsma <raul@metsma.ee>

Author: metsma

src/controller/command-handlers/authenticate.cpp

@@ -51,18 +51,20 @@ QVariantMap createAuthenticationToken(const QString& signatureAlgorithm,
         {"format", QStringLiteral("web-eid:1.0")},
         {"appVersion",
          QStringLiteral("https://web-eid.eu/web-eid-app/releases/%1")
-             .arg(qApp->applicationVersion())},
+             .arg(QApplication::applicationVersion())},
     };
 }
 
 QByteArray createSignature(const QString& origin, const QString& challengeNonce,
                            const ElectronicID& eid, const pcsc_cpp::byte_vector& pin)
 {
-    static const auto SIGNATURE_ALGO_TO_HASH =
-        std::map<JsonWebSignatureAlgorithm, QCryptographicHash::Algorithm> {
+    static const std::map<JsonWebSignatureAlgorithm, QCryptographicHash::Algorithm>
+        SIGNATURE_ALGO_TO_HASH {
             {JsonWebSignatureAlgorithm::RS256, QCryptographicHash::Sha256},
             {JsonWebSignatureAlgorithm::PS256, QCryptographicHash::Sha256},
+            {JsonWebSignatureAlgorithm::ES256, QCryptographicHash::Sha256},
             {JsonWebSignatureAlgorithm::ES384, QCryptographicHash::Sha384},
+            {JsonWebSignatureAlgorithm::ES512, QCryptographicHash::Sha512},
         };
 
     if (!SIGNATURE_ALGO_TO_HASH.count(eid.authSignatureAlgorithm())) {
@@ -80,8 +82,8 @@ QByteArray createSignature(const QString& origin, const QString& challengeNonce,
     // The value that is signed is hash(origin)+hash(challenge).
     const auto hashToBeSignedQBytearray =
         QCryptographicHash::hash(originHash + challengeNonceHash, hashAlgo);
-    const auto hashToBeSigned =
-        pcsc_cpp::byte_vector {hashToBeSignedQBytearray.cbegin(), hashToBeSignedQBytearray.cend()};
+    const pcsc_cpp::byte_vector hashToBeSigned {hashToBeSignedQBytearray.cbegin(),
+                                                hashToBeSignedQBytearray.cend()};
 
     const auto signature = eid.signWithAuthKey(pin, hashToBeSigned);
 
@@ -95,11 +97,12 @@ QByteArray createSignature(const QString& origin, const QString& challengeNonce,
 Authenticate::Authenticate(const CommandWithArguments& cmd) : CertificateReader(cmd)
 {
     const auto arguments = cmd.second;
-    requireArgumentsAndOptionalLang({"challengeNonce", "origin"}, arguments,
-                                    "\"challengeNonce\": \"<challenge nonce>\", "
-                                    "\"origin\": \"<origin URL>\"");
+    requireArgumentsAndOptionalLang(
+        {"challengeNonce", "origin"}, arguments,
+        R"("challengeNonce": "<challenge nonce>", "origin": "<origin URL>")");
 
-    challengeNonce = validateAndGetArgument<QString>(QStringLiteral("challengeNonce"), arguments);
+    challengeNonce = validateAndGetArgument<decltype(challengeNonce)>(
+        QStringLiteral("challengeNonce"), arguments);
     // nonce must contain at least 256 bits of entropy and is usually Base64-encoded, so the
     // required byte length is 44, the length of 32 Base64-encoded bytes.
     if (challengeNonce.length() < 44) {
@@ -135,10 +138,10 @@ QVariantMap Authenticate::onConfirm(WebEidUI* window,
 
     } catch (const VerifyPinFailed& failure) {
         switch (failure.status()) {
-        case electronic_id::VerifyPinFailed::Status::PIN_ENTRY_CANCEL:
-        case electronic_id::VerifyPinFailed::Status::PIN_ENTRY_TIMEOUT:
+        case VerifyPinFailed::Status::PIN_ENTRY_CANCEL:
+        case VerifyPinFailed::Status::PIN_ENTRY_TIMEOUT:
             break;
-        case electronic_id::VerifyPinFailed::Status::PIN_ENTRY_DISABLED:
+        case VerifyPinFailed::Status::PIN_ENTRY_DISABLED:
             emit retry(RetriableError::PIN_VERIFY_DISABLED);
             break;
         default: