From d83e25b51168cd91e403c0cd0130fd7c31af3403 Mon Sep 17 00:00:00 2001 From: Governikus Date: Fri, 28 Apr 2023 16:37:48 +0200 Subject: [PATCH] Add revision: v1.26.4 --- .github/workflows/codeql.yml | 2 +- CMakeLists.txt | 6 +- cmake/CompilerFlags.cmake | 1 - cmake/DVCS.cmake | 4 +- cmake/Install.cmake | 6 +- cmake/Notarization.cmake | 38 +- cmake/Sphinx.cmake | 17 +- cmake/Tools.Libraries.cmake | 42 + cmake/Tools.cmake | 24 +- cmake/cmd.cmake | 26 +- docs/CMakeLists.txt | 2 + docs/failurecodes/conf.py.in | 168 +++ docs/failurecodes/failurecodes.rst | 574 ++++++++ docs/failurecodes/index.rst | 23 + docs/failurecodes/intro.rst | 7 + .../locales/de/LC_MESSAGES/failurecodes.po | 1234 +++++++++++++++++ .../locales/de/LC_MESSAGES/index.po | 34 + .../locales/de/LC_MESSAGES/intro.po | 38 + docs/installation/conf.py.in | 2 +- docs/integration/conf.py.in | 2 +- docs/releasenotes/1.26.4.rst | 31 + docs/releasenotes/announce.rst | 1 + docs/releasenotes/appcast.rst | 2 + docs/releasenotes/conf.py.in | 2 +- docs/releasenotes/issues.rst | 9 - docs/releasenotes/singlehtml.conf.py.in | 2 +- docs/releasenotes/support.rst | 14 +- docs/releasenotes/versions.rst | 2 + docs/sdk/commands.rst | 8 +- docs/sdk/conf.py.in | 2 +- docs/sdk/failurecodes.rst | 1 + docs/sdk/index.rst | 1 + docs/sdk/messages.rst | 22 +- docs/sdk/simulator.rst | 67 +- libs/CMakeLists.txt | 10 +- ...usItem.menu-to-manage-system-tray-me.patch | 130 ++ ...-screens-will-not-be-connected-befor.patch | 44 + ...hanged-screens-if-no-QIOSIntegration.patch | 57 + .../{common => alpine-common}/Dockerfile | 2 +- .../docker/{docs => alpine-docs}/Dockerfile | 4 +- .../docker/{linux => alpine-linux}/Dockerfile | 2 +- .../docker/{swarm => alpine-swarm}/Dockerfile | 0 .../docker/{swarm => alpine-swarm}/swarm.sh | 3 +- .../{trigger => alpine-trigger}/Dockerfile | 2 +- resources/jenkins/docker/generate.py | 33 +- .../{android => ubuntu-android}/Dockerfile | 2 +- .../{swarm-ubuntu => ubuntu-swarm}/Dockerfile | 0 .../{swarm-ubuntu => ubuntu-swarm}/swarm.sh | 3 +- .../{vanilla => ubuntu-vanilla}/Dockerfile | 2 +- .../jenkins/dsl/Builds/Build_Container.groovy | 2 + .../jenkins/dsl/Builds/Build_Docs.groovy | 3 + .../jenkins/dsl/Releases/Release_Docs.groovy | 3 + .../jenkins/dsl/Reviews/Review_Docs.groovy | 3 + .../json-schemas/supported-providers.json | 16 +- resources/qml/+desktop/main.qml | 28 +- .../Governikus/AuthView/+desktop/AuthView.qml | 3 +- .../Governikus/AuthView/+mobile/AuthView.qml | 1 + .../+mobile/TransportPinReminderView.qml | 8 +- .../ChangePinView/+desktop/ChangePinView.qml | 3 +- .../ChangePinView/+mobile/ChangePinView.qml | 2 + .../ChangePinView/ChangePinViewContent.qml | 4 +- .../+mobile/EnterPasswordView.qml | 2 + .../FeedbackView/+mobile/LogView.qml | 119 +- .../+desktop/PasswordInfoView.qml | 6 +- .../+mobile/PasswordInfoView.qml | 6 +- .../PasswordInfoView/PasswordInfoData.qml | 34 +- .../+mobile/RemoteServiceView.qml | 1 + .../RemoteServiceController.qml | 4 + .../+desktop/CardReaderDelegate.qml | 1 + .../TechnologyInfo/+mobile/TechnologyInfo.qml | 3 +- .../Governikus/View/+mobile/ContentArea.qml | 2 +- .../Workflow/+desktop/GeneralWorkflow.qml | 20 +- resources/translations/ausweisapp2_de.ts | 77 +- resources/translations/ausweisapp2_ru.ts | 375 ++--- resources/translations/ausweisapp2_uk.ts | 379 ++--- .../updatable-files/supported-providers.json | 88 +- src/CMakeLists.txt | 2 - src/card/pcsc/PcscReader.cpp | 34 +- src/card/pcsc/PcscReader.h | 1 + src/card/pcsc/PcscReaderManagerPlugIn.cpp | 39 +- src/card/pcsc/PcscReaderManagerPlugIn.h | 5 + src/card/simulator/SimulatorCard.cpp | 36 +- src/card/simulator/SimulatorCard.h | 1 + src/card/simulator/SimulatorFileSystem.cpp | 66 +- src/card/simulator/SimulatorFileSystem.h | 6 +- src/global/ECardApiResult.cpp | 139 +- src/global/FailureCode.h | 111 +- src/global/GlobalStatus.cpp | 7 +- src/global/GlobalStatus.h | 1 + src/ifd/base/ConnectRequest.cpp | 4 + src/init/Bootstrap.cpp | 4 + src/network/DatagramHandlerImpl.cpp | 7 +- src/network/DatagramHandlerImpl.h | 2 +- src/network/HttpHandler.cpp | 2 +- src/network/HttpRequest.cpp | 8 +- src/ui/functional/CMakeLists.txt | 4 + src/ui/functional/exported_symbols.txt | 4 + src/ui/json/MessageDispatcher.cpp | 15 +- src/ui/json/messages/MsgHandlerChangePin.cpp | 6 + src/ui/qml/ApplicationModel.cpp | 10 +- src/ui/qml/HistoryModel.cpp | 8 +- src/ui/qml/WorkflowModel.cpp | 2 +- .../base/controller/ChangePinController.cpp | 1 + .../base/states/CompositeStatePace.cpp | 6 +- .../states/CompositeStateTrustedChannel.cpp | 8 +- .../base/states/StateCheckRefreshAddress.cpp | 40 +- .../base/states/StateCheckRefreshAddress.h | 2 +- .../base/states/StateConnectCard.cpp | 25 - src/workflows/base/states/StateConnectCard.h | 1 - .../base/states/StateDestroyPace.cpp | 4 +- .../base/states/StateEnterPacePassword.cpp | 5 +- .../base/states/StateEstablishPaceChannel.cpp | 27 +- .../base/states/StateEstablishPaceChannel.h | 4 +- .../base/states/StateGenericSendReceive.cpp | 7 + .../base/states/StateGenericSendReceive.h | 59 +- src/workflows/base/states/StateGetTcToken.cpp | 26 +- .../base/states/StatePreparePace.cpp | 2 +- src/workflows/base/states/StatePreparePace.h | 1 + .../base/states/StateSelectReader.cpp | 19 + src/workflows/base/states/StateSelectReader.h | 1 + .../base/states/StateStartPaosResponse.cpp | 1 + .../base/states/StateUpdateRetryCounter.cpp | 8 +- .../base/states/StateUpdateRetryCounter.h | 3 + .../base/states/StateVerifyRetryCounter.cpp | 2 +- .../base/states/StateVerifyRetryCounter.h | 3 +- .../base/states/StateWriteHistory.cpp | 18 +- .../ifd/controller/IfdServiceController.cpp | 2 + .../ifd/states/StateProcessIfdMessages.cpp | 3 +- .../StateSendStartPaosPersonalization.cpp | 14 +- .../StateSendStartPaosPersonalization.h | 6 - ...ateSendTransmitResponsePersonalization.cpp | 14 +- ...StateSendTransmitResponsePersonalization.h | 6 - .../StateStartPaosResponsePersonalization.cpp | 1 + test/CMakeLists.txt | 5 + test/fixture/card/simulatorFiles.json | 6 + test/helper/CMakeLists.txt | 1 + test/helper/pcsc/CMakeLists.txt | 6 + test/helper/pcsc/main.cpp | 86 ++ test/qt/card/pcsc/test_PcscReader.cpp | 52 + .../pcsc/test_PcscReaderManagerPlugIn.cpp | 45 + test/qt/card/simulator/test_SimulatorCard.cpp | 13 + .../simulator/test_SimulatorFileSystem.cpp | 43 +- .../test_ProviderConfigurationParser.cpp | 4 +- test/qt/ui/qml/test_ApplicationModel.cpp | 34 + .../ui/webservice/test_UIPlugInWebService.cpp | 9 +- .../test_StateGetChallenge.cpp | 11 +- .../test_StateGetSessionId.cpp | 11 +- .../test_StatePreparePersonalization.cpp | 5 +- .../states/test_StateEstablishPaceChannel.cpp | 16 +- .../workflows/states/test_StateGetTcToken.cpp | 4 +- .../states/test_StatePreparePace.cpp | 6 +- .../states/test_StateStartPaosResponse.cpp | 18 + .../states/test_StateUpdRetryCounter.cpp | 15 +- .../states/test_StateVerifyRetryCounter.cpp | 6 +- .../states/test_StateWriteHistory.cpp | 13 - 155 files changed, 3945 insertions(+), 1208 deletions(-) create mode 100644 cmake/Tools.Libraries.cmake create mode 100644 docs/failurecodes/conf.py.in create mode 100644 docs/failurecodes/failurecodes.rst create mode 100644 docs/failurecodes/index.rst create mode 100644 docs/failurecodes/intro.rst create mode 100644 docs/failurecodes/locales/de/LC_MESSAGES/failurecodes.po create mode 100644 docs/failurecodes/locales/de/LC_MESSAGES/index.po create mode 100644 docs/failurecodes/locales/de/LC_MESSAGES/intro.po create mode 100644 docs/releasenotes/1.26.4.rst create mode 100644 docs/sdk/failurecodes.rst create mode 100644 libs/patches/qt-base-0005-macOS-Use-NSStatusItem.menu-to-manage-system-tray-me.patch create mode 100644 libs/patches/qt-base-0006-iOS-Don-t-assume-screens-will-not-be-connected-befor.patch create mode 100644 libs/patches/qt-base-0007-Ignore-removed-changed-screens-if-no-QIOSIntegration.patch rename resources/jenkins/docker/{common => alpine-common}/Dockerfile (91%) rename resources/jenkins/docker/{docs => alpine-docs}/Dockerfile (62%) rename resources/jenkins/docker/{linux => alpine-linux}/Dockerfile (92%) rename resources/jenkins/docker/{swarm => alpine-swarm}/Dockerfile (100%) rename resources/jenkins/docker/{swarm => alpine-swarm}/swarm.sh (82%) rename resources/jenkins/docker/{trigger => alpine-trigger}/Dockerfile (73%) rename resources/jenkins/docker/{android => ubuntu-android}/Dockerfile (96%) rename resources/jenkins/docker/{swarm-ubuntu => ubuntu-swarm}/Dockerfile (100%) rename resources/jenkins/docker/{swarm-ubuntu => ubuntu-swarm}/swarm.sh (82%) rename resources/jenkins/docker/{vanilla => ubuntu-vanilla}/Dockerfile (94%) create mode 100644 src/ui/functional/exported_symbols.txt create mode 100644 test/helper/pcsc/CMakeLists.txt create mode 100644 test/helper/pcsc/main.cpp create mode 100644 test/qt/card/pcsc/test_PcscReader.cpp create mode 100644 test/qt/card/pcsc/test_PcscReaderManagerPlugIn.cpp diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7c977bf34..c1de2b2a0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -33,7 +33,7 @@ jobs: queries: +security-and-quality - name: Install dependencies - run: sudo apt install -y cmake pkg-config libssl-dev libudev-dev libhttp-parser-dev libpcsclite-dev libqt6svg6-dev libqt6websockets6-dev qt6-base-dev qt6-base-private-dev qt6-declarative-dev qt6-scxml-dev qt6-tools-dev qt6-tools-dev-tools libqt6opengl6-dev libqt6shadertools6-dev libgl1-mesa-dev qt6-l10n-tools + run: sudo apt update -qq && sudo apt install -y cmake pkg-config libssl-dev libudev-dev libhttp-parser-dev libpcsclite-dev libqt6svg6-dev libqt6websockets6-dev qt6-base-dev qt6-base-private-dev qt6-declarative-dev qt6-connectivity-dev qt6-scxml-dev qt6-tools-dev qt6-tools-dev-tools libqt6opengl6-dev libqt6shadertools6-dev libgl1-mesa-dev qt6-l10n-tools - name: Autobuild uses: github/codeql-action/autobuild@v2 diff --git a/CMakeLists.txt b/CMakeLists.txt index 7c6cce40c..e86afb357 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -60,7 +60,7 @@ if(UNIX AND NOT IOS) set(CMAKE_OSX_DEPLOYMENT_TARGET 10.15 CACHE STRING "Required macOS version") endif() -project(AusweisApp2 VERSION 1.26.3 LANGUAGES ${LANGUAGES}) +project(AusweisApp2 VERSION 1.26.4 LANGUAGES ${LANGUAGES}) # Set TWEAK if not defined in PROJECT_VERSION above to # have a valid tweak version without propagating it @@ -182,6 +182,7 @@ endif() option(USE_SMARTEID "Enable Smart-eID" OFF) include(Libraries) +include(Tools.Libraries) include(CompilerFlags) if(LINUX OR BSD) @@ -200,3 +201,6 @@ if(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/utils") endif() include(Packaging) + +include(FeatureSummary) +FEATURE_SUMMARY(WHAT ALL) diff --git a/cmake/CompilerFlags.cmake b/cmake/CompilerFlags.cmake index 3845159be..3892ac25b 100644 --- a/cmake/CompilerFlags.cmake +++ b/cmake/CompilerFlags.cmake @@ -150,7 +150,6 @@ else() endif() endif() - if(CMAKE_COMPILE_WARNING_AS_ERROR AND CMAKE_VERSION VERSION_LESS "3.24") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Werror") endif() diff --git a/cmake/DVCS.cmake b/cmake/DVCS.cmake index ceb09a6a6..f58307380 100644 --- a/cmake/DVCS.cmake +++ b/cmake/DVCS.cmake @@ -45,8 +45,6 @@ endfunction() macro(CHECK_DVCS) - set(VERSION_DVCS ${PROJECT_VERSION}) - if(HG_FOUND) DVCS_CALL("tag" "" id -t) elseif(GIT_FOUND) @@ -96,7 +94,7 @@ macro(GET_DVCS_INFO) endif() endmacro() - +set(VERSION_DVCS ${PROJECT_VERSION}) FIND_DVCS(${PROJECT_SOURCE_DIR}) if(DVCS_FOUND) option(ENABLE_DVCS "Check consistency of version/tag and get additional revision data" true) diff --git a/cmake/Install.cmake b/cmake/Install.cmake index 8d7fdd88c..79998b2de 100644 --- a/cmake/Install.cmake +++ b/cmake/Install.cmake @@ -260,11 +260,7 @@ elseif(ANDROID) install(FILES ${PACKAGING_DIR}/android/IAusweisApp2Sdk.aidl DESTINATION ${ANDROID_PACKAGE_SRC_DIR}/src/com/governikus/ausweisapp2/ COMPONENT Runtime) install(FILES ${PACKAGING_DIR}/android/IAusweisApp2SdkCallback.aidl DESTINATION ${ANDROID_PACKAGE_SRC_DIR}/src/com/governikus/ausweisapp2/ COMPONENT Runtime) - if(VERSION_DVCS) - set(ANDROID_VERSION_NAME ${VERSION_DVCS}) - else() - set(ANDROID_VERSION_NAME ${PROJECT_VERSION}) - endif() + set(ANDROID_VERSION_NAME ${VERSION_DVCS}) configure_file(${PACKAGING_DIR}/android/${ANDROID_MANIFEST} ${ANDROID_PACKAGE_SRC_DIR}/AndroidManifest.xml @ONLY) if(INTEGRATED_SDK) set(QML_ROOT_PATH []) diff --git a/cmake/Notarization.cmake b/cmake/Notarization.cmake index 9edd74d62..7b4040913 100644 --- a/cmake/Notarization.cmake +++ b/cmake/Notarization.cmake @@ -25,14 +25,11 @@ if(NOT DMG_FILE_LEN EQUAL 1) endif() message(STATUS "Using DMG: ${DMG_FILE}") -if(NOT USER) - set(USER ausweisapp@governikus.com) -endif() -execute_process(COMMAND ${XCRUN} altool -t osx --notarize-app --verbose -u ${USER} -p @env:PASSWORD --primary-bundle-id com.governikus.ausweisapp2 -f ${DMG_FILE} - OUTPUT_VARIABLE UUID_OUTPUT) +set(keychain --keychain-profile "AC_PASSWORD") +execute_process(COMMAND ${XCRUN} notarytool submit ${keychain} ${DMG_FILE} OUTPUT_VARIABLE UUID_OUTPUT) -set(regex_uuid "RequestUUID = ([-|0-9|a-z]+)") +set(regex_uuid "id: ([-|0-9|a-z]+)") FETCH_REGEX(UUID "${regex_uuid}" "${UUID_OUTPUT}") if(UUID) message(STATUS "Fetched UUID: ${UUID}") @@ -40,26 +37,21 @@ else() message(FATAL_ERROR "Cannot fetch UUID: ${UUID_OUTPUT}") endif() -set(regex_status "Status: ([a-z| ]+)") -while(TRUE) - message(STATUS "Wait 30 seconds...") - execute_process(COMMAND ${CMAKE_COMMAND} -E sleep 30) +message(STATUS "Wait...") +execute_process(COMMAND ${XCRUN} notarytool wait ${UUID} ${keychain}) - execute_process(COMMAND ${XCRUN} altool -u ${USER} -p @env:PASSWORD --notarization-info ${UUID} - OUTPUT_VARIABLE STATUS_OUTPUT) +execute_process(COMMAND ${XCRUN} notarytool info ${UUID} ${keychain} OUTPUT_VARIABLE STATUS_OUTPUT) - FETCH_REGEX(STATUS "${regex_status}" "${STATUS_OUTPUT}") +set(regex_status "status: ([a-zA-Z| ]+)") +FETCH_REGEX(STATUS "${regex_status}" "${STATUS_OUTPUT}") - if(STATUS STREQUAL "success") - message(STATUS "Notarization succeeded...") - break() - elseif(STATUS STREQUAL "in progress") - message(STATUS "Waiting...\n${STATUS_OUTPUT}") - else() - message(STATUS "Fetched Status: ${STATUS}") - message(FATAL_ERROR "Notarization failed:\n${STATUS_OUTPUT}") - endif() -endwhile() +if(STATUS STREQUAL "Accepted") + message(STATUS "Notarization succeeded...") +else() + message(STATUS "Fetched Status: ${STATUS}") + execute_process(COMMAND ${XCRUN} notarytool log ${UUID} ${keychain}) + message(FATAL_ERROR "Notarization failed:\n${STATUS_OUTPUT}") +endif() execute_process(COMMAND ${XCRUN} stapler staple -v ${DMG_FILE}) execute_process(COMMAND ${XCRUN} stapler validate -v ${DMG_FILE}) diff --git a/cmake/Sphinx.cmake b/cmake/Sphinx.cmake index 92aef00ed..608802ba5 100644 --- a/cmake/Sphinx.cmake +++ b/cmake/Sphinx.cmake @@ -13,13 +13,11 @@ if(SPHINX_BIN) list(APPEND _LOCALES ${_defaultLang}) set(_TMP_DIR "${CMAKE_BINARY_DIR}/_tmp/${_target}/${_builder}") - set(_CONFIG_DIR "${_TMP_DIR}/config") set(SPHINX_CONF_PY_IN "${SPHINX_DOCS_DIR}/${_builder}.conf.py.in") if(NOT EXISTS "${SPHINX_CONF_PY_IN}") set(SPHINX_CONF_PY_IN "${SPHINX_DOCS_DIR}/conf.py.in") endif() - configure_file("${SPHINX_CONF_PY_IN}" "${_CONFIG_DIR}/conf.py" @ONLY) # Use @SPHINX_DOCS_DIR@ here file(GLOB_RECURSE _FILES "${SPHINX_DOCS_DIR}/*.rst" @@ -28,14 +26,17 @@ if(SPHINX_BIN) "${SPHINX_DOCS_DIR}/*.jpg" "${SPHINX_DOCS_DIR}/*.svg") - foreach(lang ${_LOCALES}) - get_filename_component(lang "${lang}" NAME) - message(STATUS "Generate (${_builder}) ${_target}: ${lang}") + foreach(SPHINX_LANG ${_LOCALES}) + get_filename_component(SPHINX_LANG "${SPHINX_LANG}" NAME) + message(STATUS "Generate (${_builder}) ${_target}: ${SPHINX_LANG}") - set(target_dir "${_output}/${_target}/${_builder}/${lang}") - set(TARGET_CMD ${SPHINX_BIN} -c "${_CONFIG_DIR}" -Dlanguage=${lang} ${_options} -d "${_TMP_DIR}/${lang}" -b ${_builder} "${SPHINX_DOCS_DIR}" "${target_dir}") + set(_CONFIG_DIR "${_TMP_DIR}/config/${SPHINX_LANG}") + configure_file("${SPHINX_CONF_PY_IN}" "${_CONFIG_DIR}/conf.py" @ONLY) # Use @SPHINX_DOCS_DIR@ / @SPHINX_LANG@ here + + set(target_dir "${_output}/${_target}/${_builder}/${SPHINX_LANG}") + set(TARGET_CMD ${SPHINX_BIN} -c "${_CONFIG_DIR}" ${_options} -d "${_TMP_DIR}/${SPHINX_LANG}" -b ${_builder} "${SPHINX_DOCS_DIR}" "${target_dir}") add_custom_command(OUTPUT ${target_dir} COMMAND ${TARGET_CMD} DEPENDS ${_FILES}) - set(subtarget ${_target}.${_builder}.${lang}) + set(subtarget ${_target}.${_builder}.${SPHINX_LANG}) add_custom_target(${subtarget} DEPENDS ${target_dir} SOURCES ${_FILES}) list(APPEND target_list ${subtarget}) diff --git a/cmake/Tools.Libraries.cmake b/cmake/Tools.Libraries.cmake new file mode 100644 index 000000000..7f37aa427 --- /dev/null +++ b/cmake/Tools.Libraries.cmake @@ -0,0 +1,42 @@ +# This file will be included in Tools.cmake AND after Libraries.cmake +# So this file will be called two times and the check needs to respect that +# with a "VALIDATOR function" or "if(NOT VARIABLE)". + +if(NOT QMLFORMAT) + set(QMLFORMAT_MIN_VERSION 6) + function(qmlformat_validator validator_result binary) + execute_process(COMMAND ${binary} --version OUTPUT_VARIABLE QMLFORMAT_VERSION OUTPUT_STRIP_TRAILING_WHITESPACE) + string(REPLACE "qmlformat " "" QMLFORMAT_VERSION "${QMLFORMAT_VERSION}") + + if("${QMLFORMAT_VERSION}" VERSION_LESS "${QMLFORMAT_MIN_VERSION}") + set(${validator_result} FALSE PARENT_SCOPE) + endif() + endfunction() + + if(CMAKE_VERSION VERSION_GREATER_EQUAL "3.25") + set(VALIDATOR VALIDATOR qmlformat_validator) + endif() + + find_program(QMLFORMAT qmlformat HINTS "${QT_INSTALL_ARCHDATA}/bin" ${VALIDATOR} CMAKE_FIND_ROOT_PATH_BOTH) + if(QMLFORMAT) + execute_process(COMMAND ${QMLFORMAT} --version OUTPUT_VARIABLE QMLFORMAT_VERSION OUTPUT_STRIP_TRAILING_WHITESPACE) + string(REPLACE "qmlformat " "" QMLFORMAT_VERSION "${QMLFORMAT_VERSION}") + + if("${QMLFORMAT_VERSION}" VERSION_LESS "${QMLFORMAT_MIN_VERSION}") + unset(QMLFORMAT CACHE) # let's retry later + else() + file(GLOB_RECURSE FILES_QML ${PROJECT_SOURCE_DIR}/*.qml) + set(QMLFORMAT_CMD ${QMLFORMAT} -i -n -l unix -t -w 4) + + set(FORMATTING_FILE ${PROJECT_BINARY_DIR}/formatting.files.qml) + file(WRITE ${FORMATTING_FILE} "") + foreach(file ${FILES_QML}) + file(APPEND ${FORMATTING_FILE} ${file}) + file(APPEND ${FORMATTING_FILE} "\n") + endforeach() + + add_custom_target(format.qml COMMAND ${QMLFORMAT_CMD} -F ${FORMATTING_FILE} SOURCES ${FILES_QML}) + add_dependencies(format format.qml) + endif() + endif() +endif() diff --git a/cmake/Tools.cmake b/cmake/Tools.cmake index 0667652d5..2ee0c3ef7 100644 --- a/cmake/Tools.cmake +++ b/cmake/Tools.cmake @@ -115,29 +115,6 @@ if(UNCRUSTIFY) endif() endif() -find_program(QMLFORMAT qmlformat HINTS "${QT_INSTALL_ARCHDATA}/bin" CMAKE_FIND_ROOT_PATH_BOTH) -if(QMLFORMAT) - execute_process(COMMAND ${QMLFORMAT} --version OUTPUT_VARIABLE QMLFORMAT_VERSION OUTPUT_STRIP_TRAILING_WHITESPACE) - string(REPLACE "qmlformat " "" QMLFORMAT_VERSION "${QMLFORMAT_VERSION}") - - if("${QMLFORMAT_VERSION}" VERSION_LESS "6") - message(WARNING "qmlformat is too old: ${QMLFORMAT_VERSION}") - else() - file(GLOB_RECURSE FILES_QML ${PROJECT_SOURCE_DIR}/*.qml) - set(QMLFORMAT_CMD ${QMLFORMAT} -i -n -l unix -t -w 4) - - set(FORMATTING_FILE ${PROJECT_BINARY_DIR}/formatting.files.qml) - file(WRITE ${FORMATTING_FILE} "") - foreach(file ${FILES_QML}) - file(APPEND ${FORMATTING_FILE} ${file}) - file(APPEND ${FORMATTING_FILE} "\n") - endforeach() - - add_custom_target(format.qml COMMAND ${QMLFORMAT_CMD} -F ${FORMATTING_FILE} SOURCES ${FILES_QML}) - add_dependencies(format format.qml) - endif() -endif() - find_program(PYTHON python CMAKE_FIND_ROOT_PATH_BOTH) if(PYTHON) list(APPEND GLOB_JSON ${RESOURCES_DIR}/updatable-files/*.json) @@ -621,3 +598,4 @@ if(DOT) endif() include(Sphinx) +include(Tools.Libraries) diff --git a/cmake/cmd.cmake b/cmake/cmd.cmake index d2f666c43..d9fb3e648 100644 --- a/cmake/cmd.cmake +++ b/cmake/cmd.cmake @@ -1,4 +1,5 @@ -cmake_minimum_required(VERSION 3.1.0) +cmake_minimum_required(VERSION 3.13.0) +cmake_policy(SET CMP0057 NEW) ########################################### #### Usage: cmake -DCMD= -P cmake/cmd.cmake @@ -184,8 +185,29 @@ function(CHECK_FAILURE_CODES) string(REGEX REPLACE "/\\*[^(\\*/)]*\\*/" "" SINGLE_LINE ${SINGLE_LINE}) string(REGEX MATCHALL "([a-zA-Z0-9_]+)" FAILURE_CODES ${SINGLE_LINE}) + file(STRINGS "docs/failurecodes/failurecodes.rst" LINES_RST) + foreach(line_rst ${LINES_RST}) + #match this pattern: " - | **Card_Removed**" with spaces or tabs as whitespaces. + string(REGEX MATCH "[ \\t]+-[ \\t]+\\|[ \\t]+\\*\\*([A-Za-z0-9_]+)\\*\\*" MATCH ${line_rst}) + if(MATCH) + list(APPEND FAILURE_CODES_RST ${CMAKE_MATCH_1}) + endif() + endforeach() + + list(LENGTH FAILURE_CODES ENUM_CODE_COUNT) + list(LENGTH FAILURE_CODES_RST RST_CODE_COUNT) + if(NOT ENUM_CODE_COUNT EQUAL RST_CODE_COUNT) + message(FATAL_ERROR + "The failure code count in FailureCode.h (${ENUM_CODE_COUNT}) does not match the count in failurecodes.rst (${RST_CODE_COUNT})!") + endif() + file(GLOB_RECURSE SOURCE_FILES src/*.cpp) foreach(code ${FAILURE_CODES}) + if(NOT code IN_LIST FAILURE_CODES_RST) + message(FATAL_ERROR + "The failure code [${code}] is not part of failurecodes.rst. This hints a missing, duplicated or incorrectly spelled code in failurecodes.rst.") + endif() + set(COUNTER 0) foreach(file ${SOURCE_FILES}) file(READ ${file} CONTENT) @@ -194,7 +216,7 @@ function(CHECK_FAILURE_CODES) math(EXPR COUNTER ${COUNTER}+${OCCURRENCES}) endforeach() if(NOT COUNTER EQUAL 1) - message(FATAL_ERROR "${code} is not used excatly one time. Found ${COUNTER}") + message(FATAL_ERROR "${code} is not used exactly one time. Found ${COUNTER}") endif() endforeach() endfunction() diff --git a/docs/CMakeLists.txt b/docs/CMakeLists.txt index 30bc1adb0..926af3e29 100644 --- a/docs/CMakeLists.txt +++ b/docs/CMakeLists.txt @@ -6,6 +6,8 @@ if(SPHINX_FOUND) SPHINX_GEN("${CMAKE_CURRENT_SOURCE_DIR}/installation" "inst" BUILDER changes html latex) SPHINX_GEN("${CMAKE_CURRENT_SOURCE_DIR}/integration" "inte" BUILDER changes html latex) + + SPHINX_GEN("${CMAKE_CURRENT_SOURCE_DIR}/failurecodes" "failurecodes" BUILDER changes html latex DEFAULT_LANG en) else() message(STATUS "No documentation will be generated") endif() diff --git a/docs/failurecodes/conf.py.in b/docs/failurecodes/conf.py.in new file mode 100644 index 000000000..712dafe44 --- /dev/null +++ b/docs/failurecodes/conf.py.in @@ -0,0 +1,168 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- + +import sys +import os +import shlex + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = '1.4' + +# If true, figures, tables and code-blocks are automatically numbered +# if they has caption. For now, it works only with the HTML builder. +# Default is False. +numfig = True + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [] + +locale_dirs = ['@SPHINX_DOCS_DIR@/locales/'] + +gettext_additional_targets = ['image'] +gettext_location = False +gettext_compact = True + +# Add any paths that contain templates here, relative to this directory. +#templates_path = ['@SPHINX_DOCS_DIR@/_templates'] + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +# source_suffix = ['.rst', '.md'] +source_suffix = '.rst' + +# The encoding of source files. +#source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = 'AusweisApp2 Failure Codes' +copyright = '2023, Governikus GmbH & Co. KG' +author = 'Governikus GmbH & Co. KG' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The short X.Y version. +version = '@PROJECT_VERSION@' +# The full version, including alpha/beta/rc tags. +release = '@VERSION_DVCS@' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = '@SPHINX_LANG@' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +#exclude_patterns = [''] + + + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +html_favicon = '@SPHINX_DOCS_DIR@/../../resources/images/desktop/npa.ico' + +#html_theme_path = ['@SPHINX_DOCS_DIR@/_themes'] + +#html_theme = 'appcast' +html_theme = 'sphinx_rtd_theme' + +# If false, no module index is generated. +html_domain_indices = True + +# If false, no index is generated. +html_use_index = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +html_show_sphinx = False + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +html_show_copyright = True + +html_scaled_image_link = False + +# Output file base name for HTML help builder. +htmlhelp_basename = 'AusweisApp2ReleaseNotes' + +html_context = { + 'display_github': False, + 'display_bitbucket': False, + 'show_source': False, + 'html_show_sourcelink': False, +} + +html_permalinks = True + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { +# The paper size ('letterpaper' or 'a4paper'). +'papersize': 'a4paper', + +# The font size ('10pt', '11pt' or '12pt'). +'pointsize': '11pt', + +# Additional stuff for the LaTeX preamble. +'preamble': ''' +\hypersetup{pdfauthor={Governikus GmbH \& Co. KG}, + pdftitle={AusweisApp2}, + pdfsubject={Failure_Codes}, + pdfkeywords={failure, codes, sdk, api}, + pdfproducer={LaTeX}, + pdfcreator={Sphinx} +} +''', + +# Override tableofcontents +'tableofcontents': ''' +\\tableofcontents +\\newpage +\\pagestyle{plain} +\\pagenumbering{arabic} +''', + +# Latex figure (float) alignment +'figure_align': 'H', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + (master_doc, 'AusweisApp2-@VERSION_DVCS@-Failure-Codes-' + language + '.tex', 'AusweisApp2 Failure Codes', + 'Governikus GmbH \& Co. KG', 'howto'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +latex_logo = '@SPHINX_DOCS_DIR@/../../resources/images/npa.png' + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +#latex_use_parts = False + +# If true, show page references after internal links. +latex_show_pagerefs = True + +# If true, show URL addresses after external links. +latex_show_urls = 'footnote' + +# Documents to append as an appendix to all manuals. +#latex_appendices = [] + +# If false, no module index is generated. +#latex_domain_indices = True diff --git a/docs/failurecodes/failurecodes.rst b/docs/failurecodes/failurecodes.rst new file mode 100644 index 000000000..1a5fe2024 --- /dev/null +++ b/docs/failurecodes/failurecodes.rst @@ -0,0 +1,574 @@ +Failure Codes +============= +The AusweisApp2 will send failure codes indicating what went wrong and where it happened as well as +how to solve it. + +Helpful tips +------------ +The following tips will help you to prevent many of the failures mentioned in the next section. +Also they assist you in receiving further guidance and help. + +.. _failure_code_card_position: + +Check ID card position +^^^^^^^^^^^^^^^^^^^^^^ +Check the position of your ID card on the smartphone or card reader. Especially with smartphones, +the field strength for the power supply of the ID card is not always sufficient. If you place your +smartphone on your ID card, please also ensure that your surface is not electrically conductive, +as this can then disrupt or prevent communication with the ID card. If all of the above does not +work, please see :ref:`failure_code_replace_card_or_card_reader`. + +.. _failure_code_contact_support: + +Contact support +^^^^^^^^^^^^^^^ +If the provided failure code did not help to resolve the issue, please contact the support +(https://www.ausweisapp.bund.de/en/help-and-support), including the error code, situation +description, and logfile, so that they can identify issues in your system configuration or +AusweisApp2. If you are using the AusweisApp2 you will find the logfile in the Help section. + +.. _failure_code_inform_service_provider: + +Inform service provider +^^^^^^^^^^^^^^^^^^^^^^^ +Directly notify the service provider if the failure code contained an incorrect TLS or service +configuration. Usually the the service provider contact information are available on the website on +which you have started the authentication. + +.. _failure_code_fix_connections_problems: + +Fix connection problems +^^^^^^^^^^^^^^^^^^^^^^^ +For any failure code that mentions connection issues in its cause, it is recommended to check your +current connection. Verify an active internet connection, by opening e.g. +https://www.ausweisapp.bund.de in the browser of your choice. This includes checking your firewall +and antivirus configuration as well as your local network hardware. Ultimately the problem may be +with your telecommunications provider, or the service provider. Please refer to the attached +\"Network_Error\" for details. If you are using the AusweisApp2, the diagnosis, which is located in +the help section, may assist you in finding issues. + +.. _failure_code_replace_card_or_card_reader: + +Replace ID card of card reader +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +It cannot be ruled out that your ID card is defective or, due to necessary updates, initially +requires more power than your current smartphone or card reader can supply. If possible, try other +card readers or smartphones. +If the ID card still does not work you might need to replace it with a new one at your responsible +authority. + + +.. _failure_codes: + +Codes +----- + + - | **User_Cancelled** + | The user canceled the workflow. In the SDK case, the user can also be a third-party + application that has disconnected from the SDK. + | **Possible Solutions:** Complete the workflow without canceling. + + - | **Card_Removed** + | Possible causes for this failure are: + | 1 Unstable NFC connection + | 2 Removal of the ID card + | 3 Removal of the card reader + | 4 Cancellation of the remote access + | **Possible Solutions:** + | 1 :ref:`failure_code_card_position` + | 2 The ID card has to be present on the reader during the whole workflow + | 3 The card reader has to be attached during the whole workflow + | 4 You must not cancel the remote access during the whole workflow + + - | **Processing_Send_Status_Failed** + | Occurs if the browser could not be told to wait longer to prevent a timeout. + | **Possible Solutions:** Change the browser. If the problem persists, + :ref:`failure_code_contact_support`. + + - | **Parse_TcToken_Invalid_Url** + | An authentication was started according to TR-03124-1 section 2.2.1.1. However, no valid + tcTokenURL was transmitted. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Parse_TcToken_Missing_Url** + | An authentication was started according to TR-03124-1 section 2.2.1.1. However, the query + "tcTokenURL" is missing. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Get_TcToken_Invalid_Url** + | An authentication was started according to TR-03124-1 section 2.2.1.1. However, no valid + tcTokenURL using the https scheme was transmitted. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Get_TcToken_Invalid_Redirect_Url** + | The tcTokenURL call was answered with a redirect. The URL provided there is invalid or does + not use the https scheme. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Get_TcToken_Invalid_Certificate_Key_Length** + | The TLS certificate transmitted by the server when retrieving the tcToken uses an insufficient + key length. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Get_TcToken_Invalid_Ephemeral_Key_Length** + | The ephemeral key length generated by the TLS handshake to get the tcToken is insufficient. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Get_TcToken_Invalid_Server_Reply** + | The server responded to the request for the tcToken neither with content nor with a + forwarding. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Get_TcToken_Empty_Data** + | The server responded to the request for the tcToken with empty content. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Get_TcToken_Invalid_Data** + | The server responded to the request for the tcToken with content that does not comply + with TR-03124-1 section 2.6. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Get_TcToken_Network_Error** + | A network error occurred while retrieving the tcToken. + | **Possible Solutions:** :ref:`failure_code_fix_connections_problems`. + + - | **Certificate_Check_Failed_No_Description** + | TR-03112-7 section 3.6.4.1 requires a description of the service provider certificate. + However, this was not transmitted by the service provider in the EAC1InputType. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Certificate_Check_Failed_No_SubjectUrl_In_Description** + | TR-03124-1 section 2.7.3 requires that the service provider's URL is included in the + description of the certificate. The URL does not exist. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Certificate_Check_Failed_Hash_Mismatch** + | TR-03124-1 section 2.7.3 requires that the hash of the certificate description matches that + stored in the certificate. These don't match. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Certificate_Check_Failed_Same_Origin_Policy_Violation** + | TR-03124-1 section 2.7.3 requires that the tcTokenUrl has the same origin as the service + provider's URL from the certificate description. This condition is not met. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Certificate_Check_Failed_Hash_Missing_In_Description** + | TR-03124-1 Section 2.7.3 requires that the hashes of all TLS certificates used are included in + the description of the service provider certificate. This condition is not met. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Pre_Verfication_No_Test_Environment** + | Occurs when the development mode of AusweisApp2 is activated and a genuine ID card is used. + | **Possible Solutions:** Disable developer mode. The use of genuine ID cards is not permitted with + activated developer mode, as this is only intended to facilitate the commissioning of services + with test ID cards. + + - | **Pre_Verfication_Invalid_Certificate_Chain** + | A certificate chain was sent from the server that is unknown to AusweisApp2. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Pre_Verfication_Invalid_Certificate_Signature** + | At least one signature in the certificate chain used by the server is incorrect. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Pre_Verfication_Certificate_Expired** + | The certificate chain used by the server is currently not valid. + | **Possible Solutions:** Make sure your system time is set correctly. If the problem persists, + see :ref:`failure_code_inform_service_provider`. + + - | **Extract_Cvcs_From_Eac1_No_Unique_At** + | The server submitted a certificate chain that contained more than one terminal certificate. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Extract_Cvcs_From_Eac1_No_Unique_Dv** + | The server transmitted a certificate chain containing more than one DV certificate. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Extract_Cvcs_From_Eac1_At_Missing** + | The server transmitted a certificate chain that does not contain a terminal certificate. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Extract_Cvcs_From_Eac1_Dv_Missing** + | The server transmitted a certificate chain that does not contain a DV certificate. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Connect_Card_Connection_Failed** + | In order to communicate with the ID card, a connection must first be established. This process + failed. + | **Possible Solutions:** :ref:`failure_code_card_position`. + + - | **Connect_Card_Eid_Inactive** + | The PIN of the card is deactivated. The card can currently only be used with the CAN for + on-site reading. + | **Possible Solutions:** When your ID card was issued, the online ID card function (the PIN) was not + activated or you had the function deactivated afterwards. You can have the function activated + at the citizens' office (Bürgeramt) or activate it with the CAN at + https://www.pin-ruecksetzbrief-bestellen.de. + + - | **Prepace_Pace_Smart_Eid_Invalidated** + | The attempt to establish a connection with a PIN to a Smart-eID failed, because all + PIN-attempts have been used. + | **Possible Solutions:** The PIN is permanently disabled after 3 failed attempts. Please set up + your Smart-eID again. + + - | **Establish_Pace_Channel_No_Active_Pin** + | An authentication was aborted by a card reader in order to replace the five-digit Transport PIN. + | **Possible Solutions:** The AusweisApp2 automatically leads the user to the PIN change to set + a six-digit PIN. If this error occurs in a third-party app, you have to start a PIN change on + your own. + + - | **Establish_Pace_Channel_Basic_Reader_No_Pin** + | An attempt was made to establish a PACE-channel with a basic reader. However the PIN, CAN, or + PUK could not be taken over after the user-input. