From da028032e7134e846a529a8f60f74c1602d1919d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc=20W=C3=A4ckerlin?= <marc@mrw.sh>
Date: Fri, 7 Mar 2014 15:53:22 +0000
Subject: [PATCH] preparations for writing a file; refs #28

---
 doc/examples/cardos-demo.cxx    |  12 +--
 doc/examples/makefile.am        |   4 +-
 doc/examples/suisse-id-demo.cxx |   2 +-
 src/cardos.hxx                  | 154 +++++++++++++++++++++++---------
 src/cryptaux.hxx                |  19 ++++
 src/suisseid.hxx                |  14 +--
 6 files changed, 148 insertions(+), 57 deletions(-)

diff --git a/doc/examples/cardos-demo.cxx b/doc/examples/cardos-demo.cxx
index 15a6a05..49fca02 100644
--- a/doc/examples/cardos-demo.cxx
+++ b/doc/examples/cardos-demo.cxx
@@ -40,6 +40,7 @@ class Commands: public cardos::Commands {
         <<"  (s)elect(f)ile       <hex> Select file below master"<<std::endl
         <<"  (s)elect(p)15(f)ile  <hex> Select file below PKCS#15"<<std::endl
         <<"  (s)elect(s)igg(f)ile <hex> Select file below SigG"<<std::endl
+        <<"  (r)ead(b)erfile            Read selected BER file"<<std::endl
         <<"  (r)ead(b)in(f)ile          Read selected binary file"<<std::endl
         <<"  (r)ead(a)bsolute(r)ecord   Read absolute record"<<std::endl
         <<"  (r)ead(f)irst(r)ecord      Read first record"<<std::endl
@@ -69,7 +70,8 @@ class Commands: public cardos::Commands {
           else if (cmd=="selectfile"||cmd=="sf") selectMfFile(apdu());
           else if (cmd=="selectp15file"||cmd=="spf") selectPkcs15File(apdu());
           else if (cmd=="selectsiggfile"||cmd=="ssf") selectSigGFile(apdu());
-          else if (cmd=="readbinfile"||cmd=="rbf") _ber=readBinFile();
+          else if (cmd=="readberfile"||cmd=="rb") _ber=readBerFile();
+          else if (cmd=="readbinfile"||cmd=="rbf") readBinary();
           else if (cmd=="readabsoluterecord"||cmd=="rar") _ber=readRecord();
           else if (cmd=="readfirstrecord"||cmd=="rfr")
             _ber=readRecord(0, 0, FIRST_RECORD);
@@ -116,12 +118,12 @@ class Commands: public cardos::Commands {
       while (true) {
         std::string res(send(0x00, 0xB2, 0, NEXT_RECORD));
         if (cardos::Commands::retCode(res)!=0x9000) break;
-        cardos::BerValue record(cardos::Commands::retData(res).substr(2));
+        cardos::BerValues record(cardos::Commands::retData(res).substr(2));
         _ber += record;
-        std::cout<<record[0][0].value()
+        std::cout<<record[0][0][0].string()
                  <<": len="
-                 <<record[2][0][2].toULong()
-                 <<"-"<<record[2][0][4].toULong()<<std::endl;
+                 <<record[0][2][0][2].ulong()
+                 <<"-"<<record[0][2][0][4].ulong()<<std::endl;
       }
     }
         
diff --git a/doc/examples/makefile.am b/doc/examples/makefile.am
index e300c4c..56cb955 100644
--- a/doc/examples/makefile.am
+++ b/doc/examples/makefile.am
@@ -6,7 +6,8 @@
 noinst_HEADERS = suisse-id-demo.hxx
 noinst_PROGRAMS = pcsc-demo cryptoki-sign-demo cryptoki-demo		\
                   openssl-tcp-demo openssl-ssl-demo			\
-                  openssl-engine-demo suisse-id-demo cardos-demo
+                  openssl-engine-demo suisse-id-demo cardos-demo        \
+                  create-files-demo
 
