@@ -38,31 +38,30 @@ using namespace electronic_id;
3838namespace
3939{
4040
41- // Use common base64-encoding defaults.
42- constexpr auto BASE64_OPTIONS = QByteArray::Base64Encoding | QByteArray::KeepTrailingEquals;
43-
4441QVariantMap createAuthenticationToken (const QString& signatureAlgorithm,
4542 const QByteArray& certificateDer, const QByteArray& signature)
4643{
4744 return QVariantMap {
48- {" unverifiedCertificate" QString (certificateDer.toBase64 (BASE64_OPTIONS ))},
45+ {" unverifiedCertificate" QString (certificateDer.toBase64 ())},
4946 {" algorithm"
5047 {" signature" QString (signature)},
5148 {" format" QStringLiteral (" web-eid:1.0"
5249 {" appVersion"
5350 QStringLiteral (" https://web-eid.eu/web-eid-app/releases/%1"
54- .arg (qApp-> applicationVersion ())},
51+ .arg (QApplication:: applicationVersion
5552 };
5653}
5754
5855QByteArray createSignature (const QString& origin, const QString& challengeNonce,
5956 const ElectronicID& eid, const pcsc_cpp::byte_vector& pin)
6057{
61- static const auto SIGNATURE_ALGO_TO_HASH =
62- std::map<JsonWebSignatureAlgorithm, QCryptographicHash::Algorithm> {
58+ static const std::map<JsonWebSignatureAlgorithm, QCryptographicHash::Algorithm>
59+ SIGNATURE_ALGO_TO_HASH {
6360 {JsonWebSignatureAlgorithm::RS256, QCryptographicHash::Sha256},
6461 {JsonWebSignatureAlgorithm::PS256, QCryptographicHash::Sha256},
62+ {JsonWebSignatureAlgorithm::ES256, QCryptographicHash::Sha256},
6563 {JsonWebSignatureAlgorithm::ES384, QCryptographicHash::Sha384},
64+ {JsonWebSignatureAlgorithm::ES512, QCryptographicHash::Sha512},
6665 };
6766
6867 if (!SIGNATURE_ALGO_TO_HASH.count (eid.authSignatureAlgorithm ())) {
@@ -80,26 +79,27 @@ QByteArray createSignature(const QString& origin, const QString& challengeNonce,
8079 // The value that is signed is hash(origin)+hash(challenge).
8180 const auto hashToBeSignedQBytearray =
8281 QCryptographicHash::hash (originHash + challengeNonceHash, hashAlgo);
83- const auto hashToBeSigned =
84- pcsc_cpp::byte_vector {hashToBeSignedQBytearray. cbegin (), hashToBeSignedQBytearray.cend ()};
82+ const pcsc_cpp::byte_vector hashToBeSigned {hashToBeSignedQBytearray. cbegin (),
83+ hashToBeSignedQBytearray.cend ()};
8584
8685 const auto signature = eid.signWithAuthKey (pin, hashToBeSigned);
8786
8887 return QByteArray::fromRawData (reinterpret_cast <const char *>(signature.data ()),
8988 int (signature.size ()))
90- .toBase64 (BASE64_OPTIONS );
89+ .toBase64 ();
9190}
9291
9392} // namespace
9493
9594Authenticate::Authenticate (const CommandWithArguments& cmd) : CertificateReader(cmd)
9695{
9796 const auto arguments = cmd.second ;
98- requireArgumentsAndOptionalLang ({ " challengeNonce " , " origin " }, arguments,
99- " \" challengeNonce\" : \" <challenge nonce> \" , "
100- " \" origin\ "\ "\" "
97+ requireArgumentsAndOptionalLang (
98+ { " challengeNonce" , " origin " }, arguments,
99+ R"( "challengeNonce": "<challenge nonce>", " origin": "<origin URL>" ) "
101100
102- challengeNonce = validateAndGetArgument<QString>(QStringLiteral (" challengeNonce"
101+ challengeNonce = validateAndGetArgument<decltype (challengeNonce)>(
102+ QStringLiteral (" challengeNonce"
103103 // nonce must contain at least 256 bits of entropy and is usually Base64-encoded, so the
104104 // required byte length is 44, the length of 32 Base64-encoded bytes.
105105 if (challengeNonce.length () < 44 ) {
@@ -135,10 +135,10 @@ QVariantMap Authenticate::onConfirm(WebEidUI* window,
135135
136136 } catch (const VerifyPinFailed& failure) {
137137 switch (failure.status ()) {
138- case electronic_id:: VerifyPinFailed::Status::PIN_ENTRY_CANCEL:
139- case electronic_id:: VerifyPinFailed::Status::PIN_ENTRY_TIMEOUT:
138+ case VerifyPinFailed::Status::PIN_ENTRY_CANCEL:
139+ case VerifyPinFailed::Status::PIN_ENTRY_TIMEOUT:
140140 break ;
141- case electronic_id:: VerifyPinFailed::Status::PIN_ENTRY_DISABLED:
141+ case VerifyPinFailed::Status::PIN_ENTRY_DISABLED:
142142 emit retry (RetriableError::PIN_VERIFY_DISABLED);
143143 break ;
144144 default :
0 commit comments