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Establish_Pace_Channel_Puk_Inoperative** + | An attempt was made to set up a PACE channel with the PUK to unlock the PIN. However, the PUK + can no longer be used because it has already been used 10 times. + | **Possible Solutions:** The PIN can be unlocked with the PUK after three incorrect entries. + However, this is only possible ten times and you have reached that limit. However you can set + a new PIN at the citizens' office (Bürgeramt) or let it be set with the CAN at + https://www.pin-ruecksetzbrief-bestellen.de. + + - | **Establish_Pace_Channel_User_Cancelled** + | The user canceled the workflow on a comfort USB reader or a smartphone as a card reader + with keyboard mode enabled. + | **Possible Solutions:** Complete the workflow without canceling. + + - | **Maintain_Card_Connection_Pace_Unrecoverable** + | An error occurred while setting up the PACE channel that was not due to user error. + | **Possible Solutions:** The connection to the ID card could not be established with the PIN, + CAN, or PUK. The entered passwords have no influence on this. Please note + :ref:`failure_code_card_position`. + + - | **Did_Authenticate_Eac1_Card_Command_Failed** + | The 4th card command of the terminal authentication according to TR-0110-3 section B.3 failed. + | **Possible Solutions:** :ref:`failure_code_card_position`. + + - | **Process_Certificates_From_Eac2_Cvc_Chain_Missing** + | When setting up the PACE channel with PIN or CAN, the ID card communicated which certificate it + knew. However, the server sent a certificate chain that does not contain this certificate. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Did_Authenticate_Eac2_Invalid_Cvc_Chain** + | When setting up the PACE channel with PIN or CAN, the ID card communicated which certificate it + knew. However, the server sent a certificate chain that does not contain this certificate. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Did_Authenticate_Eac2_Card_Command_Failed** + | A terminal or chip authentication card command according to TR-0110-3 sections B.2 and B.3 + failed. + | **Possible Solutions:** :ref:`failure_code_card_position`. + + - | **Generic_Send_Receive_Paos_Unhandled** + | A message was sent by the server in the PAOS communication during authentication, that + could be completely processed. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Generic_Send_Receive_Network_Error** + | A network error has occurred in the PAOS communication during authentication. + | **Possible Solutions:** :ref:`failure_code_fix_connections_problems`. + + - | **Generic_Send_Receive_Ssl_Error** + | An authentication error occurred in the PAOS communication during the TLS handshake. The TLS + certificate is incorrect. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Generic_Send_Receive_Server_Error** + | A server error 5xx occurred in the PAOS communication during authentication. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Generic_Send_Receive_Client_Error** + | A client error 4xx occurred in the PAOS communication during authentication. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Generic_Send_Receive_Paos_Unknown** + | An unknown message was sent by the server in the PAOS communication during authentication. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Generic_Send_Receive_Paos_Unexpected** + | An unexpected message was sent by the server in the PAOS communication during authentication. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Generic_Send_Receive_Invalid_Ephemeral_Key_Length** + | The symmetric key generated by the TLS handshake for PAOS communication is not long enough. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Generic_Send_Receive_Certificate_Error** + | The TLS certificate for PAOS communication uses key lengths that are too small or is not + included in the description of the service provider certificate. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Generic_Send_Receive_Session_Resumption_Failed** + | Failed to resume TLS session during PAOS communication. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Transmit_Card_Command_Failed** + | During authentication, card commands transmitted in PAOS communication could not be correctly + transmitted to the card. + | **Possible Solutions:** :ref:`failure_code_card_position`. + + - | **Start_Paos_Response_Missing** + | The message "StartPaosResponse" from the server could not be evaluated because it does not + exist. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Start_Paos_Response_Error** + | The "StartPaosResponse" message from the server returned an error. The AusweisApp2 or the ID card + did not behave as expected by the server. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Check_Refresh_Address_Fatal_Ssl_Error_Before_Reply** + | An error occurred during the TLS handshake when checking the return address after a successful + authentication. The TLS certificate is incorrect. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Check_Refresh_Address_Invalid_Ephemeral_Key_Length** + | The symmetric key generated by the TLS handshake when calling the return address is not long + enough. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Check_Refresh_Address_Service_Unavailable** + | The return address cannot be reached. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Check_Refresh_Address_Service_Timeout** + | The call to the return address did not provide an answer within 30 seconds. + | **Possible Solutions:** :ref:`failure_code_fix_connections_problems`. + + - | **Check_Refresh_Address_Proxy_Error** + | A proxy server was configured by the operating system or the settings of AusweisApp2. This + didn't work for checking the return address. + | **Possible Solutions:** :ref:`failure_code_fix_connections_problems`. + + - | **Check_Refresh_Address_Fatal_Ssl_Error_After_Reply** + | When checking the return address after successful authentication, the TLS handshake could not + be completed successfully. + | **Possible Solutions:** :ref:`failure_code_fix_connections_problems`. + + - | **Check_Refresh_Address_Unknown_Network_Error** + | A unknown error occurred when checking the return address after successful authentication. + | **Possible Solutions:** :ref:`failure_code_fix_connections_problems`. + + - | **Check_Refresh_Address_Invalid_Http_Response** + | The call to the return address did not result in forwarding. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Check_Refresh_Address_Empty** + | The call to the return address led to a redirect but no URL was supplied. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Check_Refresh_Address_Invalid_Url** + | The call to the return address led to a redirect, but no correct URL was supplied. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Check_Refresh_Address_No_Https_Scheme** + | The call to the return address led to a redirect, but delivered an URL without https scheme. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Check_Refresh_Address_Fetch_Certificate_Error** + | The server certificate could not be obtained after tracing all redirects. + | **Possible Solutions:** :ref:`failure_code_fix_connections_problems`. + + - | **Check_Refresh_Address_Unsupported_Certificate** + | The check of the return address after a successful authentication was interrupted because the + server uses a TLS certificate with unsupported algorithms or key lengths. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Check_Refresh_Address_Hash_Missing_In_Certificate** + | The server certificate of the return address is not included in the description of the service + provider certificate. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Redirect_Browser_Send_Error_Page_Failed** + | Like Redirect_Browser_Send_Redirect_Failed. However, this only applies to desktop systems, as + the AusweisApp2 only generates an error page there if no error address is available for + forwarding by the service provider. On mobile systems, the error details are displayed in the + AusweisApp2. + | **Possible Solutions:** If the problem occurs repeatedly and changing the browser does not + help, please :ref:`failure_code_contact_support`. + + - | **Redirect_Browser_Send_Redirect_Failed** + | On desktop systems, the web browser waits for a response from AusweisApp2 after starting + authentication. However, for unknown reasons, the web browser did not wait long enough for the + response to be sent. On mobile systems it was not possible to open the answer in a web + browser. + | **Possible Solutions:** If the problem occurs repeatedly and changing the browser does not + help, please :ref:`failure_code_contact_support`. + + - | **Generic_Provider_Communication_Network_Error** + | A network error occurred while communicating with a service provider. This only applies to + services that are started from AusweisApp2, such as self-authentication. + | **Possible Solutions:** :ref:`failure_code_fix_connections_problems`. + + - | **Generic_Provider_Communication_Invalid_Ephemeral_Key_Length** + | When communicating with a service provider, the symmetric key generated by the TLS handshake + is not long enough. This only applies to services that are started from AusweisApp2, such as + self-authentication. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Generic_Provider_Communication_Certificate_Error** + | When communicating with a service provider, the TLS certificate uses key lengths that are + insufficient. This only applies to services that are started from AusweisApp2, such as + self-authentication. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Generic_Provider_Communication_Ssl_Error** + | An error occurred during the TLS handshake when communicating with a service provider. The TLS + certificate is incorrect. This only applies to services that are started from AusweisApp2, + such as self-authentication. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Get_SelfAuthData_Invalid_Or_Empty** + | The authentication for the self-authentication was completed + successfully, but the server then did not transmit the read data correctly. + | **Possible Solutions:** :ref:`failure_code_inform_service_provider`. + + - | **Change_Pin_No_SetEidPinCommand_Response** + | The AusweisApp2 sent a PIN change command to its core, but received an answer for a + different command. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Change_Pin_Input_Timeout** + | When changing a PIN, the user took too long to set the new PIN. Timeouts are currently only + known from card readers with a PIN pad, which also affects smartphones as card readers with + activated keyboard mode. + | **Possible Solutions:** Enter the PIN within 60 seconds. + + - | **Change_Pin_User_Cancelled** + | The user canceled the PIN change after entering the current valid PIN. Can only occur with + card readers with a PIN pad, which also affects smartphones as card readers with activated + keyboard mode. + | **Possible Solutions:** Carry out the PIN change without abortion. + + - | **Change_Pin_New_Pin_Mismatch** + | When changing a PIN, the user entered an incorrect confirmation of the new PIN. Can only occur + with USB card readers with a PIN pad. Smartphone as a card reader with activated keyboard mode + does not allow this behavior. + | **Possible Solutions:** Confirm the new PIN correctly. + + - | **Change_Pin_New_Pin_Invalid_Length** + | When changing a PIN, the user entered a new PIN with an incorrect length. Can only occur with + USB card readers with a PIN pad. However, there is no known device/case that allows this + possibility. Smartphone as a card reader with activated keyboard mode does not allow this + behavior. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Change_Pin_Unexpected_Transmit_Status** + | The command to change the PIN has been transmitted and answered. However, the answer is blank, + unknown, or unexpected. + | **Possible Solutions:** :ref:`failure_code_card_position`. + + - | **Change_Pin_Card_New_Pin_Mismatch** + | Like Change_Pin_New_Pin_Mismatch but at a higher protocol level. + | **Possible Solutions:** Confirm the new PIN correctly. + + - | **Change_Pin_Card_User_Cancelled** + | Like Change_Pin_User_Cancelled but at a higher log level. + | **Possible Solutions:** Carry out the PIN change without abortion. + + - | **Start_Ifd_Service_Failed** + | The IFD service according to TR-03112-6 appendix "IFD Service" could not be started. Either no + suitable TLS certificate could be found/generated or the start of the TLS server failed. This + applies to both remote access and the local service of AusweisApp2 on Android that is used + through the SDK. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Prepare_Pace_Ifd_Unknown** + | The establishment of a PACE channel was requested by the client on a smartphone as a card + reader with activated keyboard mode. However, an unsupported password type was requested (PIN, + CAN, PUK are supported). + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Establish_Pace_Ifd_Unknown** + | The establishment of a PACE channel was requested by the client on a smartphone as a card + reader with activated keyboard mode. However, an unsupported password type was requested (PIN, + CAN, PUK are supported). + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Enter_Pace_Password_Ifd_User_Cancelled** + | Occurs when the user canceled entering the PIN, CAN, or PUK on a smartphone acting as a card + reader with keyboard mode enabled. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Enter_New_Pace_Pin_Ifd_User_Cancelled** + | Occurs when the user has canceled entering the new PIN during a PIN change on a smartphone + acting as a card reader with keyboard mode enabled. + | **Possible Solutions:** :ref:`failure_code_contact_support`. + + - | **Transmit_Personalization_Size_Mismatch** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Start_Paos_Response_Personalization_Empty** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Start_Paos_Response_Personalization_Invalid** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Prepare_Applet_User_Cancelled** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Prepare_Applet_Status_Call_Failed** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Prepare_Applet_Installation_Loop** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Prepare_Applet_Installation_Failed** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Prepare_Applet_Unavailable** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Prepare_Applet_Delete_Personalization_Failed** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Prepare_Applet_UpdateInfo_Call_Failed** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Prepare_Applet_Delete_Smart_Failed** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Insert_Card_No_SmartReader** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Insert_Card_Multiple_SmartReader** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Insert_Card_Unknown_Eid_Type** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Insert_Card_HW_Keystore** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Insert_Card_Invalid_SmartReader** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Insert_Card_Missing_Card** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Initialize_Personalization_Failed** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Get_Session_Id_Invalid** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Get_Challenge_Invalid** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Finalize_Personalization_Failed** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Change_Smart_Pin_Failed** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Check_Status_Unavailable** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Check_Applet_Error** + | Is not yet included in the product and will only be relevant with version 2.0.0. + + - | **Check_Applet_Unavailable** + | Is not yet included in the product and will only be relevant with version 2.0.0. + +.. _failure_code_solutions: diff --git a/docs/failurecodes/index.rst b/docs/failurecodes/index.rst new file mode 100644 index 000000000..e0b04691b --- /dev/null +++ b/docs/failurecodes/index.rst @@ -0,0 +1,23 @@ +.. only:: html + + .. image:: ../sdk/Logo_AusweisApp2.png + :alt: AusweisApp2 + :align: center + :width: 200pt + + | + + + + + +Table of contents +----------------- + +.. toctree:: + :maxdepth: 2 + + intro + failurecodes + + diff --git a/docs/failurecodes/intro.rst b/docs/failurecodes/intro.rst new file mode 100644 index 000000000..59c38b45e --- /dev/null +++ b/docs/failurecodes/intro.rst @@ -0,0 +1,7 @@ +Introduction +============ +This documentation will list all failure codes that may occur while using the AusweisApp2 or the +AusweisApp2 SDK. +In addition to detailed information on where and why an error occurred, possible solutions are +provided as well. +Furthermore there will be first guidance to prevent many of the causes that will be mentioned. diff --git a/docs/failurecodes/locales/de/LC_MESSAGES/failurecodes.po b/docs/failurecodes/locales/de/LC_MESSAGES/failurecodes.po new file mode 100644 index 000000000..f99714f26 --- /dev/null +++ b/docs/failurecodes/locales/de/LC_MESSAGES/failurecodes.po @@ -0,0 +1,1234 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) 2023, Governikus GmbH & Co. KG +# This file is distributed under the same license as the AusweisApp2 Failure +# Codes package. +# FIRST AUTHOR , 2023. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: AusweisApp2 Failure Codes 1.26.3\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2023-03-29 14:12+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language: de\n" +"Language-Team: de \n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Generated-By: Babel 2.12.1\n" + +msgid "Failure Codes" +msgstr "Fehlercodes" + +msgid "" +"The AusweisApp2 will send failure codes indicating what went wrong and " +"where it happened as well as how to solve it." +msgstr "" +"Die AusweisApp2 sendet Fehlercodes, um mitzuteilen, welche Fehler an " +"welcher Stelle aufgetreten sind und wie sie behoben werden können." + +msgid "Helpful tips" +msgstr "Hilfreiche Tipps" + +msgid "" +"The following tips will help you to prevent many of the failures " +"mentioned in the next section. Also they assist you in receiving further " +"guidance and help." +msgstr "" +"Die folgenden Tipps helfen, eine Vielzahl der im Nachfolgenden " +"beschriebenen Fehlersituationen zu verhindern oder an weiterführende " +"Hilfestellung zu gelangen." + +msgid "Check ID card position" +msgstr "Ausweis-Position überprüfen" + +msgid "" +"Check the position of your ID card on the smartphone or card reader. " +"Especially with smartphones, the field strength for the power supply of " +"the ID card is not always sufficient. If you place your smartphone on " +"your ID card, please also ensure that your surface is not electrically " +"conductive, as this can then disrupt or prevent communication with the ID" +" card. If all of the above does not work, please see " +":ref:`failure_code_replace_card_or_card_reader`." +msgstr "" +"Überprüfen Sie die Position Ihres Ausweises auf dem Smartphone oder " +"Kartenleser. Speziell bei Smartphones ist die Feldstärke für die " +"Stromversorgung des Ausweises nicht immer ausreichend. Sollten Sie Ihr " +"Smartphone auf Ihren Ausweis legen, achten Sie bitte auch darauf, dass " +"die Oberfläche nicht elektrisch leitend ist, da diese dann die " +"Kommunikation mit dem Ausweis stört bzw. verhindern kann. Falls keiner " +"der genannten Tipps hilft, lesen Sie bitte " +":ref:`failure_code_replace_card_or_card_reader`." + +msgid "Contact support" +msgstr "Support kontaktieren" + +msgid "" +"If the provided failure code did not help to resolve the issue, please " +"contact the support (https://www.ausweisapp.bund.de/en/help-and-support)," +" including the error code, situation description, and logfile, so that " +"they can identify issues in your system configuration or AusweisApp2. If " +"you are using the AusweisApp2 you will find the logfile in the Help " +"section." +msgstr "" +"Wenn der gezeigte Fehlercode Ihnen nicht hilft, das Problem eigenständig zu lösen, kontaktieren " +"Sie unseren Support (https://www.ausweisapp.bund.de/hilfe-und-support), inklusive dem " +"Fehlercode, einer Situationsbeschreibung und einer Protokolldatei, um Probleme in Ihrer " +"Systemkonfiguration oder der AusweisApp2 zu identifizieren. Wenn Sie die " +"AusweisApp2 verwenden, finden Sie die Protokolldatei im Hilfebereich." + +msgid "Inform service provider" +msgstr "Diensteanbieter informieren" + +msgid "" +"Directly notify the service provider if the failure code contained an " +"incorrect TLS or service configuration. Usually the the service provider " +"contact information are available on the website on which you have " +"started the authentication." +msgstr "" +"Bitte wenden Sie sich für Fehlercodes, welche eine ungültige TLS- oder Dienstekonfiguration " +"beinhalten direkt an den jeweiligen Diensteanbieter. Sie finden die Kontaktinformationen zum " +"jeweiligen Diensteanbieter i.d.R. auf der Website, auf der Sie eine Authentisierung gestartet " +"haben." + +msgid "Fix connection problems" +msgstr "Verbindungsprobleme beheben" + +msgid "" +"For any failure code that mentions connection issues in its cause, it is " +"recommended to check your current connection. Verify an active internet " +"connection, by opening e.g. https://www.ausweisapp.bund.de in the browser" +" of your choice. This includes checking your firewall and antivirus " +"configuration as well as your local network hardware. Ultimately the " +"problem may be with your telecommunications provider, or the service " +"provider. Please refer to the attached \\\"Network_Error\\\" for details." +" If you are using the AusweisApp2, the diagnosis, which is located in the" +" help section, may assist you in finding issues." +msgstr "" +"Bei sämtlichen Fehlercodes, welche Verbindungsprobleme als Ursache aufzeigen, empfiehlt sich " +"vorab eine Überprüfung der aktuellen Internetverbindung. Stellen Sie dazu eine aktive " +"Internetverbindung sicher, indem Sie z.B. https://www.ausweisapp.bund.de im Browser Ihrer Wahl " +"öffnen. Prüfen Sie auch Ihre Firewall- und Antivirus-Einstellungen, sowie Ihre lokale " +"Netzwerkhardware. Schlussendlich kann das Problem auch bei Ihrem " +"Telekommunikationsanbieter oder dem Diensteanbieter liegen. Details " +"entnehmen Sie bitte dem beiliegenden \"Network_Error\". Sofern Sie die AusweisApp2 verwenden, " +"können die Diagnosefunktionen im Hilfebereich bei der Problemfeststellung unterstützen." + +msgid "Replace ID card of card reader" +msgstr "Ausweis oder Kartenleser ersetzen" + +msgid "" +"It cannot be ruled out that your ID card is defective or, due to " +"necessary updates, initially requires more power than your current " +"smartphone or card reader can supply. If possible, try other card readers" +" or smartphones. If the ID card still does not work you might need to " +"replace it with a new one at your responsible authority." +msgstr "" +"Es kann nicht ausgeschlossen werden, dass Ihr Ausweis defekt ist oder " +"aufgrund notwendiger Updates zunächst mehr Strom benötigt, als Ihr " +"aktuelles Smartphone oder Kartenleser liefern kann. Probieren Sie nach " +"Möglichkeit weitere Kartenleser oder Smartphones. Falls Ihr Ausweis dann " +"immer noch nicht funktioniert, müssen Sie ihn möglicherweise bei Ihrer " +"zuständigen Behörde ersetzen." + +msgid "Codes" +msgstr "" + +msgid "**User_Cancelled**" +msgstr "" + +msgid "" +"The user canceled the workflow. In the SDK case, the user can also be a " +"third-party application that has disconnected from the SDK." +msgstr "" +"Der Benutzer hat den Arbeitsablauf abgebrochen. Im SDK-Fall kann der " +"\"Benutzer\" auch eine Fremdanwendung sein, welche die Verbindung zum SDK " +"getrennt hat." + +msgid "**Possible Solutions:** Complete the workflow without canceling." +msgstr "**Mögliche Lösungen:** Den Vorgang ohne Abbruch durchführen." + +msgid "**Card_Removed**" +msgstr "" + +msgid "Possible causes for this failure are:" +msgstr "Mögliche Ursachen für diesen Fehler sind:" + +msgid "1 Unstable NFC connection" +msgstr "1 Instabile NFC-Verbindung" + +msgid "2 Removal of the ID card" +msgstr "2 Die Karte wurde entfernt" + +msgid "3 Removal of the card reader" +msgstr "3 Der Kartenleser wurde entfernt" + +msgid "4 Cancellation of the remote access" +msgstr "4 Der Fernzugriff wurde gestoppt" + +msgid "**Possible Solutions:**" +msgstr "**Mögliche Lösungen:**" + +msgid "1 :ref:`failure_code_card_position`" +msgstr "1 :ref:`failure_code_card_position`" + +msgid "2 The ID card has to be present on the reader during the whole workflow" +msgstr "2 Die Karte muss während des gesamten Vorgangs verfügbar sein" + +msgid "3 The card reader has to be attached during the whole workflow" +msgstr "3 Der Kartenleser muss während des gesamten Vorgangs angeschlossen sein" + +msgid "4 You must not cancel the remote access during the whole workflow" +msgstr "4 Sie dürfen den Fernzugriff nicht während des Vorgangs stoppen" + +msgid "**Processing_Send_Status_Failed**" +msgstr "" + +msgid "" +"Occurs if the browser could not be told to wait longer to prevent a " +"timeout." +msgstr "" +"Tritt auf, wenn dem Browser nicht mitgeteilt werden kann, dass dieser " +"noch auf das Ergebnis warten muss um ein Timeout zu verhindern." + +msgid "" +"**Possible Solutions:** Change the browser. If the problem persists, " +":ref:`failure_code_contact_support`." +msgstr "" +"**Mögliche Lösungen:** Versuchen Sie einen anderen Browser. Falls das Problem bestehen bleibt, " +"beachten Sie :ref:`failure_code_contact_support`." + +msgid "**Parse_TcToken_Invalid_Url**" +msgstr "" + +msgid "" +"An authentication was started according to TR-03124-1 section 2.2.1.1. " +"However, no valid tcTokenURL was transmitted." +msgstr "" +"Eine Authentisierung wurde gemäß TR-03124-1 Abschnitt 2.2.1.1 gestartet. " +"Es wurde aber keine gültige tcTokenURL übermittelt." + +msgid "**Possible Solutions:** :ref:`failure_code_inform_service_provider`." +msgstr "**Mögliche Lösungen:** :ref:`failure_code_inform_service_provider`." + +msgid "**Parse_TcToken_Missing_Url**" +msgstr "" + +msgid "" +"An authentication was started according to TR-03124-1 section 2.2.1.1. " +"However, the query \"tcTokenURL\" is missing." +msgstr "" +"Eine Authentisierung wurde gemäß TR-03124-1 Abschnitt 2.2.1.1 gestartet. " +"Es fehlt jedoch der Query „tcTokenURL“." + +msgid "**Get_TcToken_Invalid_Url**" +msgstr "" + +msgid "" +"An authentication was started according to TR-03124-1 section 2.2.1.1. " +"However, no valid tcTokenURL using the https scheme was transmitted." +msgstr "" +"Eine Authentisierung wurde gemäß TR-03124-1 Abschnitt 2.2.1.1 gestartet. " +"Es wurde aber keine gültige tcTokenURL übermittelt, die das https-Schema " +"benutzt." + +msgid "**Get_TcToken_Invalid_Redirect_Url**" +msgstr "" + +msgid "" +"The tcTokenURL call was answered with a redirect. The URL provided there " +"is invalid or does not use the https scheme." +msgstr "" +"Der Aufruf der tcTokenURL wurde mit einer Weiterleitung beantwortet. Die " +"dort gelieferte URL ist ungültig oder nutzt kein https-Schema." + +msgid "**Get_TcToken_Invalid_Certificate_Key_Length**" +msgstr "" + +msgid "" +"The TLS certificate transmitted by the server when retrieving the tcToken" +" uses an insufficient key length." +msgstr "" +"Das vom Server übermittelte TLS-Zertifikat beim Abruf des tcToken nutzt " +"eine unzureichende Schlüssellänge." + +msgid "**Get_TcToken_Invalid_Ephemeral_Key_Length**" +msgstr "" + +msgid "" +"The ephemeral key length generated by the TLS handshake to get the " +"tcToken is insufficient." +msgstr "" +"Die durch den TLS-Handshake generierte Schlüssellänge für den Abruf des " +"tcToken ist unzureichend." + +msgid "**Get_TcToken_Invalid_Server_Reply**" +msgstr "" + +msgid "" +"The server responded to the request for the tcToken neither with content " +"nor with a forwarding." +msgstr "" +"Der Server hat auf die Anfrage nach dem tcToken weder mit einem korrekten" +" Inhalt noch mit einer Weiterleitung reagiert." + +msgid "**Get_TcToken_Empty_Data**" +msgstr "" + +msgid "The server responded to the request for the tcToken with empty content." +msgstr "" +"Der Server hat auf die Anfrage nach dem tcToken mit leerem Inhalt " +"reagiert." + +msgid "**Get_TcToken_Invalid_Data**" +msgstr "" + +msgid "" +"The server responded to the request for the tcToken with content that " +"does not comply with TR-03124-1 section 2.6." +msgstr "" +"Der Server hat auf die Anfrage nach dem tcToken mit Inhalt geantwortet, " +"der nicht TR-03124-1 Abschnitt 2.6 entspricht." + +msgid "**Get_TcToken_Network_Error**" +msgstr "" + +msgid "A network error occurred while retrieving the tcToken." +msgstr "Bei dem Abruf des tcToken ist ein Netzwerkfehler aufgetreten." + +msgid "**Possible Solutions:** :ref:`failure_code_fix_connections_problems`." +msgstr "**Mögliche Lösungen:** :ref:`failure_code_fix_connections_problems`." + +msgid "**Certificate_Check_Failed_No_Description**" +msgstr "" + +msgid "" +"TR-03112-7 section 3.6.4.1 requires a description of the service provider" +" certificate. However, this was not transmitted by the service provider " +"in the EAC1InputType." +msgstr "" +"TR-03112-7 Abschnitt 3.6.4.1 erfordert eine Beschreibung des " +"Diensteanbieter-Zertifikats. Diese wurde im EAC1InputType jedoch vom " +"Diensteanbieter nicht übermittelt." + +msgid "**Certificate_Check_Failed_No_SubjectUrl_In_Description**" +msgstr "" + +msgid "" +"TR-03124-1 section 2.7.3 requires that the service provider's URL is " +"included in the description of the certificate. The URL does not exist." +msgstr "" +"TR-03124-1 Abschnitt 2.7.3 erfordert, dass die URL des Diensteanbieters " +"in der Beschreibung des Zertifikats enthalten ist. Die URL ist nicht " +"vorhanden." + +msgid "**Certificate_Check_Failed_Hash_Mismatch**" +msgstr "" + +msgid "" +"TR-03124-1 section 2.7.3 requires that the hash of the certificate " +"description matches that stored in the certificate. These don't match." +msgstr "" +"TR-03124-1 Abschnitt 2.7.3 erfordert, dass der Hash der " +"Zertifikatsbeschreibung dem entspricht, der im Zertifikat hinterlegt " +"wurde. Diese stimmen nicht überein." + +msgid "**Certificate_Check_Failed_Same_Origin_Policy_Violation**" +msgstr "" + +msgid "" +"TR-03124-1 section 2.7.3 requires that the tcTokenUrl has the same origin" +" as the service provider's URL from the certificate description. This " +"condition is not met." +msgstr "" +"TR-03124-1 Abschnitt 2.7.3 erfordert, dass die tcTokenUrl den selben " +"Ursprung hat wie die URL des Diensteanbieters aus der Beschreibung des " +"Zertifikats. Diese Bedingung ist nicht erfüllt." + +msgid "**Certificate_Check_Failed_Hash_Missing_In_Description**" +msgstr "" + +msgid "" +"TR-03124-1 Section 2.7.3 requires that the hashes of all TLS certificates" +" used are included in the description of the service provider " +"certificate. This condition is not met." +msgstr "" +"TR-03124-1 Abschnitt 2.7.3 erfordert, dass die Hashes aller verwendeten " +"TLS-Zertifikate in der Beschreibung des Diensteanbieterzertifikats " +"enthalten sind. Diese Bedingung ist nicht erfüllt." + +msgid "**Pre_Verfication_No_Test_Environment**" +msgstr "" + +msgid "" +"Occurs when the development mode of AusweisApp2 is activated and a " +"genuine ID card is used." +msgstr "" +"Tritt auf, wenn der Entwicklermodus der AusweisApp2 aktiviert ist und ein" +" Echtausweis verwendet wird." + +msgid "" +"**Possible Solutions:** Disable developer mode. The use of genuine ID " +"cards is not permitted with activated developer mode, as this is only " +"intended to facilitate the commissioning of services with test ID cards." +msgstr "" +"**Mögliche Lösungen:** Deaktivieren des Entwicklermodus. Die Nutzung von " +"Echtausweisen ist mit aktiviertem Entwicklermodus nicht gestattet, da " +"dieser nur die Inbetriebnahme von Diensten mit Testausweisen erleichtern " +"soll." + +msgid "**Pre_Verfication_Invalid_Certificate_Chain**" +msgstr "" + +msgid "" +"A certificate chain was sent from the server that is unknown to " +"AusweisApp2." +msgstr "" +"Vom Server wurde eine Zertifikatskette gesendet, die der AusweisApp2 " +"nicht bekannt ist." + +msgid "**Pre_Verfication_Invalid_Certificate_Signature**" +msgstr "" + +msgid "" +"At least one signature in the certificate chain used by the server is " +"incorrect." +msgstr "" +"Mindestens eine Signatur in der vom Server genutzten Zertifikatskette ist" +" nicht korrekt." + +msgid "**Pre_Verfication_Certificate_Expired**" +msgstr "" + +msgid "The certificate chain used by the server is currently not valid." +msgstr "" +"Die vom Server genutzte Zertifikatskette ist zum aktuellen Zeitpunkt " +"nicht gültig." + +msgid "" +"**Possible Solutions:** Make sure your system time is set correctly. If " +"the problem persists, see :ref:`failure_code_inform_service_provider`." +msgstr "" +"**Mögliche Lösungen:** Stellen Sie sicher, dass Ihre Systemzeit korrekt " +"eingestellt ist. Falls das Problem weiterhin auftritt, beachten Sie auch " +":ref:`failure_code_inform_service_provider`." + +msgid "**Extract_Cvcs_From_Eac1_No_Unique_At**" +msgstr "" + +msgid "" +"The server submitted a certificate chain that contained more than one " +"terminal certificate." +msgstr "" +"Der Server hat eine Zertifikatskette übermittelt, in der mehr als ein " +"Terminal-Zertifikat enthalten ist." + +msgid "**Extract_Cvcs_From_Eac1_No_Unique_Dv**" +msgstr "" + +msgid "" +"The server transmitted a certificate chain containing more than one DV " +"certificate." +msgstr "" +"Der Server hat eine Zertifikatskette übermittelt, in der mehr als ein DV-" +"Zertifikat enthalten ist." + +msgid "**Extract_Cvcs_From_Eac1_At_Missing**" +msgstr "" + +msgid "" +"The server transmitted a certificate chain that does not contain a " +"terminal certificate." +msgstr "" +"Der Server hat eine Zertifikatskette übermittelt, in der kein Terminal-" +"Zertifikat enthalten ist." + +msgid "**Extract_Cvcs_From_Eac1_Dv_Missing**" +msgstr "" + +msgid "" +"The server transmitted a certificate chain that does not contain a DV " +"certificate." +msgstr "" +"Der Server hat eine Zertifikatskette übermittelt, in der kein DV-" +"Zertifikat enthalten ist." + +msgid "**Connect_Card_Connection_Failed**" +msgstr "" + +msgid "" +"In order to communicate with the ID card, a connection must first be " +"established. This process failed." +msgstr "" +"Für die Kommunikation mit der Karte muss zunächst eine Verbindung " +"hergestellt werden. Dieser Prozess ist fehlgeschlagen." + +msgid "**Possible Solutions:** :ref:`failure_code_card_position`." +msgstr "**Mögliche Lösungen:** :ref:`failure_code_card_position`." + +msgid "**Connect_Card_Eid_Inactive**" +msgstr "" + +msgid "" +"The PIN of the card is deactivated. The card can currently only be used " +"with the CAN for on-site reading." +msgstr "" +"Die PIN der Karte ist deaktiviert. Die Karte kann derzeit nur mit der CAN" +" beim Vor-Ort-Auslesen verwendet werden." + +msgid "" +"**Possible Solutions:** When your ID card was issued, the online ID