 AM_CPPFLAGS += -I${top_srcdir}/src -I/usr/include/PCSC
 AM_LDFLAGS = -L${top_builddir}/src -lpcscxx
@@ -35,6 +36,7 @@ openssl_ssl_demo_SOURCES = openssl-ssl-demo.cxx
 openssl_engine_demo_SOURCES = openssl-engine-demo.cxx
 cardos_demo_SOURCES = cardos-demo.cxx
 suisse_id_demo_SOURCES = suisse-id-demo.cxx
+create_files_demo_SOURCES = create-files-demo.cxx
 # moc_suisse-id-demo.cxx
 suisse_id_demo_CXXFLAGS = ${QT_CFLAGS}
 suisse_id_demo_LDADD = ${QT_LIBS}
diff --git a/doc/examples/suisse-id-demo.cxx b/doc/examples/suisse-id-demo.cxx
index 22af2bb..c4668eb 100644
--- a/doc/examples/suisse-id-demo.cxx
+++ b/doc/examples/suisse-id-demo.cxx
@@ -39,7 +39,7 @@ int main(int argc, char** argv) try {
                    "Sign a text (optionally several times for performance"
                    " measurements).",
                    mrw::args::defaults()
-                   <<mrw::args::decl("l", "library", "cryptoki lirary to load",
+                   <<mrw::args::decl("l", "library", "cryptoki library to load",
                                      mrw::args::decl::param_list()
                                      <<mrw::args::param(lib, "lib")));
   // now lib contains the dynamic library to load
diff --git a/src/cardos.hxx b/src/cardos.hxx
index ee4c2ff..5d0cbec 100644
--- a/src/cardos.hxx
+++ b/src/cardos.hxx
@@ -19,7 +19,7 @@
 // use e.g. #define CARDOS_LOG(X) std::clog<<X<<std::endl
 #endif
 
-/** @defgroup gcardos C++ Access to Siemens CardOS V4.4
+/** @defgroup gcardos C++ Access to Siemens CardOS 4.4
     Implements APDUs for accessing Siemens CardOS V4.4 smartcards. */
 //@{
 /// @defgroup cardosexception CardOS Exceptions
@@ -157,33 +157,44 @@ namespace cardos {
         CHARACTER_STRING         = 0x1D,
         BMP_STRING               = 0x1E,
       };
-    public:
 
-      BerValue(std::vector<BerValue> sequence):
+    protected: // use BerValues instead
+
+      friend class BerValues;
+
+      BerValue(const std::vector<BerValue>& sequence):
           _tag(PRIVATE|CONSTRUCTED|SEQUENCE),
-          _length(0),
           _sequence(sequence) {
       }
       
-      BerValue(const std::string& content) {
+      BerValue(std::string& content) {
         if (content.size()<2)
           throw wrong_dataformat(content, "not a BER, header size too small: \""
                                  +crypto::binToHex(content)+"\"");
         _tag = content[0];
-        _length = content[1];
-        _value = content.substr(2, _length);
-        if (std::string::size_type(_length)+2>content.size())
+        unsigned char length = content[1];
+        _value = content.substr(2, length);
+        if (content.size()<std::string::size_type(length)+2)
           throw wrong_dataformat(content, "not a BER, content size too"
                                  " small: \""+crypto::binToHex(_value)+"\"");
+        content.erase(0, 2+length);
         if (tagType()==END_OF_CONTENT) return; // done
-        if (isContainer()) {
-          for (std::string::size_type pos(0); pos+1<_value.size();
-               pos+=2+_value[pos+1]) { // recursively extract value
-            _sequence.push_back(BerValue(_value.substr(pos, 2+_value[pos+1])));
-          }
-        }
+        if (isContainer())
+          while (_value.size()) _sequence.push_back(BerValue(_value));
       }
 