card " +"function (the PIN) was not activated or you had the function deactivated " +"afterwards. You can have the function activated at the citizens' office " +"(Bürgeramt) or activate it with the CAN at https://www.pin-" +"ruecksetzbrief-bestellen.de." +msgstr "" +"**Mögliche Lösungen:** Bei der Ausgabe Ihres Ausweises wurde die Online-" +"Ausweisfunktion (die PIN) nicht aktiviert oder Sie haben die Funktion im " +"Nachhinein deaktivieren lassen. Sie können die Funktion im Bürgeramt " +"aktivieren lassen oder auf https://www.pin-ruecksetzbrief-bestellen.de " +"mit der CAN aktivieren." + +msgid "**Prepace_Pace_Smart_Eid_Invalidated**" +msgstr "" + +msgid "" +"The attempt to establish a connection with a PIN to a Smart-eID failed, " +"because all PIN-attempts have been used." +msgstr "" +"Der Versuch eine Verbindung mit der PIN zu einer Smart-eID aufzubauen ist" +" gescheitert, da bereits alle verfügbaren PIN-Versuche aufgebraucht " +"wurden." + +msgid "" +"**Possible Solutions:** The PIN is permanently disabled after 3 failed " +"attempts. Please set up your Smart-eID again." +msgstr "" +"**Mögliche Lösungen:** Im Gegensatz zu einem Ausweis kann die PIN nach 3 " +"Fehlversuchen nicht freigeschaltet werden. Bitte richten Sie Ihre Smart-" +"eID erneut ein." + +msgid "**Establish_Pace_Channel_No_Active_Pin**" +msgstr "" + +msgid "" +"An authentication was aborted by a card reader in order to replace the " +"five-digit Transport PIN." +msgstr "" +"Eine Authentisierung wurde von einem Kartenleser abgebrochen, um die " +"fünfstellige Transport-PIN zu ersetzen." + +msgid "" +"**Possible Solutions:** The AusweisApp2 automatically leads the user to " +"the PIN change to set a six-digit PIN. If this error occurs in a third-" +"party app, you have to start a PIN change on your own." +msgstr "" +"**Mögliche Lösungen:** Die AusweisApp2 führt den Benutzer direkt zur PIN-" +"Änderung, damit dieser eine sechsstellige PIN festlegen kann. Tritt der " +"Fall im SDK auf, muss sich die Anwendung selbst darum kümmern." + +msgid "**Establish_Pace_Channel_Basic_Reader_No_Pin**" +msgstr "" + +msgid "" +"An attempt was made to establish a PACE-channel with a basic reader. " +"However the PIN, CAN, or PUK could not be taken over after the user-" +"input." +msgstr "" +"Bei der Verwendung eines Basislesers wurde versucht ein PACE-Kanal " +"aufzubauen. Jedoch wurde die PIN, CAN oder PUK nach der Nutzereingabe nicht übernommen." + +msgid "**Possible Solutions:** :ref:`failure_code_contact_support`." +msgstr "**Mögliche Lösungen:** :ref:`failure_code_contact_support`." + +msgid "**Establish_Pace_Channel_Puk_Inoperative**" +msgstr "" + +msgid "" +"An attempt was made to set up a PACE channel with the PUK to unlock the " +"PIN. However, the PUK can no longer be used because it has already been " +"used 10 times." +msgstr "" +"Es wurde versucht ein PACE-Kanal mit der PUK aufzubauen um die PIN zu " +"entsperren. Die PUK ist jedoch nicht mehr nutzbar, da sie bereits zehn " +"Mal verwendet wurde." + +msgid "" +"**Possible Solutions:** The PIN can be unlocked with the PUK after three " +"incorrect entries. However, this is only possible ten times and you have " +"reached that limit. However you can set a new PIN at the citizens' office" +" (Bürgeramt) or let it be set with the CAN at https://www.pin-" +"ruecksetzbrief-bestellen.de." +msgstr "" +"**Mögliche Lösungen:** Die PIN kann nach dreimaliger Falscheingabe mit " +"der PUK freigeschaltet werden. Dies ist jedoch nur zehn Mal möglich und " +"Sie haben diese Grenze erreicht. Sie können dennoch im Bürgeramt eine " +"neue PIN setzen oder auf https://www.pin-ruecksetzbrief-bestellen.de mit " +"der CAN setzen lassen." + +msgid "**Establish_Pace_Channel_User_Cancelled**" +msgstr "" + +msgid "" +"The user canceled the workflow on a comfort USB reader or a smartphone as" +" a card reader with keyboard mode enabled." +msgstr "" +"Der Benutzer hat den Arbeitsablauf auf einem USB-Komfortleser oder einem " +"Smartphone als Kartenleser mit aktiviertem Tastaturmodus abgebrochen." + +msgid "**Maintain_Card_Connection_Pace_Unrecoverable**" +msgstr "" + +msgid "" +"An error occurred while setting up the PACE channel that was not due to " +"user error." +msgstr "" +"Beim Aufbau des PACE-Kanals ist ein Fehler aufgetreten, der nicht auf " +"Benutzerfehler zurückzuführen ist." + +msgid "" +"**Possible Solutions:** The connection to the ID card could not be " +"established with the PIN, CAN, or PUK. The entered passwords have no " +"influence on this. Please note :ref:`failure_code_card_position`." +msgstr "" +"**Mögliche Lösungen:** Die Verbindung zum Ausweis konnte mit der PIN, CAN" +" oder PUK nicht hergestellt werden. Die eingegebenen Passwörter haben " +"darauf keinen Einfluss. Bitte beachten Sie " +":ref:`failure_code_card_position`." + +msgid "**Did_Authenticate_Eac1_Card_Command_Failed**" +msgstr "" + +msgid "" +"The 4th card command of the terminal authentication according to " +"TR-0110-3 section B.3 failed." +msgstr "" +"Das 4. Kartenkommando der Terminal-Authentisierung gemäß TR-0110-3 " +"Abschnitt B.3 ist fehlgeschlagen." + +msgid "**Process_Certificates_From_Eac2_Cvc_Chain_Missing**" +msgstr "" + +msgid "" +"When setting up the PACE channel with PIN or CAN, the ID card " +"communicated which certificate it knew. However, the server sent a " +"certificate chain that does not contain this certificate." +msgstr "" +"Beim Aufbau des PACE-Kanals mit PIN oder CAN hat die Karte mitgeteilt, " +"welches Zertifikat ihr bekannt ist. Der Server hat aber eine " +"Zertifikatskette gesendet, in der dieses Zertifikat nicht enthalten ist." + +msgid "**Did_Authenticate_Eac2_Invalid_Cvc_Chain**" +msgstr "" + +msgid "**Did_Authenticate_Eac2_Card_Command_Failed**" +msgstr "" + +msgid "" +"A terminal or chip authentication card command according to TR-0110-3 " +"sections B.2 and B.3 failed." +msgstr "" +"Ein Kartenkommando der Terminal- oder Chip-Authentisierung gemäß " +"TR-0110-3 Abschnitt B.2 und B.3 ist fehlgeschlagen." + +msgid "**Generic_Send_Receive_Paos_Unhandled**" +msgstr "" + +msgid "" +"A message was sent by the server in the PAOS communication during " +"authentication, that could be completely processed." +msgstr "" +"Bei einer Authentisierung ist eine Nachricht vom Server in der PAOS-" +"Kommunikation gesendet worden, die nicht vollständig verarbeitet werden " +"konnte." + +msgid "**Generic_Send_Receive_Network_Error**" +msgstr "" + +msgid "" +"A network error has occurred in the PAOS communication during " +"authentication." +msgstr "" +"Bei einer Authentisierung ist ein Netzwerkfehler in der PAOS-" +"Kommunikation aufgetreten." + +msgid "**Generic_Send_Receive_Ssl_Error**" +msgstr "" + +msgid "" +"An authentication error occurred in the PAOS communication during the TLS" +" handshake. The TLS certificate is incorrect." +msgstr "" +"Bei einer Authentisierung ist während des TLS-Handshakes in der PAOS-" +"Kommunikation ein Fehler aufgetreten. Das TLS-Zertifikat ist fehlerhaft." + +msgid "**Generic_Send_Receive_Server_Error**" +msgstr "" + +msgid "" +"A server error 5xx occurred in the PAOS communication during " +"authentication." +msgstr "" +"Bei einer Authentisierung ist ein Serverfehler 5xx in der PAOS-" +"Kommunikation aufgetreten." + +msgid "**Generic_Send_Receive_Client_Error**" +msgstr "" + +msgid "" +"A client error 4xx occurred in the PAOS communication during " +"authentication." +msgstr "" +"Bei einer Authentisierung ist ein Clientfehler 4xx in der PAOS-" +"Kommunikation aufgetreten." + +msgid "**Generic_Send_Receive_Paos_Unknown**" +msgstr "" + +msgid "" +"An unknown message was sent by the server in the PAOS communication " +"during authentication." +msgstr "" +"Bei einer Authentisierung ist vom Server eine unbekannte Nachricht in der" +" PAOS-Kommunikation gesendet worden." + +msgid "**Generic_Send_Receive_Paos_Unexpected**" +msgstr "" + +msgid "" +"An unexpected message was sent by the server in the PAOS communication " +"during authentication." +msgstr "" +"Bei einer Authentisierung ist eine unerwartete Nachricht vom Server in " +"der PAOS-Kommunikation gesendet worden." + +msgid "**Generic_Send_Receive_Invalid_Ephemeral_Key_Length**" +msgstr "" + +msgid "" +"The symmetric key generated by the TLS handshake for PAOS communication " +"is not long enough." +msgstr "" +"Der durch den TLS-Handshake generierte symmetrische Schlüssel für die " +"PAOS-Kommunikation ist nicht lang genug." + +msgid "**Generic_Send_Receive_Certificate_Error**" +msgstr "" + +msgid "" +"The TLS certificate for PAOS communication uses key lengths that are too " +"small or is not included in the description of the service provider " +"certificate." +msgstr "" +"Das TLS-Zertifikat für die PAOS-Kommunikation verwendet zu kleine " +"Schlüssellängen oder ist nicht in der Beschreibung des " +"Diensteanbieterzertifikats enthalten." + +msgid "**Generic_Send_Receive_Session_Resumption_Failed**" +msgstr "" + +msgid "Failed to resume TLS session during PAOS communication." +msgstr "" +"Die Wiederaufnahme der TLS-Session während der PAOS-Kommunikation ist " +"fehlgeschlagen." + +msgid "**Transmit_Card_Command_Failed**" +msgstr "" + +msgid "" +"During authentication, card commands transmitted in PAOS communication " +"could not be correctly transmitted to the card." +msgstr "" +"Bei der Authentisierung konnten in der PAOS-Kommunikation übertragene " +"Kartenkommandos nicht korrekt an die Karte übermittelt werden." + +msgid "**Start_Paos_Response_Missing**" +msgstr "" + +msgid "" +"The message \"StartPaosResponse\" from the server could not be evaluated " +"because it does not exist." +msgstr "" +"Die Nachricht \"StartPaosResponse\" vom Server konnte nicht ausgewertet " +"werden, da sie nicht vorhanden ist." + +msgid "**Start_Paos_Response_Error**" +msgstr "" + +msgid "" +"The \"StartPaosResponse\" message from the server returned an error. The " +"AusweisApp2 or the ID card did not behave as expected by the server." +msgstr "" +"Die Nachricht \"StartPaosResponse\" vom Server hat einen Fehler " +"geliefert. Die AusweisApp2 oder die Karte hat sich nicht entsprechend der" +" Erwartung des Servers verhalten." + +msgid "**Check_Refresh_Address_Fatal_Ssl_Error_Before_Reply**" +msgstr "" + +msgid "" +"An error occurred during the TLS handshake when checking the return " +"address after a successful authentication. The TLS certificate is " +"incorrect." +msgstr "" +"Bei der Überprüfung der Rücksprungadresse nach einer erfolgreichen " +"Authentisierung ist während des TLS-Handshakes ein Fehler aufgetreten. " +"Das TLS-Zertifikat ist fehlerhaft." + +msgid "**Check_Refresh_Address_Invalid_Ephemeral_Key_Length**" +msgstr "" + +msgid "" +"The symmetric key generated by the TLS handshake when calling the return " +"address is not long enough." +msgstr "" +"Der durch den TLS-Handshake generierte symmetrische Schlüssel beim Aufruf" +" der Rücksprungadresse ist nicht lang genug." + +msgid "**Check_Refresh_Address_Service_Unavailable**" +msgstr "" + +msgid "The return address cannot be reached." +msgstr "Die Rücksprungadresse ist nicht erreichbar." + +msgid "**Check_Refresh_Address_Service_Timeout**" +msgstr "" + +msgid "" +"The call to the return address did not provide an answer within 30 " +"seconds." +msgstr "" +"Der Aufruf der Rücksprungadresse hat keine Antwort innerhalb von 30 " +"Sekunden geliefert." + +msgid "**Check_Refresh_Address_Proxy_Error**" +msgstr "" + +msgid "" +"A proxy server was configured by the operating system or the settings of " +"AusweisApp2. This didn't work for checking the return address." +msgstr "" +"Durch das Betriebssystem oder die Einstellungen der AusweisApp2 wurde ein" +" Proxyserver konfiguriert. Dieser hat für die Überprüfung der " +"Rücksprungadresse nicht funktioniert." + +msgid "**Check_Refresh_Address_Fatal_Ssl_Error_After_Reply**" +msgstr "" + +msgid "" +"When checking the return address after successful authentication, the TLS" +" handshake could not be completed successfully." +msgstr "" +"Bei der Überprüfung der Rücksprungadresse nach einer erfolgreichen " +"Authentisierung konnte der TLS-Handshake nicht erfolgreich beendet " +"werden." + +msgid "**Check_Refresh_Address_Unknown_Network_Error**" +msgstr "" + +msgid "" +"A unknown error occurred when checking the return address after " +"successful authentication." +msgstr "" +"Bei der Überprüfung der Rücksprungadresse nach einer erfolgreichen " +"Authentisierung ist ein nicht erwarteter Fehler aufgetreten." + +msgid "**Check_Refresh_Address_Invalid_Http_Response**" +msgstr "" + +msgid "The call to the return address did not result in forwarding." +msgstr "Der Aufruf der Rücksprungadresse hat nicht zu einer Weiterleitung geführt." + +msgid "**Check_Refresh_Address_Empty**" +msgstr "" + +msgid "The call to the return address led to a redirect but no URL was supplied." +msgstr "" +"Der Aufruf der Rücksprungadresse hat zu einer Weiterleitung geführt aber " +"keine URL mitgeliefert." + +msgid "**Check_Refresh_Address_Invalid_Url**" +msgstr "" + +msgid "" +"The call to the return address led to a redirect, but no correct URL was " +"supplied." +msgstr "" +"Der Aufruf der Rücksprungadresse hat zu einer Weiterleitung geführt aber " +"keine korrekte URL mitgeliefert." + +msgid "**Check_Refresh_Address_No_Https_Scheme**" +msgstr "" + +msgid "" +"The call to the return address led to a redirect, but delivered an URL " +"without https scheme." +msgstr "" +"Der Aufruf der Rücksprungadresse hat zu einer Weiterleitung geführt aber " +"eine URL ohne https-Schema mitgeliefert." + +msgid "**Check_Refresh_Address_Fetch_Certificate_Error**" +msgstr "" + +msgid "The server certificate could not be obtained after tracing all redirects." +msgstr "" +"Das Server-Zertifikat konnte nach Verfolgung aller Weiterleitungen nicht " +"abgerufen werden." + +msgid "**Check_Refresh_Address_Unsupported_Certificate**" +msgstr "" + +msgid "" +"The check of the return address after a successful authentication was " +"interrupted because the server uses a TLS certificate with unsupported " +"algorithms or key lengths." +msgstr "" +"Die Überprüfung der Rücksprungadresse nach einer erfolgreichen " +"Authentisierung wurde unterbrochen, da der Server ein TLS-Zertifikat mit " +"nicht unterstützten Algorithmen oder Schlüssellängen nutzt." + +msgid "**Check_Refresh_Address_Hash_Missing_In_Certificate**" +msgstr "" + +msgid "" +"The server certificate of the return address is not included in the " +"description of the service provider certificate." +msgstr "" +"Das Server-Zertifikat der Rücksprungadresse ist nicht in der Beschreibung" +" des Diensteanbieterzertifikats enthalten." + +msgid "**Redirect_Browser_Send_Error_Page_Failed**" +msgstr "" + +msgid "" +"Like Redirect_Browser_Send_Redirect_Failed. However, this only applies to" +" desktop systems, as the AusweisApp2 only generates an error page there " +"if no error address is available for forwarding by the service provider. " +"On mobile systems, the error details are displayed in the AusweisApp2." +msgstr "" +"Ähnlich wie Redirect_Browser_Send_Redirect_Failed. Gilt aber nur für " +"Desktop-Systeme, da nur dort eine Fehlerseite durch die AusweisApp2 " +"generiert wird, falls keine Fehleradresse für die Weiterleitung durch den" +" Diensteanbieter verfügbar ist. Auf mobilen Systemen werden die " +"Fehlerdetails in der AusweisApp2 dargestellt." + +msgid "" +"**Possible Solutions:** If the problem occurs repeatedly and changing the" +" browser does not help, please :ref:`failure_code_contact_support`." +msgstr "" +"**Mögliche Lösungen:** Versuchen Sie einen anderen Browser. Falls das " +"Problem bestehen bleibt, beachten Sie " +":ref:`failure_code_contact_support`." + +msgid "**Redirect_Browser_Send_Redirect_Failed**" +msgstr "" + +msgid "" +"On desktop systems, the web browser waits for a response from AusweisApp2" +" after starting authentication. However, for unknown reasons, the web " +"browser did not wait long enough for the response to be sent. On mobile " +"systems it was not possible to open the answer in a web browser." +msgstr "" +"Auf Desktop-Systemen wartet der Webbrowser nach Start einer " +"Authentisierung auf eine Antwort der AusweisApp2. Aus unbekannten Gründen" +" hat der Webbrowser aber nicht lange genug gewartet, sodass die Antwort " +"nicht mehr gesendet werden kann. Auf mobilen Systemen ist es nicht " +"gelungen die Antwort in einem Webbrowser zu öffnen." + +msgid "**Generic_Provider_Communication_Network_Error**" +msgstr "" + +msgid "" +"A network error occurred while communicating with a service provider. " +"This only applies to services that are started from AusweisApp2, such as " +"self-authentication." +msgstr "" +"Bei der Kommunikation mit einem Diensteanbieter ist ein Netzwerkfehler " +"aufgetreten. Das betrifft nur Dienste, die aus der AusweisApp2 heraus " +"gestartet werden, wie zum Beispiel die Selbstauskunft." + +msgid "**Generic_Provider_Communication_Invalid_Ephemeral_Key_Length**" +msgstr "" + +msgid "" +"When communicating with a service provider, the symmetric key generated " +"by the TLS handshake is not long enough. This only applies to services " +"that are started from AusweisApp2, such as self-authentication." +msgstr "" +"Bei der Kommunikation mit einem Diensteanbieter ist der durch den TLS-" +"Handshake generierte symmetrische Schlüssel nicht lang genug. Das " +"betrifft nur Dienste, die aus der AusweisApp2 heraus gestartet werden, " +"wie zum Beispiel die Selbstauskunft." + +msgid "**Generic_Provider_Communication_Certificate_Error**" +msgstr "" + +msgid "" +"When communicating with a service provider, the TLS certificate uses key " +"lengths that are insufficient. This only applies to services that are " +"started from AusweisApp2, such as self-authentication." +msgstr "" +"Bei der Kommunikation mit einem Diensteanbieter verwendet das TLS-" +"Zertifikat unzureichende Schlüssellängen. Das betrifft nur Dienste, die " +"aus der AusweisApp2 heraus gestartet werden, wie zum Beispiel die " +"Selbstauskunft." + +msgid "**Generic_Provider_Communication_Ssl_Error**" +msgstr "" + +msgid "" +"An error occurred during the TLS handshake when communicating with a " +"service provider. The TLS certificate is incorrect. This only applies to " +"services that are started from AusweisApp2, such as self-authentication." +msgstr "" +"Bei der Kommunikation mit einem Diensteanbieter ist während des TLS-" +"Handshakes ein Fehler aufgetreten. Das TLS-Zertifikat ist fehlerhaft. Das" +" betrifft nur Dienste, die aus der AusweisApp2 heraus gestartet werden, " +"wie zum Beispiel die Selbstauskunft." + +msgid "**Get_SelfAuthData_Invalid_Or_Empty**" +msgstr "" + +msgid "" +"The authentication for the self-authentication was completed " +"successfully, but the server then did not transmit the read data " +"correctly." +msgstr "" +"Die Authentisierung für die Selbstauskunft wurde erfolgreich durchlaufen," +" der Server hat die ausgelesenen Daten im Anschluss aber nicht korrekt " +"übermittelt." + +msgid "**Change_Pin_No_SetEidPinCommand_Response**" +msgstr "" + +msgid "" +"The AusweisApp2 sent a PIN change command to its core, but received an " +"answer for a different command." +msgstr "" +"Die AusweisApp2 hat ein Kommando zur Änderung der PIN an ihren Kern " +"gesendet, jedoch eine Antwort für ein anderes Kommando erhalten." + +msgid "**Change_Pin_Input_Timeout**" +msgstr "" + +msgid "" +"When changing a PIN, the user took too long to set the new PIN. Timeouts " +"are currently only known from card readers with a PIN pad, which also " +"affects smartphones as card readers with activated keyboard mode." +msgstr "" +"Der Benutzer hat bei einer PIN-Änderung zu lange gebraucht, um die neue " +"PIN festzulegen. Timeouts sind aktuell nur von Kartenlesern mit PIN-Pad " +"bekannt, was auch ein Smartphone als Kartenleser mit aktiviertem " +"Tastaturmodus betrifft." + +msgid "**Possible Solutions:** Enter the PIN within 60 seconds." +msgstr "**Mögliche Lösungen:** Die PIN innerhalb von 60 Sekunden eingeben." + +msgid "**Change_Pin_User_Cancelled**" +msgstr "" + +msgid "" +"The user canceled the PIN change after entering the current valid PIN. " +"Can only occur with card readers with a PIN pad, which also affects " +"smartphones as card readers with activated keyboard mode." +msgstr "" +"Der Benutzer hat die PIN-Änderung nach Eingabe der aktuellen gültigen PIN" +" abgebrochen. Kann nur bei Kartenlesern mit PIN-Pad auftreten, was auch " +"ein Smartphone als Kartenleser mit aktiviertem Tastaturmodus betrifft." + +msgid "**Possible Solutions:** Carry out the PIN change without abortion." +msgstr "**Mögliche Lösungen:** Die PIN-Änderung ohne Abbruch durchführen." + +msgid "**Change_Pin_New_Pin_Mismatch**" +msgstr "" + +msgid "" +"When changing a PIN, the user entered an incorrect confirmation of the " +"new PIN. Can only occur with USB card readers with a PIN pad. Smartphone " +"as a card reader with activated keyboard mode does not allow this " +"behavior." +msgstr "" +"Der Benutzer hat bei einer PIN-Änderung eine falsche Bestätigung der " +"neuen PIN eingegeben. Kann nur bei USB-Kartenlesern mit PIN-Pad " +"auftreten. Ein Smartphone als Kartenleser mit aktiviertem Tastaturmodus " +"lässt dieses Verhalten nicht zu." + +msgid "**Possible Solutions:** Confirm the new PIN correctly." +msgstr "**Mögliche Lösungen:** Die neue PIN korrekt bestätigen." + +msgid "**Change_Pin_New_Pin_Invalid_Length**" +msgstr "" + +msgid "" +"When changing a PIN, the user entered a new PIN with an incorrect length." +" Can only occur with USB card readers with a PIN pad. However, there is " +"no known device/case that allows this possibility. Smartphone as a card " +"reader with activated keyboard mode does not allow this behavior." +msgstr "" +"Der Benutzer hat bei einer PIN-Änderung eine neue PIN mit einer falschen " +"Länge eingegeben. Kann nur bei USB-Kartenlesern mit PIN-Pad auftreten. Es" +" ist jedoch kein Gerät/Fall bekannt, das diese Möglichkeit zulässt. Ein " +"Smartphone als Kartenleser mit aktiviertem Tastaturmodus lässt dieses " +"Verhalten nicht zu." + +msgid "**Change_Pin_Unexpected_Transmit_Status**" +msgstr "" + +msgid "" +"The command to change the PIN has been transmitted and answered. However," +" the answer is blank, unknown, or unexpected." +msgstr "" +"Das Kommando zur Änderung der PIN wurde übertragen und beantwortet. Die " +"Antwort ist jedoch leer, unbekannt oder unerwartet." + +msgid "**Change_Pin_Card_New_Pin_Mismatch**" +msgstr "" + +msgid "Like Change_Pin_New_Pin_Mismatch but at a higher protocol level." +msgstr "Wie Change_Pin_New_Pin_Mismatch aber auf einer höheren Protokollebene." + +msgid "**Change_Pin_Card_User_Cancelled**" +msgstr "" + +msgid "Like Change_Pin_User_Cancelled but at a higher log level." +msgstr "Wie Change_Pin_User_Cancelled aber auf einer höheren Protokollebene." + +msgid "**Start_Ifd_Service_Failed**" +msgstr "" + +msgid "" +"The IFD service according to TR-03112-6 appendix \"IFD Service\" could " +"not be started. Either no suitable TLS certificate could be " +"found/generated or the start of the TLS server failed. This applies to " +"both remote access and the local service of AusweisApp2 on Android that " +"is used through the SDK." +msgstr "" +"Der IFD-Service gemäß TR-03112-6 Anhang „IFD Service“ konnte nicht " +"gestartet werden. Entweder konnte kein passendes TLS-Zertifikat " +"gefunden/generiert werden oder der Start des TLS-Servers ist " +"fehlgeschlagen. Das betrifft sowohl den Fernzugriff als auch den lokalen " +"Service der AusweisApp2 auf Android, der durch das SDK genutzt wird." + +msgid "**Prepare_Pace_Ifd_Unknown**" +msgstr "" + +msgid "" +"The establishment of a PACE channel was requested by the client on a " +"smartphone as a card reader with activated keyboard mode. However, an " +"unsupported password type was requested (PIN, CAN, PUK are supported)." +msgstr "" +"Auf einem Smartphone als Kartenleser mit aktiviertem Tastaturmodus wurde " +"der Aufbau eines PACE-Kanals durch den Client angefordert. Dabei wurde " +"jedoch ein nicht unterstützter Passworttyp angefragt (Unterstützt werden " +"PIN, CAN, PUK)." + +msgid "**Establish_Pace_Ifd_Unknown**" +msgstr "" + +msgid "**Enter_Pace_Password_Ifd_User_Cancelled**" +msgstr "" + +msgid "" +"Occurs when the user canceled entering the PIN, CAN, or PUK on a " +"smartphone acting as a card reader with keyboard mode enabled." +msgstr "" +"Tritt auf, wenn der Benutzer die Eingabe der PIN, CAN oder PUK auf einem " +"Smartphone als Kartenleser mit aktiviertem Tastaturmodus abgebrochen hat." + +msgid "**Enter_New_Pace_Pin_Ifd_User_Cancelled**" +msgstr "" + +msgid "" +"Occurs when the user has canceled entering the new PIN during a PIN " +"change on a smartphone acting as a card reader with keyboard mode " +"enabled." +msgstr "" +"Tritt auf, wenn der Benutzer die Eingabe der neuen PIN bei einer PIN-" +"Änderung auf einem Smartphone als Kartenleser mit aktiviertem " +"Tastaturmodus abgebrochen hat." + +msgid "**Transmit_Personalization_Size_Mismatch**" +msgstr "" + +msgid "" +"Is not yet included in the product and will only be relevant with version" +" 2.0.0." +msgstr "" +"Ist noch nicht im Produkt enthalten und wird erst mit der Version 2.0.0 " +"relevant." + +msgid "**Start_Paos_Response_Personalization_Empty**" +msgstr "" + +msgid "**Start_Paos_Response_Personalization_Invalid**" +msgstr "" + +msgid "**Prepare_Applet_User_Cancelled**" +msgstr "" + +msgid "**Prepare_Applet_Status_Call_Failed**" +msgstr "" + +msgid "**Prepare_Applet_Installation_Loop**" +msgstr "" + +msgid "**Prepare_Applet_Installation_Failed**" +msgstr "" + +msgid "**Prepare_Applet_Unavailable**" +msgstr "" + +msgid "**Prepare_Applet_Delete_Personalization_Failed**" +msgstr "" + +msgid "**Prepare_Applet_UpdateInfo_Call_Failed**" +msgstr "" + +msgid "**Prepare_Applet_Delete_Smart_Failed**" +msgstr "" + +msgid "**Insert_Card_No_SmartReader**" +msgstr "" + +msgid "**Insert_Card_Multiple_SmartReader**" +msgstr "" + +msgid "**Insert_Card_Unknown_Eid_Type**" +msgstr "" + +msgid "**Insert_Card_HW_Keystore**" +msgstr "" + +msgid "**Insert_Card_Invalid_SmartReader**" +msgstr "" + +msgid "**Insert_Card_Missing_Card**" +msgstr "" + +msgid "**Initialize_Personalization_Failed**" +msgstr "" + +msgid "**Get_Session_Id_Invalid**" +msgstr "" + +msgid "**Get_Challenge_Invalid**" +msgstr "" + +msgid "**Finalize_Personalization_Failed**" +msgstr "" + +msgid "**Change_Smart_Pin_Failed**" +msgstr "" + +msgid "**Check_Status_Unavailable**" +msgstr "" + +msgid "**Check_Applet_Error**" +msgstr "" + +msgid "**Check_Applet_Unavailable**" +msgstr "" + diff --git a/docs/failurecodes/locales/de/LC_MESSAGES/index.po b/docs/failurecodes/locales/de/LC_MESSAGES/index.po new file mode 100644 index 000000000..f19d2921f --- /dev/null +++ b/docs/failurecodes/locales/de/LC_MESSAGES/index.po @@ -0,0 +1,34 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) 2023, Governikus GmbH & Co. KG +# This file is distributed under the same license as the AusweisApp2 Failure +# Codes package. +# FIRST AUTHOR , 2023. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: AusweisApp2 Failure Codes 1.26.3\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2023-03-21 12:25+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language: de\n" +"Language-Team: de \n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Generated-By: Babel 2.12.1\n" + +msgid "AusweisApp2" +msgstr "" + +msgid ".. image:: ../sdk/Logo_AusweisApp2.png" +msgstr "" + +msgid "Table of contents" +msgstr "Inhaltsverzeichnis" + +#~ msgid ".. image:: Logo_AusweisApp2.png" +#~ msgstr "" + diff --git a/docs/failurecodes/locales/de/LC_MESSAGES/intro.po b/docs/failurecodes/locales/de/LC_MESSAGES/intro.po new file mode 100644 index 000000000..a14d81f77 --- /dev/null +++ b/docs/failurecodes/locales/de/LC_MESSAGES/intro.po @@ -0,0 +1,38 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) 2023, Governikus GmbH & Co. KG +# This file is distributed under the same license as the AusweisApp2 Failure +# Codes package. +# FIRST AUTHOR , 2023. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: AusweisApp2 Failure Codes 1.26.3\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2023-03-27 13:03+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language: de\n" +"Language-Team: de \n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Generated-By: Babel 2.12.1\n" + +msgid "Introduction" +msgstr "Einführung" + +msgid "" +"This documentation will list all failure codes that may occur while using" +" the AusweisApp2 or the AusweisApp2 SDK. In addition to detailed " +"information on where and why an error occurred, possible solutions are " +"provided as well. Furthermore there will be first guidance to prevent " +"many of the causes that will be mentioned." +msgstr "" +"Diese Dokumentation listet alle Fehlercodes auf, die beim Verwenden der " +"AusweisApp2 oder des AusweisApp2-SDK auftreten können. Neben " +"detaillierten Informationen über das \"Wo\" und \"Warum\" bietet sie auch" +" mögliche Lösungen an. Darüber hinaus gibt es vorab Hilfestellung zur " +"Verhinderung einer Vielzahl der hier beschriebenen Ursachen." + diff --git a/docs/installation/conf.py.in b/docs/installation/conf.py.in index 384604b72..6ac8a5b1d 100644 --- a/docs/installation/conf.py.in +++ b/docs/installation/conf.py.in @@ -61,7 +61,7 @@ today = ' ' # # This is also used if you do content translation via gettext catalogs. # Usually you set "language" from the command line for these cases. -language = 'en' +language = '@SPHINX_LANG@' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. diff --git a/docs/integration/conf.py.in b/docs/integration/conf.py.in index d729e5e6b..d759cb84e 100644 --- a/docs/integration/conf.py.in +++ b/docs/integration/conf.py.in @@ -61,7 +61,7 @@ today = ' ' # # This is also used if you do content translation via gettext catalogs. # Usually you set "language" from the command line for these cases. -language = 'en' +language = '@SPHINX_LANG@' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. diff --git a/docs/releasenotes/1.26.4.rst b/docs/releasenotes/1.26.4.rst new file mode 100644 index 000000000..97bc1c2e0 --- /dev/null +++ b/docs/releasenotes/1.26.4.rst @@ -0,0 +1,31 @@ +AusweisApp2 1.26.4 +^^^^^^^^^^^^^^^^^^ + +**Releasedatum:** 28. April 2023 + + +Anwender +"""""""" +- Unter macOS wurde das Fensterverhalten korrigiert. + +- Kleinere Fehlerbehebungen und Optimierungen. + + +Entwickler +"""""""""" +- INTERRUPT zeigt nun nicht immer ein Fehlersymbol an. + +- Der Header "Access-Control-Allow-Private-Network" ist + nun beim Status-Request gesetzt. + +- CHANGE_PIN liefert nun auch einen FailureCode. + +- Ein Absturz bei AirPlay im iOS-SDK wurde behoben. + +- Private Symbole im iOS-SDK wurden korrigiert. + +- Der Simulator unterstützt nun auch explizite + private Schlüssel als Parameter. + +- Der Abbruch-Button im iOS-Scan-Dialog des SDK bricht + nun wieder den Workflow ab. diff --git a/docs/releasenotes/announce.rst b/docs/releasenotes/announce.rst index 8778658b3..13d2566ef 100644 --- a/docs/releasenotes/announce.rst +++ b/docs/releasenotes/announce.rst @@ -6,6 +6,7 @@ folgender Systeme und Funktionen eingestellt. - macOS Catalina 10.15 - Online-Hilfe +- PDF-Export-Funktion der Selbstauskunft Mit der Version 1.24.0 der AusweisApp2 wurde die Unterstützung diff --git a/docs/releasenotes/appcast.rst b/docs/releasenotes/appcast.rst index cd2cb2e34..682bc053d 100644 --- a/docs/releasenotes/appcast.rst +++ b/docs/releasenotes/appcast.rst @@ -4,6 +4,8 @@ Release Notes .. toctree:: :maxdepth: 1 + 1.26.4 + 1.26.3 1.26.2 1.26.1 1.26.0 diff --git a/docs/releasenotes/conf.py.in b/docs/releasenotes/conf.py.in index 0720708d7..a2b81bd55 100644 --- a/docs/releasenotes/conf.py.in +++ b/docs/releasenotes/conf.py.in @@ -61,7 +61,7 @@ today = ' ' # # This is also used if you do content translation via gettext catalogs. # Usually you set "language" from the command line for these cases. -language = 'de' +language = '@SPHINX_LANG@' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. diff --git a/docs/releasenotes/issues.rst b/docs/releasenotes/issues.rst index 0623c89a1..0ca9b1bd4 100644 --- a/docs/releasenotes/issues.rst +++ b/docs/releasenotes/issues.rst @@ -35,11 +35,6 @@ Windows / macOS Hierfür muss QT_QUICK_BACKEND=software gesetzt und die AusweisApp2 neugestartet werden. -- Das Beenden der AusweisApp2 über das Kontextmenü in der Menüleiste unter - macOS funktioniert nur, wenn das Kontextmenü mit der linken Maustaste - geöffnet wird. Alternativ kann das Tastaturkürzel CMD + Q zum beenden der - AusweisApp2 verwendet werden. - - Die visuelle Hervorhebung des aktiven Elements wird an einigen Stellen fälschlicherwiese auch aktiviert, wenn die Maus benutzt wurde. @@ -57,7 +52,3 @@ Android / iOS - Unter Umständen kommt es zu Stabilitätsproblemen der NFC-Schnittstelle. - Unter iOS kann derzeit das Hoch- bzw. Querformat nicht geändert werden. - -- Die Systemtastatur wird nach der Eingabe von Daten unter iOS nicht - automatisch geschlossen. Das Schließen muss manuell über die entsprechenden - Buttons "Fertig" bzw. "Suchen" erfolgen. diff --git a/docs/releasenotes/singlehtml.conf.py.in b/docs/releasenotes/singlehtml.conf.py.in index 16bac38fb..f28583cb7 100644 --- a/docs/releasenotes/singlehtml.conf.py.in +++ b/docs/releasenotes/singlehtml.conf.py.in @@ -59,7 +59,7 @@ release = '@VERSION_DVCS@' # # This is also used if you do content translation via gettext catalogs. # Usually you set "language" from the command line for these cases. -language = 'de' +language = '@SPHINX_LANG@' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. diff --git a/docs/releasenotes/support.rst b/docs/releasenotes/support.rst index 8543dfb2f..6a5f4bf21 100644 --- a/docs/releasenotes/support.rst +++ b/docs/releasenotes/support.rst @@ -54,13 +54,13 @@ und sollte daher mit allen marktüblichen Browsern verwendet werden können. Im Rahmen der Qualitätssicherung werden die folgenden Browserversionen getestet. -- Chrome 110 +- Chrome 112 -- Firefox 110 +- Firefox 112 -- Safari 16.3 (macOS) +- Safari 16.4 (macOS) -- Edge 110 +- Edge 112 @@ -118,13 +118,13 @@ Im mobilen Umfeld ist die Funktionalität jedoch abhängig von der vom Anbieter umgesetzten Aktivierung. Daher empfehlen wir einen der folgenden Browser zu verwenden. -- Chrome 110 (iOS/Android) +- Chrome 112 (iOS/Android) -- Firefox 110 (iOS/Android) +- Firefox 112 (iOS/Android) - Samsung Internet 20 (Android) -- Safari 16.3 (iOS) +- Safari 16.4 (iOS) Kartenleser diff --git a/docs/releasenotes/versions.rst b/docs/releasenotes/versions.rst index 74b1d92f7..67040af81 100644 --- a/docs/releasenotes/versions.rst +++ b/docs/releasenotes/versions.rst @@ -6,6 +6,8 @@ Versionszweig 1.26 .. toctree:: :maxdepth: 1 + 1.26.4 + 1.26.3 1.26.2 1.26.1 1.26.0 diff --git a/docs/sdk/commands.rst b/docs/sdk/commands.rst index da295dfe8..8a7eda3b7 100644 --- a/docs/sdk/commands.rst +++ b/docs/sdk/commands.rst @@ -359,6 +359,9 @@ in a :ref:`reader` message. .. versionadded:: 1.24.0 This command was introduced in :ref:`api_level` **2**. +.. versionadded:: 1.26.4 + Parameter **keys** added. + - **name**: Name of the :ref:`reader`. @@ -366,6 +369,8 @@ in a :ref:`reader` message. - **files**: Content of card :ref:`filesystem`. + - **keys**: Keys of card :ref:`filesystem`. + .. code-block:: json { @@ -373,7 +378,8 @@ in a :ref:`reader` message. "name": "reader name", "simulator": { - "files": [] + "files": [], + "keys": [] } } diff --git a/docs/sdk/conf.py.in b/docs/sdk/conf.py.in index db8bab719..a3d1a21a6 100644 --- a/docs/sdk/conf.py.in +++ b/docs/sdk/conf.py.in @@ -59,7 +59,7 @@ release = '@VERSION_DVCS@' # # This is also used if you do content translation via gettext catalogs. # Usually you set "language" from the command line for these cases. -language = 'en' +language = '@SPHINX_LANG@' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. diff --git a/docs/sdk/failurecodes.rst b/docs/sdk/failurecodes.rst new file mode 100644 index 000000000..607356254 --- /dev/null +++ b/docs/sdk/failurecodes.rst @@ -0,0 +1 @@ +.. include:: ../failurecodes/failurecodes.rst diff --git a/docs/sdk/index.rst b/docs/sdk/index.rst index 5c38161b4..5da2c441f 100644 --- a/docs/sdk/index.rst +++ b/docs/sdk/index.rst @@ -55,6 +55,7 @@ Table of contents commands messages workflow + failurecodes .. raw:: latex diff --git a/docs/sdk/messages.rst b/docs/sdk/messages.rst index 716fea368..8187f0715 100644 --- a/docs/sdk/messages.rst +++ b/docs/sdk/messages.rst @@ -243,9 +243,9 @@ a result and an url parameter to indicate the end of an authentication. - **message**: The error message. - - **reason**: Unique error code. + - **reason**: Unique :doc:`failurecodes`. - - **url**: Refresh url or communication error address. + - **url**: Refresh url or an optional communication error address. .. code-block:: json @@ -269,7 +269,8 @@ a result and an url parameter to indicate the end of an authentication. "minor": "http://www.bsi.bund.de/ecard/api/1.1/resultminor/al/common#internalError", "language": "en", "description": "An internal error has occurred during processing.", - "message": "The connection to the ID card has been lost. The process was aborted." + "message": "The connection to the ID card has been lost. The process was aborted.", + "reason": "Card_Removed" }, "url": "https://test.governikus-eid.de/gov_autent/async?refID=_abcdefgh" } @@ -370,9 +371,15 @@ command if the connection to the card failed. Also the parameter Support of CHANGE_PIN message. +.. versionadded:: 1.26.4 + Parameter **reason** added. + + - **success**: Indicates with true that the PIN was successfully changed, otherwise false. + - **reason**: Unique :doc:`failurecodes`. + .. code-block:: json { @@ -381,6 +388,15 @@ command if the connection to the card failed. Also the parameter } +.. code-block:: json + + { + "msg": "CHANGE_PIN", + "success": false, + "reason": "Card_Removed" + } + + .. _enter_can: diff --git a/docs/sdk/simulator.rst b/docs/sdk/simulator.rst index 0856ead09..8fcee9e75 100644 --- a/docs/sdk/simulator.rst +++ b/docs/sdk/simulator.rst @@ -6,7 +6,7 @@ message with the parameter **name** being `Simulator`. This virtual card can be inserted by :ref:`set_card` or can be automatically used in :ref:`automatic` mode. The default values of that virtual card are hardcoded and can only be changed -by the **files** parameter in the **simulator** parameter. +by the **files** and **keys** parameter in the **simulator** parameter. .. note:: @@ -19,21 +19,17 @@ by the **files** parameter in the **simulator** parameter. Filesystem ---------- The content of the filesystem can be provided as a JSON array of objects. -The ``fileId`` and ``shortFileId`` are specified on the corresponding -technical guideline of the BSI and ISO. The ``content`` is an ASN.1 structure -in DER encoding. All fields are hex encoded. +The ``fileId`` and ``shortFileId`` are specified in `TR-03110_part4`_. The +``content`` is an ASN.1 structure in DER encoding. All fields are hex encoded. These are the default values if your application does not provide other values -as **files** parameter in :ref:`set_card` or if you use the :ref:`automatic` mode -of :doc:`desktop` or the :doc:`container` variant. +as **simulator** parameter in :ref:`set_card` or if you use the :ref:`automatic` +mode of :doc:`desktop` or the :doc:`container` variant. .. code-block:: json "files": [ - {"fileId": "2f00", "shortFileId": "1e", "content": "61324f0fe828bd080fa000000167455349474e500f434941207a752044462e655369676e5100730c4f0aa000000167455349474e61094f07a0000002471001610b4f09e80704007f00070302610c4f0aa000000167455349474e"}, - {"fileId": "011c", "shortFileId": "1c", "content": "3181c13012060a04007f0007020204020202010202010d300d060804007f00070202020201023012060a04007f00070202030202020102020129301c060904007f000702020302300c060704007f0007010202010d020129303e060804007f000702020831323012060a04007f0007020203020202010202012d301c060904007f000702020302300c060704007f0007010202010d02012d302a060804007f0007020206161e687474703a2f2f6273692e62756e642e64652f6369662f6e70612e786d6c"}, - {"fileId": "011d", "shortFileId": "1d", "content": "308209f606092a864886f70d010702a08209e7308209e3020103310f300d06096086480165030402030500308203e0060804007f0007030201a08203d2048203ce318203ca3012060a04007f0007020204020202010202010d300d060804007f00070202020201023017060a04007f0007020205020330090201010201010101003021060904007f000702020502301406072a8648ce3d020106092b24030302080101073017060a04007f0007020205020330090201010201020101ff3012060a04007f00070202030202020102020129301c060904007f000702020302300c060704007f0007010202010d0201293062060904007f0007020201023052300c060704007f0007010202010d0342000419d4b7447788b0e1993db35500999627e739a4e5e35f02d8fb07d6122e76567f17758d7a3aa6943ef23e5e2909b3e8b31bfaa4544c2cbf1fb487f31ff239c8f80201293081a3060804007f00070202083181963012060a04007f0007020203020202010202012d301c060904007f000702020302300c060704007f0007010202010d02012d3062060904007f0007020201023052300c060704007f0007010202010d034200041ac6cae884a6c2b8461404150f54cd1150b21e862a4e5f21ce34290c741104bd1bf31ed91e085d7c630e8b4d10a8ae22bbb2898b44b52ea0f4cdadcf57cfba2502012d302a060804007f0007020206161e687474703a2f2f6273692e62756e642e64652f6369662f6e70612e786d6c308201e6060804007f0007020207308201d8300b0609608648016503040204308201c73021020101041c2ff0247f59dd3c646e314f03abb33ee91a586577ebdf48d3864ec34d3021020102041c37823963b71af0bf5698d1fdc30da2b7f9ece57cfa4959bee9d6d9943021020103041ce8b2a171dc1290a765f124aafe33061c08c918a1069dff5caf4c62b53021020104041cad81d20dbd4f5687fdb05e5037ec267609fde28c6036fdbdf2c8b4333021020105041ca90f28eb7a0fa0de83abf3293d14e0838b9c85fc7277cbb97737a32b3021020106041c712b8550e49a13c64dced4457e9a0f5a85dc26cd6a321596723005d63021020107041c42a8fa36b60887ed022cd3b6ecc255220fbe8cb3f607e416601fcaa63021020108041c6446e0a909967462b5c1117634f8a1b557ef74be3f606c1e94efae433021020109041c635d1017f4abc656b9fdddd7e0fbb1e992b7686e89485e6ab51b638b302102010d041c04db93544a64bc1245b10aab266386f08f8e89f72e1db178c172624d3021020111041caadee20557d41ab9969e962282caf25904475148d329d2f6b2f43e343021020112041c57ce396ca707b96fa37c580f693230e4d4aebb97293f0909489d95cb302102010a041c1880a259cdb497c15a7fdd1c9ac9490d7dc0d18743378603d43d1d4fa082049f3082049b308203fea003020102020204d5300a06082a8648ce3d0403043046310b3009060355040613024445310d300b060355040a0c0462756e64310c300a060355040b0c03627369311a301806035504030c115445535420637363612d6765726d616e79301e170d3230303132313036333630345a170d3330303832313233353935395a305c310b3009060355040613024445310c300a060355040a0c03425349310d300b06035504051304303039393130302e06035504030c275445535420446f63756d656e74205369676e6572204964656e7469747920446f63756d656e7473308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d01010231008cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53306404307bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826043004a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c110461041d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8e826e03436d646aaef87b2e247d4af1e8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c53150231008cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e90465650201010362000401b434b9555974f51934687c520dae338032f5046999e1595d85b89a4cbdb90888b8dcab2d6588cf73e8e43db78ab40a0fdb710d971f1c0205b9243e1f769a9e0681c01d1b298c4d7de7f3f7e6ce9f16657907b79328bec8166f5fc035e26ee3a382016630820162301f0603551d23041830168014539db1872aac9193d76392ee80d9e5996cf99b3b301d0603551d0e0416041472571e58fc52ead9641412875c615e8090508cfa300e0603551d0f0101ff040403020780302b0603551d1004243022800f32303230303132313036333630345a810f32303230303832313233353935395a30160603551d20040f300d300b060904007f00070301010130260603551d11041f301d820b6273692e62756e642e6465a40e300c310a300806035504070c014430510603551d12044a30488118637363612d6765726d616e79406273692e62756e642e6465861c68747470733a2f2f7777772e6273692e62756e642e64652f63736361a40e300c310a300806035504070c01443019060767810801010602040e300c02010031071301411302494430350603551d1f042e302c302aa028a0268624687474703a2f2f7777772e6273692e62756e642e64652f746573745f637363615f63726c300a06082a8648ce3d04030403818a00308186024100a348c5e7948535c9ecb5043d62fa1f56f16886af76c434c870d988d345175fd51e60a89c0e9d06a94d35078853397d7c8403e32053df6bdfc16cc1b3a5e7d1cb0241008506dc6aca4f202b4bdf7957263010886d38d4991d101374f6a7b8f4bc1ce51cb278e9f8851951f6af0aba7d4773f42762fd8f840a01f2d526cc80682dca08103182014430820140020101304c3046310b3009060355040613024445310d300b060355040a0c0462756e64310c300a060355040b0c03627369311a301806035504030c115445535420637363612d6765726d616e79020204d5300d06096086480165030402030500a06a301706092a864886f70d010903310a060804007f0007030201304f06092a864886f70d0109043142044066927654d73a84cccd931e2c44a9b34ef3b848ee85b7f4a92699ea7bf5262fe73b101f31f580180c96ea642569e5e6db8469a4c7e4cb47dfe9c5d95b0939125e300a06082a8648ce3d040304046630640230582364c74d9c694d3c8f99acbf82a7a847141248b015aed8bee3c395e82788426f032978d196303a6b81d9fa8b8dbc8e02305bf169de97b344a4b03e862c48a76226f044c6da1ea78e380c2c6479b79526415735345764d7b6e738ee83931aabe840"}, {"fileId": "0101", "shortFileId": "01", "content": "610413024944"}, {"fileId": "0102", "shortFileId": "02", "content": "6203130144"}, {"fileId": "0103", "shortFileId": "03", "content": "630a12083230323931303331"}, @@ -54,6 +50,56 @@ of :doc:`desktop` or the :doc:`container` variant. {"fileId": "0114", "shortFileId": "14", "content": "7416a1140c125245534944454e4345205045524d49542032"}, {"fileId": "0115", "shortFileId": "15", "content": "7515131374656c3a2b34392d3033302d31323334353637"}, {"fileId": "0116", "shortFileId": "16", "content": "761516136572696b61406d75737465726d616e6e2e6465"} + ], + "keys": + [ + {"id": 1, "private": "0353859c2ec67780ba39015de8c682af2326d43de9ce1e07737087bd1e17cb22"}, + {"id": 2, "private": "9ad0ad7f4dfaaa06988339fc31d3a111f4c7964ac7f377373a2454327c43e2ff"} + ] + + + +All keys and also the files from :ref:`advanced` will always be present and +can be overwritten as they are required for successful authentication. The +other files will not exist until they are specified so it is possible to +simulate a missing piece of personal data. + +The keys are used to calculate the pseudonym. Key ``1`` is used to check the +blacklist while key ``2`` is used to calculate the pseudonym for the service +provider. + +New keys can be generated with OpenSSL. + +.. code-block:: console + + openssl ecparam -name brainpoolP256r1 -genkey -out riKey.pem + openssl ec -in riKey.pem -text -noout + + + +.. _TR-03110_part4: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03110/BSI_TR-03110_Part-4_V2-2.pdf + + + +.. _advanced: + +Advanced +-------- +In addition the following files and keys can be overridden to change the +technical behavior of the virtual card. This does not affect the personal +data and is only required for eID-Client or eID-Server development. + +.. code-block:: json + + "files": + [ + {"fileId": "2f00", "shortFileId": "1e", "content": "61324f0fe828bd080fa000000167455349474e500f434941207a752044462e655369676e5100730c4f0aa000000167455349474e61094f07a0000002471001610b4f09e80704007f00070302610c4f0aa000000167455349474e"}, + {"fileId": "011c", "shortFileId": "1c", "content": "3181c13012060a04007f0007020204020202010202010d300d060804007f00070202020201023012060a04007f00070202030202020102020129301c060904007f000702020302300c060704007f0007010202010d020129303e060804007f000702020831323012060a04007f0007020203020202010202012d301c060904007f000702020302300c060704007f0007010202010d02012d302a060804007f0007020206161e687474703a2f2f6273692e62756e642e64652f6369662f6e70612e786d6c"}, + {"fileId": "011d", "shortFileId": "1d", "content": "308209f606092a864886f70d010702a08209e7308209e3020103310f300d06096086480165030402030500308203e0060804007f0007030201a08203d2048203ce318203ca3012060a04007f0007020204020202010202010d300d060804007f00070202020201023017060a04007f0007020205020330090201010201010101003021060904007f000702020502301406072a8648ce3d020106092b24030302080101073017060a04007f0007020205020330090201010201020101ff3012060a04007f00070202030202020102020129301c060904007f000702020302300c060704007f0007010202010d0201293062060904007f0007020201023052300c060704007f0007010202010d0342000419d4b7447788b0e1993db35500999627e739a4e5e35f02d8fb07d6122e76567f17758d7a3aa6943ef23e5e2909b3e8b31bfaa4544c2cbf1fb487f31ff239c8f80201293081a3060804007f00070202083181963012060a04007f0007020203020202010202012d301c060904007f000702020302300c060704007f0007010202010d02012d3062060904007f0007020201023052300c060704007f0007010202010d034200041ac6cae884a6c2b8461404150f54cd1150b21e862a4e5f21ce34290c741104bd1bf31ed91e085d7c630e8b4d10a8ae22bbb2898b44b52ea0f4cdadcf57cfba2502012d302a060804007f0007020206161e687474703a2f2f6273692e62756e642e64652f6369662f6e70612e786d6c308201e6060804007f0007020207308201d8300b0609608648016503040204308201c73021020101041c2ff0247f59dd3c646e314f03abb33ee91a586577ebdf48d3864ec34d3021020102041c37823963b71af0bf5698d1fdc30da2b7f9ece57cfa4959bee9d6d9943021020103041ce8b2a171dc1290a765f124aafe33061c08c918a1069dff5caf4c62b53021020104041cad81d20dbd4f5687fdb05e5037ec267609fde28c6036fdbdf2c8b4333021020105041ca90f28eb7a0fa0de83abf3293d14e0838b9c85fc7277cbb97737a32b3021020106041c712b8550e49a13c64dced4457e9a0f5a85dc26cd6a321596723005d63021020107041c42a8fa36b60887ed022cd3b6ecc255220fbe8cb3f607e416601fcaa63021020108041c6446e0a909967462b5c1117634f8a1b557ef74be3f606c1e94efae433021020109041c635d1017f4abc656b9fdddd7e0fbb1e992b7686e89485e6ab51b638b302102010d041c04db93544a64bc1245b10aab266386f08f8e89f72e1db178c172624d3021020111041caadee20557d41ab9969e962282caf25904475148d329d2f6b2f43e343021020112041c57ce396ca707b96fa37c580f693230e4d4aebb97293f0909489d95cb302102010a041c1880a259cdb497c15a7fdd1c9ac9490d7dc0d18743378603d43d1d4fa082049f3082049b308203fea003020102020204d5300a06082a8648ce3d0403043046310b3009060355040613024445310d300b060355040a0c0462756e64310c300a060355040b0c03627369311a301806035504030c115445535420637363612d6765726d616e79301e170d3230303132313036333630345a170d3330303832313233353935395a305c310b3009060355040613024445310c300a060355040a0c03425349310d300b06035504051304303039393130302e06035504030c275445535420446f63756d656e74205369676e6572204964656e7469747920446f63756d656e7473308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d01010231008cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53306404307bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826043004a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c110461041d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8e826e03436d646aaef87b2e247d4af1e8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c53150231008cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e90465650201010362000401b434b9555974f51934687c520dae338032f5046999e1595d85b89a4cbdb90888b8dcab2d6588cf73e8e43db78ab40a0fdb710d971f1c0205b9243e1f769a9e0681c01d1b298c4d7de7f3f7e6ce9f16657907b79328bec8166f5fc035e26ee3a382016630820162301f0603551d23041830168014539db1872aac9193d76392ee80d9e5996cf99b3b301d0603551d0e0416041472571e58fc52ead9641412875c615e8090508cfa300e0603551d0f0101ff040403020780302b0603551d1004243022800f32303230303132313036333630345a810f32303230303832313233353935395a30160603551d20040f300d300b060904007f00070301010130260603551d11041f301d820b6273692e62756e642e6465a40e300c310a300806035504070c014430510603551d12044a30488118637363612d6765726d616e79406273692e62756e642e6465861c68747470733a2f2f7777772e6273692e62756e642e64652f63736361a40e300c310a300806035504070c01443019060767810801010602040e300c02010031071301411302494430350603551d1f042e302c302aa028a0268624687474703a2f2f7777772e6273692e62756e642e64652f746573745f637363615f63726c300a06082a8648ce3d04030403818a00308186024100a348c5e7948535c9ecb5043d62fa1f56f16886af76c434c870d988d345175fd51e60a89c0e9d06a94d35078853397d7c8403e32053df6bdfc16cc1b3a5e7d1cb0241008506dc6aca4f202b4bdf7957263010886d38d4991d101374f6a7b8f4bc1ce51cb278e9f8851951f6af0aba7d4773f42762fd8f840a01f2d526cc80682dca08103182014430820140020101304c3046310b3009060355040613024445310d300b060355040a0c0462756e64310c300a060355040b0c03627369311a301806035504030c115445535420637363612d6765726d616e79020204d5300d06096086480165030402030500a06a301706092a864886f70d010903310a060804007f0007030201304f06092a864886f70d0109043142044066927654d73a84cccd931e2c44a9b34ef3b848ee85b7f4a92699ea7bf5262fe73b101f31f580180c96ea642569e5e6db8469a4c7e4cb47dfe9c5d95b0939125e300a06082a8648ce3d040304046630640230582364c74d9c694d3c8f99acbf82a7a847141248b015aed8bee3c395e82788426f032978d196303a6b81d9fa8b8dbc8e02305bf169de97b344a4b03e862c48a76226f044c6da1ea78e380c2c6479b79526415735345764d7b6e738ee83931aabe840"} + ], + "keys": + [ + {"id": 41, "private": "a07eb62e891daa84643e0afcc1af006891b669b8f51e379477dbeab8c987a610"} ] @@ -63,7 +109,4 @@ of :doc:`desktop` or the :doc:`container` variant. `TR-03110_part3`_, part 3: Section A.1.2. Storage on the Chip - `TR-03110_part4`_, part 4: Applications and Document Profiles - .. _TR-03110_part3: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03110/BSI_TR-03110_Part-3-V2_2.pdf - .. _TR-03110_part4: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03110/BSI_TR-03110_Part-4_V2-2.pdf diff --git a/libs/CMakeLists.txt b/libs/CMakeLists.txt index 1e9fc145f..4af45b2a6 100644 --- a/libs/CMakeLists.txt +++ b/libs/CMakeLists.txt @@ -178,9 +178,9 @@ else() endif() if(IOS) + set(OPENSSL_CONFIGURE_FLAGS ${OPENSSL_CONFIGURE_FLAGS} no-asm) if(CMAKE_OSX_SYSROOT MATCHES "iphonesimulator") set(OPENSSL_ARCH iossimulator-xcrun) - set(OPENSSL_CONFIGURE_FLAGS ${OPENSSL_CONFIGURE_FLAGS} no-asm) if (CMAKE_OSX_ARCHITECTURES STREQUAL "arm64") set(OPENSSL_CONFIGURE_FLAGS ${OPENSSL_CONFIGURE_FLAGS} "-arch arm64") endif() @@ -189,12 +189,14 @@ if(IOS) string(REGEX REPLACE "/SDKs/.*" "" CROSS_TOP_DEV_ROOT "${CMAKE_OSX_SYSROOT}") set(OPENSSL_ENV CROSS_TOP=${CROSS_TOP_DEV_ROOT} CROSS_SDK=iPhoneOS.sdk) endif() + set(OPENSSL_COMPILER_FLAGS ${OPENSSL_COMPILER_FLAGS} -fvisibility=hidden) elseif(APPLE) if(NOT CMAKE_OSX_ARCHITECTURES AND CMAKE_HOST_SYSTEM_PROCESSOR STREQUAL "arm64") set(CMAKE_OSX_ARCHITECTURES arm64) endif() if(CMAKE_OSX_ARCHITECTURES STREQUAL "arm64") + set(OPENSSL_CONFIGURE_FLAGS ${OPENSSL_CONFIGURE_FLAGS} no-asm) set(OPENSSL_ARCH darwin64-arm64-cc) set(OPENSSL_COMPILER_FLAGS ${OPENSSL_COMPILER_FLAGS} -mmacosx-version-min=11.0) else() @@ -222,12 +224,17 @@ elseif(ANDROID) if(CMAKE_ANDROID_ARCH_ABI STREQUAL "armeabi-v7a") set(OPENSSL_ARCH android-arm) set(OPENSSL_COMPILER_FLAGS ${OPENSSL_COMPILER_FLAGS} -mfloat-abi=softfp) + set(OPENSSL_NDK_PREFIX armv7a) + set(OPENSSL_NDK_INFIX eabi) elseif(CMAKE_ANDROID_ARCH_ABI STREQUAL "x86_64") set(OPENSSL_ARCH android-x86_64) + set(OPENSSL_NDK_PREFIX x86_64) elseif(CMAKE_ANDROID_ARCH_ABI STREQUAL "x86") set(OPENSSL_ARCH android-x86) + set(OPENSSL_NDK_PREFIX i686) elseif(CMAKE_ANDROID_ARCH_ABI STREQUAL "arm64-v8a") set(OPENSSL_ARCH android-arm64) + set(OPENSSL_NDK_PREFIX aarch64) else() message(FATAL_ERROR "CMAKE_ANDROID_ARCH_ABI not supported by openssl") endif() @@ -239,6 +246,7 @@ elseif(ANDROID) if(ANDROID_NDK_REVISION VERSION_LESS "23") set(OPENSSL_COMPILER_FLAGS ${OPENSSL_COMPILER_FLAGS} -D__ANDROID_API__=${CMAKE_SYSTEM_VERSION}) endif() + set(OPENSSL_COMPILER_FLAGS ${OPENSSL_COMPILER_FLAGS} --target=${OPENSSL_NDK_PREFIX}-linux-android${OPENSSL_NDK_INFIX}${CMAKE_SYSTEM_VERSION}) elseif(BSD) set(OPENSSL_ARCH BSD-x86_64) elseif(LINUX) diff --git a/libs/patches/qt-base-0005-macOS-Use-NSStatusItem.menu-to-manage-system-tray-me.patch b/libs/patches/qt-base-0005-macOS-Use-NSStatusItem.menu-to-manage-system-tray-me.patch new file mode 100644 index 000000000..737430dba --- /dev/null +++ b/libs/patches/qt-base-0005-macOS-Use-NSStatusItem.menu-to-manage-system-tray-me.patch @@ -0,0 +1,130 @@ +From d5555d3c62cbc8c061de0ae9e1f0c20374b4004e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tor=20Arne=20Vestb=C3=B8?= +Date: Mon, 12 Dec 2022 14:33:41 +0100 +Subject: macOS: Use NSStatusItem.menu to manage system tray menu + +Using [NSStatusItem popUpStatusItemMenu:] to manually show the menu is +deprecated, and was causing various issues when right clicking the menu, +such as not unhighlighting the menu item when dismissing the menu, or +worse, not quitting the application if a 'Quit' item was triggered from +a right click. + +The reason we were using popUpStatusItemMenu instead of the menu +property of NSStatusItem was that the latter prevented us from seeing +the action message of the NSStatusItem button, which we used to emit +the system tray's activated signal, but this can be solved by listing +for the menu's tracking state starting. + +Fixes: QTBUG-103515 +Pick-to: 6.4 +Change-Id: I686550ebac7d94d8d11b2e3c49ed16a8240cb214 +Reviewed-by: Volker Hilsheimer +(cherry picked from commit da754d5b6589c9877f0325edb3da5cbc64d966c7) +--- + .../platforms/cocoa/qcocoasystemtrayicon.h | 3 +- + .../platforms/cocoa/qcocoasystemtrayicon.mm | 36 ++++++++++++------- + 2 files changed, 24 insertions(+), 15 deletions(-) + +diff --git x/qtbase/src/plugins/platforms/cocoa/qcocoasystemtrayicon.h y/qtbase/src/plugins/platforms/cocoa/qcocoasystemtrayicon.h +index 414560e1192..75c33cc5a3f 100644 +--- x/qtbase/src/plugins/platforms/cocoa/qcocoasystemtrayicon.h ++++ y/qtbase/src/plugins/platforms/cocoa/qcocoasystemtrayicon.h +@@ -45,12 +45,11 @@ public: + bool isSystemTrayAvailable() const override; + bool supportsMessages() const override; + +- void statusItemClicked(); ++ void emitActivated(); + + private: + NSStatusItem *m_statusItem = nullptr; + QStatusItemDelegate *m_delegate = nullptr; +- QCocoaMenu *m_menu = nullptr; + }; + + QT_END_NAMESPACE +diff --git x/qtbase/src/plugins/platforms/cocoa/qcocoasystemtrayicon.mm y/qtbase/src/plugins/platforms/cocoa/qcocoasystemtrayicon.mm +index c004cd69b57..2f7f73b4813 100644 +--- x/qtbase/src/plugins/platforms/cocoa/qcocoasystemtrayicon.mm ++++ y/qtbase/src/plugins/platforms/cocoa/qcocoasystemtrayicon.mm +@@ -64,6 +64,8 @@ void QCocoaSystemTrayIcon::init() + + m_delegate = [[QStatusItemDelegate alloc] initWithSysTray:this]; + ++ // In case the status item does not have a menu assigned to it ++ // we fall back to the item's button to detect activation. + m_statusItem.button.target = m_delegate; + m_statusItem.button.action = @selector(statusItemClicked); + [m_statusItem.button sendActionOn:NSEventMaskLeftMouseDown | NSEventMaskRightMouseDown | NSEventMaskOtherMouseDown]; +@@ -81,8 +83,6 @@ void QCocoaSystemTrayIcon::cleanup() + + [m_delegate release]; + m_delegate = nil; +- +- m_menu = nullptr; + } + + QRect QCocoaSystemTrayIcon::geometry() const +@@ -178,12 +178,20 @@ void QCocoaSystemTrayIcon::updateIcon(const QIcon &icon) + + void QCocoaSystemTrayIcon::updateMenu(QPlatformMenu *menu) + { +- // We don't set the menu property of the NSStatusItem here, +- // as that would prevent us from receiving the action for the +- // click, and we wouldn't be able to emit the activated signal. +- // Instead we show the menu manually when the status item is +- // clicked. +- m_menu = static_cast(menu); ++ m_statusItem.menu = menu ? static_cast(menu)->nsMenu() : nil; ++ ++ if (m_statusItem.menu) { ++ // When a menu is assigned, NSStatusBarButtonCell will intercept the mouse ++ // down to pop up the menu, and we never see the NSStatusBarButton action. ++ // To ensure we emit the 'activated' signal in both cases we detect when ++ // menu starts tracking, which happens before the menu delegate is sent ++ // the menuWillOpen callback we use to emit aboutToShow for the menu. ++ [NSNotificationCenter.defaultCenter addObserver:m_delegate ++ selector:@selector(statusItemMenuBeganTracking:) ++ name:NSMenuDidBeginTrackingNotification ++ object:m_statusItem.menu ++ ]; ++ } + } + + void QCocoaSystemTrayIcon::updateToolTip(const QString &toolTip) +@@ -226,7 +234,7 @@ void QCocoaSystemTrayIcon::showMessage(const QString &title, const QString &mess + } + } + +-void QCocoaSystemTrayIcon::statusItemClicked() ++void QCocoaSystemTrayIcon::emitActivated() + { + auto *mouseEvent = NSApp.currentEvent; + +@@ -245,9 +253,6 @@ void QCocoaSystemTrayIcon::statusItemClicked() + } + + emit activated(activationReason); +- +- if (NSMenu *menu = m_menu ? m_menu->nsMenu() : nil) +- QT_IGNORE_DEPRECATIONS([m_statusItem popUpStatusItemMenu:menu]); + } + + QT_END_NAMESPACE +@@ -270,7 +275,12 @@ QT_END_NAMESPACE + + - (void)statusItemClicked + { +- self.platformSystemTray->statusItemClicked(); ++ self.platformSystemTray->emitActivated(); ++} ++ ++- (void)statusItemMenuBeganTracking:(NSNotification*)notification ++{ ++ self.platformSystemTray->emitActivated(); + } + + - (BOOL)userNotificationCenter:(NSUserNotificationCenter *)center shouldPresentNotification:(NSUserNotification *)notification +-- +2.39.2 + diff --git a/libs/patches/qt-base-0006-iOS-Don-t-assume-screens-will-not-be-connected-befor.patch b/libs/patches/qt-base-0006-iOS-Don-t-assume-screens-will-not-be-connected-befor.patch new file mode 100644 index 000000000..b5c1ff9c8 --- /dev/null +++ b/libs/patches/qt-base-0006-iOS-Don-t-assume-screens-will-not-be-connected-befor.patch @@ -0,0 +1,44 @@ +From e28710e3f175663b030c00d75ee899a9a7b0cdd2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tor=20Arne=20Vestb=C3=B8?= +Date: Thu, 15 Dec 2022 16:40:34 +0100 +Subject: iOS: Don't assume screens will not be connected before + QIOSIntegration + +When an external screen is connected to an iPad, and the application is +starting up on that screen, we will get a connection notification about +that screen as part of the initial bootstrap of UIApplicationMain, +before we call the user's main(). + +Since we initialize and add all available screen on QIOSIntegration +creation, we can just ignore the early connection notification. + +This avoids a crash, but the window will not show anything on the +external screen, which is a separate issue. + +Pick-to: 6.5 6.4 6.2 +Fixes: QTBUG-106701 +Change-Id: I9e0a9736bf602277316bd004e0d01c640feaf319 +Reviewed-by: Volker Hilsheimer +(cherry picked from commit dd49793bc3b4dd3808f0f24b717c442a5095db14) +--- + src/plugins/platforms/ios/qiosscreen.mm | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git x/qtbase/src/plugins/platforms/ios/qiosscreen.mm y/qtbase/src/plugins/platforms/ios/qiosscreen.mm +index f144c00fb0a..3d660189af4 100644 +--- x/qtbase/src/plugins/platforms/ios/qiosscreen.mm ++++ y/qtbase/src/plugins/platforms/ios/qiosscreen.mm +@@ -72,8 +72,8 @@ static QIOSScreen* qtPlatformScreenFor(UIScreen *uiScreen) + + + (void)screenConnected:(NSNotification*)notification + { +- Q_ASSERT_X(QIOSIntegration::instance(), Q_FUNC_INFO, +- "Screen connected before QIOSIntegration creation"); ++ if (!QIOSIntegration::instance()) ++ return; // Will be added when QIOSIntegration is created + + QWindowSystemInterface::handleScreenAdded(new QIOSScreen([notification object])); + } +-- +2.39.2 + diff --git a/libs/patches/qt-base-0007-Ignore-removed-changed-screens-if-no-QIOSIntegration.patch b/libs/patches/qt-base-0007-Ignore-removed-changed-screens-if-no-QIOSIntegration.patch new file mode 100644 index 000000000..548920794 --- /dev/null +++ b/libs/patches/qt-base-0007-Ignore-removed-changed-screens-if-no-QIOSIntegration.patch @@ -0,0 +1,57 @@ +From ae857fcf8415daafa6b77999dc8a44cd0e5ede7b Mon Sep 17 00:00:00 2001 +From: Jan Moeller +Date: Thu, 6 Apr 2023 09:27:16 +0200 +Subject: Ignore removed/changed screens if no QIOSIntegration instance exists + +QIOSTracker registers itself as handlers for system notifications about +changes of the screen environment. If no QIOSIntegration instance +exists, newly detected screens are not added to the list of known +screens (see screenConnected()). This, in turn, will result in a crash +if a screen is disconnected and removed in screenDisconnected() as it +is not known to qtPlatformScreenFor() and the function returns a +nullptr. + +Consider the QIOSIntegration also whenever a screen is "changed". This +is more of a safety measure do avoid crashes for unknown screens. + +This situation occurs if an iOS device is used to mirror the display +via AirPlay and no actual QGuiApplication exists, e.g. Qt is only +embedded in a Framework. + +Pick-to: 6.5 6.2 +Fixes: QTBUG-106701 +Change-Id: Id778fc5afa7c284b0536ee02b1ba2c10321cc5b1 +Reviewed-by: Volker Hilsheimer +Reviewed-by: Lars Schmertmann +(cherry picked from commit ffdfafc4b47b8267395370199073c292da33dd42) +--- + src/plugins/platforms/ios/qiosscreen.mm | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git x/qtbase/src/plugins/platforms/ios/qiosscreen.mm y/qtbase/src/plugins/platforms/ios/qiosscreen.mm +index 3d660189af4..e0216ce6526 100644 +--- x/qtbase/src/plugins/platforms/ios/qiosscreen.mm ++++ y/qtbase/src/plugins/platforms/ios/qiosscreen.mm +@@ -80,6 +80,9 @@ static QIOSScreen* qtPlatformScreenFor(UIScreen *uiScreen) + + + (void)screenDisconnected:(NSNotification*)notification + { ++ if (!QIOSIntegration::instance()) ++ return; ++ + QIOSScreen *screen = qtPlatformScreenFor([notification object]); + Q_ASSERT_X(screen, Q_FUNC_INFO, "Screen disconnected that we didn't know about"); + +@@ -88,6 +91,9 @@ static QIOSScreen* qtPlatformScreenFor(UIScreen *uiScreen) + + + (void)screenModeChanged:(NSNotification*)notification + { ++ if (!QIOSIntegration::instance()) ++ return; ++ + QIOSScreen *screen = qtPlatformScreenFor([notification object]); + Q_ASSERT_X(screen, Q_FUNC_INFO, "Screen changed that we didn't know about"); + +-- +2.39.2 + diff --git a/resources/jenkins/docker/common/Dockerfile b/resources/jenkins/docker/alpine-common/Dockerfile similarity index 91% rename from resources/jenkins/docker/common/Dockerfile rename to resources/jenkins/docker/alpine-common/Dockerfile index be1511a71..68fa974db 100644 --- a/resources/jenkins/docker/common/Dockerfile +++ b/resources/jenkins/docker/alpine-common/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:swarm +FROM dev-docker.governikus.de/ausweisapp2/alpine:swarm MAINTAINER Governikus KG ARG UNCRUSTIFY=0.74.0 diff --git a/resources/jenkins/docker/docs/Dockerfile b/resources/jenkins/docker/alpine-docs/Dockerfile similarity index 62% rename from resources/jenkins/docker/docs/Dockerfile rename to resources/jenkins/docker/alpine-docs/Dockerfile index 2d54decfe..054b6cb2c 100644 --- a/resources/jenkins/docker/docs/Dockerfile +++ b/resources/jenkins/docker/alpine-docs/Dockerfile @@ -1,9 +1,9 @@ -FROM alpine:swarm +FROM dev-docker.governikus.de/ausweisapp2/alpine:swarm MAINTAINER Governikus KG ENV NAME=Docs LABELS=Docs -RUN apk --no-cache add py3-setuptools icu poppler zziplib enscript ghostscript texlive-full py3-sphinx py3-sphinx_rtd_theme && \ +RUN apk --no-cache add py3-setuptools icu poppler zziplib enscript ghostscript texlive-full py3-sphinx py3-sphinx_rtd_theme py3-sphinx-copybutton && \ pip3 install doc8 USER governikus diff --git a/resources/jenkins/docker/linux/Dockerfile b/resources/jenkins/docker/alpine-linux/Dockerfile similarity index 92% rename from resources/jenkins/docker/linux/Dockerfile rename to resources/jenkins/docker/alpine-linux/Dockerfile index e7e427a85..8077d7f64 100644 --- a/resources/jenkins/docker/linux/Dockerfile +++ b/resources/jenkins/docker/alpine-linux/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:swarm +FROM dev-docker.governikus.de/ausweisapp2/alpine:swarm MAINTAINER Governikus KG ENV NAME=Linux LABELS="Linux g++ clang++" PACKAGES_DIR=/home/governikus/packages diff --git a/resources/jenkins/docker/swarm/Dockerfile b/resources/jenkins/docker/alpine-swarm/Dockerfile similarity index 100% rename from resources/jenkins/docker/swarm/Dockerfile rename to resources/jenkins/docker/alpine-swarm/Dockerfile diff --git a/resources/jenkins/docker/swarm/swarm.sh b/resources/jenkins/docker/alpine-swarm/swarm.sh similarity index 82% rename from resources/jenkins/docker/swarm/swarm.sh rename to resources/jenkins/docker/alpine-swarm/swarm.sh index 65504707c..9de004a53 100755 --- a/resources/jenkins/docker/swarm/swarm.sh +++ b/resources/jenkins/docker/alpine-swarm/swarm.sh @@ -7,10 +7,11 @@ labels=${LABELS:-undefined} mode=${MODE:-exclusive} master=${MASTER:-https://ausweisapp-ci.govkg.de/} user=${USER:-jenkins-swarm} -fingerprints=${FINGERPRINTS:-40:DD:0E:F9:8D:A1:DA:39:D4:B9:B6:31:C3:F8:E5:8B:45:76:C5:BB:68:61:4A:F3:DD:14:16:85:D9:03:C2:02} +fingerprints=${FINGERPRINTS:-FA:B8:35:6B:4F:1F:AF:68:9F:CC:B9:63:71:BC:1F:DA:6E:DB:61:F6:C7:E4:64:F6:41:8F:51:09:4C:A9:A0:A9} /usr/bin/java \ -jar /swarm-client.jar \ + -webSocket \ -name $name-$HOSTNAME \ -mode $mode \ -executors $executor \ diff --git a/resources/jenkins/docker/trigger/Dockerfile b/resources/jenkins/docker/alpine-trigger/Dockerfile similarity index 73% rename from resources/jenkins/docker/trigger/Dockerfile rename to resources/jenkins/docker/alpine-trigger/Dockerfile index 60a4eff59..4271630d7 100644 --- a/resources/jenkins/docker/trigger/Dockerfile +++ b/resources/jenkins/docker/alpine-trigger/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:swarm +FROM dev-docker.governikus.de/ausweisapp2/alpine:swarm MAINTAINER Governikus KG ENV NAME=Trigger LABELS="Trigger Seeder" diff --git a/resources/jenkins/docker/generate.py b/resources/jenkins/docker/generate.py index 4d6eea439..8ed942edd 100755 --- a/resources/jenkins/docker/generate.py +++ b/resources/jenkins/docker/generate.py @@ -10,12 +10,29 @@ print("python version >=3.5 required") sys.exit(1) +args = str(sys.argv) + # Alpine -images = ["swarm", "trigger", "common", "docs", "linux"] -for image in images: - print("Building %s ..." % (image)) - proc_args = ["docker", "build", "-t", "alpine:%s" % (image), image] - subprocess.run(proc_args).check_returncode() - proc_args = ["docker", "tag", "alpine:%s" % (image), - "dev-docker.govkg.de/ausweisapp2/alpine:%s" % image] - subprocess.run(proc_args).check_returncode() +alpine = ['alpine:swarm', 'alpine:trigger', + 'alpine:common', 'alpine:docs', 'alpine:linux'] + +# Ubuntu +ubuntu = ['ubuntu:swarm', 'ubuntu:android', 'ubuntu:vanilla'] + +images = alpine + ubuntu + +if 'build' in args: + for image in images: + dir = image.replace(':', '-') + print('Building %s in directory %s' % (image, dir)) + proc_args = ['docker', 'build', '-t', + 'dev-docker.governikus.de/ausweisapp2/%s' % (image), dir] + subprocess.run(proc_args).check_returncode() + + +if 'push' in args: + for image in images: + print('Push %s' % image) + proc_args = ['docker', 'push', + 'dev-docker.governikus.de/ausweisapp2/%s' % (image)] + subprocess.run(proc_args).check_returncode() diff --git a/resources/jenkins/docker/android/Dockerfile b/resources/jenkins/docker/ubuntu-android/Dockerfile similarity index 96% rename from resources/jenkins/docker/android/Dockerfile rename to resources/jenkins/docker/ubuntu-android/Dockerfile index da95d2aee..7e7b5c3fe 100644 --- a/resources/jenkins/docker/android/Dockerfile +++ b/resources/jenkins/docker/ubuntu-android/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:swarm +FROM dev-docker.governikus.de/ausweisapp2/ubuntu:swarm MAINTAINER Governikus KG ARG ANDROID_CMDLINE_TOOLS=8092744 diff --git a/resources/jenkins/docker/swarm-ubuntu/Dockerfile b/resources/jenkins/docker/ubuntu-swarm/Dockerfile similarity index 100% rename from resources/jenkins/docker/swarm-ubuntu/Dockerfile rename to resources/jenkins/docker/ubuntu-swarm/Dockerfile diff --git a/resources/jenkins/docker/swarm-ubuntu/swarm.sh b/resources/jenkins/docker/ubuntu-swarm/swarm.sh similarity index 82% rename from resources/jenkins/docker/swarm-ubuntu/swarm.sh rename to resources/jenkins/docker/ubuntu-swarm/swarm.sh index 65504707c..9de004a53 100755 --- a/resources/jenkins/docker/swarm-ubuntu/swarm.sh +++ b/resources/jenkins/docker/ubuntu-swarm/swarm.sh @@ -7,10 +7,11 @@ labels=${LABELS:-undefined} mode=${MODE:-exclusive} master=${MASTER:-https://ausweisapp-ci.govkg.de/} user=${USER:-jenkins-swarm} -fingerprints=${FINGERPRINTS:-40:DD:0E:F9:8D:A1:DA:39:D4:B9:B6:31:C3:F8:E5:8B:45:76:C5:BB:68:61:4A:F3:DD:14:16:85:D9:03:C2:02} +fingerprints=${FINGERPRINTS:-FA:B8:35:6B:4F:1F:AF:68:9F:CC:B9:63:71:BC:1F:DA:6E:DB:61:F6:C7:E4:64:F6:41:8F:51:09:4C:A9:A0:A9} /usr/bin/java \ -jar /swarm-client.jar \ + -webSocket \ -name $name-$HOSTNAME \ -mode $mode \ -executors $executor \ diff --git a/resources/jenkins/docker/vanilla/Dockerfile b/resources/jenkins/docker/ubuntu-vanilla/Dockerfile similarity index 94% rename from resources/jenkins/docker/vanilla/Dockerfile rename to resources/jenkins/docker/ubuntu-vanilla/Dockerfile index 61829d2bd..b6f0a6d03 100644 --- a/resources/jenkins/docker/vanilla/Dockerfile +++ b/resources/jenkins/docker/ubuntu-vanilla/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:swarm +FROM dev-docker.governikus.de/ausweisapp2/ubuntu:swarm MAINTAINER Governikus KG ENV NAME=Vanilla LABELS="Vanilla" PACKAGES_DIR=/home/governikus/packages diff --git a/resources/jenkins/dsl/Builds/Build_Container.groovy b/resources/jenkins/dsl/Builds/Build_Container.groovy index 53d982da9..4b4c90010 100644 --- a/resources/jenkins/dsl/Builds/Build_Container.groovy +++ b/resources/jenkins/dsl/Builds/Build_Container.groovy @@ -21,6 +21,8 @@ j.with steps { + shell('docker container prune -f') + shell(strip('''\ docker build --pull -t dev-docker.govkg.de/ausweisapp2/sdk:${TAG//-default/""} diff --git a/resources/jenkins/dsl/Builds/Build_Docs.groovy b/resources/jenkins/dsl/Builds/Build_Docs.groovy index 3ce81067d..f848bef04 100644 --- a/resources/jenkins/dsl/Builds/Build_Docs.groovy +++ b/resources/jenkins/dsl/Builds/Build_Docs.groovy @@ -22,6 +22,9 @@ j.with shell('cmake --build build --target sdk.latex.pdf') shell('cd build/docs/sdk/html; cmake -E tar cfJ ../../AusweisApp2_SDK.tar.xz .') + shell('cmake --build build --target failurecodes') + shell('cmake --build build --target failurecodes.latex.pdf') + shell('cmake --build build --target inst.latex.pdf') shell('cmake --build build --target inte.latex.pdf') diff --git a/resources/jenkins/dsl/Releases/Release_Docs.groovy b/resources/jenkins/dsl/Releases/Release_Docs.groovy index 43513609a..69e02f937 100644 --- a/resources/jenkins/dsl/Releases/Release_Docs.groovy +++ b/resources/jenkins/dsl/Releases/Release_Docs.groovy @@ -27,6 +27,9 @@ j.with shell('cmake --build build --target sdk.latex.pdf') shell('cd build/docs/sdk/html; cmake -E tar cfJ ../../AusweisApp2_SDK.tar.xz .') + shell('cmake --build build --target failurecodes') + shell('cmake --build build --target failurecodes.latex.pdf') + shell('cmake --build build --target inst.latex.pdf') shell('cmake --build build --target inte.latex.pdf') diff --git a/resources/jenkins/dsl/Reviews/Review_Docs.groovy b/resources/jenkins/dsl/Reviews/Review_Docs.groovy index 73de84eb5..5c2af0fb1 100644 --- a/resources/jenkins/dsl/Reviews/Review_Docs.groovy +++ b/resources/jenkins/dsl/Reviews/Review_Docs.groovy @@ -26,6 +26,9 @@ j.with shell('cmake --build build --target sdk.latex.pdf') shell('cd build/docs/sdk/html; cmake -E tar cfJ ../../AusweisApp2_SDK.tar.xz .') + shell('cmake --build build --target failurecodes') + shell('cmake --build build --target failurecodes.latex.pdf') + shell('cmake --build build --target inst.latex.pdf') shell('cmake --build build --target inte.latex.pdf') diff --git a/resources/json-schemas/supported-providers.json b/resources/json-schemas/supported-providers.json index 05b6c570a..7ae1e6571 100644 --- a/resources/json-schemas/supported-providers.json +++ b/resources/json-schemas/supported-providers.json @@ -118,7 +118,7 @@ }, "postalAddress": { "type": "string", - "pattern": "^([\\w\\. \\(\\)äöüÄÖÜß\\-\\/,:&–]|())+$" + "pattern": "^([\\w\\. \\(\\)äöüÄÖÜß\\-\\/,:&]|())+$" }, "category": { "type": "string", @@ -141,20 +141,6 @@ "type": "string", "minLength": 1 }, - "exclude": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "android", - "bsd", - "ios", - "linux", - "mac", - "win" - ] - } - }, "eidSupport": { "type": "boolean" }, diff --git a/resources/qml/+desktop/main.qml b/resources/qml/+desktop/main.qml index 45944769f..0fa56a380 100644 --- a/resources/qml/+desktop/main.qml +++ b/resources/qml/+desktop/main.qml @@ -52,16 +52,16 @@ ApplicationWindow { Component.onCompleted: menuBar.forceActiveFocus(Qt.MouseFocusReason) onClosing: close => { - if (ApplicationModel.currentWorkflow !