+    public:
+
+      BerValue(unsigned char tag, const std::string& value):
+          _tag(tag), _value(value) {
+        if (isContainer())
+          while (_value.size()) _sequence.push_back(BerValue(_value));
+      }
+      
+      BerValue(unsigned char tag, const std::vector<BerValue>& values):
+          _tag(tag), _sequence(values) {
+      }
+      
       unsigned char tagClass() {
         return _tag&0xC0;
       }
@@ -213,21 +224,31 @@ namespace cardos {
         return _sequence[i];
       }
 
-      std::string value() {
+      operator std::string() {
+        std::string res;
+        res.push_back(_tag);
+        if (isContainer()) {
+          for (std::vector<BerValue>::iterator it(_sequence.begin());
+               it!=_sequence.end(); ++it) {
+            res += *it;
+          }
+        } else {
+          (res += (char)_value.size()) += _value;
+        }
+        return res;
+      }
+
+      std::string string() {
         return _value;
       }
 
-      unsigned long toULong() {
-        unsigned long res(0);
-        for (std::string::reverse_iterator it(_value.rbegin());
-             it!=_value.rend(); ++it)
-          (res<<=8)+=(unsigned)*it;
-        return res;
+      unsigned long ulong() {
+        return crypto::ulongFromBinary(_value);
       }
       
       std::string print(int indent=0, int indentStep = 4) {
         std::stringstream ss;
-        ss<<std::string(indent*indentStep, ' ')<<'[';
+        ss<<std::string(indent*indentStep, ' ')<<'['<<crypto::binToHex(_tag)<<'=';
         switch (tagClass()) {
           case UNIVERSAL: ss<<"UNIVERSAL,"; break;
           case APPLICATION: ss<<"APPLICATION,"; break;
@@ -279,7 +300,7 @@ namespace cardos {
           for (std::vector<BerValue>::iterator it(_sequence.begin());
                it!=_sequence.end(); ++it) {
             ss<<std::string((indent+1)*indentStep, ' ')
-              <<" ["<<i++<<"]{"
+              <<"["<<i++<<"] {"
               <<std::endl
               <<it->print(indent+2, indentStep)
               <<std::endl
@@ -292,15 +313,14 @@ namespace cardos {
           for (std::string::const_iterator it(_value.begin());
                it!=_value.end(); ++it)
             ss<<(isprint(*it)?*it:'.');
+          ss<<"\"";
         }
-        ss<<"\"";
         return ss.str();
       }
       
     private:
       
       unsigned char _tag;
-      unsigned char _length;
       std::string _value;
       std::vector<BerValue> _sequence;
 
@@ -309,13 +329,24 @@ namespace cardos {
   /// Store a sequence of BerValue
   class BerValues: public std::vector<BerValue> {
     public:
-      BerValues& operator=(const std::string& content) {
+      BerValues() {}
+      BerValues(const std::string& content) {
+        std::string contentCopy(content);
+        while (contentCopy.size()) push_back(BerValue(contentCopy));
+      }
+      BerValues& operator=(std::string& content) {
         clear();
-        push_back(BerValue(content));
+        std::string contentCopy(content);
+        while (contentCopy.size()) push_back(BerValue(contentCopy));
+        return *this;
+      }
+      BerValues& operator+=(const std::string& content) {
+        std::string contentCopy(content);
+        while (contentCopy.size()) push_back(BerValue(contentCopy));
         return *this;
       }
-      BerValues& operator+=(const BerValue& value) {
-        push_back(value);
+      BerValues& operator+=(const BerValues& values) {
+        insert(end(), values.begin(), values.end());
         return *this;
       }
       std::string print(int indent=0, int indentStep = 4) {
@@ -327,7 +358,7 @@ namespace cardos {
           ss<<"{"<<std::endl;
           for (iterator it(begin()); it!=end(); ++it) {
             ss<<std::string((indent+1)*indentStep, ' ')
-              <<" ["<<i++<<"]{"
+              <<"["<<i++<<"] {"
               <<std::endl
               <<it->print(indent+2, indentStep)
               <<std::endl
@@ -590,13 +621,30 @@ namespace cardos {
       }
 