== ApplicationModel.WORKFLOW_NONE) { + if (ApplicationModel.currentWorkflow !== ApplicationModel.WORKFLOW_NONE && !d.suppressAbortWarning) { abortWorkflowWarning.open(); close.accepted = false; return; } - if (Qt.platform.os === "osx" && !SettingsModel.autoStartApp) { + if (d.isMacOsAndAutoStartDisabled) { close.accepted = true; return; } - if (SettingsModel.remindUserToClose) { + if (SettingsModel.remindUserToClose && !d.suppressAbortWarning) { closeWarning.open(); close.accepted = false; } else { @@ -80,7 +80,18 @@ ApplicationWindow { property int activeView: UiModule.DEFAULT property ApplicationWindow detachedLogView: null + readonly property string hideToTrayText: { + if (Qt.platform.os === "osx") { + //: INFO DESKTOP Content of the popup that is shown when the AA2 is closed and the close/minimize info was not disabled. macOS specific if autostart is enabled. + return qsTr("The program remains available via the icon in the menu bar. Click on the %1 icon to reopen the user interface.").arg(Qt.application.name); + } + + //: INFO DESKTOP Content of the popup that is shown when the AA2 is closed and the close/minimize info was not disabled. + return qsTr("The program remains available via the icon in the system tray. Click on the %1 icon to reopen the user interface.").arg(Qt.application.name); + } + readonly property bool isMacOsAndAutoStartDisabled: Qt.platform.os === "osx" && !SettingsModel.autoStartApp property int lastVisibility: ApplicationWindow.Windowed + property bool suppressAbortWarning: false function abortCurrentWorkflow() { if (ApplicationModel.currentWorkflow === ApplicationModel.WORKFLOW_AUTHENTICATION) { @@ -104,6 +115,7 @@ ApplicationWindow { ApplicationModel.scaleFactor = Math.min(width / initialSize.width, height / initialSize.height); } function showMainWindow() { + d.suppressAbortWarning = false; if (active) { return; } @@ -135,8 +147,7 @@ ApplicationWindow { id: closeWarning closePolicy: Popup.NoAutoClose style: ConfirmationPopup.PopupStyle.OkButton - //: INFO DESKTOP Content of the popup that is shown when the AA2 is closed for the first time. - text: qsTr("The program remains available via the icon in the system tray. Click on the %1 icon to reopen the user interface.").arg(Qt.application.name) + text: d.hideToTrayText //: INFO DESKTOP Header of the popup that is shown when the AA2 is closed for the first time. title: qsTr("The user interface of the %1 is closed.").arg(Qt.application.name) @@ -156,18 +167,17 @@ ApplicationWindow { //: INFO DESKTOP Content of the popup that is shown when the AA2 is closed and a workflow is still active. readonly property string abortText: qsTr("This will cancel the current operation and hide the UI of %1. You can restart the operation at any time.").arg(Qt.application.name) - //: INFO DESKTOP Content of the popup that is shown when the AA2 is closed and a workflow is still active and the close/minimize info was not disabled. - readonly property string hideToTrayText: qsTr("The program remains available via the icon in the system tray. Click on the %1 icon to reopen the user interface.").arg(Qt.application.name) closePolicy: Popup.NoAutoClose - text: "%1%2".arg(abortText).arg(SettingsModel.remindUserToClose ? "

%1".arg(hideToTrayText) : "") + text: "%1%2".arg(abortText).arg(SettingsModel.remindUserToClose && !d.isMacOsAndAutoStartDisabled ? "

%1".arg(d.hideToTrayText) : "") //: INFO DESKTOP Header of the popup that is shown when the AA2 is closed and a workflow is still active title: qsTr("Abort operation") onCancelled: close() onConfirmed: { d.abortCurrentWorkflow(); - d.hideUiAndTaskbarEntry(); + d.suppressAbortWarning = true; + appWindow.close(); } } Connections { diff --git a/resources/qml/Governikus/AuthView/+desktop/AuthView.qml b/resources/qml/Governikus/AuthView/+desktop/AuthView.qml index 7b21cd08c..1c077c1c0 100644 --- a/resources/qml/Governikus/AuthView/+desktop/AuthView.qml +++ b/resources/qml/Governikus/AuthView/+desktop/AuthView.qml @@ -149,7 +149,6 @@ SectionPage { GeneralWorkflow { id: generalWorkflow isPinChange: false - passwordInfoLinkText: infoData.linkText visible: d.activeView === AuthView.SubViews.Workflow waitingFor: switch (authController.workflowState) { case AuthController.WorkflowStates.Reader: @@ -160,7 +159,6 @@ SectionPage { return Workflow.WaitingFor.None; } - onRequestPasswordInfo: authView.showPasswordInfo() onSettingsRequested: authView.showSettings() } EnterPasswordView { @@ -189,6 +187,7 @@ SectionPage { onClicked: passwordInfoView.close() } + onAbortCurrentWorkflow: AuthModel.cancelWorkflow() onClose: { d.view = d.precedingView; updateTitleBarActions(); diff --git a/resources/qml/Governikus/AuthView/+mobile/AuthView.qml b/resources/qml/Governikus/AuthView/+mobile/AuthView.qml index 4e2093a0c..941450cc7 100644 --- a/resources/qml/Governikus/AuthView/+mobile/AuthView.qml +++ b/resources/qml/Governikus/AuthView/+mobile/AuthView.qml @@ -155,6 +155,7 @@ ProgressView { PasswordInfoView { infoContent: infoData + onAbortCurrentWorkflow: AuthModel.cancelWorkflow() onClose: pop() } } diff --git a/resources/qml/Governikus/AuthView/+mobile/TransportPinReminderView.qml b/resources/qml/Governikus/AuthView/+mobile/TransportPinReminderView.qml index bdc775369..88badfe5b 100644 --- a/resources/qml/Governikus/AuthView/+mobile/TransportPinReminderView.qml +++ b/resources/qml/Governikus/AuthView/+mobile/TransportPinReminderView.qml @@ -25,6 +25,7 @@ SectionPage { } GFlickableColumnLayout { + id: layout anchors.fill: parent spacing: Constants.component_spacing @@ -52,6 +53,7 @@ SectionPage { MoreInformationLink { id: moreInformationLink Layout.alignment: Qt.AlignCenter + Layout.maximumWidth: layout.effectiveContentWidth Layout.topMargin: Constants.component_spacing onClicked: root.showInfoView() @@ -65,10 +67,9 @@ SectionPage { spacing: Constants.component_spacing GButton { - Layout.alignment: Qt.AlignCenter + Layout.alignment: Qt.AlignVCenter Layout.fillWidth: true Layout.maximumWidth: Style.dimens.max_text_width / 2 - Layout.preferredWidth: parent.width / 2 //: LABEL ANDROID IOS text: qsTr("No") @@ -76,10 +77,9 @@ SectionPage { onClicked: pinUnknown() } GButton { - Layout.alignment: Qt.AlignCenter + Layout.alignment: Qt.AlignVCenter Layout.fillWidth: true Layout.maximumWidth: Style.dimens.max_text_width / 2 - Layout.preferredWidth: parent.width / 2 //: LABEL ANDROID IOS text: qsTr("Yes") diff --git a/resources/qml/Governikus/ChangePinView/+desktop/ChangePinView.qml b/resources/qml/Governikus/ChangePinView/+desktop/ChangePinView.qml index 6918453e6..3c2391203 100644 --- a/resources/qml/Governikus/ChangePinView/+desktop/ChangePinView.qml +++ b/resources/qml/Governikus/ChangePinView/+desktop/ChangePinView.qml @@ -134,7 +134,6 @@ SectionPage { GeneralWorkflow { id: generalWorkflow isPinChange: true - passwordInfoLinkText: infoData.linkText visible: d.activeView === ChangePinView.SubViews.Workflow waitingFor: switch (changePinController.workflowState) { case ChangePinController.WorkflowStates.Reader: @@ -145,7 +144,6 @@ SectionPage { return Workflow.WaitingFor.None; } - onRequestPasswordInfo: baseItem.showPasswordInfo() onSettingsRequested: baseItem.showSettings() } EnterPasswordView { @@ -168,6 +166,7 @@ SectionPage { infoContent: infoData visible: d.activeView === ChangePinView.SubViews.PasswordInfo + onAbortCurrentWorkflow: ChangePinModel.cancelWorkflow() onClose: { d.view = d.precedingView; updateTitleBarActions(); diff --git a/resources/qml/Governikus/ChangePinView/+mobile/ChangePinView.qml b/resources/qml/Governikus/ChangePinView/+mobile/ChangePinView.qml index 17155e4e0..42116e3eb 100644 --- a/resources/qml/Governikus/ChangePinView/+mobile/ChangePinView.qml +++ b/resources/qml/Governikus/ChangePinView/+mobile/ChangePinView.qml @@ -81,6 +81,8 @@ SectionPage { onClicked: pop() } + + onAbortCurrentWorkflow: ChangePinModel.cancelWorkflow() } } Component { diff --git a/resources/qml/Governikus/ChangePinView/ChangePinViewContent.qml b/resources/qml/Governikus/ChangePinView/ChangePinViewContent.qml index d2ea56bdb..9b73d8b84 100644 --- a/resources/qml/Governikus/ChangePinView/ChangePinViewContent.qml +++ b/resources/qml/Governikus/ChangePinView/ChangePinViewContent.qml @@ -60,7 +60,7 @@ GFlickableColumnLayout { icon.source: "qrc:///images/icon_six_digit_pin_white.svg" //: LABEL ALL_PLATFORMS - text: qsTr("6-digit PIN") + text: qsTr("Six-digit PIN") onClicked: ChangePinModel.startWorkflow(false) } @@ -73,7 +73,7 @@ GFlickableColumnLayout { icon.source: "qrc:///images/icon_five_digit_pin.svg" //: LABEL ALL_PLATFORMS - text: qsTr("5-digit Transport PIN") + text: qsTr("Five-digit Transport PIN") onClicked: ChangePinModel.startWorkflow(true) } diff --git a/resources/qml/Governikus/EnterPasswordView/+mobile/EnterPasswordView.qml b/resources/qml/Governikus/EnterPasswordView/+mobile/EnterPasswordView.qml index 0c8a8f26a..60219163d 100644 --- a/resources/qml/Governikus/EnterPasswordView/+mobile/EnterPasswordView.qml +++ b/resources/qml/Governikus/EnterPasswordView/+mobile/EnterPasswordView.qml @@ -250,6 +250,7 @@ SectionPage { MoreInformationLink { id: transportPinLink Layout.alignment: Qt.AlignHCenter + Layout.maximumWidth: numberPadLayout.width Layout.topMargin: Constants.text_spacing text: (passwordType === PasswordType.TRANSPORT_PIN ? //: LABEL ANDROID IOS Button to switch to a six-digit ID card PIN. @@ -263,6 +264,7 @@ SectionPage { MoreInformationLink { id: moreInformation Layout.alignment: Qt.AlignHCenter + Layout.maximumWidth: numberPadLayout.width Layout.topMargin: Constants.text_spacing onClicked: baseItem.requestPasswordInfo() diff --git a/resources/qml/Governikus/FeedbackView/+mobile/LogView.qml b/resources/qml/Governikus/FeedbackView/+mobile/LogView.qml index 749f1d1f4..59bd50ccf 100644 --- a/resources/qml/Governikus/FeedbackView/+mobile/LogView.qml +++ b/resources/qml/Governikus/FeedbackView/+mobile/LogView.qml @@ -45,7 +45,7 @@ SectionPage { } ColumnLayout { anchors.fill: parent - spacing: filterButton.filter ? Constants.text_spacing : 0 + spacing: 0 Rectangle { id: logSelector @@ -87,71 +87,73 @@ SectionPage { } } } - TitledSeparator { - Layout.preferredWidth: parent.width - contentMarginTop: 0 - - //: LABEL ANDROID IOS - title: qsTr("Filter") - visible: filterButton.filter - } - GText { - Layout.leftMargin: Constants.component_spacing - - //: LABEL ANDROID IOS - text: qsTr("Select level:") - textStyle: Style.text.normal_accent - visible: filterButton.filter - } - GridLayout { + GFlickableColumnLayout { + Layout.fillHeight: true Layout.fillWidth: true - Layout.leftMargin: Constants.component_spacing - columnSpacing: Constants.groupbox_spacing - columns: (width + columnSpacing) / (levelRepeater.maxItemWidth + columnSpacing) - rowSpacing: Constants.groupbox_spacing + clip: true + spacing: Constants.text_spacing visible: filterButton.filter - GRepeater { - id: levelRepeater - model: filterModel.levels - - delegate: GCheckBox { - Layout.fillWidth: true - checked: filterModel.selectedLevels.indexOf(text) !== -1 - text: modelData + TitledSeparator { + Layout.fillWidth: true + contentMarginLeft: 0 + contentMarginRight: 0 + contentMarginTop: 0 - onToggled: filterModel.configureLevel(text, checked) + //: LABEL ANDROID IOS + title: qsTr("Filter") + } + GText { + //: LABEL ANDROID IOS + text: qsTr("Level") + textStyle: Style.text.normal_accent + } + GridLayout { + Layout.fillWidth: true + columnSpacing: Constants.groupbox_spacing + columns: (width + columnSpacing) / (levelRepeater.maxItemWidth + columnSpacing) + rowSpacing: Constants.groupbox_spacing + + GRepeater { + id: levelRepeater + model: filterModel.levels + + delegate: GCheckBox { + Layout.fillWidth: true + checked: filterModel.selectedLevels.indexOf(text) !== -1 + text: modelData + + onCheckedChanged: filterModel.configureLevel(text, checked) + } } } - } - GText { - Layout.leftMargin: Constants.component_spacing - - //: LABEL ANDROID IOS - text: qsTr("Select category:") - textStyle: Style.text.normal_accent - visible: filterButton.filter - } - GridLayout { - Layout.fillWidth: true - Layout.leftMargin: Constants.component_spacing - columnSpacing: Constants.groupbox_spacing - columns: (width + columnSpacing) / (categoryRepeater.maxItemWidth + columnSpacing) - rowSpacing: Constants.groupbox_spacing - visible: filterButton.filter - - GRepeater { - id: categoryRepeater - model: filterModel.categories - - delegate: GCheckBox { - Layout.fillWidth: true - checked: filterModel.selectedCategories.indexOf(text) !== -1 - text: modelData - - onToggled: filterModel.configureCategory(text, checked) + GText { + //: LABEL ANDROID IOS + text: qsTr("Category") + textStyle: Style.text.normal_accent + } + GridLayout { + Layout.fillWidth: true + columnSpacing: Constants.groupbox_spacing + columns: (width + columnSpacing) / (categoryRepeater.maxItemWidth + columnSpacing) + rowSpacing: Constants.groupbox_spacing + + GRepeater { + id: categoryRepeater + model: filterModel.categories + + delegate: GCheckBox { + Layout.fillWidth: true + checked: filterModel.selectedCategories.indexOf(text) !== -1 + text: modelData + + onCheckedChanged: filterModel.configureCategory(text, checked) + } } } + GSpacer { + Layout.fillHeight: true + } } GListView { id: logView @@ -159,6 +161,7 @@ SectionPage { Layout.fillWidth: true clip: true model: filterModel + visible: !filterButton.filter delegate: ListItem { readonly property bool isLastItem: index === ListView.view.count - 1 diff --git a/resources/qml/Governikus/PasswordInfoView/+desktop/PasswordInfoView.qml b/resources/qml/Governikus/PasswordInfoView/+desktop/PasswordInfoView.qml index b2abf8ca7..b278d560f 100644 --- a/resources/qml/Governikus/PasswordInfoView/+desktop/PasswordInfoView.qml +++ b/resources/qml/Governikus/PasswordInfoView/+desktop/PasswordInfoView.qml @@ -24,6 +24,7 @@ SectionPage { property alias rootEnabled: titleBarAction.rootEnabled readonly property string title: infoContent.title + signal abortCurrentWorkflow signal close titleBarAction: TitleBarAction { @@ -140,7 +141,10 @@ SectionPage { text: root.hint visible: text !== "" - onClicked: Qt.openUrlExternally(PinResetInformationModel.pinResetUrl) + onClicked: { + abortCurrentWorkflow(); + Qt.openUrlExternally(PinResetInformationModel.pinResetUrl); + } } } NavigationButton { diff --git a/resources/qml/Governikus/PasswordInfoView/+mobile/PasswordInfoView.qml b/resources/qml/Governikus/PasswordInfoView/+mobile/PasswordInfoView.qml index f3558ac5e..a82a71ea9 100644 --- a/resources/qml/Governikus/PasswordInfoView/+mobile/PasswordInfoView.qml +++ b/resources/qml/Governikus/PasswordInfoView/+mobile/PasswordInfoView.qml @@ -21,6 +21,7 @@ SectionPage { } readonly property string infoContentTitle: infoContent.title + signal abortCurrentWorkflow signal close sectionPageFlickable: contentItem @@ -112,7 +113,10 @@ SectionPage { text: root.hint visible: text !== "" - onClicked: Qt.openUrlExternally(PinResetInformationModel.pinResetUrl) + onClicked: { + abortCurrentWorkflow(); + Qt.openUrlExternally(PinResetInformationModel.pinResetUrl); + } } } } diff --git a/resources/qml/Governikus/PasswordInfoView/PasswordInfoData.qml b/resources/qml/Governikus/PasswordInfoView/PasswordInfoData.qml index be23b5548..7f5c4034f 100644 --- a/resources/qml/Governikus/PasswordInfoView/PasswordInfoData.qml +++ b/resources/qml/Governikus/PasswordInfoView/PasswordInfoData.qml @@ -78,14 +78,14 @@ Item { blockTitle: qsTr("What is the card PIN?") paragraphList: [ //: INFO ALL_PLATFORMS Answer to the question 'what is the card pin?' - qsTr("The card PIN is a 6-digit PIN that you set yourself. You always need this PIN if you want to use the eID function.")] + qsTr("The card PIN is a six-digit PIN that you set yourself. You always need this PIN if you want to use the eID function.")] }, PasswordInfoContentBlock { //: LABEL ALL_PLATFORMS blockTitle: qsTr("Where can I find the card PIN?") paragraphList: [ //: INFO ALL_PLATFORMS Answer to the question 'Where can I find the card PIN?' - qsTr("You set the card PIN either directly when you picked up your ID card at the citizens' office (Bürgeramt) or later in AusweisApp2 using the 5-digit Transport PIN. Only when you have set a 6-digit PIN of your own choice can you use the eID function.")] + qsTr("You set the card PIN either directly when you picked up your ID card at the citizens' office (Bürgeramt) or later in AusweisApp2 using the five-digit Transport PIN. Only when you have set a six-digit PIN of your own choice can you use the eID function.")] } ] } @@ -104,9 +104,9 @@ Item { blockTitle: qsTr("How do I choose a secure PIN?") paragraphList: [ //: INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 1/3 - qsTr("For your 6-digit PIN, choose a combination of numbers that cannot be guessed - i.e. neither \"123456\", nor your date of birth, nor any other numbers printed on your ID card."), + qsTr("For your six-digit PIN, choose a combination of numbers that cannot be guessed - i.e. neither \"123456\", nor your date of birth, nor any other numbers printed on your ID card."), //: INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 2/3 - qsTr("You can change your 6-digit PIN at any time and an unlimited number of times as long as you know your valid PIN."), + qsTr("You can change your six-digit PIN at any time and an unlimited number of times as long as you know your valid PIN."), //: INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 3/3 qsTr("Keep your PIN secret and change it if another person becomes aware of it.")] } @@ -129,9 +129,9 @@ Item { blockTitle: qsTr("What is the Transport PIN?") paragraphList: [ //: INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 1/3 - qsTr("The 5-digit Transport PIN was sent to you in the PIN letter by mail after you applied for your ID card."), + qsTr("The five-digit Transport PIN was sent to you in the PIN letter by mail after you applied for your ID card."), //: INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 2/3 - qsTr("If you did not set a self-selected 6-digit card PIN when you picked up your ID card, you can do so using the Transport PIN."), + qsTr("If you did not set a self-selected six-digit card PIN when you picked up your ID card, you can do so using the Transport PIN."), //: INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 3/3 qsTr("Once you have set a card PIN, the Transport PIN loses its validity.")] } @@ -172,7 +172,7 @@ Item { blockTitle: qsTr("Where do I find the PUK?") paragraphList: [ //: INFO ALL_PLATFORMS Answer to the question 'Where do I find the PUK?' - qsTr("The PUK is a 10-digit number that you can find in the PIN letter that was sent to you by mail after you applied for your ID card.")] + qsTr("The PUK is a ten-digit number that you can find in the PIN letter that was sent to you by mail after you applied for your ID card.")] }, PasswordInfoContentBlock { //: LABEL ALL_PLATFORMS @@ -219,7 +219,7 @@ Item { blockTitle: qsTr("Where can I find the CAN?") paragraphList: [ //: INFO ALL_PLATFORMS Answer to the question 'Where can I find the CAN?' - qsTr("The CAN is a 6-digit number that can be found on the bottom right of the front of the ID card.")] + qsTr("The CAN is a six-digit number that can be found on the bottom right of the front of the ID card.")] } ] } @@ -227,6 +227,8 @@ Item { id: canAllowedInfo imageType: PasswordInfoImage.CAN + //: LABEL ALL_PLATFORMS + linkText: qsTr("Why is the CAN required?") //: LABEL ALL_PLATFORMS title: qsTr("CAN information") @@ -254,29 +256,29 @@ Item { blockTitle: qsTr("Learn more about the two types of PIN") paragraphList: [ //: INFO ALL_PLATFORMS Description text explaining the PINs 1/6 - qsTr("Your ID card comes with a 5-digit 'Transport PIN' which you need to replace with a 6-digit PIN that you choose yourself.")] + qsTr("Your ID card comes with a five-digit 'Transport PIN' which you need to replace with a six-digit PIN that you choose yourself.")] }, PasswordInfoContentBlock { blockHeaderImageType: PasswordInfoImage.Type.LETTER //: LABEL ALL_PLATFORMS - blockTitle: qsTr("5-digit Transport PIN") + blockTitle: qsTr("Five-digit Transport PIN") paragraphList: [ //: INFO ALL_PLATFORMS Description text explaining the PINs 2/6 - qsTr("The 5-digit Transport PIN was sent to you by post after you applied for your ID card."), + qsTr("The five-digit Transport PIN was sent to you by post after you applied for your ID card."), //: INFO ALL_PLATFORMS Description text explaining the PINs 3/6 - qsTr("The PIN can only be used once. When you set up the eID function, you will replace this 5-digit PIN with a 6-digit PIN that you choose yourself.")] + qsTr("The PIN can only be used once. When you set up the eID function, you will replace this five-digit PIN with a six-digit PIN that you choose yourself.")] }, PasswordInfoContentBlock { blockHeaderImageType: PasswordInfoImage.Type.PIN //: LABEL ALL_PLATFORMS - blockTitle: qsTr("6-digit PIN") + blockTitle: qsTr("Six-digit PIN") paragraphList: [ //: INFO ALL_PLATFORMS Description text explaining the PINs 4/6 - qsTr("This is a number that you choose yourself when you set up the eID function for the first time. It replaces your 5-digit Transport PIN."), + qsTr("This is a number that you choose yourself when you set up the eID function for the first time. It replaces your five-digit Transport PIN."), //: INFO ALL_PLATFORMS Description text explaining the PINs 5/6 qsTr("This PIN allows you to prove online that the ID card belongs to you. No one can use your ID card online without this PIN."), //: INFO ALL_PLATFORMS Description text explaining the PINs 6/6 - qsTr("You can change your 6-digit PIN at any time in AusweisApp2.")] + qsTr("You can change your six-digit PIN at any time in AusweisApp2.")] } ] } @@ -313,7 +315,7 @@ Item { blockTitle: qsTr("You do not know your PIN?") paragraphList: [ //: INFO ALL_PLATFORMS - qsTr("You have not yet set a 6-digit card PIN and cannot find the PIN letter with the Transport PIN?"), + qsTr("You have not yet set a six-digit card PIN and cannot find the PIN letter with the Transport PIN?"), //: INFO ALL_PLATFORMS qsTr("You set a card PIN when picking up your ID card or later by yourself, but you can no longer remember it?")] } diff --git a/resources/qml/Governikus/RemoteServiceView/+mobile/RemoteServiceView.qml b/resources/qml/Governikus/RemoteServiceView/+mobile/RemoteServiceView.qml index b6bd1b3d9..9c011a0a3 100644 --- a/resources/qml/Governikus/RemoteServiceView/+mobile/RemoteServiceView.qml +++ b/resources/qml/Governikus/RemoteServiceView/+mobile/RemoteServiceView.qml @@ -105,6 +105,7 @@ SectionPage { Image { Layout.alignment: Qt.AlignHCenter + Layout.maximumWidth: contentItem.effectiveContentWidth Layout.preferredHeight: Style.dimens.medium_icon_size fillMode: Image.PreserveAspectFit source: "qrc:///images/phone_to_pc.svg" diff --git a/resources/qml/Governikus/RemoteServiceView/RemoteServiceController.qml b/resources/qml/Governikus/RemoteServiceView/RemoteServiceController.qml index 005781765..60dedbcb3 100644 --- a/resources/qml/Governikus/RemoteServiceView/RemoteServiceController.qml +++ b/resources/qml/Governikus/RemoteServiceView/RemoteServiceController.qml @@ -57,6 +57,10 @@ Controller { PasswordInfoView { infoContent: infoData + onAbortCurrentWorkflow: { + popAll(); + RemoteServiceModel.cancelPasswordRequest(); + } onClose: pop() } } diff --git a/resources/qml/Governikus/SettingsView/+desktop/CardReaderDelegate.qml b/resources/qml/Governikus/SettingsView/+desktop/CardReaderDelegate.qml index 334cc8c8c..eee0fce89 100644 --- a/resources/qml/Governikus/SettingsView/+desktop/CardReaderDelegate.qml +++ b/resources/qml/Governikus/SettingsView/+desktop/CardReaderDelegate.qml @@ -112,6 +112,7 @@ Item { GText { Layout.fillWidth: true + clip: true text: readerName textStyle: Style.text.header } diff --git a/resources/qml/Governikus/TechnologyInfo/+mobile/TechnologyInfo.qml b/resources/qml/Governikus/TechnologyInfo/+mobile/TechnologyInfo.qml index e5f3439ec..414e0c70f 100644 --- a/resources/qml/Governikus/TechnologyInfo/+mobile/TechnologyInfo.qml +++ b/resources/qml/Governikus/TechnologyInfo/+mobile/TechnologyInfo.qml @@ -57,13 +57,12 @@ Item { verticalAlignment: Text.AlignBottom visible: text !== "" } - Item { + Column { id: additionalContentItem Layout.alignment: Qt.AlignHCenter Layout.bottomMargin: Constants.component_spacing Layout.fillWidth: true Layout.maximumWidth: Style.dimens.max_text_width - implicitHeight: childrenRect.height visible: children.length !== 0 } GSpacer { diff --git a/resources/qml/Governikus/View/+mobile/ContentArea.qml b/resources/qml/Governikus/View/+mobile/ContentArea.qml index efe19a5a8..ba17e8aff 100644 --- a/resources/qml/Governikus/View/+mobile/ContentArea.qml +++ b/resources/qml/Governikus/View/+mobile/ContentArea.qml @@ -110,7 +110,7 @@ Item { TabBarView { id: helpView anchors.fill: parent - visible: baseItem.activeModule === UiModule.HELP + visible: baseItem.activeModule === UiModule.HELP || baseItem.activeModule === UiModule.TUTORIAL initialItem: MoreView { } diff --git a/resources/qml/Governikus/Workflow/+desktop/GeneralWorkflow.qml b/resources/qml/Governikus/Workflow/+desktop/GeneralWorkflow.qml index 070861af2..cb1d6ee3c 100644 --- a/resources/qml/Governikus/Workflow/+desktop/GeneralWorkflow.qml +++ b/resources/qml/Governikus/Workflow/+desktop/GeneralWorkflow.qml @@ -17,11 +17,8 @@ SectionPage { id: root property bool isPinChange: false - //: LABEL DESKTOP - property string passwordInfoLinkText: qsTr("More information") property int waitingFor: 0 - signal requestPasswordInfo signal settingsRequested onWaitingForChanged: if (visible) @@ -175,7 +172,7 @@ SectionPage { } } MoreInformationLink { - id: moreInfo + id: readerSettingsLink anchors.horizontalCenter: parent.horizontalCenter anchors.top: subText.bottom anchors.topMargin: Constants.component_spacing @@ -188,26 +185,13 @@ SectionPage { PropertyChanges { iconVisible: false - target: moreInfo + target: readerSettingsLink //: INFO DESKTOP text: qsTr("Go to reader settings") visible: true onClicked: root.settingsRequested() } - }, - State { - name: "moreInformation" - when: waitingFor === Workflow.WaitingFor.Password - - PropertyChanges { - iconVisible: true - target: moreInfo - text: root.passwordInfoLinkText - visible: true - - onClicked: root.requestPasswordInfo() - } } ] } diff --git a/resources/translations/ausweisapp2_de.ts b/resources/translations/ausweisapp2_de.ts index 38c86e7ae..da1d532e1 100644 --- a/resources/translations/ausweisapp2_de.ts +++ b/resources/translations/ausweisapp2_de.ts @@ -5,7 +5,7 @@ DvcsAttributes revision - 52a5aa47f692 + efee4b38a0c7 @@ -505,7 +505,7 @@ INFO ANDROID IOS The ID card has just been unblocked and the user can now contin Was für eine PIN haben Sie? - 6-digit PIN + Six-digit PIN LABEL ALL_PLATFORMS Sechsstellige PIN @@ -515,7 +515,7 @@ INFO ANDROID IOS The ID card has just been unblocked and the user can now contin Von Ihnen selbst gesetzt - 5-digit Transport PIN + Five-digit Transport PIN LABEL ALL_PLATFORMS Fünfstellige Transport-PIN @@ -1753,11 +1753,6 @@ LABEL ANDROID IOS INFO DESKTOP Zu den Einstellungen - - More information - LABEL DESKTOP - Mehr Informationen - Hint @@ -2169,14 +2164,14 @@ INFO ANDROID IOS The current logfile is about to be removed, user confirmation r Filter - Select level: + Level LABEL ANDROID IOS - Level auswählen: + Level - Select category: + Category LABEL ANDROID IOS - Kategorie auswählen: + Kategorie Currently there are no log entries matching your filter. @@ -2753,7 +2748,7 @@ LABEL ANDROID IOS PIN-Information - The card PIN is a 6-digit PIN that you set yourself. You always need this PIN if you want to use the eID function. + The card PIN is a six-digit PIN that you set yourself. You always need this PIN if you want to use the eID function. INFO ALL_PLATFORMS Answer to the question 'what is the card pin?' Die Karten-PIN ist eine sechsstellige PIN, die Sie selbst gesetzt haben. Diese PIN brauchen Sie immer, wenn Sie die Online-Ausweisfunktion nutzen möchten. @@ -2763,7 +2758,7 @@ LABEL ANDROID IOS Wo finde ich die Karten-PIN? - You set the card PIN either directly when you picked up your ID card at the citizens' office (Bürgeramt) or later in AusweisApp2 using the 5-digit Transport PIN. Only when you have set a 6-digit PIN of your own choice can you use the eID function. + You set the card PIN either directly when you picked up your ID card at the citizens' office (Bürgeramt) or later in AusweisApp2 using the five-digit Transport PIN. Only when you have set a six-digit PIN of your own choice can you use the eID function. INFO ALL_PLATFORMS Answer to the question 'Where can I find the card PIN?' Sie haben die Karten-PIN entweder direkt bei der Abholung des Ausweises im Bürgeramt oder später in der AusweisApp2 mithilfe der fünfstelligen Transport-PIN gesetzt. Erst wenn Sie eine selbstgewählte, sechsstellige PIN gesetzt haben, können Sie die Online-Ausweisfunktion nutzen. @@ -2773,12 +2768,12 @@ LABEL ANDROID IOS Wie wähle ich eine sichere PIN? - For your 6-digit PIN, choose a combination of numbers that cannot be guessed - i.e. neither "123456", nor your date of birth, nor any other numbers printed on your ID card. + For your six-digit PIN, choose a combination of numbers that cannot be guessed - i.e. neither "123456", nor your date of birth, nor any other numbers printed on your ID card. INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 1/3 - Wählen Sie für Ihre sechsstellige PIN eine Zahlenkombination, die nicht zu erraten ist – also weder „123456“, noch Ihr Geburtsdatum oder andere Zahlen, die auf dem Ausweis aufgedruckt sind. + Wählen Sie für Ihre sechsstellige PIN eine Zahlenkombination, die nicht zu erraten ist - also weder „123456“, noch Ihr Geburtsdatum oder andere Zahlen, die auf dem Ausweis aufgedruckt sind. - You can change your 6-digit PIN at any time and an unlimited number of times as long as you know your valid PIN. + You can change your six-digit PIN at any time and an unlimited number of times as long as you know your valid PIN. INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 2/3 Sie können Ihre sechsstellige PIN jederzeit und unbegrenzt oft ändern, solange Ihnen Ihre gültige PIN bekannt ist. @@ -2798,12 +2793,12 @@ LABEL ANDROID IOS Transport-PIN-Information - The 5-digit Transport PIN was sent to you in the PIN letter by mail after you applied for your ID card. + The five-digit Transport PIN was sent to you in the PIN letter by mail after you applied for your ID card. INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 1/3 Die fünfstellige Transport-PIN wurde Ihnen im PIN-Brief per Post zugesandt, nachdem Sie Ihren Ausweis beantragt haben. - If you did not set a self-selected 6-digit card PIN when you picked up your ID card, you can do so using the Transport PIN. + If you did not set a self-selected six-digit card PIN when you picked up your ID card, you can do so using the Transport PIN. INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 2/3 Falls Sie nicht direkt bei der Abholung Ihres Ausweises eine selbstgewählte, sechsstellige Karten-PIN gesetzt haben, können Sie dies mithilfe der Transport-PIN tun. @@ -2838,7 +2833,7 @@ LABEL ANDROID IOS PUK-Information - The PUK is a 10-digit number that you can find in the PIN letter that was sent to you by mail after you applied for your ID card. + The PUK is a ten-digit number that you can find in the PIN letter that was sent to you by mail after you applied for your ID card. INFO ALL_PLATFORMS Answer to the question 'Where do I find the PUK?' Die PUK ist eine zehnstellige Zahl, die Sie in dem PIN-Brief finden, der Ihnen nach Beantragung Ihres Ausweises per Post zugeschickt wurde. @@ -2898,7 +2893,7 @@ LABEL ANDROID IOS Wo finde ich die CAN? - The CAN is a 6-digit number that can be found on the bottom right of the front of the ID card. + The CAN is a six-digit number that can be found on the bottom right of the front of the ID card. INFO ALL_PLATFORMS Answer to the question 'Where can I find the CAN?' Die CAN ist eine sechsstellige Zahl, die unten rechts auf der Vorderseite des Ausweises zu finden ist. @@ -2935,7 +2930,7 @@ LABEL ALL_PLATFORMS Sie kennen Ihre PIN nicht? - You have not yet set a 6-digit card PIN and cannot find the PIN letter with the Transport PIN? + You have not yet set a six-digit card PIN and cannot find the PIN letter with the Transport PIN? INFO ALL_PLATFORMS Sie haben noch keine sechsstellige PIN gesetzt und können den Brief mit der Transport-PIN nicht finden? @@ -2955,32 +2950,32 @@ LABEL ALL_PLATFORMS PIN-Arten - Your ID card comes with a 5-digit 'Transport PIN' which you need to replace with a 6-digit PIN that you choose yourself. + Your ID card comes with a five-digit 'Transport PIN' which you need to replace with a six-digit PIN that you choose yourself. INFO ALL_PLATFORMS Description text explaining the PINs 1/6 Ihr Ausweis wurde bei Erstellung mit einer fünfstelligen „Transport-PIN“ versehen, die Sie durch eine sechsstellige, selbstgewählte PIN ersetzen müssen. - 5-digit Transport PIN + Five-digit Transport PIN LABEL ALL_PLATFORMS Fünfstellige Transport-PIN - The 5-digit Transport PIN was sent to you by post after you applied for your ID card. + The five-digit Transport PIN was sent to you by post after you applied for your ID card. INFO ALL_PLATFORMS Description text explaining the PINs 2/6 Die fünfstellige Transport-PIN wurde Ihnen per Post zugesandt, nachdem Sie Ihren Ausweis beantragt haben. - The PIN can only be used once. When you set up the eID function, you will replace this 5-digit PIN with a 6-digit PIN that you choose yourself. + The PIN can only be used once. When you set up the eID function, you will replace this five-digit PIN with a six-digit PIN that you choose yourself. INFO ALL_PLATFORMS Description text explaining the PINs 3/6 Diese PIN kann nur einmal verwendet werden. Wenn Sie Ihren Online-Ausweis einrichten, ersetzen Sie diese fünfstellige Transport-PIN durch eine sechsstellige, selbstgewählte PIN. - 6-digit PIN + Six-digit PIN LABEL ALL_PLATFORMS Sechsstellige PIN - This is a number that you choose yourself when you set up the eID function for the first time. It replaces your 5-digit Transport PIN. + This is a number that you choose yourself when you set up the eID function for the first time. It replaces your five-digit Transport PIN. INFO ALL_PLATFORMS Description text explaining the PINs 4/6 Die sechsstellige PIN ist eine Zahlenkombination, die Sie selbst wählen, wenn Sie Ihren Online-Ausweis zum ersten Mal einrichten. Sie ersetzt Ihre fünfstellige Transport-PIN. @@ -2990,7 +2985,7 @@ LABEL ALL_PLATFORMS Mit der sechsstelligen, selbstgewählten PIN weisen Sie online nach, dass der Ausweis Ihnen gehört. Keiner kann Ihren Ausweis online benutzen ohne diese PIN. - You can change your 6-digit PIN at any time in AusweisApp2. + You can change your six-digit PIN at any time in AusweisApp2. INFO ALL_PLATFORMS Description text explaining the PINs 6/6 Sie können Ihre PIN jederzeit in der AusweisApp2 ändern. @@ -6764,7 +6759,7 @@ Um fortzufahren, verwenden Sie Ihren Ausweis, indem Sie die NFC-Schnittstelle au The program received an unknown message from the server. - ERROR_MASKED ALL_PLATFORMS The type of a POAS message could not be determined. + ERROR_MASKED ALL_PLATFORMS The type of a PAOS message could not be determined. Die Anwendung hat eine unbekannte Nachricht vom Server erhalten. @@ -7082,6 +7077,19 @@ Um fortzufahren, verwenden Sie Ihren Ausweis, indem Sie die NFC-Schnittstelle au ERROR ALL_PLATFORMS Starting the update failed. Ein neuer Prozess zur Durchführung der Aktualisierung konnte nicht gestartet werden. + + The program did not receive a StartPaosResponse message from the server. + ERROR_MASKED ALL_PLATFORMS The PAOS message StartPaosResponse was not received. + Die Anwendung hat keine StartPaosResponse Nachricht vom Server erhalten. + + + + governikus::HistoryModel + + No data stored on your ID card was read, only confirmed whether you are in possession of a valid ID card. + LABEL ALL_PLATFORMS + Es wurden keine Daten von Ihrem Ausweis ausgelesen, sondern lediglich sichergestellt, dass Sie im Besitz eines gültigen Ausweises sind. + governikus::HistoryModelSearchFilter @@ -8038,9 +8046,7 @@ Bitte aktivieren Sie NFC, um Ihr Smartphone als Kartenleser (SaK) benutzen zu k The program remains available via the icon in the system tray. Click on the %1 icon to reopen the user interface. - INFO DESKTOP Content of the popup that is shown when the AA2 is closed for the first time. ----------- -INFO DESKTOP Content of the popup that is shown when the AA2 is closed and a workflow is still active and the close/minimize info was not disabled. + INFO DESKTOP Content of the popup that is shown when the AA2 is closed and the close/minimize info was not disabled. Das Programm steht weiterhin im Infobereich zur Verfügung. Klicken Sie auf das Symbol der %1, um die Anwendung wieder zu öffnen. @@ -8087,5 +8093,10 @@ INFO DESKTOP Content of the popup that is shown when the AA2 is closed and a wor INFO ANDROID IOS Hint that is shown if the users pressed the "back" button on the top-most navigation level for the first time (a second press closes the app). Um die Anwendung zu schließen, drücken Sie zweimal schnell die Zurück-Taste. + + The program remains available via the icon in the menu bar. Click on the %1 icon to reopen the user interface. + INFO DESKTOP Content of the popup that is shown when the AA2 is closed and the close/minimize info was not disabled. macOS specific if autostart is enabled. + Das Programm steht weiterhin in der Menüleiste zur Verfügung. Klicken Sie auf das Symbol der %1, um die Anwendung wieder zu öffnen. + diff --git a/resources/translations/ausweisapp2_ru.ts b/resources/translations/ausweisapp2_ru.ts index 620dd89f9..79350d56a 100644 --- a/resources/translations/ausweisapp2_ru.ts +++ b/resources/translations/ausweisapp2_ru.ts @@ -5,7 +5,7 @@ DvcsAttributes revision - 52a5aa47f692 + efee4b38a0c7 @@ -168,11 +168,11 @@ INFO ANDROID IOS Second line text if a basic card reader is used and background LABEL DESKTOP A11y button to confirm the PIN and start the provider authentication ---------- LABEL ANDROID IOS A11y button to confirm the PIN and start the provider authentication - + Аутентификация с помощью провайдера Online identification with Transport PIN is not possible. The self-selected, six-digit ID card PIN is mandatory to use the eID function. - + Онлайн-идентификация с помощью временного PIN-кода невозможна. Для использования функции eID необходим 6-значный PIN-код идентификационной карты, который пользователь создает самостоятельно. Do you know your six-digit ID card PIN? @@ -505,34 +505,34 @@ INFO ANDROID IOS The ID card has just been unblocked and the user can now contin Какой у вас PIN-код? - 6-digit PIN + Set by yourself LABEL ALL_PLATFORMS - + Создается пользователем самостоятельно - Set by yourself + Received by mail in PIN letter LABEL ALL_PLATFORMS - + Получен по почте в письме с PIN-кодом - 5-digit Transport PIN + No PIN LABEL ALL_PLATFORMS - + PIN-код отсутствует - Received by mail in PIN letter + Lost, forgotten, or never received it LABEL ALL_PLATFORMS - + Утерян, забыт или не получен вовсе - No PIN + Six-digit PIN LABEL ALL_PLATFORMS - + 6-значный PIN-код - Lost, forgotten, or never received it + Five-digit Transport PIN LABEL ALL_PLATFORMS - + 5-значный временный PIN-код @@ -1206,7 +1206,7 @@ INFO ANDROID IOS The ID card has just been unblocked and the user can now contin Save diagnosis LABEL DESKTOP - Сохранить данные диагностики + Сохранить диагностику @@ -1561,56 +1561,56 @@ INFO ANDROID IOS The AA2 expects a Smart-eID PIN with six digits in an authentic LABEL DESKTOP ---------- LABEL ANDROID IOS - + Отправить CAN-код Send PUK LABEL DESKTOP ---------- LABEL ANDROID IOS - + Отправить PUK-код Send pairing code LABEL DESKTOP ---------- LABEL ANDROID IOS - + Отправить код сопряжения Send new ID card PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Отправить новый PIN-код идентификационной карты Send Transport PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Отправить временный PIN-код Send Smart-eID PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Отправить PIN-код для Smart-eID Send new Smart-eID PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Отправить новый PIN-код для Smart-eID Send ID card PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Отправить PIN-код идентификационной карты @@ -1753,11 +1753,6 @@ LABEL ANDROID IOS INFO DESKTOP Перейти к настройкам устройства чтения карт - - More information - LABEL DESKTOP - Дополнительные сведения - Hint @@ -1783,7 +1778,7 @@ LABEL ANDROID IOS dd.MM.yyyy - dd.MM.yyyy + дд.ММ.гггг Tap for more details @@ -1874,7 +1869,7 @@ LABEL ANDROID IOS dd.MM.yyyy - dd.MM.yyyy + дд.ММ.гггг Clear history @@ -1964,7 +1959,7 @@ LABEL ANDROID IOS dd.MM.yyyy - dd.MM.yyyy + дд.ММ.гггг Write access (update) @@ -2169,19 +2164,19 @@ INFO ANDROID IOS The current logfile is about to be removed, user confirmation r Фильтр - Select level: - LABEL ANDROID IOS - Выберите уровень: + Currently there are no log entries matching your filter. + INFO ANDROID IOS No log entries, placeholder text. + В настоящее время отсутствуют записи журнала, соответствующие вашему фильтру. - Select category: + Level LABEL ANDROID IOS - Выберите категорию: + Уровень - Currently there are no log entries matching your filter. - INFO ANDROID IOS No log entries, placeholder text. - В настоящее время отсутствуют записи журнала, соответствующие вашему фильтру. + Category + LABEL ANDROID IOS + Категория @@ -2669,7 +2664,7 @@ LABEL ANDROID IOS Please place your ID card directly on the device's back side.<br/><br/>The exact position of the ID card is device dependent. The animations depict possible positions. Keep one position for several seconds before trying another one and do not move the ID card after contact was established. INFO ANDROID The ID card may be inserted, the authentication process may be started. - Расположите идентификационную карту на устройстве (точное положение зависит от устройства). Возможное положение показано в анимации. Удерживайте идентификационную карту в одном положении несколько секунд, прежде чем поменять положение, и не смещайте ее после установки соединения. + Расположите идентификационную карту непосредственно на задней стороне устройства.<br/><br/>Точное положение идентификационной карты зависит от устройства. Возможное положение показано в анимации. Удерживайте идентификационную карту в одном положении несколько секунд, прежде чем поменять положение, и не смещайте ее после установки соединения. @@ -2697,7 +2692,7 @@ LABEL ANDROID IOS The password is visible. Digits entered so far: %1 LABEL DESKTOP Screenreader text for the password field - + Пароль отображается. Цифры, введенные ранее: %1 @@ -2717,12 +2712,12 @@ LABEL ANDROID IOS Delete last digit, disabled until input is present. - + Удалить последнюю цифру, деактивировано до начала ввода данных. , disabled until input is complete. LABEL ANDROID IOS A11y text, appended onto the "submit" button text when the button is disabled. - + , деактивировано до завершения ввода данных. @@ -2745,72 +2740,42 @@ LABEL ANDROID IOS What is the card PIN? LABEL ALL_PLATFORMS - + Что такое PIN-код карты? PIN information LABEL ALL_PLATFORMS Информация о PIN-коде - - The card PIN is a 6-digit PIN that you set yourself. You always need this PIN if you want to use the eID function. - INFO ALL_PLATFORMS Answer to the question 'what is the card pin?' - - Where can I find the card PIN? LABEL ALL_PLATFORMS - - - - You set the card PIN either directly when you picked up your ID card at the citizens' office (Bürgeramt) or later in AusweisApp2 using the 5-digit Transport PIN. Only when you have set a 6-digit PIN of your own choice can you use the eID function. - INFO ALL_PLATFORMS Answer to the question 'Where can I find the card PIN?' - + Где найти PIN-код карты? How do I choose a secure PIN? LABEL ALL_PLATFORMS - - - - For your 6-digit PIN, choose a combination of numbers that cannot be guessed - i.e. neither "123456", nor your date of birth, nor any other numbers printed on your ID card. - INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 1/3 - - - - You can change your 6-digit PIN at any time and an unlimited number of times as long as you know your valid PIN. - INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 2/3 - + Как выбрать безопасный PIN-код? Keep your PIN secret and change it if another person becomes aware of it. INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 3/3 - + Держите PIN-код в секрете и измените его, если о нем станет известно другому человеку. What is the Transport PIN? LABEL ALL_PLATFORMS - + Что такое временный PIN-код? Transport PIN information LABEL ALL_PLATFORMS Информация о временном PIN-коде - - The 5-digit Transport PIN was sent to you in the PIN letter by mail after you applied for your ID card. - INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 1/3 - - - - If you did not set a self-selected 6-digit card PIN when you picked up your ID card, you can do so using the Transport PIN. - INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 2/3 - - Once you have set a card PIN, the Transport PIN loses its validity. INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 3/3 - + После создания PIN-кода карты временный PIN-код перестает действовать. Smartphone as card reader information @@ -2820,52 +2785,47 @@ LABEL ANDROID IOS You may use your smartphone as a card reader with AusweisApp2. The smartphone needs to feature a supported NFC chipset and both devices, your smartphone and this machine, need to be connected to the same WiFi network. INFO ALL_PLATFORMS Description text of SaC pairing - + Вы можете использовать смартфон в качестве устройства чтения карт с помощью AusweisApp2. Смартфон должен быть оснащен поддерживаемым чипсетом NFC, и оба устройства (ваш смартфон и этот компьютер) должны быть подключены к одной сети Wi-Fi. To use your smartphone as a card reader you'll always need to activate the remote service in the AusweisApp2 on the smartphone. For the first time you'll also need to start the pairing mode on your smartphone, select the device from the list of available devices on this machine and then enter the pairing code shown on the phone. INFO ALL_PLATFORMS Description text of SaC pairing - + Чтобы можно было использовать смартфон в качестве устройства чтения карт, в AusweisApp2 на смартфоне должна быть постоянно активирована удаленная служба. Для первичного соединения необходимо запустить режим сопряжения на смартфоне, выбрать устройство из списка доступных устройств на компьютере и ввести код сопряжения, отображающийся на смартфоне. Where do I find the PUK? LABEL ALL_PLATFORMS - + Где найти PUK-код? PUK information LABEL ALL_PLATFORMS Информация о PUK-коде - - The PUK is a 10-digit number that you can find in the PIN letter that was sent to you by mail after you applied for your ID card. - INFO ALL_PLATFORMS Answer to the question 'Where do I find the PUK?' - - Why is the PUK required? LABEL ALL_PLATFORMS - + Для чего необходим PUK-код? The PUK is required if the card PIN has been entered incorrectly three times in a row. As a result, the card PIN is blocked. INFO ALL_PLATFORMS Answer to the question 'Why is the PUK required?' - + PUK-код необходим в том случае, если PIN-код карты введен неправильно три раза подряд. После этого PIN-код карты блокируется. What is the PUK's purpose? LABEL ALL_PLATFORMS - + В чем назначение PUK-кода? By entering the PUK, you unblock the card PIN and have another three chances to enter the correct PIN. INFO ALL_PLATFORMS Answer to the question 'What is the PUK's purpose?' - + После ввода PUK-кода разблокируется PIN-код карты и появляется возможность ввести правильный PIN-код еще три раза. Why is the CAN required? LABEL ALL_PLATFORMS - + Для чего необходим CAN-код? CAN information @@ -2875,32 +2835,27 @@ LABEL ANDROID IOS When is the card access number (CAN) required? LABEL ALL_PLATFORMS - + Когда необходим код доступа к карте (CAN-код)? The card access number (CAN) is required when the card PIN has been entered incorrectly twice. INFO ALL_PLATFORMS Answer to the question 'When is the card access number (CAN) required?' - + Код доступа к карте (CAN-код) требуется, если PIN-код карты дважды введен неправильно. Why do I have to enter the CAN before a third attempt? LABEL ALL_PLATFORMS - + Почему нужно вводить CAN-код перед третьей попыткой? A third incorrect entry blocks your PIN and you can no longer use the eID function until it is unblocked. Requesting the CAN ensures that a third incorrect entry can only be made with direct access to your ID card. INFO ALL_PLATFORMS Answer to the question 'Why do I have to enter the CAN before a third attempt?' - + Третий неверный ввод блокирует PIN-код, и вы больше не сможете использовать функцию eID до тех пор, пока он не будет разблокирован. Запрос CAN-кода гарантирует, что третий неправильный ввод может быть выполнен только при наличии прямого доступа к идентификационной карте. Where can I find the CAN? LABEL ALL_PLATFORMS - - - - The CAN is a 6-digit number that can be found on the bottom right of the front of the ID card. - INFO ALL_PLATFORMS Answer to the question 'Where can I find the CAN?' - + Где найти CAN-код? The Card Access Number (CAN) allows to access the imprinted data of the ID card. The CAN is a six-digit number that can be found on the front of the ID card. It is located at the bottom right next to the validity date (marked in red). @@ -2917,12 +2872,12 @@ LABEL ALL_PLATFORMS Just like the physical ID card, the Smart-eID stored on your Smartphone can be blocked. This might be required if you ever lose your device. INFO ANDROID IOS Description text of Smart-eID PIN - + Сохраненную на смартфоне электронную идентификационную карту Smart-eID можно заблокировать, как и физическую идентификационную карту. Это может потребоваться при потере устройства. To revoke an active Smart-eID, a blocking code is required. The blocking code will be displayed after successfully creating the Smart-eID. Furthermore, it is contained in the letter you will receive after creation. INFO ANDROID IOS Description text of Smart-eID PIN - + Для блокировки активной электронной идентификационной карты Smart-eID требуется код блокировки. Код блокировки отображается на дисплее после успешного создания электронной идентификационной карты Smart-eID. Кроме того, он указан в письме, которое вы получите после создания. No PIN known @@ -2932,82 +2887,122 @@ LABEL ALL_PLATFORMS You do not know your PIN? LABEL ALL_PLATFORMS - - - - You have not yet set a 6-digit card PIN and cannot find the PIN letter with the Transport PIN? - INFO ALL_PLATFORMS - + Знаете ли вы свой PIN-код? You set a card PIN when picking up your ID card or later by yourself, but you can no longer remember it? INFO ALL_PLATFORMS - + Вы установили PIN-код карты при получении идентификационной карты или позже самостоятельно, но не можете его вспомнить? Learn more about the two types of PIN LABEL ALL_PLATFORMS - + Узнайте больше о двух типах PIN-кодов Types of PIN LABEL ALL_PLATFORMS - + Типы PIN-кодов - Your ID card comes with a 5-digit 'Transport PIN' which you need to replace with a 6-digit PIN that you choose yourself. - INFO ALL_PLATFORMS Description text explaining the PINs 1/6 - + This PIN allows you to prove online that the ID card belongs to you. No one can use your ID card online without this PIN. + INFO ALL_PLATFORMS Description text explaining the PINs 5/6 + Этот PIN-код позволяет в режиме онлайн подтвердить то, что идентификационная карта принадлежит именно вам. Никто не сможет использовать вашу идентификационную карту в режиме онлайн без этого PIN-кода. - 5-digit Transport PIN + You can use the PIN Reset Service to request a new card PIN free of charge. LABEL ALL_PLATFORMS - + Вы можете воспользоваться службой сброса PIN-кода, чтобы бесплатно запросить новый PIN-код карты. - The 5-digit Transport PIN was sent to you by post after you applied for your ID card. - INFO ALL_PLATFORMS Description text explaining the PINs 2/6 - + If you do not know either your Transport PIN or your card PIN, you can request a new PIN free of charge using the PIN Reset Service. + LABEL ALL_PLATFORMS Hint text for requested Transport PIN but both, Transport PIN and PIN, are not known. + Если вы не знаете ни своего временного PIN-кода, ни PIN-кода карты, вы можете бесплатно запросить новый PIN-код, воспользовавшись службой сброса PIN-кода. - The PIN can only be used once. When you set up the eID function, you will replace this 5-digit PIN with a 6-digit PIN that you choose yourself. - INFO ALL_PLATFORMS Description text explaining the PINs 3/6 - + If you have forgotten your card PIN, you can request a new PIN free of charge using the PIN Reset Service. + LABEL ALL_PLATFORMS Hint text for PIN but it is unknown. + Если вы забыли PIN-код карты, вы можете бесплатно запросить новый PIN-код, воспользовавшись службой сброса PIN-кода. - 6-digit PIN - LABEL ALL_PLATFORMS - + The card PIN is a six-digit PIN that you set yourself. You always need this PIN if you want to use the eID function. + INFO ALL_PLATFORMS Answer to the question 'what is the card pin?' + PIN-код карты — это 6-значный PIN-код, который пользователь создает самостоятельно. Этот PIN-код необходим, если планируется использовать функцию eID. - This is a number that you choose yourself when you set up the eID function for the first time. It replaces your 5-digit Transport PIN. - INFO ALL_PLATFORMS Description text explaining the PINs 4/6 - + You set the card PIN either directly when you picked up your ID card at the citizens' office (Bürgeramt) or later in AusweisApp2 using the five-digit Transport PIN. Only when you have set a six-digit PIN of your own choice can you use the eID function. + INFO ALL_PLATFORMS Answer to the question 'Where can I find the card PIN?' + Вы устанавливаете PIN-код карты либо непосредственно при получении идентификационной карты в ведомстве по делам граждан (Bürgeramt), либо позже в AusweisApp2, используя для этого 5-значный временный PIN-код. Только установив 6-значный PIN-код по своему выбору, вы можете использовать функцию eID. - This PIN allows you to prove online that the ID card belongs to you. No one can use your ID card online without this PIN. - INFO ALL_PLATFORMS Description text explaining the PINs 5/6 - + For your six-digit PIN, choose a combination of numbers that cannot be guessed - i.e. neither "123456", nor your date of birth, nor any other numbers printed on your ID card. + INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 1/3 + Не выбирайте для 6-значного PIN-кода комбинации, которые легко отгадать (например, 123456, дату своего рождения или любые другие цифры с идентификационной карты). - You can change your 6-digit PIN at any time in AusweisApp2. - INFO ALL_PLATFORMS Description text explaining the PINs 6/6 - + You can change your six-digit PIN at any time and an unlimited number of times as long as you know your valid PIN. + INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 2/3 + Изменить 6-значный PIN-код можно в любое время и неограниченное количество раз, если вы знаете свой действительный PIN-код. - You can use the PIN Reset Service to request a new card PIN free of charge. + The five-digit Transport PIN was sent to you in the PIN letter by mail after you applied for your ID card. + INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 1/3 + 5-значный временный PIN-код был отправлен вам в письме с PIN-кодом по почте после того, как вы заказали идентификационную карту. + + + If you did not set a self-selected six-digit card PIN when you picked up your ID card, you can do so using the Transport PIN. + INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 2/3 + Если при получении идентификационной карты вы не установили 6-значный PIN-код карты, это можно сделать с помощью временного PIN-кода. + + + The PUK is a ten-digit number that you can find in the PIN letter that was sent to you by mail after you applied for your ID card. + INFO ALL_PLATFORMS Answer to the question 'Where do I find the PUK?' + PUK-код — это 10-значный номер, который можно найти в письме с PIN-кодом, отправленном вам по почте после того, как вы заказали идентификационную карту. + + + The CAN is a six-digit number that can be found on the bottom right of the front of the ID card. + INFO ALL_PLATFORMS Answer to the question 'Where can I find the CAN?' + CAN-код — это 6-значный номер, указанный в нижнем правом углу на передней стороне идентификационной карты. + + + Your ID card comes with a five-digit 'Transport PIN' which you need to replace with a six-digit PIN that you choose yourself. + INFO ALL_PLATFORMS Description text explaining the PINs 1/6 + К вашей идентификационной карте прилагается 5-значный временный PIN-код, который необходимо заменить 6-значным PIN-кодом (его вы выберете сами). + + + Five-digit Transport PIN LABEL ALL_PLATFORMS - + 5-значный временный PIN-код - If you do not know either your Transport PIN or your card PIN, you can request a new PIN free of charge using the PIN Reset Service. - LABEL ALL_PLATFORMS Hint text for requested Transport PIN but both, Transport PIN and PIN, are not known. - + The five-digit Transport PIN was sent to you by post after you applied for your ID card. + INFO ALL_PLATFORMS Description text explaining the PINs 2/6 + 5-значный временный PIN-код был отправлен вам по почте после того, как вы заказали идентификационную карту. - If you have forgotten your card PIN, you can request a new PIN free of charge using the PIN Reset Service. - LABEL ALL_PLATFORMS Hint text for PIN but it is unknown. - + The PIN can only be used once. When you set up the eID function, you will replace this five-digit PIN with a six-digit PIN that you choose yourself. + INFO ALL_PLATFORMS Description text explaining the PINs 3/6 + Этот PIN-код можно использовать только один раз. Настроив функцию eID, вы замените этот 5-значный PIN-код 6-значным PIN-кодом, который выберете сами. + + + Six-digit PIN + LABEL ALL_PLATFORMS + 6-значный PIN-код + + + This is a number that you choose yourself when you set up the eID function for the first time. It replaces your five-digit Transport PIN. + INFO ALL_PLATFORMS Description text explaining the PINs 4/6 + Это номер, который вы выбираете сами при настройке функции eID в первый раз. Он заменяет 5-значный временный PIN-код. + + + You can change your six-digit PIN at any time in AusweisApp2. + INFO ALL_PLATFORMS Description text explaining the PINs 6/6 + Вы можете изменить свой 6-значный PIN-код в любое время в AusweisApp2. + + + You have not yet set a six-digit card PIN and cannot find the PIN letter with the Transport PIN? + INFO ALL_PLATFORMS + Вы еще не установили 6-значный PIN-код карты и не можете найти письмо с PIN-кодом, где указан временный PIN-код? @@ -3331,7 +3326,7 @@ INFO ANDROID_TABLET IOS_TABLET No authentication history, placeholder text. dd.MM.yyyy - dd.MM.yyyy + дд.ММ.гггг Service: @@ -3731,7 +3726,7 @@ If you have not already paired a device, start the pairing now to set up this sm Enter the code %1 in the %2 on your other device to use your smartphone as a card reader (SaC). INFO ANDROID IOS - Введите этот код в %1 на вашем устройстве, чтобы использовать смартфон в качестве устройства чтения карт (SaC). + Введите код %1 в %2 на другом вашем устройстве, чтобы использовать смартфон в качестве устройства чтения карт (SaC). @@ -4128,7 +4123,7 @@ LABEL ANDROID Save read self-authentication data LABEL DESKTOP - Сохранить cчитать данные самоаутентификации + Сохранить считанные данные самоаутентификации @@ -4952,7 +4947,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Online identification with Transport PIN is not possible. The self-selected, six-digit ID card PIN is mandatory to use the eID function. LABEL ANDROID IOS - + Онлайн-идентификация с помощью временного PIN-кода невозможна. Для использования функции eID необходим 6-значный PIN-код идентификационной карты, который пользователь создает самостоятельно. @@ -5178,7 +5173,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& If you cannot recall your six-digit PIN or cannot find your PIN letter, you may request a new PIN using the PIN Reset Service. LABEL ANDROID IOS - Если вы не можете вспомнить 6-значный PIN-код или найти письмо с PIN-кодом, запросите новый PIN-код через службу сброса PIN-кода. + Если вы не можете вспомнить 6-значный PIN-код или найти письмо с PIN-кодом, запросите новый PIN-код через службу сброса PIN-кода. @@ -5269,7 +5264,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Enter LABEL ANDROID IOS This is the first of three lines "Enter" "six-digit PIN" "now!" and should be translated accoording to the third line. - Ввести + Ввести six-digit PIN @@ -5279,7 +5274,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& now! LABEL ANDROID IOS This is the third of three lines "Enter" "six-digit PIN" "now!" and should be translated accoording to the first line. - сейчас! + сейчас! This is only possible if you have exchanged the five-digit Transport PIN with a six-digit PIN beforehand. @@ -5432,7 +5427,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Enter LABEL ANDROID IOS This is the first of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the third line. - Ввести + Ввести six-digit PIN @@ -5442,7 +5437,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& now! LABEL ANDROID IOS This is the third of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the first line. - сейчас! + сейчас! This is only possible if you have exchanged the five-digit Transport PIN with a six-digit PIN beforehand. @@ -5600,7 +5595,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Enter LABEL ANDROID IOS This is the first of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the third line. - Ввести + Ввести six-digit PIN @@ -5610,7 +5605,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& now! LABEL ANDROID IOS This is the third of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the first line. - сейчас! + сейчас! This is only possible if you have exchanged the five-digit Transport PIN with a six-digit PIN beforehand. @@ -5794,7 +5789,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Enter LABEL ANDROID IOS This is the first of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the third line. - Ввести + Ввести six-digit PIN @@ -5804,7 +5799,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& now! LABEL ANDROID IOS This is the third of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the first line. - сейчас! + сейчас! @@ -6173,7 +6168,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Reason: INFO ALL_PLATFORMS Failure code (string) of current workflow error. - + Причина @@ -6534,7 +6529,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& dd.MM.yyyy, hh:mm:ss LABEL DESKTOP Timestamp - dd.MM.yyyy, hh:mm:ss + дд.ММ.гггг, чч:мм:сс Last connection: %1 @@ -6594,12 +6589,12 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Service addresses LABEL DESKTOP - + Служебные адреса Not bound LABEL DESKTOP - + Не привязано @@ -6764,7 +6759,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& The program received an unknown message from the server. - ERROR_MASKED ALL_PLATFORMS The type of a POAS message could not be determined. + ERROR_MASKED ALL_PLATFORMS The type of a PAOS message could not be determined. Программа получила неизвестное сообщение с сервера. @@ -7082,12 +7077,25 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& ERROR ALL_PLATFORMS Starting the update failed. Не удалось запустить новый процесс обновления. + + The program did not receive a StartPaosResponse message from the server. + ERROR_MASKED ALL_PLATFORMS The PAOS message StartPaosResponse was not received. + Программа не получила сообщение StartPaosResponse с сервера. + + + + governikus::HistoryModel + + No data stored on your ID card was read, only confirmed whether you are in possession of a valid ID card. + LABEL ALL_PLATFORMS + Данные, хранящиеся на вашей идентификационной карте, не были считаны; было только подтверждено, что у вас есть действительная идентификационная карта. + governikus::HistoryModelSearchFilter dd.MM.yyyy - dd.MM.yyyy + дд.ММ.гггг @@ -7198,7 +7206,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& governikus::NotificationModel hh:mm:ss - hh:mm:ss + чч:мм:сс @@ -7317,7 +7325,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& dd.MM.yyyy LABEL ALL_PLATFORMS - dd.MM.yyyy + дд.ММ.гггг hh:mm AP @@ -7364,27 +7372,27 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& You cannot use the PUK to reset your previously set card PIN. If you forgot your card PIN, you can use the PIN Reset Service to request a new PIN. LABEL ALL_PLATFORMS Hint text for requested PUK but both, PUK and PIN are not known. - + Невозможно использовать PUK-код для сброса ранее установленного PIN-кода карты. Если вы забыли PIN-код своей карты, вы можете воспользоваться службой сброса PIN-кода, чтобы запросить новый PIN-код. Go to PIN Reset Service LABEL ALL_PLATFORMS - + Перейти к службе сброса PIN-кода You can request activation of the eID function without charge. LABEL ALL_PLATFORMS Hint when a workflow failed because the eID function was not activated - + Вы можете запросить активацию функции eID без дополнительной оплаты. Go to Activation Service LABEL ALL_PLATFORMS - + Перейти к службе активации Request a new card PIN free of charge to be able to use the eID function again. LABEL ALL_PLATFORMS Hint when a workflow failed because of a blocked PUK - + Запросите новый PIN-код карты бесплатно, чтобы снова иметь возможность использовать функцию eID. @@ -7480,22 +7488,22 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Cannot reach local AusweisApp2 ERROR ALL_PLATFORMS The local AusweisApp (access via reverse proxy) is not reachable, part of an HTML error page. - + Не удается связаться с локальным приложением AusweisApp2 Your local AusweisApp2 is not running. Please start your local AusweisApp2 and try again. ERROR ALL_PLATFORMS The local AusweisApp (access via reverse proxy) is not reachable, part of an HTML error page. - + Ваше локальное приложение AusweisApp2 не запущено. Запустите локальное приложение AusweisApp2 и повторите попытку. Would you like to try again? ERROR ALL_PLATFORMS The local AusweisApp (access via reverse proxy) is not reachable, part of an HTML error page. - Повторить попытку? + Повторить попытку? Try again ERROR ALL_PLATFORMS The local AusweisApp (access via reverse proxy) is not reachable, part of an HTML error page. - Повторить попытку + Повторить попытку @@ -7605,7 +7613,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). dd.MM.yyyy - dd.MM.yyyy + дд.ММ.