       //! Creates a file (only EF or DF)
-      void createFile(BerValue) {
+      void createFile(std::string path="", const std::string data="") {
         CRYPTOLOG("log");
+        // pcsc::Connection::Reader::Transaction lock(_reader);
+        // if (path.size()) select(path);
+        // check(send(0x00, 0xE0, 0x00, 0x00, 
         // check(send(0x00, 0xE0, 0x00, 0x00, BerValue(0x62h,
         // data).raw()));
         assert(!"not implemented");
       }
 
+      //! Creates a EF file
+      void createBinary(std::string path="", std::string id="",
+                        const std::string data="") {
+        CRYPTOLOG("log");
+        pcsc::Connection::Reader::Transaction lock(_reader);
+        if (path.size()) select(path);
+        BerValues c;
+        c += BerValue(0x80, crypto::toBinary(data.size()));
+        std::string idbin(crypto::hexToBin(id));
+        if (idbin.size()!=2) throw runtime_error("file id must be two bytes");
+        c += BerValue(0x83, idbin);
+        check(send(0x00, 0xE0, 0x00, 0x00, BerValue(82, c)));
+      }
+
       //! Deactivates a file or a file tree
       void deactivateFile() {
         CRYPTOLOG("log");
@@ -618,9 +666,19 @@ namespace cardos {
       enum FileTypes {DF=0x00, EF=0x01, DF_EF=0x02};
 
       //! Reads file information of EFs and/or DFs in the current DF
-      BerValue directory(FileTypes types, unsigned char offset=0) {
+      BerValues directory(std::string path, FileTypes types=DF_EF,
+                          unsigned char offset=0) {
         CRYPTOLOG("log");
-        return BerValue(check(send(0x80, 0x16, types, offset)));
+        unsigned char o(offset);
+        BerValues content;
+        pcsc::Connection::Reader::Transaction lock(_reader);
+        if (path.size()) select(path);
+        /*while (o<(unsigned char)-1)*/ { /// @todo read until done
+          std::string res(check(send(0x80, 0x16, types, o++)));
+          //if (cardos::Commands::retCode(res)!=0x9000) break;
+          content += res;
+        }
+        return content;
       }
 
       //! Enables an already loaded and activated but disabled license package.
@@ -832,8 +890,10 @@ namespace cardos {
       }
 
       //! Read a BINARY file
-      std::string readBinary(unsigned short offset = 0) {
+      std::string readBinary(std::string path="", unsigned short offset = 0) {
         CRYPTOLOG("log");
+        pcsc::Connection::Reader::Transaction lock(_reader);
+        if (path.size()) select(path);
         return check(send(0x00, 0xB0, offset>>8, offset&0xFF));
       }
 
@@ -855,14 +915,15 @@ namespace cardos {
       }
 
       /// Read all records from a record oriented file
-      BerValues readBerFile() {
+      BerValues readBerFile(std::string path="") {
         CRYPTOLOG("log");
         BerValues content;
         pcsc::Connection::Reader::Transaction lock(_reader);
+        if (path.size()) select(path);
         while (true) {
           std::string res(send(0x00, 0xB2, 0, NEXT_RECORD));
           if (cardos::Commands::retCode(res)!=0x9000) break;
-          content += BerValue(retData(res).substr(2));
+          content += retData(res).substr(2);
         }
         return content;
       }
@@ -896,13 +957,13 @@ namespace cardos {
       };
 
       //! Selects a file
-      BerValue selectFile(std::string file,
+      BerValues selectFile(std::string file,
                           FileSelectionMode mode
                           = DF_OR_EF_USING_PATH_FROM_MF,
                           FileSelectionReturn ret
                           = RETURN_NOTHING) {
         CRYPTOLOG("log");
-        return BerValue(check(send(0x00, 0xA4, mode, ret, file)));
+        return BerValues(check(send(0x00, 0xA4, mode, ret, file)));
       }
 