гггг xx.MM.yyyy @@ -7918,7 +7926,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). governikus::UIPlugInProxy Reverse proxy plugin is enabled - + Активирован плагин обратного прокси-сервера @@ -7952,7 +7960,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). Reverse-Proxy of AusweisApp2 is started and this instance cannot rebind port. Please ask your administrator! - + Запущен обратный прокси-сервер AusweisApp2, и этот экземпляр не может повторно привязать порт. Обратитесь к своему администратору! @@ -8021,7 +8029,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). Contact your local citizens' office (Bürgeramt) to apply for a new ID card or to unblock the ID card. - + Обратитесь в местное ведомство по делам граждан (Bürgeramt), чтобы разблокировать идентификационную карту или заказать новую. @@ -8038,9 +8046,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). The program remains available via the icon in the system tray. Click on the %1 icon to reopen the user interface. - INFO DESKTOP Content of the popup that is shown when the AA2 is closed for the first time. ----------- -INFO DESKTOP Content of the popup that is shown when the AA2 is closed and a workflow is still active and the close/minimize info was not disabled. + INFO DESKTOP Content of the popup that is shown when the AA2 is closed and the close/minimize info was not disabled. Программа по-прежнему доступна через значок на панели задач. Нажмите на символ %1, чтобы снова открыть пользовательский интерфейс. @@ -8087,5 +8093,10 @@ INFO DESKTOP Content of the popup that is shown when the AA2 is closed and a wor INFO ANDROID IOS Hint that is shown if the users pressed the "back" button on the top-most navigation level for the first time (a second press closes the app). Чтобы закрыть приложение, дважды быстро нажмите кнопку «Назад». + + The program remains available via the icon in the menu bar. Click on the %1 icon to reopen the user interface. + INFO DESKTOP Content of the popup that is shown when the AA2 is closed and the close/minimize info was not disabled. macOS specific if autostart is enabled. + Программа по-прежнему доступна через значок на панели задач. Нажмите на символ %1, чтобы снова открыть пользовательский интерфейс. + diff --git a/resources/translations/ausweisapp2_uk.ts b/resources/translations/ausweisapp2_uk.ts index c0d35f06d..b701b72b8 100644 --- a/resources/translations/ausweisapp2_uk.ts +++ b/resources/translations/ausweisapp2_uk.ts @@ -5,7 +5,7 @@ DvcsAttributes revision - 52a5aa47f692 + efee4b38a0c7 @@ -168,11 +168,11 @@ INFO ANDROID IOS Second line text if a basic card reader is used and background LABEL DESKTOP A11y button to confirm the PIN and start the provider authentication ---------- LABEL ANDROID IOS A11y button to confirm the PIN and start the provider authentication - + Виконайте автентифікацію у провайдера Online identification with Transport PIN is not possible. The self-selected, six-digit ID card PIN is mandatory to use the eID function. - + Онлайн-ідентифікація за допомогою транспортного PIN-коду неможлива. Самостійно обраний шестизначний PIN-код ID-картки обов’язковий для використання функції eID. Do you know your six-digit ID card PIN? @@ -505,34 +505,34 @@ INFO ANDROID IOS The ID card has just been unblocked and the user can now contin Якого типу ваш PIN-код? - 6-digit PIN + Set by yourself LABEL ALL_PLATFORMS - + Встановлений вами самостійно - Set by yourself + Received by mail in PIN letter LABEL ALL_PLATFORMS - + Отриманий поштою в листі з PIN-кодом - 5-digit Transport PIN + No PIN LABEL ALL_PLATFORMS - + Немає PIN-коду - Received by mail in PIN letter + Lost, forgotten, or never received it LABEL ALL_PLATFORMS - + Загубили, забули або ніколи його не отримували - No PIN + Six-digit PIN LABEL ALL_PLATFORMS - + 6-значний PIN-код - Lost, forgotten, or never received it + Five-digit Transport PIN LABEL ALL_PLATFORMS - + 5-значний транспортний PIN-код @@ -1206,7 +1206,7 @@ INFO ANDROID IOS The ID card has just been unblocked and the user can now contin Save diagnosis LABEL DESKTOP - Зберегти діагностику + Зберегти діагностику @@ -1561,56 +1561,56 @@ INFO ANDROID IOS The AA2 expects a Smart-eID PIN with six digits in an authentic LABEL DESKTOP ---------- LABEL ANDROID IOS - + Надіслати CAN Send PUK LABEL DESKTOP ---------- LABEL ANDROID IOS - + Надіслати PUK Send pairing code LABEL DESKTOP ---------- LABEL ANDROID IOS - + Надіслати код створення пари Send new ID card PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Надіслати новий PIN-код ID-картки Send Transport PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Надіслати транспортний PIN-код Send Smart-eID PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Надіслати PIN-код Smart-eID Send new Smart-eID PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Надіслати новий PIN-код Smart-eID Send ID card PIN LABEL DESKTOP ---------- LABEL ANDROID IOS - + Надіслати PIN-код ID-картки @@ -1753,11 +1753,6 @@ LABEL ANDROID IOS INFO DESKTOP Перейти до параметрів пристрою читання - - More information - LABEL DESKTOP - Додаткова інформація - Hint @@ -1783,7 +1778,7 @@ LABEL ANDROID IOS dd.MM.yyyy - dd.MM.yyyy + дд.ММ.рррр Tap for more details @@ -1874,7 +1869,7 @@ LABEL ANDROID IOS dd.MM.yyyy - dd.MM.yyyy + дд.ММ.рррр Clear history @@ -1964,7 +1959,7 @@ LABEL ANDROID IOS dd.MM.yyyy - dd.MM.yyyy + дд.ММ.рррр Write access (update) @@ -2169,19 +2164,19 @@ INFO ANDROID IOS The current logfile is about to be removed, user confirmation r Фільтр - Select level: - LABEL ANDROID IOS - Вибрати рівень: + Currently there are no log entries matching your filter. + INFO ANDROID IOS No log entries, placeholder text. + Наразі немає жодних записів журналу, що відповідають цьому фільтру. - Select category: + Level LABEL ANDROID IOS - Вибрати категорію: + Рівень - Currently there are no log entries matching your filter. - INFO ANDROID IOS No log entries, placeholder text. - Наразі немає жодних записів журналу, що відповідають цьому фільтру. + Category + LABEL ANDROID IOS + Категорію @@ -2669,7 +2664,7 @@ LABEL ANDROID IOS Please place your ID card directly on the device's back side.<br/><br/>The exact position of the ID card is device dependent. The animations depict possible positions. Keep one position for several seconds before trying another one and do not move the ID card after contact was established. INFO ANDROID The ID card may be inserted, the authentication process may be started. - Покладіть свою ID-картку на пристрій; точне положення залежить від пристрою. На анімації показано можливі положення. Утримуйте ID-картку в одному положенні кілька секунд, перш ніж спробувати інше, і не переміщайте її після встановлення контакту. + Покладіть ID-картку безпосередньо на задній бік пристрою.<br/><br/>Точне положення ID-картки залежить від пристрою. На анімації показано можливі положення. Утримуйте ID-картку в одному положенні кілька секунд, перш ніж спробувати інше, і не переміщайте її після встановлення контакту. @@ -2697,7 +2692,7 @@ LABEL ANDROID IOS The password is visible. Digits entered so far: %1 LABEL DESKTOP Screenreader text for the password field - + Пароль показано. Наразі введені цифри: %1 @@ -2717,12 +2712,12 @@ LABEL ANDROID IOS Delete last digit, disabled until input is present. - + Видалити останній знак, вимкнено до введення. , disabled until input is complete. LABEL ANDROID IOS A11y text, appended onto the "submit" button text when the button is disabled. - + , вимкнено до завершення введення. @@ -2745,72 +2740,42 @@ LABEL ANDROID IOS What is the card PIN? LABEL ALL_PLATFORMS - + Що таке PIN-код картки? PIN information LABEL ALL_PLATFORMS Інформація про PIN-код - - The card PIN is a 6-digit PIN that you set yourself. You always need this PIN if you want to use the eID function. - INFO ALL_PLATFORMS Answer to the question 'what is the card pin?' - - Where can I find the card PIN? LABEL ALL_PLATFORMS - - - - You set the card PIN either directly when you picked up your ID card at the citizens' office (Bürgeramt) or later in AusweisApp2 using the 5-digit Transport PIN. Only when you have set a 6-digit PIN of your own choice can you use the eID function. - INFO ALL_PLATFORMS Answer to the question 'Where can I find the card PIN?' - + Де я можу дізнатися PIN-код картки? How do I choose a secure PIN? LABEL ALL_PLATFORMS - - - - For your 6-digit PIN, choose a combination of numbers that cannot be guessed - i.e. neither "123456", nor your date of birth, nor any other numbers printed on your ID card. - INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 1/3 - - - - You can change your 6-digit PIN at any time and an unlimited number of times as long as you know your valid PIN. - INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 2/3 - + Як вибрати безпечний PIN-код? Keep your PIN secret and change it if another person becomes aware of it. INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 3/3 - + Тримайте свій PIN-код у таємниці та змініть його, якщо він стане відомий іншій особі. What is the Transport PIN? LABEL ALL_PLATFORMS - + Що таке транспортний PIN-код? Transport PIN information LABEL ALL_PLATFORMS Інформація про транспортний PIN-код - - The 5-digit Transport PIN was sent to you in the PIN letter by mail after you applied for your ID card. - INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 1/3 - - - - If you did not set a self-selected 6-digit card PIN when you picked up your ID card, you can do so using the Transport PIN. - INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 2/3 - - Once you have set a card PIN, the Transport PIN loses its validity. INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 3/3 - + Після встановлення PIN-коду картки транспортний PIN-код втрачає чинність. Smartphone as card reader information @@ -2820,52 +2785,47 @@ LABEL ANDROID IOS You may use your smartphone as a card reader with AusweisApp2. The smartphone needs to feature a supported NFC chipset and both devices, your smartphone and this machine, need to be connected to the same WiFi network. INFO ALL_PLATFORMS Description text of SaC pairing - + Ви можете використовувати свій смартфон як пристрій читання карток у програмі AusweisApp2. Смартфон повинен мати підтримуваний чіпсет NFC, і обидва пристрої, ваш смартфон і цей пристрій, мають бути підключені до однієї мережі Wi-Fi. To use your smartphone as a card reader you'll always need to activate the remote service in the AusweisApp2 on the smartphone. For the first time you'll also need to start the pairing mode on your smartphone, select the device from the list of available devices on this machine and then enter the pairing code shown on the phone. INFO ALL_PLATFORMS Description text of SaC pairing - + Щоб використовувати смартфон як зчитувач карток, потрібно щоразу активовувати віддалену службу в додатку AusweisApp2 на смартфоні. Уперше вам також потрібно буде запустити режим створення пари на своєму смартфоні, вибрати пристрій зі списку доступних пристроїв на цьому апараті, а потім ввести код створення пари, показаний на телефоні. Where do I find the PUK? LABEL ALL_PLATFORMS - + Де я можу дізнатися PUK-код картки? PUK information LABEL ALL_PLATFORMS Інформація про PUK-код - - The PUK is a 10-digit number that you can find in the PIN letter that was sent to you by mail after you applied for your ID card. - INFO ALL_PLATFORMS Answer to the question 'Where do I find the PUK?' - - Why is the PUK required? LABEL ALL_PLATFORMS - + Навіщо потрібен PUK-код? The PUK is required if the card PIN has been entered incorrectly three times in a row. As a result, the card PIN is blocked. INFO ALL_PLATFORMS Answer to the question 'Why is the PUK required?' - + PUK-код потрібен, якщо PIN-код-картки було введено неправильно тричі поспіль. Внаслідок цього PIN-код-картки блокується. What is the PUK's purpose? LABEL ALL_PLATFORMS - + Для чого призначений PUK-код? By entering the PUK, you unblock the card PIN and have another three chances to enter the correct PIN. INFO ALL_PLATFORMS Answer to the question 'What is the PUK's purpose?' - + Ввівши PUK-код, ви розблоковуєте PIN-код картки й маєте ще три спроби ввести правильний PIN-код. Why is the CAN required? LABEL ALL_PLATFORMS - + Навіщо потрібен CAN-код? CAN information @@ -2875,32 +2835,27 @@ LABEL ANDROID IOS When is the card access number (CAN) required? LABEL ALL_PLATFORMS - + Коли потрібен номер доступу до картки (CAN)? The card access number (CAN) is required when the card PIN has been entered incorrectly twice. INFO ALL_PLATFORMS Answer to the question 'When is the card access number (CAN) required?' - + Номер доступу до картки (CAN) потрібен, коли PIN-код картки було двічі введено неправильно. Why do I have to enter the CAN before a third attempt? LABEL ALL_PLATFORMS - + Чому потрібно вводити CAN-код перед третьою спробою? A third incorrect entry blocks your PIN and you can no longer use the eID function until it is unblocked. Requesting the CAN ensures that a third incorrect entry can only be made with direct access to your ID card. INFO ALL_PLATFORMS Answer to the question 'Why do I have to enter the CAN before a third attempt?' - + Третє неправильне введення призведе до блокування PIN-коду, і ви більше не зможете користуватися функцією eID, доки його не буде розблоковано. Запит CAN-коду гарантує, що третє неправильне введення може бути зроблене лише за умови прямого доступу до вашої ID-картки. Where can I find the CAN? LABEL ALL_PLATFORMS - - - - The CAN is a 6-digit number that can be found on the bottom right of the front of the ID card. - INFO ALL_PLATFORMS Answer to the question 'Where can I find the CAN?' - + Де я можу дізнатися CAN-код картки? The Card Access Number (CAN) allows to access the imprinted data of the ID card. The CAN is a six-digit number that can be found on the front of the ID card. It is located at the bottom right next to the validity date (marked in red). @@ -2917,12 +2872,12 @@ LABEL ALL_PLATFORMS Just like the physical ID card, the Smart-eID stored on your Smartphone can be blocked. This might be required if you ever lose your device. INFO ANDROID IOS Description text of Smart-eID PIN - + Так само як і фізичну ID-картку, Smart-eID, збережений на вашому смартфоні, можна заблокувати. Це може знадобитися, якщо ви коли-небудь загубите свій пристрій. To revoke an active Smart-eID, a blocking code is required. The blocking code will be displayed after successfully creating the Smart-eID. Furthermore, it is contained in the letter you will receive after creation. INFO ANDROID IOS Description text of Smart-eID PIN - + Щоб відкликати активний Smart-eID, потрібен код блокування. Код блокування відобразиться після успішного створення Smart-eID. Крім того, він міститься в листі, який ви отримаєте після створення. No PIN known @@ -2932,82 +2887,122 @@ LABEL ALL_PLATFORMS You do not know your PIN? LABEL ALL_PLATFORMS - - - - You have not yet set a 6-digit card PIN and cannot find the PIN letter with the Transport PIN? - INFO ALL_PLATFORMS - + Ви не знаєте свій PIN-код? You set a card PIN when picking up your ID card or later by yourself, but you can no longer remember it? INFO ALL_PLATFORMS - + Ви встановили PIN-код картки під час отримання ID-картки або пізніше самостійно, але вже не пам’ятаєте його? Learn more about the two types of PIN LABEL ALL_PLATFORMS - + Дізнайтеся більше про два типи PIN-кодів Types of PIN LABEL ALL_PLATFORMS - + Типи PIN-кодів - Your ID card comes with a 5-digit 'Transport PIN' which you need to replace with a 6-digit PIN that you choose yourself. - INFO ALL_PLATFORMS Description text explaining the PINs 1/6 - + This PIN allows you to prove online that the ID card belongs to you. No one can use your ID card online without this PIN. + INFO ALL_PLATFORMS Description text explaining the PINs 5/6 + Цей PIN-код дозволяє вам підтверджувати онлайн, що ID-картка належить саме вам. Без цього PIN-коду ніхто не зможе скористатися вашою ID-карткою в Інтернеті. - 5-digit Transport PIN + You can use the PIN Reset Service to request a new card PIN free of charge. LABEL ALL_PLATFORMS - + Ви можете скористатися службою скидання PIN-коду, щоб безкоштовно надіслати запит на новий PIN-код картки. - The 5-digit Transport PIN was sent to you by post after you applied for your ID card. - INFO ALL_PLATFORMS Description text explaining the PINs 2/6 - + If you do not know either your Transport PIN or your card PIN, you can request a new PIN free of charge using the PIN Reset Service. + LABEL ALL_PLATFORMS Hint text for requested Transport PIN but both, Transport PIN and PIN, are not known. + Якщо ви не знаєте ні транспортний PIN-код, ні PIN-код картки, ви можете безкоштовно надіслати запит на новий PIN-код, скориставшись службою скидання PIN-коду. - The PIN can only be used once. When you set up the eID function, you will replace this 5-digit PIN with a 6-digit PIN that you choose yourself. - INFO ALL_PLATFORMS Description text explaining the PINs 3/6 - + If you have forgotten your card PIN, you can request a new PIN free of charge using the PIN Reset Service. + LABEL ALL_PLATFORMS Hint text for PIN but it is unknown. + Якщо ви забули PIN-код картки, ви можете безкоштовно надіслати запит на новий PIN-код, скориставшись службою скидання PIN-коду. - 6-digit PIN - LABEL ALL_PLATFORMS - + The card PIN is a six-digit PIN that you set yourself. You always need this PIN if you want to use the eID function. + INFO ALL_PLATFORMS Answer to the question 'what is the card pin?' + PIN-код картки – це 6-значний PIN-код, який ви встановлюєте самостійно. Цей PIN-код обов’язковий, якщо ви хочете використовувати функцію eID. - This is a number that you choose yourself when you set up the eID function for the first time. It replaces your 5-digit Transport PIN. - INFO ALL_PLATFORMS Description text explaining the PINs 4/6 - + You set the card PIN either directly when you picked up your ID card at the citizens' office (Bürgeramt) or later in AusweisApp2 using the five-digit Transport PIN. Only when you have set a six-digit PIN of your own choice can you use the eID function. + INFO ALL_PLATFORMS Answer to the question 'Where can I find the card PIN?' + Ви встановлюєте PIN-код картки безпосередньо під час отримання ID-картки у відділі обслуговування громадян (Bürgeramt) або пізніше в додатку AusweisApp2 за допомогою 5-значного транспортного PIN-коду. Використовувати функцію eID можна лише після самостійного встановлення 6-значного PIN-коду. - This PIN allows you to prove online that the ID card belongs to you. No one can use your ID card online without this PIN. - INFO ALL_PLATFORMS Description text explaining the PINs 5/6 - + For your six-digit PIN, choose a combination of numbers that cannot be guessed - i.e. neither "123456", nor your date of birth, nor any other numbers printed on your ID card. + INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 1/3 + Для свого 6-значного PIN-коду виберіть комбінацію цифр, яку неможливо вгадати. Наприклад, не використовуйте ані послідовність цифр «123456», ані дату народження, ані жодні інші числа, надруковані на вашій ID-картці. - You can change your 6-digit PIN at any time in AusweisApp2. - INFO ALL_PLATFORMS Description text explaining the PINs 6/6 - + You can change your six-digit PIN at any time and an unlimited number of times as long as you know your valid PIN. + INFO ALL_PLATFORMS Answer to the question 'How do I choose a secure PIN?' paragraph 2/3 + Ви можете змінювати свій 6-значний PIN-код у будь-який час і необмежену кількість разів, якщо ви знаєте свій дійсний PIN-код. - You can use the PIN Reset Service to request a new card PIN free of charge. + The five-digit Transport PIN was sent to you in the PIN letter by mail after you applied for your ID card. + INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 1/3 + 5-значний транспортний PIN-код був надісланий вам у листі з PIN-кодом поштою після того, як ви подали заяву на отримання ID-картки. + + + If you did not set a self-selected six-digit card PIN when you picked up your ID card, you can do so using the Transport PIN. + INFO ALL_PLATFORMS Answer to the question 'What is the Transport PIN?' paragraph 2/3 + Якщо ви не встановили самостійно обраний 6-значний PIN-код картки, коли забирали ID-картку, ви можете зробити це за допомогою транспортного PIN-коду. + + + The PUK is a ten-digit number that you can find in the PIN letter that was sent to you by mail after you applied for your ID card. + INFO ALL_PLATFORMS Answer to the question 'Where do I find the PUK?' + PUK-код – це 10-значний номер, який ви можете знайти в листі з PIN-кодом, надісланому вам поштою після того, як ви подали заяву на отримання ID-картки. + + + The CAN is a six-digit number that can be found on the bottom right of the front of the ID card. + INFO ALL_PLATFORMS Answer to the question 'Where can I find the CAN?' + CAN-код – це 6-значний номер, який можна знайти в нижній правій частині лицьового боку ID-картки. + + + Your ID card comes with a five-digit 'Transport PIN' which you need to replace with a six-digit PIN that you choose yourself. + INFO ALL_PLATFORMS Description text explaining the PINs 1/6 + До вашої ID-картки додається 5-значний «транспортний PIN-код», який вам потрібно змінити на 6-значний PIN-код, який ви обираєте самостійно. + + + Five-digit Transport PIN LABEL ALL_PLATFORMS - + 5-значний транспортний PIN-код - If you do not know either your Transport PIN or your card PIN, you can request a new PIN free of charge using the PIN Reset Service. - LABEL ALL_PLATFORMS Hint text for requested Transport PIN but both, Transport PIN and PIN, are not known. - + The five-digit Transport PIN was sent to you by post after you applied for your ID card. + INFO ALL_PLATFORMS Description text explaining the PINs 2/6 + 5-значний транспортний PIN-код був надісланий вам у листі поштою після того, як ви подали заяву на отримання ID-картки. - If you have forgotten your card PIN, you can request a new PIN free of charge using the PIN Reset Service. - LABEL ALL_PLATFORMS Hint text for PIN but it is unknown. - + The PIN can only be used once. When you set up the eID function, you will replace this five-digit PIN with a six-digit PIN that you choose yourself. + INFO ALL_PLATFORMS Description text explaining the PINs 3/6 + Цей PIN-код можна використати лише один раз. Коли ви налаштуєте функцію eID, ви заміните цей 5-значний PIN-код на 6-значний PIN-код, який ви оберете самостійно. + + + Six-digit PIN + LABEL ALL_PLATFORMS + 6-значний PIN-код + + + This is a number that you choose yourself when you set up the eID function for the first time. It replaces your five-digit Transport PIN. + INFO ALL_PLATFORMS Description text explaining the PINs 4/6 + Це код, який ви обираєте самостійно, коли вперше налаштовуєте функцію eID. Він замінює ваш 5-значний транспортний PIN-код. + + + You can change your six-digit PIN at any time in AusweisApp2. + INFO ALL_PLATFORMS Description text explaining the PINs 6/6 + Ви можете в будь-який момент змінити свій 6-значний PIN-код у додатку AusweisApp2. + + + You have not yet set a six-digit card PIN and cannot find the PIN letter with the Transport PIN? + INFO ALL_PLATFORMS + Ви ще не встановили 6-значний PIN-код картки й не можете знайти лист із транспортним PIN-кодом? @@ -3331,7 +3326,7 @@ INFO ANDROID_TABLET IOS_TABLET No authentication history, placeholder text. dd.MM.yyyy - dd.MM.yyyy + дд.ММ.рррр Service: @@ -3731,7 +3726,7 @@ If you have not already paired a device, start the pairing now to set up this sm Enter the code %1 in the %2 on your other device to use your smartphone as a card reader (SaC). INFO ANDROID IOS - Введіть код %1 у %2 на іншому пристрої, щоб використовувати свій смартфон як пристрій читання карток (SaC). + Введіть код %1 у %2 на своєму іншому пристрої, щоб використовувати свій смартфон як пристрій читання карток (SaC). @@ -4128,7 +4123,7 @@ LABEL ANDROID Save read self-authentication data LABEL DESKTOP - Зберегти читати дані самоавтентифікації + Зберегти зчитані дані самоавтентифікації @@ -4952,7 +4947,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Online identification with Transport PIN is not possible. The self-selected, six-digit ID card PIN is mandatory to use the eID function. LABEL ANDROID IOS - + Онлайн-ідентифікація за допомогою транспортного PIN-коду неможлива. Самостійно обраний шестизначний PIN-код ID-картки обов’язковий для використання функції eID. @@ -5178,7 +5173,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& If you cannot recall your six-digit PIN or cannot find your PIN letter, you may request a new PIN using the PIN Reset Service. LABEL ANDROID IOS - Якщо ви не можете згадати свій шестизначний PIN-код або не можете знайти свій лист із PIN-кодом, ви можете надіслати запит на новий PIN-код за допомогою служби скидання PIN-коду. + Якщо ви не можете згадати свій шестизначний PIN-код або не можете знайти свій лист із PIN-кодом, ви можете надіслати запит на новий PIN-код за допомогою служби скидання PIN-коду. @@ -5269,7 +5264,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Enter LABEL ANDROID IOS This is the first of three lines "Enter" "six-digit PIN" "now!" and should be translated accoording to the third line. - Уведіть + Уведіть six-digit PIN @@ -5279,7 +5274,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& now! LABEL ANDROID IOS This is the third of three lines "Enter" "six-digit PIN" "now!" and should be translated accoording to the first line. - зараз! + зараз! This is only possible if you have exchanged the five-digit Transport PIN with a six-digit PIN beforehand. @@ -5432,7 +5427,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Enter LABEL ANDROID IOS This is the first of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the third line. - Уведіть + Уведіть six-digit PIN @@ -5442,7 +5437,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& now! LABEL ANDROID IOS This is the third of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the first line. - зараз! + зараз! This is only possible if you have exchanged the five-digit Transport PIN with a six-digit PIN beforehand. @@ -5600,7 +5595,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Enter LABEL ANDROID IOS This is the first of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the third line. - Уведіть + Уведіть six-digit PIN @@ -5610,7 +5605,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& now! LABEL ANDROID IOS This is the third of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the first line. - зараз! + зараз! This is only possible if you have exchanged the five-digit Transport PIN with a six-digit PIN beforehand. @@ -5794,7 +5789,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Enter LABEL ANDROID IOS This is the first of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the third line. - Уведіть + Уведіть six-digit PIN @@ -5804,7 +5799,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& now! LABEL ANDROID IOS This is the third of three lines "Enter" "six-digit PIN" "now!" and should be translated according to the first line. - зараз! + зараз! @@ -6173,7 +6168,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Reason: INFO ALL_PLATFORMS Failure code (string) of current workflow error. - + Причина: @@ -6534,7 +6529,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& dd.MM.yyyy, hh:mm:ss LABEL DESKTOP Timestamp - dd.MM.yyyy, hh:mm:ss + дд.ММ.рррр, гг:хх:сс Last connection: %1 @@ -6594,12 +6589,12 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Service addresses LABEL DESKTOP - + Сервісні адреси Not bound LABEL DESKTOP - + Не зв’язані @@ -6764,7 +6759,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& The program received an unknown message from the server. - ERROR_MASKED ALL_PLATFORMS The type of a POAS message could not be determined. + ERROR_MASKED ALL_PLATFORMS The type of a PAOS message could not be determined. Програма отримала невідоме повідомлення від сервера. @@ -7082,12 +7077,25 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& ERROR ALL_PLATFORMS Starting the update failed. Не вдалося почати новий процес для запуску оновлення. + + The program did not receive a StartPaosResponse message from the server. + ERROR_MASKED ALL_PLATFORMS The PAOS message StartPaosResponse was not received. + Програма не отримала повідомлення StartPaosResponse від сервера. + + + + governikus::HistoryModel + + No data stored on your ID card was read, only confirmed whether you are in possession of a valid ID card. + LABEL ALL_PLATFORMS + Жодні дані, що зберігаються на вашій ID-картці, не зчитувалися, лише підтверджено, чи є у вас дійсна ID-картка. + governikus::HistoryModelSearchFilter dd.MM.yyyy - dd.MM.yyyy + дд.ММ.рррр @@ -7139,7 +7147,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& dd.MM.yyyy hh:mm:ss - dd.MM.yyyy hh:mm:ss + дд.ММ.рррр гг:хх:сс The logfile is disabled. @@ -7198,7 +7206,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& governikus::NotificationModel hh:mm:ss - hh:mm:ss + гг:хх:сс @@ -7317,7 +7325,7 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& dd.MM.yyyy LABEL ALL_PLATFORMS - dd.MM.yyyy + дд.ММ.рррр hh:mm AP @@ -7364,27 +7372,27 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& You cannot use the PUK to reset your previously set card PIN. If you forgot your card PIN, you can use the PIN Reset Service to request a new PIN. LABEL ALL_PLATFORMS Hint text for requested PUK but both, PUK and PIN are not known. - + Ви не можете використовувати PUK-код для скидання раніше встановленого PIN-коду картки. Якщо ви забули PIN-код своєї картки, ви можете скористатися службою скидання PIN-коду, щоб надіслати запит на новий PIN-код. Go to PIN Reset Service LABEL ALL_PLATFORMS - + Перейти до служби скидання PIN-коду You can request activation of the eID function without charge. LABEL ALL_PLATFORMS Hint when a workflow failed because the eID function was not activated - + Ви можете надіслати запит на безкоштовну активацію функції eID. Go to Activation Service LABEL ALL_PLATFORMS - + Перейти до служби активації Request a new card PIN free of charge to be able to use the eID function again. LABEL ALL_PLATFORMS Hint when a workflow failed because of a blocked PUK - + Надішліть безкоштовно запит на новий PIN-код картки, щоб знову мати змогу користуватися функцією eID. @@ -7480,22 +7488,22 @@ To proceed use your ID card by selecting the NFC interface or choose "WiFi& Cannot reach local AusweisApp2 ERROR ALL_PLATFORMS The local AusweisApp (access via reverse proxy) is not reachable, part of an HTML error page. - + Немає доступу до локальної версії додатка AusweisApp2 Your local AusweisApp2 is not running. Please start your local AusweisApp2 and try again. ERROR ALL_PLATFORMS The local AusweisApp (access via reverse proxy) is not reachable, part of an HTML error page. - + Локальна версія додатка AusweisApp2 не запущена. Запустіть локальну версію додатка AusweisApp2 і спробуйте ще раз. Would you like to try again? ERROR ALL_PLATFORMS The local AusweisApp (access via reverse proxy) is not reachable, part of an HTML error page. - Бажаєте повторити спробу? + Бажаєте повторити спробу? Try again ERROR ALL_PLATFORMS The local AusweisApp (access via reverse proxy) is not reachable, part of an HTML error page. - Повторіть спробу + Повторіть спробу @@ -7605,7 +7613,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). dd.MM.yyyy - dd.MM.yyyy + дд.ММ.рррр xx.MM.yyyy @@ -7918,7 +7926,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). governikus::UIPlugInProxy Reverse proxy plugin is enabled - + Плагін зворотного проксі ввімкнено @@ -7933,7 +7941,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). An unknown program uses the required port (%1). Please exit the other program and try again! ERROR ALL_PLATFORMS An unknown programme is using the local port on which the AA2 listens. - Невідома програма використовує потрібний порт (%1). Вийдіть з іншої програми й повторіть спробу. + Невідома програма використовує потрібний порт (%1). Вийдіть з іншої програми й повторіть спробу. The program (%1) uses the required port (%2). Please close %1 and try again! @@ -7952,7 +7960,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). Reverse-Proxy of AusweisApp2 is started and this instance cannot rebind port. Please ask your administrator! - + Запущено зворотний проксі додатка AusweisApp2, і цей екземпляр не може перепризначити порт. Зверніться до свого адміністратора! @@ -8021,7 +8029,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). Contact your local citizens' office (Bürgeramt) to apply for a new ID card or to unblock the ID card. - + Зверніться до місцевого відділу обслуговування громадян (Bürgeramt), щоб подати заяву на отримання нової ID-картки або розблокувати ID-картку. @@ -8038,9 +8046,7 @@ Please enable NFC to use your smartphone as a card reader (SaC). The program remains available via the icon in the system tray. Click on the %1 icon to reopen the user interface. - INFO DESKTOP Content of the popup that is shown when the AA2 is closed for the first time. ----------- -INFO DESKTOP Content of the popup that is shown when the AA2 is closed and a workflow is still active and the close/minimize info was not disabled. + INFO DESKTOP Content of the popup that is shown when the AA2 is closed and the close/minimize info was not disabled. Програма залишається доступною через піктограму в системному лотку. Натисніть піктограму %1, щоб знову відкрити інтерфейс користувача. @@ -8087,5 +8093,10 @@ INFO DESKTOP Content of the popup that is shown when the AA2 is closed and a wor INFO ANDROID IOS Hint that is shown if the users pressed the "back" button on the top-most navigation level for the first time (a second press closes the app). Щоб закрити програму, двічі швидко натисніть кнопку «Назад». + + The program remains available via the icon in the menu bar. Click on the %1 icon to reopen the user interface. + INFO DESKTOP Content of the popup that is shown when the AA2 is closed and the close/minimize info was not disabled. macOS specific if autostart is enabled. + Програма залишається доступною через піктограму в системному лотку. Натисніть піктограму %1, щоб знову відкрити інтерфейс користувача. + diff --git a/resources/updatable-files/supported-providers.json b/resources/updatable-files/supported-providers.json index b21d54fcf..132632cb1 100644 --- a/resources/updatable-files/supported-providers.json +++ b/resources/updatable-files/supported-providers.json @@ -366,9 +366,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Bundestag ePetition" @@ -517,9 +514,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Bürgerservice-Portal Kreis Herford" @@ -541,9 +535,6 @@ "subjectUrlInfo": "Using service from Bürgerservice-Portal Krz (https://www.buergerserviceportal.nrw)." }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Bürgerservice-Portal Kreis Minden-Lübbecke" @@ -585,9 +576,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Bürgerservice-Portal Stadt Lage" @@ -609,9 +597,6 @@ "subjectUrlInfo": "Using service from Bürgerservice-Portal Krz (https://www.buergerserviceportal.nrw)." }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Bürgerservice-Portal Stadt Norderstedt" @@ -653,9 +638,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Bürgerservice-Portale der bayerischen Kommunen" @@ -737,9 +719,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "eAntrag der Investitionsbank Berlin (IBB)" @@ -761,9 +740,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "ekom21 (KGRZ Hessen)" @@ -806,9 +782,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Stadt Frankfurt am Main - iKFZ" @@ -977,9 +950,6 @@ } }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "invenio" @@ -1181,9 +1151,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Landkreis Hildburghausen - iKFZ" @@ -1261,9 +1228,6 @@ "subjectUrlInfo": "Using service from Landesportal Brandenburg (https://e-ident.brandenburg.de)." }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Landkreis Rostock - iKFZ" @@ -1285,9 +1249,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "De-Mail Registrierung" @@ -1404,6 +1365,26 @@ "category": "citizen", "subjectUrlInfo": "Using service from Servicekonto Nordrhein-Westfalen (https://servicekonto.nrw)." }, + { + "shortName": { + "": "Serviceportal der Stadtverwaltung Siegen" + }, + "longName": { + "": "Serviceportal der Stadtverwaltung Siegen" + }, + "longDescription": { + "": "Im Serviceportal der Stadtverwaltung Siegen finden Sie Informationen zu zahlreichen Dienstleistungen, von denen Sie viele bequem von zu Hause aus beantragen, bezahlen und erledigen können. Das Angebot wird ständig erweitert und verbessert.