       //! Sets the so-called Data_Field_Length parameter relevant for
@@ -932,11 +993,12 @@ namespace cardos {
         assert(!"not implemented");
       }
 
-      /// Read the previously file from smart card
-      std::string readBinFile() {
-        CRYPTOLOG("log");
-        return check(send(0x00, 0xB0, 0x00, 0x00));
-      }
+      // same as readBinary
+      // /// Read the previously file from smart card
+      // std::string readBinFile() {
+      //   CRYPTOLOG("log");
+      //   return check(send(0x00, 0xB0, 0x00, 0x00));
+      // }
 
       //! Updates a BINARY file
       void updateBinary(std::string data, unsigned short offset=0) {
@@ -1123,6 +1185,12 @@ namespace cardos {
         check(send(0x00, 0xA4, 0x08, 0x0C, crypto::hexToBin("3f00"+file)));
       }
 
+      /// Generic select file
+      void select(std::string path) {
+        CRYPTOLOG("log");
+        check(send(0x00, 0xA4, 0x08, 0x0C, crypto::hexToBin(path)));
+      }
+
      /// Select the PKCS#15 part on the smart card
       void selectPkcs15() {
         CRYPTOLOG("log");
diff --git a/src/cryptaux.hxx b/src/cryptaux.hxx
index 0209844..8421e3e 100644
--- a/src/cryptaux.hxx
+++ b/src/cryptaux.hxx
@@ -163,6 +163,25 @@ namespace crypto {
     }
     return res;
   }
+
+  /// convert integer to binary of given size
+  inline std::string toBinary(unsigned long data, int bytes=2) {
+    std::string res(0, bytes);
+    for (int i(0); i<bytes; ++i) {
+      res[bytes-i-1] = data&0xff;
+      data>>=8;
+    }
+  }
+  
+  /// convert integer from binary of given size
+  inline unsigned long ulongFromBinary(const std::string& data) {
+    unsigned long res(0);
+    for (std::string::const_reverse_iterator it(data.rbegin());
+         it!=data.rend(); ++it)
+      (res<<=8)+=(unsigned)*it;
+    return res;
+  }
+  
 }
 
 //@}
diff --git a/src/suisseid.hxx b/src/suisseid.hxx
index afc4a33..4060ead 100644
--- a/src/suisseid.hxx
+++ b/src/suisseid.hxx
@@ -337,12 +337,12 @@ namespace suisseid {
         selectPkcs15File("4408");
         cardos::BerValues res(readBerFile());
         for (cardos::BerValues::iterator it(res.begin()); it!=res.end(); ++it)
-          if ((*it)[0][0].value()=="PIN" ||
-              (*it)[0][0].value()=="Digital Signature PIN") {
-            if ((*it)[2][0][2].toULong()>_minPinLen)
-              _minPinLen = (*it)[2][0][2].toULong();
-            if ((*it)[2][0][4].toULong()<_maxPinLen)
-              _maxPinLen = (*it)[2][0][4].toULong();
+          if ((*it)[0][0].string()=="PIN" ||
+              (*it)[0][0].string()=="Digital Signature PIN") {
+            if ((*it)[2][0][2].ulong()>_minPinLen)
+              _minPinLen = (*it)[2][0][2].ulong();
+            if ((*it)[2][0][4].ulong()<_maxPinLen)
+              _maxPinLen = (*it)[2][0][4].ulong();
           }
       }
 
@@ -350,7 +350,7 @@ namespace suisseid {
         pcsc::Connection::Reader::Transaction lock(_reader);
         try {
           selectMfFile(file);
-          return _version = cardos::BerValue(readBinary())[0].value();
+          return _version = cardos::BerValues(readBinary())[0].string();
         } catch (...) {
           return _version = "<unknown>";
         }