Für einige Online-Services ist eine einmalige Registrierung über das Servicekonto.NRW (Konto für alle Online-Anwendungen des Landes und der Kommunen in Nordrhein-Westfalen) erforderlich." + }, + "address": "https://serviceportal.siegen.de", + "homepage": "https://www.siegen.de", + "phone": "+49 271 404 0", + "email": "serviceportal@siegen.de", + "postalAddress": "Stadt Siegen
Rathaus/Markt 2
57072 Siegen", + "image": "Siegen_image.jpg", + "icon": "Siegen_icon.jpg", + "category": "citizen", + "subjectUrlInfo": "Using service from Servicekonto Nordrhein-Westfalen (https://servicekonto.nrw)." + }, { "shortName": { "": "Online Services der Stadt Bad Oeynhausen" @@ -1502,9 +1483,6 @@ "subjectUrlInfo": "Using service from Bürgerportal Baden-Württemberg (https://eid.service-bw.de)." }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Rheingau-Taunus-Kreis - iKFZ" @@ -1564,9 +1542,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Kreis Lippe - iKFZ" @@ -1628,10 +1603,6 @@ ] }, { - "exclude": [ - "ios", - "android" - ], "eidSupport": false, "shortName": { "": "nEHS-Register" @@ -1975,9 +1946,6 @@ "subjectUrlInfo": "Using service from Serviceportal Mecklenburg-Vorpommern (https://login.mv-serviceportal.de)." }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Serviceportal Sachsen-Anhalt" @@ -2220,9 +2188,6 @@ "subjectUrlInfo": "Using service from Servicekonto Nordrhein-Westfalen (https://servicekonto.nrw)." }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Saalekreis - iKFZ" @@ -2280,9 +2245,6 @@ "subjectUrlInfo": "Using service from Unterhaltsvorschuss Online (https://idp.serviceportal.gemeinsamonline.de)." }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Urkundenservice Köln" @@ -2304,9 +2266,6 @@ ] }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Virtuelles Rathaus Stadt Dortmund" @@ -2326,9 +2285,6 @@ "subjectUrlInfo": "Using service from Servicekonto Nordrhein-Westfalen (https://servicekonto.nrw)." }, { - "exclude": [ - "ios" - ], "eidSupport": false, "shortName": { "": "Vollstreckungsportal" @@ -2368,10 +2324,6 @@ "subjectUrlInfo": "Using service from Servicekonto Nordrhein-Westfalen (https://servicekonto.nrw)." }, { - "exclude": [ - "ios", - "android" - ], "eidSupport": false, "shortName": { "": "Z-EU-S" diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index b336596f5..f9589fe38 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -269,5 +269,3 @@ target_link_libraries(AusweisApp PRIVATE AusweisAppCardSimulator) ##################################################################### include(Install) -include(FeatureSummary) -FEATURE_SUMMARY(WHAT ALL) diff --git a/src/card/pcsc/PcscReader.cpp b/src/card/pcsc/PcscReader.cpp index 2fc096812..1b218fba7 100644 --- a/src/card/pcsc/PcscReader.cpp +++ b/src/card/pcsc/PcscReader.cpp @@ -25,16 +25,7 @@ PcscReader::PcscReader(const QString& pReaderName) qCDebug(card_pcsc) << pReaderName; setObjectName(pReaderName); - PCSC_RETURNCODE returnCode = SCardEstablishContext(SCARD_SCOPE_USER, nullptr, nullptr, &mContextHandle); - qCDebug(card_pcsc) << "SCardEstablishContext:" << PcscUtils::toString(returnCode); - if (returnCode != PcscUtils::Scard_S_Success) - { - qCWarning(card_pcsc) << "Cannot establish context"; - return; - } - memset(&mReaderState, 0, sizeof(SCARD_READERSTATE)); - #if defined(Q_OS_WIN) && defined(UNICODE) wchar_t* name = new wchar_t[static_cast(pReaderName.size()) + 1](); pReaderName.toWCharArray(name); @@ -42,27 +33,44 @@ PcscReader::PcscReader(const QString& pReaderName) #else mReaderState.szReader = qstrdup(pReaderName.toUtf8().data()); #endif +} + + +PCSC_RETURNCODE PcscReader::init() +{ + PCSC_RETURNCODE returnCode = SCardEstablishContext(SCARD_SCOPE_USER, nullptr, nullptr, &mContextHandle); + qCDebug(card_pcsc) << "SCardEstablishContext:" << PcscUtils::toString(returnCode); + if (returnCode != PcscUtils::Scard_S_Success) + { + qCWarning(card_pcsc) << "Cannot establish context"; + return returnCode; + } returnCode = readReaderFeatures(); if (returnCode != PcscUtils::Scard_S_Success) { qCWarning(card_pcsc) << "Features / Capabilities not successful:" << returnCode; - return; + return returnCode; } setInfoBasicReader(!hasFeature(FeatureID::EXECUTE_PACE)); PcscReader::updateCard(); setTimerId(startTimer(500)); + return PcscUtils::Scard_S_Success; } PcscReader::~PcscReader() { qCDebug(card_pcsc) << getReaderInfo().getName(); - qCDebug(card_pcsc) << "SCardCancel: " << PcscUtils::toString(SCardCancel(mContextHandle)); - qCDebug(card_pcsc) << "SCardReleaseContext:" << PcscUtils::toString(SCardReleaseContext(mContextHandle)); - mContextHandle = 0; + + if (mContextHandle != 0) + { + qCDebug(card_pcsc) << "SCardCancel: " << PcscUtils::toString(SCardCancel(mContextHandle)); + qCDebug(card_pcsc) << "SCardReleaseContext:" << PcscUtils::toString(SCardReleaseContext(mContextHandle)); + mContextHandle = 0; + } delete[] mReaderState.szReader; } diff --git a/src/card/pcsc/PcscReader.h b/src/card/pcsc/PcscReader.h index 85af8313b..7d121b8e3 100644 --- a/src/card/pcsc/PcscReader.h +++ b/src/card/pcsc/PcscReader.h @@ -40,6 +40,7 @@ class PcscReader public: explicit PcscReader(const QString& pReaderName); + [[nodiscard]] PCSC_RETURNCODE init(); ~PcscReader() override; [[nodiscard]] Card* getCard() const override; diff --git a/src/card/pcsc/PcscReaderManagerPlugIn.cpp b/src/card/pcsc/PcscReaderManagerPlugIn.cpp index 5928495f3..dd98e4289 100644 --- a/src/card/pcsc/PcscReaderManagerPlugIn.cpp +++ b/src/card/pcsc/PcscReaderManagerPlugIn.cpp @@ -133,20 +133,7 @@ void PcscReaderManagerPlugIn::updateReaders() } removeReaders(readersToRemove); - - for (QMutableListIterator iterator(readersToAdd); iterator.hasNext();) - { - QString readerName = iterator.next(); - Reader* reader = new PcscReader(readerName); - mReaders.insert(readerName, reader); - - connect(reader, &Reader::fireCardInserted, this, &PcscReaderManagerPlugIn::fireCardInserted); - connect(reader, &Reader::fireCardRemoved, this, &PcscReaderManagerPlugIn::fireCardRemoved); - connect(reader, &Reader::fireCardInfoChanged, this, &PcscReaderManagerPlugIn::fireCardInfoChanged); - - qCDebug(card_pcsc) << "fireReaderAdded:" << readerName << "(" << mReaders.size() << "reader in total )"; - Q_EMIT fireReaderAdded(reader->getReaderInfo()); - } + addReaders(readersToAdd); } @@ -162,6 +149,30 @@ QString PcscReaderManagerPlugIn::extractReaderName(const PCSC_CHAR_PTR pReaderPo } +void PcscReaderManagerPlugIn::addReaders(const QStringList& pReaderNames) +{ + for (const auto& readerName : pReaderNames) + { + auto pcscReader = std::make_unique(readerName); + if (pcscReader->init() != PcscUtils::Scard_S_Success) + { + qCDebug(card_pcsc) << "Initialization of" << readerName << "failed"; + continue; + } + + Reader* reader = pcscReader.release(); + mReaders.insert(readerName, reader); + + connect(reader, &Reader::fireCardInserted, this, &PcscReaderManagerPlugIn::fireCardInserted); + connect(reader, &Reader::fireCardRemoved, this, &PcscReaderManagerPlugIn::fireCardRemoved); + connect(reader, &Reader::fireCardInfoChanged, this, &PcscReaderManagerPlugIn::fireCardInfoChanged); + + qCDebug(card_pcsc) << "fireReaderAdded:" << readerName << "(" << mReaders.size() << "reader in total )"; + Q_EMIT fireReaderAdded(reader->getReaderInfo()); + } +} + + void PcscReaderManagerPlugIn::removeReader(const QString& pReaderName) { if (!mReaders.contains(pReaderName)) diff --git a/src/card/pcsc/PcscReaderManagerPlugIn.h b/src/card/pcsc/PcscReaderManagerPlugIn.h index b69a5c39d..6b4b79f1c 100644 --- a/src/card/pcsc/PcscReaderManagerPlugIn.h +++ b/src/card/pcsc/PcscReaderManagerPlugIn.h @@ -17,6 +17,9 @@ #include +class test_PcscReaderManagerPlugIn; + + namespace governikus { @@ -26,6 +29,7 @@ class PcscReaderManagerPlugIn Q_OBJECT Q_PLUGIN_METADATA(IID "governikus.ReaderManagerPlugIn" FILE "metadata.json") Q_INTERFACES(governikus::ReaderManagerPlugIn) + friend class ::test_PcscReaderManagerPlugIn; private: SCARDCONTEXT mContextHandle; @@ -36,6 +40,7 @@ class PcscReaderManagerPlugIn PCSC_RETURNCODE readReaderNames(QStringList& pReaderNames); void updateReaders(); inline QString extractReaderName(const PCSC_CHAR_PTR pReaderPointer) const; + void addReaders(const QStringList& pReaderNames); void removeReader(const QString& pReaderName); void removeReaders(const QStringList& pReaderNames); diff --git a/src/card/simulator/SimulatorCard.cpp b/src/card/simulator/SimulatorCard.cpp index 98a6707c1..69b1abf5d 100644 --- a/src/card/simulator/SimulatorCard.cpp +++ b/src/card/simulator/SimulatorCard.cpp @@ -35,6 +35,7 @@ SimulatorCard::SimulatorCard(const SimulatorFileSystem& pFileSystem) , mAuxiliaryData() , mSecureMessaging() , mNewSecureMessaging() + , mCaKeyId(0) , mRiKeyId(0) { } @@ -238,6 +239,10 @@ ResponseApduResult SimulatorCard::executeMseSetAt(const CommandApdu& pCmd) if (pCmd.getP1() == CommandApdu::CHIP_AUTHENTICATION && pCmd.getP2() == CommandApdu::AUTHENTICATION_TEMPLATE) { const auto& cmr = cmdData.getData(V_ASN1_CONTEXT_SPECIFIC, CommandData::CRYPTOGRAPHIC_MECHANISM_REFERENCE); + if (cmr == Oid(KnownOid::ID_CA_ECDH_AES_CBC_CMAC_128).getData()) + { + mCaKeyId = cmdData.getData(V_ASN1_CONTEXT_SPECIFIC, CommandData::PRIVATE_KEY_REFERENCE).back(); + } if (cmr == Oid(KnownOid::ID_RI_ECDH_SHA_256).getData()) { mRiKeyId = cmdData.getData(V_ASN1_CONTEXT_SPECIFIC, CommandData::PRIVATE_KEY_REFERENCE).back(); @@ -257,37 +262,36 @@ ResponseApduResult SimulatorCard::executeMseSetAt(const CommandApdu& pCmd) ResponseApduResult SimulatorCard::executeGeneralAuthenticate(const CommandApdu& pCmd) { - ResponseApduResult result = {CardReturnCode::OK, ResponseApdu(StatusCode::SUCCESS)}; - const CommandData cmdData(pCmd.getData()); const auto& caKey = cmdData.getData(V_ASN1_CONTEXT_SPECIFIC, CommandData::CA_EPHEMERAL_PUBLIC_KEY); if (!caKey.isEmpty()) { - // CA General Authenticate - Chip Authentication const QByteArray nonce = QByteArray::fromHex("0001020304050607"); const QByteArray& authenticationToken = generateAuthenticationToken(caKey, nonce); auto ga = newObject(); Asn1OctetStringUtil::setValue(nonce, ga->mNonce); Asn1OctetStringUtil::setValue(authenticationToken, ga->mAuthenticationToken); - result = {CardReturnCode::OK, ResponseApdu(encodeObject(ga.data()) + QByteArray::fromHex("9000"))}; + return {CardReturnCode::OK, ResponseApdu(encodeObject(ga.data()) + QByteArray::fromHex("9000"))}; } - else + + const auto& riKey = cmdData.getData(V_ASN1_CONTEXT_SPECIFIC, CommandData::RI_EPHEMERAL_PUBLIC_KEY); + if (!riKey.isEmpty()) { - const auto& riKey = cmdData.getData(V_ASN1_CONTEXT_SPECIFIC, CommandData::RI_EPHEMERAL_PUBLIC_KEY); - if (!riKey.isEmpty()) + const auto& oid = cmdData.getData(V_ASN1_UNIVERSAL, CommandData::RI_EPHEMERAL_PUBLIC_KEY); + if (oid != Oid(KnownOid::ID_RI_ECDH_SHA_256).getData()) { - // RE General Authenticate - Restricted Identification - const QByteArray& restrictedId = generateRestrictedId(riKey); + return {CardReturnCode::OK, ResponseApdu(StatusCode::NO_BINARY_FILE)}; + } - const auto responseData = Asn1Util::encode(V_ASN1_CONTEXT_SPECIFIC, 1, restrictedId); - const auto response = Asn1Util::encode(V_ASN1_APPLICATION, 28, responseData, true); + const QByteArray& restrictedId = generateRestrictedId(riKey); - result = {CardReturnCode::OK, ResponseApdu(response + QByteArray::fromHex("9000"))}; - } + const auto responseData = Asn1Util::encode(V_ASN1_CONTEXT_SPECIFIC, 1, restrictedId); + const auto response = Asn1Util::encode(V_ASN1_APPLICATION, 28, responseData, true); + return {CardReturnCode::OK, ResponseApdu(response + QByteArray::fromHex("9000"))}; } - return result; + return {CardReturnCode::OK, ResponseApdu(StatusCode::SUCCESS)}; } @@ -321,7 +325,7 @@ QByteArray SimulatorCard::generateAuthenticationToken(const QByteArray& pPublicK { const Oid oid(KnownOid::ID_CA_ECDH_AES_CBC_CMAC_128); - QByteArray sharedSecret = brainpoolP256r1Multiplication(pPublicKey, mFileSystem.getCardAuthenticationKey()); + QByteArray sharedSecret = brainpoolP256r1Multiplication(pPublicKey, mFileSystem.getPrivateKey(mCaKeyId)); const auto protocol = SecurityProtocol(oid); KeyDerivationFunction kdf(protocol); @@ -346,7 +350,7 @@ QByteArray SimulatorCard::generateRestrictedId(const QByteArray& pPublicKey) { // const Oid oid(KnownOid::ID_RI_ECDH_SHA_256); - QByteArray sharedSecret = brainpoolP256r1Multiplication(pPublicKey, mFileSystem.getRestrictedIdentificationKey(mRiKeyId)); + QByteArray sharedSecret = brainpoolP256r1Multiplication(pPublicKey, mFileSystem.getPrivateKey(mRiKeyId)); return QCryptographicHash::hash(sharedSecret, QCryptographicHash::Sha256); } diff --git a/src/card/simulator/SimulatorCard.h b/src/card/simulator/SimulatorCard.h index 4331aa3be..8d4c87bb8 100644 --- a/src/card/simulator/SimulatorCard.h +++ b/src/card/simulator/SimulatorCard.h @@ -31,6 +31,7 @@ class SimulatorCard QSharedPointer mAuxiliaryData; std::unique_ptr mSecureMessaging; std::unique_ptr mNewSecureMessaging; + int mCaKeyId; int mRiKeyId; public: diff --git a/src/card/simulator/SimulatorFileSystem.cpp b/src/card/simulator/SimulatorFileSystem.cpp index 57063e4ed..1846b0ae0 100644 --- a/src/card/simulator/SimulatorFileSystem.cpp +++ b/src/card/simulator/SimulatorFileSystem.cpp @@ -24,11 +24,12 @@ using namespace governikus; Q_DECLARE_LOGGING_CATEGORY(card) -SimulatorFileSystem::SimulatorFileSystem() - : mSelectedFile() - , mFiles() - , mFileIds() +void SimulatorFileSystem::initMandatoryData() { + mKeys.insert(1, QByteArray::fromHex("0353859C2EC67780BA39015DE8C682AF2326D43DE9CE1E07737087BD1E17CB22")); + mKeys.insert(2, QByteArray::fromHex("9AD0AD7F4DFAAA06988339FC31D3A111F4C7964AC7F377373A2454327C43E2FF")); + mKeys.insert(41, QByteArray::fromHex("A07EB62E891DAA84643E0AFCC1AF006891B669B8F51E379477DBEAB8C987A610")); + createFile(FileRef::efDir().getIdentifier(), FileRef::efDir().getShortIdentifier(), QByteArray::fromHex( "61324F0FE828BD080FA000000167455349474E500F434941207A752044462E655369676E5100730C4F0AA00000016745" "5349474E61094F07A0000002471001610B4F09E80704007F00070302610C4F0AA000000167455349474E")); @@ -93,6 +94,16 @@ SimulatorFileSystem::SimulatorFileSystem() "0304046630640230582364C74D9C694D3C8F99ACBF82A7A847141248B015AED8BEE3C395E82788426F032978D196303A" "6B81D9FA8B8DBC8E02305BF169DE97B344A4B03E862C48A76226F044C6DA1EA78E380C2C6479B79526415735345764D7" "B6E738EE83931AABE840")); +} + + +SimulatorFileSystem::SimulatorFileSystem() + : mSelectedFile() + , mKeys() + , mFiles() + , mFileIds() +{ + initMandatoryData(); // Default profile 01 : 01 - 0A, 0D, 11 - 12 // Additional data fields : 0B - 0C, 0E - 0F, 13 - 16 @@ -135,7 +146,13 @@ SimulatorFileSystem::SimulatorFileSystem() SimulatorFileSystem::SimulatorFileSystem(const QJsonObject& pData) + : mSelectedFile() + , mKeys() + , mFiles() + , mFileIds() { + initMandatoryData(); + const auto& files = pData[QLatin1String("files")].toArray(); for (JsonValueRef value : files) { @@ -159,6 +176,27 @@ SimulatorFileSystem::SimulatorFileSystem(const QJsonObject& pData) QByteArray::fromHex(shortFileId.toUtf8()), QByteArray::fromHex(content.toUtf8())); } + + const auto& keys = pData[QLatin1String("keys")].toArray(); + for (JsonValueRef value : keys) + { + if (!value.isObject()) + { + qCWarning(card) << "Skipping key entry. Expected JSON object, got" << value; + continue; + } + + const auto& key = value.toObject(); + const auto& keyId = key[QLatin1String("id")].toInt(0); + const auto& privateKey = key[QLatin1String("private")].toString(); + if (keyId == 0 || privateKey.isNull()) + { + qCWarning(card) << "Skipping key entry. Expected JSON object with 'id' and 'private', got" << key; + continue; + } + + mKeys.insert(keyId, QByteArray::fromHex(privateKey.toUtf8())); + } } @@ -241,25 +279,9 @@ QByteArray SimulatorFileSystem::getEfCardAccess() const } -QByteArray SimulatorFileSystem::getCardAuthenticationKey() const -{ - return QByteArray::fromHex("A07EB62E891DAA84643E0AFCC1AF006891B669B8F51E379477DBEAB8C987A610"); -} - - -QByteArray SimulatorFileSystem::getRestrictedIdentificationKey(int pKeyId) const +QByteArray SimulatorFileSystem::getPrivateKey(int pKeyId) const { - switch (pKeyId) - { - case 1: - return QByteArray::fromHex("0353859C2EC67780BA39015DE8C682AF2326D43DE9CE1E07737087BD1E17CB22"); - - case 2: - return QByteArray::fromHex("9AD0AD7F4DFAAA06988339FC31D3A111F4C7964AC7F377373A2454327C43E2FF"); - - default: - return QByteArray(); - } + return mKeys[pKeyId]; } diff --git a/src/card/simulator/SimulatorFileSystem.h b/src/card/simulator/SimulatorFileSystem.h index efd84a98f..ef627ff99 100644 --- a/src/card/simulator/SimulatorFileSystem.h +++ b/src/card/simulator/SimulatorFileSystem.h @@ -25,9 +25,12 @@ class SimulatorFileSystem { private: QByteArray mSelectedFile; + QMap mKeys; QMap mFiles; QMap mFileIds; + void initMandatoryData(); + public: SimulatorFileSystem(); explicit SimulatorFileSystem(const QJsonObject& pData); @@ -37,8 +40,7 @@ class SimulatorFileSystem [[nodiscard]] StatusCode write(int pOffset, const QByteArray& pData); [[nodiscard]] QByteArray getEfCardAccess() const; - [[nodiscard]] QByteArray getCardAuthenticationKey() const; - [[nodiscard]] QByteArray getRestrictedIdentificationKey(int pKeyId) const; + [[nodiscard]] QByteArray getPrivateKey(int pKeyId) const; [[nodiscard]] StatusCode verify(const Oid& pOid, const QSharedPointer& pAuxiliaryData); diff --git a/src/global/ECardApiResult.cpp b/src/global/ECardApiResult.cpp index dcf829505..e412c0f15 100644 --- a/src/global/ECardApiResult.cpp +++ b/src/global/ECardApiResult.cpp @@ -95,48 +95,56 @@ void ECardApiResult::initConversionMaps() return; } + addConversionElement(GlobalStatus::Code::No_Error, Minor::null); + addConversionElement(GlobalStatus::Code::Paos_Error_AL_Unknown_Error, Minor::AL_Unknown_Error); addConversionElement(GlobalStatus::Code::Paos_Unexpected_Warning, Minor::AL_Unknown_Error); addConversionElement(GlobalStatus::Code::Unknown_Error, Minor::AL_Unknown_Error); addConversionElement(GlobalStatus::Code::Card_Unexpected_Transmit_Status, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Card_NewPin_Invalid_Length, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Workflow_AlreadyInProgress_Error, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Workflow_No_Extended_Length_Error, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Card_Not_Found, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Card_Communication_Error, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Card_Input_TimeOut, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Card_Pin_Blocked, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Card_Pin_Not_Blocked, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Card_NewPin_Mismatch, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Card_ValidityVerificationFailed, Minor::SAL_MEAC_DocumentValidityVerificationFailed); + addConversionElement(GlobalStatus::Code::RemoteReader_CloseCode_AbnormalClose, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::IfdConnector_InvalidRequest, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::IfdConnector_NoSupportedApiLevel, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::IfdConnector_ConnectionTimeout, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::IfdConnector_ConnectionError, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::IfdConnector_RemoteHostRefusedConnection, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Downloader_File_Not_Found, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Downloader_Cannot_Save_File, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Downloader_Data_Corrupted, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Downloader_Missing_Platform, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Downloader_Aborted, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Update_Execution_Failed, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Card_Smart_Invalid, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Workflow_Smart_eID_Unavailable, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Workflow_Smart_eID_Applet_Preparation_Failed, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Workflow_Smart_eID_PrePersonalization_Failed, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Workflow_Smart_eID_Personalization_Failed, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::No_Error, Minor::null); - - addConversionElement(GlobalStatus::Code::Workflow_Card_Removed, Minor::IFDL_CancellationByUser); + addConversionElement(GlobalStatus::Code::Workflow_No_Permission_Error, Minor::AL_No_Permission); + addConversionElement(GlobalStatus::Code::Card_Pin_Deactivated, Minor::AL_No_Permission); + addConversionElement(GlobalStatus::Code::Card_Puk_Blocked, Minor::AL_No_Permission); - addConversionElement(GlobalStatus::Code::Workflow_No_Unique_DvCvc, ECardApiResult::Minor::IL_Signature_InvalidCertificatePath); - addConversionElement(GlobalStatus::Code::Workflow_No_Unique_AtCvc, ECardApiResult::Minor::IL_Signature_InvalidCertificatePath); - addConversionElement(GlobalStatus::Code::Workflow_Preverification_Error, ECardApiResult::Minor::IL_Signature_InvalidCertificatePath); - addConversionElement(GlobalStatus::Code::Workflow_Preverification_Developermode_Error, ECardApiResult::Minor::IL_Signature_InvalidCertificatePath); + addConversionElement(GlobalStatus::Code::Paos_Error_AL_Internal_Error, Minor::AL_Internal_Error); + addConversionElement(GlobalStatus::Code::Workflow_Cannot_Confirm_IdCard_Authenticity, Minor::AL_Internal_Error); + addConversionElement(GlobalStatus::Code::Workflow_Unknown_Paos_From_EidServer, Minor::AL_Internal_Error); + addConversionElement(GlobalStatus::Code::Workflow_Start_Paos_Response_Missing, Minor::AL_Internal_Error); + addConversionElement(GlobalStatus::Code::Workflow_Unexpected_Message_From_EidServer, Minor::AL_Internal_Error); + addConversionElement(GlobalStatus::Code::Card_Protocol_Error, Minor::AL_Internal_Error); addConversionElement(GlobalStatus::Code::Workflow_Certificate_No_Description, Minor::AL_Parameter_Error); addConversionElement(GlobalStatus::Code::Workflow_Certificate_No_Url_In_Description, Minor::AL_Parameter_Error); addConversionElement(GlobalStatus::Code::Workflow_Certificate_Hash_Error, Minor::AL_Parameter_Error); addConversionElement(GlobalStatus::Code::Workflow_Certificate_Sop_Error, Minor::AL_Parameter_Error); - addConversionElement(GlobalStatus::Code::Paos_Error_DP_Trusted_Channel_Establishment_Failed, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Establishment_Error, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Error_From_Server, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Hash_Not_In_Description, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_No_Data_Received, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Ssl_Connection_Unsupported_Algorithm_Or_Length, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Ssl_Certificate_Unsupported_Algorithm_Or_Length, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_ServiceUnavailable, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_TimeOut, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Proxy_Error, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Establishment_Error, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Server_Format_Error, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Other_Network_Error, Minor::DP_Trusted_Channel_Establishment_Failed); - - addConversionElement(GlobalStatus::Code::Paos_Error_SAL_Cancellation_by_User, Minor::SAL_Cancellation_by_User); - addConversionElement(GlobalStatus::Code::Workflow_InternalError_BeforeTcToken, Minor::SAL_Cancellation_by_User); - addConversionElement(GlobalStatus::Code::Workflow_Cancellation_By_User, Minor::SAL_Cancellation_by_User); - addConversionElement(GlobalStatus::Code::Card_Cancellation_By_User, Minor::SAL_Cancellation_by_User); - - addConversionElement(GlobalStatus::Code::Workflow_No_Permission_Error, Minor::AL_No_Permission); - addConversionElement(GlobalStatus::Code::Card_Pin_Deactivated, Minor::AL_No_Permission); - addConversionElement(GlobalStatus::Code::Card_Puk_Blocked, Minor::AL_No_Permission); - addConversionElement(GlobalStatus::Code::Paos_Error_AL_Communication_Error, Minor::AL_Communication_Error); addConversionElement(GlobalStatus::Code::Workflow_Communication_Missing_Redirect_Url, Minor::AL_Communication_Error); addConversionElement(GlobalStatus::Code::Workflow_Error_Page_Transmission_Error, Minor::AL_Communication_Error); @@ -160,28 +168,33 @@ void ECardApiResult::initConversionMaps() addConversionElement(GlobalStatus::Code::Card_Invalid_Pin, Minor::AL_Communication_Error); addConversionElement(GlobalStatus::Code::Card_Invalid_Can, Minor::AL_Communication_Error); addConversionElement(GlobalStatus::Code::Card_Invalid_Puk, Minor::AL_Communication_Error); - addConversionElement(GlobalStatus::Code::Workflow_Smart_eID_Unavailable, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Workflow_Smart_eID_Applet_Preparation_Failed, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Workflow_Smart_eID_PrePersonalization_Failed, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Workflow_Smart_eID_Personalization_Failed, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Card_NewPin_Invalid_Length, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Workflow_AlreadyInProgress_Error, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Workflow_No_Extended_Length_Error, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Card_Not_Found, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Card_Communication_Error, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Card_Input_TimeOut, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Card_Pin_Blocked, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Card_Pin_Not_Blocked, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Card_NewPin_Mismatch, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Card_ValidityVerificationFailed, Minor::SAL_MEAC_DocumentValidityVerificationFailed); - addConversionElement(GlobalStatus::Code::Card_Smart_Invalid, Minor::AL_Unknown_Error); + addConversionElement(GlobalStatus::Code::Paos_Error_DP_Trusted_Channel_Establishment_Failed, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Establishment_Error, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Error_From_Server, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Hash_Not_In_Description, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_No_Data_Received, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Ssl_Connection_Unsupported_Algorithm_Or_Length, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Ssl_Certificate_Unsupported_Algorithm_Or_Length, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_ServiceUnavailable, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_TimeOut, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Proxy_Error, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Server_Format_Error, Minor::DP_Trusted_Channel_Establishment_Failed); + addConversionElement(GlobalStatus::Code::Workflow_TrustedChannel_Other_Network_Error, Minor::DP_Trusted_Channel_Establishment_Failed); - addConversionElement(GlobalStatus::Code::Paos_Error_AL_Internal_Error, Minor::AL_Internal_Error); - addConversionElement(GlobalStatus::Code::Workflow_Cannot_Confirm_IdCard_Authenticity, Minor::AL_Internal_Error); - addConversionElement(GlobalStatus::Code::Workflow_Unknown_Paos_From_EidServer, Minor::AL_Internal_Error); - addConversionElement(GlobalStatus::Code::Workflow_Unexpected_Message_From_EidServer, Minor::AL_Internal_Error); - addConversionElement(GlobalStatus::Code::Card_Protocol_Error, Minor::AL_Internal_Error); + addConversionElement(GlobalStatus::Code::Workflow_No_Unique_DvCvc, ECardApiResult::Minor::IL_Signature_InvalidCertificatePath); + addConversionElement(GlobalStatus::Code::Workflow_No_Unique_AtCvc, ECardApiResult::Minor::IL_Signature_InvalidCertificatePath); + addConversionElement(GlobalStatus::Code::Workflow_Preverification_Error, ECardApiResult::Minor::IL_Signature_InvalidCertificatePath); + addConversionElement(GlobalStatus::Code::Workflow_Preverification_Developermode_Error, ECardApiResult::Minor::IL_Signature_InvalidCertificatePath); + + addConversionElement(GlobalStatus::Code::Paos_Error_SAL_Cancellation_by_User, Minor::SAL_Cancellation_by_User); + addConversionElement(GlobalStatus::Code::Workflow_InternalError_BeforeTcToken, Minor::SAL_Cancellation_by_User); + addConversionElement(GlobalStatus::Code::Workflow_Cancellation_By_User, Minor::SAL_Cancellation_by_User); + addConversionElement(GlobalStatus::Code::Card_Cancellation_By_User, Minor::SAL_Cancellation_by_User); + + addConversionElement(GlobalStatus::Code::Paos_Error_SAL_Invalid_Key, Minor::SAL_Invalid_Key); + + addConversionElement(GlobalStatus::Code::Workflow_Card_Removed, Minor::IFDL_CancellationByUser); addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::AL_Unknown_API_Function); addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::AL_Not_Initialized); @@ -194,6 +207,9 @@ void ECardApiResult::initConversionMaps() addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::DP_Unknown_Cipher_Suite); addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::DP_Unknown_Webservice_Binding); addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::DP_Node_Not_Reachable); + addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::SAL_SecurityConditionNotSatisfied); + addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::SAL_MEAC_AgeVerificationFailedWarning); + addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::SAL_MEAC_CommunityVerificationFailedWarning); addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::IFDL_Timeout_Error); addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::IFDL_UnknownSlot); addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::IFDL_InvalidSlotHandle); @@ -202,25 +218,6 @@ void ECardApiResult::initConversionMaps() addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::IFDL_IO_RepeatedDataMismatch); addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::IFDL_IO_UnknownPINFormat); addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::KEY_KeyGenerationNotPossible); - addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::IL_Signature_InvalidCertificatePath); - addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::SAL_SecurityConditionNotSatisfied); - addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::SAL_MEAC_AgeVerificationFailedWarning); - addConversionElement(GlobalStatus::Code::Paos_Generic_Server_Error, Minor::SAL_MEAC_CommunityVerificationFailedWarning); - - addConversionElement(GlobalStatus::Code::Paos_Error_SAL_Invalid_Key, Minor::SAL_Invalid_Key); - - addConversionElement(GlobalStatus::Code::RemoteReader_CloseCode_AbnormalClose, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::IfdConnector_InvalidRequest, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::IfdConnector_NoSupportedApiLevel, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::IfdConnector_ConnectionTimeout, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::IfdConnector_ConnectionError, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::IfdConnector_RemoteHostRefusedConnection, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Downloader_File_Not_Found, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Downloader_Cannot_Save_File, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Downloader_Data_Corrupted, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Downloader_Missing_Platform, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Downloader_Aborted, Minor::AL_Unknown_Error); - addConversionElement(GlobalStatus::Code::Update_Execution_Failed, Minor::AL_Unknown_Error); } @@ -230,6 +227,10 @@ void ECardApiResult::addConversionElement(const GlobalStatus::Code pCode, const { cConversionMap1[pCode] = pMinor; } + else + { + Q_ASSERT(pCode == GlobalStatus::Code::Paos_Generic_Server_Error); + } if (!cConversionMap2.contains(pMinor)) { diff --git a/src/global/FailureCode.h b/src/global/FailureCode.h index 4b1a1d5ef..0c4a620b9 100644 --- a/src/global/FailureCode.h +++ b/src/global/FailureCode.h @@ -26,6 +26,9 @@ class FailureCode { User_Cancelled, Card_Removed, + Processing_Send_Status_Failed, + Parse_TcToken_Invalid_Url, + Parse_TcToken_Missing_Url, Get_TcToken_Invalid_Url, Get_TcToken_Invalid_Redirect_Url, Get_TcToken_Invalid_Certificate_Key_Length, @@ -39,6 +42,39 @@ class FailureCode Certificate_Check_Failed_Hash_Mismatch, Certificate_Check_Failed_Same_Origin_Policy_Violation, Certificate_Check_Failed_Hash_Missing_In_Description, + Pre_Verfication_No_Test_Environment, + Pre_Verfication_Invalid_Certificate_Chain, + Pre_Verfication_Invalid_Certificate_Signature, + Pre_Verfication_Certificate_Expired, + Extract_Cvcs_From_Eac1_No_Unique_At, + Extract_Cvcs_From_Eac1_No_Unique_Dv, + Extract_Cvcs_From_Eac1_At_Missing, + Extract_Cvcs_From_Eac1_Dv_Missing, + Connect_Card_Connection_Failed, + Connect_Card_Eid_Inactive, + Prepace_Pace_Smart_Eid_Invalidated, + Establish_Pace_Channel_No_Active_Pin, + Establish_Pace_Channel_Basic_Reader_No_Pin, + Establish_Pace_Channel_Puk_Inoperative, + Establish_Pace_Channel_User_Cancelled, + Maintain_Card_Connection_Pace_Unrecoverable, + Did_Authenticate_Eac1_Card_Command_Failed, + Process_Certificates_From_Eac2_Cvc_Chain_Missing, + Did_Authenticate_Eac2_Invalid_Cvc_Chain, + Did_Authenticate_Eac2_Card_Command_Failed, + Generic_Send_Receive_Paos_Unhandled, + Generic_Send_Receive_Network_Error, + Generic_Send_Receive_Ssl_Error, + Generic_Send_Receive_Server_Error, + Generic_Send_Receive_Client_Error, + Generic_Send_Receive_Paos_Unknown, + Generic_Send_Receive_Paos_Unexpected, + Generic_Send_Receive_Invalid_Ephemeral_Key_Length, + Generic_Send_Receive_Certificate_Error, + Generic_Send_Receive_Session_Resumption_Failed, + Transmit_Card_Command_Failed, + Start_Paos_Response_Missing, + Start_Paos_Response_Error, Check_Refresh_Address_Fatal_Ssl_Error_Before_Reply, Check_Refresh_Address_Invalid_Ephemeral_Key_Length, Check_Refresh_Address_Service_Unavailable, @@ -53,6 +89,13 @@ class FailureCode Check_Refresh_Address_Fetch_Certificate_Error, Check_Refresh_Address_Unsupported_Certificate, Check_Refresh_Address_Hash_Missing_In_Certificate, + Redirect_Browser_Send_Error_Page_Failed, + Redirect_Browser_Send_Redirect_Failed, + Generic_Provider_Communication_Network_Error, + Generic_Provider_Communication_Invalid_Ephemeral_Key_Length, + Generic_Provider_Communication_Certificate_Error, + Generic_Provider_Communication_Ssl_Error, + Get_SelfAuthData_Invalid_Or_Empty, Change_Pin_No_SetEidPinCommand_Response, Change_Pin_Input_Timeout, Change_Pin_User_Cancelled, @@ -61,10 +104,11 @@ class FailureCode Change_Pin_Unexpected_Transmit_Status, Change_Pin_Card_New_Pin_Mismatch, Change_Pin_Card_User_Cancelled, - Connect_Card_Connection_Failed, - Connect_Card_Eid_Inactive, - Destroy_Pace_No_Connection_To_Destroy, - Get_SelfAuthData_Invalid_Or_Empty, + Start_Ifd_Service_Failed, + Prepare_Pace_Ifd_Unknown, + Establish_Pace_Ifd_Unknown, + Enter_Pace_Password_Ifd_User_Cancelled, + Enter_New_Pace_Pin_Ifd_User_Cancelled, Transmit_Personalization_Size_Mismatch, Start_Paos_Response_Personalization_Empty, Start_Paos_Response_Personalization_Invalid, @@ -86,65 +130,10 @@ class FailureCode Get_Session_Id_Invalid, Get_Challenge_Invalid, Finalize_Personalization_Failed, + Change_Smart_Pin_Failed, Check_Status_Unavailable, Check_Applet_Error, - Check_Applet_Unavailable, - Start_Ifd_Service_Failed, - Process_Ifd_Messages_No_Server_Connection, - Prepare_Pace_Ifd_Unknown, - Establish_Pace_Ifd_Unknown, - Enter_Pace_Password_Ifd_User_Cancelled, - Enter_New_Pace_Pin_Ifd_User_Cancelled, - Write_History_No_Eac1, - Write_History_No_Chat, - Verify_Retry_Counter_No_Card_Connection, - Update_Retry_Counter_No_Card_Connection, - Update_Retry_Counter_Communication_Error, - Start_Paos_Response_Missing, - Start_Paos_Response_Error, - Redirect_Browser_Send_Error_Page_Failed, - Redirect_Browser_Send_Redirect_Failed, - Processing_Send_Status_Failed, - Process_Certificates_From_Eac2_Cvc_Chain_Missing, - Prepace_Pace_No_Card_Connection, - Prepace_Pace_Smart_Eid_Invalidated, - Pre_Verfication_No_Test_Environment, - Pre_Verfication_Invalid_Certificate_Chain, - Pre_Verfication_Invalid_Certificate_Signature, - Pre_Verfication_Certificate_Expired, - Parse_TcToken_Invalid_Url, - Parse_TcToken_Missing_Url, - Extract_Cvcs_From_Eac1_No_Unique_At, - Extract_Cvcs_From_Eac1_No_Unique_Dv, - Extract_Cvcs_From_Eac1_At_Missing, - Extract_Cvcs_From_Eac1_Dv_Missing, - Establish_Pace_Channel_No_Active_Pin, - Establish_Pace_Channel_Transport_Pin, - Establish_Pace_Channel_No_Card_Connection, - Establish_Pace_Channel_Basic_Reader_No_Pin, - Establish_Pace_Channel_Puk_Inoperative, - Establish_Pace_Channel_User_Cancelled, - Establish_Pace_Channel_Invalid_Card_Return_Code, - Did_Authenticate_Eac1_Card_Command_Failed, - Did_Authenticate_Eac2_Invalid_Cvc_Chain, - Did_Authenticate_Eac2_Card_Command_Failed, - Maintain_Card_Connection_Pace_Unrecoverable, - Generic_Send_Receive_Network_Error, - Generic_Provider_Communication_Network_Error, - Generic_Provider_Communication_Invalid_Ephemeral_Key_Length, - Generic_Provider_Communication_Certificate_Error, - Generic_Provider_Communication_Ssl_Error, - Generic_Send_Receive_Paos_Unhandled, - Generic_Send_Receive_Ssl_Error, - Generic_Send_Receive_Server_Error, - Generic_Send_Receive_Client_Error, - Generic_Send_Receive_Paos_Unknown, - Generic_Send_Receive_Paos_Unexpected, - Generic_Send_Receive_Invalid_Ephemeral_Key_Length, - Generic_Send_Receive_Certificate_Error, - Generic_Send_Receive_Session_Resumption_Failed, - Transmit_Card_Command_Failed, - Change_Smart_Pin_Failed + Check_Applet_Unavailable }; Q_ENUM(Reason) diff --git a/src/global/GlobalStatus.cpp b/src/global/GlobalStatus.cpp index 53d0b6e14..6c89d427d 100644 --- a/src/global/GlobalStatus.cpp +++ b/src/global/GlobalStatus.cpp @@ -28,6 +28,7 @@ bool GlobalStatus::isMessageMasked() const switch (d->mStatusCode) { case Code::Workflow_Unknown_Paos_From_EidServer: + case Code::Workflow_Start_Paos_Response_Missing: case Code::Workflow_Unexpected_Message_From_EidServer: case Code::Workflow_Preverification_Error: case Code::Workflow_No_Unique_AtCvc: @@ -130,9 +131,13 @@ QString GlobalStatus::toErrorDescriptionInternal() const return tr("The authenticity of your ID card could not be confirmed."); case Code::Workflow_Unknown_Paos_From_EidServer: - //: ERROR_MASKED ALL_PLATFORMS The type of a POAS message could not be determined. + //: ERROR_MASKED ALL_PLATFORMS The type of a PAOS message could not be determined. return tr("The program received an unknown message from the server."); + case Code::Workflow_Start_Paos_Response_Missing: + //: ERROR_MASKED ALL_PLATFORMS The PAOS message StartPaosResponse was not received. + return tr("The program did not receive a StartPaosResponse message from the server."); + case Code::Workflow_Unexpected_Message_From_EidServer: //: ERROR_MASKED ALL_PLATFORMS The server sent a valid PAOS message but its type was unexpected. return tr("The program received an unexpected message from the server."); diff --git a/src/global/GlobalStatus.h b/src/global/GlobalStatus.h index 56c9624a7..0ac70caf5 100644 --- a/src/global/GlobalStatus.h +++ b/src/global/GlobalStatus.h @@ -50,6 +50,7 @@ class GlobalStatus Workflow_Card_Removed, Workflow_Cannot_Confirm_IdCard_Authenticity, Workflow_Unknown_Paos_From_EidServer, + Workflow_Start_Paos_Response_Missing, Workflow_Unexpected_Message_From_EidServer, Workflow_Preverification_Developermode_Error, Workflow_Preverification_Error, diff --git a/src/ifd/base/ConnectRequest.cpp b/src/ifd/base/ConnectRequest.cpp index c87093224..27845ae97 100644 --- a/src/ifd/base/ConnectRequest.cpp +++ b/src/ifd/base/ConnectRequest.cpp @@ -53,7 +53,11 @@ ConnectRequest::ConnectRequest(const IfdDescriptor& pIfdDescriptor, mSocket->setProxy(QNetworkProxy(QNetworkProxy::NoProxy)); connect(mSocket.data(), &QWebSocket::connected, this, &ConnectRequest::onConnected); +#if (QT_VERSION >= QT_VERSION_CHECK(6, 5, 0)) + connect(mSocket.data(), &QWebSocket::errorOccurred, this, &ConnectRequest::onError); +#else connect(mSocket.data(), QOverload::of(&QWebSocket::error), this, &ConnectRequest::onError); +#endif mTimer.setSingleShot(true); mTimer.setInterval(pTimeoutMs); diff --git a/src/init/Bootstrap.cpp b/src/init/Bootstrap.cpp index 21cb7d969..69806d62f 100644 --- a/src/init/Bootstrap.cpp +++ b/src/init/Bootstrap.cpp @@ -76,6 +76,10 @@ static inline void printInfo() { qCDebug(init) << "Library path:" << path; } + +#if (QT_VERSION > QT_VERSION_CHECK(6, 0, 0)) + qCDebug(init) << "TLS backends:" << QSslSocket::availableBackends() << "| using:" << QSslSocket::activeBackend(); +#endif } diff --git a/src/network/DatagramHandlerImpl.cpp b/src/network/DatagramHandlerImpl.cpp index bd241e7b8..5d7cd7500 100644 --- a/src/network/DatagramHandlerImpl.cpp +++ b/src/network/DatagramHandlerImpl.cpp @@ -238,17 +238,18 @@ void DatagramHandlerImpl::sendToAllAddressEntries(const QByteArray& pData, quint for (const QHostAddress& broadcastAddr : std::as_const(broadcastAddresses)) { - const auto alreadyFailed = mFailedAddresses.contains(broadcastAddr); + const auto& addrString = broadcastAddr.toString(); // QTBUG-112528 + const auto alreadyFailed = mFailedAddresses.contains(addrString); const auto sendSuccess = sendToAddress(pData, broadcastAddr, pPort, !alreadyFailed); if (sendSuccess && alreadyFailed) { - mFailedAddresses.removeAll(broadcastAddr); + mFailedAddresses.removeAll(addrString); } else if (!sendSuccess && !alreadyFailed) { qCDebug(network) << "Broadcasting to" << broadcastAddr << "failed"; - mFailedAddresses << broadcastAddr; + mFailedAddresses << addrString; } } } diff --git a/src/network/DatagramHandlerImpl.h b/src/network/DatagramHandlerImpl.h index c51c8c0b6..f533ee9aa 100644 --- a/src/network/DatagramHandlerImpl.h +++ b/src/network/DatagramHandlerImpl.h @@ -32,7 +32,7 @@ class DatagramHandlerImpl QScopedPointer mSocket; QScopedPointer mMulticastLock; QList mAllAddresses; - QVector mFailedAddresses; + QStringList mFailedAddresses; quint16 mUsedPort; PortFile mPortFile; bool mEnableListening; diff --git a/src/network/HttpHandler.cpp b/src/network/HttpHandler.cpp index a4e6f42ce..d214bdef6 100644 --- a/src/network/HttpHandler.cpp +++ b/src/network/HttpHandler.cpp @@ -110,7 +110,6 @@ void HttpHandler::handleImageRequest(const QSharedPointer& pRequest { qCCritical(network) << "Unknown image file requested" << pImagePath; response.setStatus(HTTP_STATUS_NOT_FOUND); - response.setBody(QByteArrayLiteral("Not found"), QByteArrayLiteral("text/plain; charset=utf-8")); } pRequest->send(response); @@ -146,6 +145,7 @@ void HttpHandler::handleStatusRequest(StatusFormat pStatusFormat, const QSharedP HttpResponse response(HTTP_STATUS_OK); response.setHeader(QByteArrayLiteral("Access-Control-Allow-Origin"), QByteArrayLiteral("*")); + response.setHeader(QByteArrayLiteral("Access-Control-Allow-Private-Network"), QByteArrayLiteral("true")); switch (pStatusFormat) { case StatusFormat::PLAIN: diff --git a/src/network/HttpRequest.cpp b/src/network/HttpRequest.cpp index bc62d74c8..7e88f52f1 100644 --- a/src/network/HttpRequest.cpp +++ b/src/network/HttpRequest.cpp @@ -58,9 +58,13 @@ QTcpSocket* HttpRequest::take() HttpRequest::~HttpRequest() { - if (mSocket && mSocket->state() == QAbstractSocket::ConnectedState) + if (mSocket && mSocket->bytesToWrite() && mSocket->state() == QAbstractSocket::ConnectedState && !mSocket->flush()) { - mSocket->flush(); + qCDebug(network) << "Flush socket failed. Waiting for bytes:" << mSocket->bytesToWrite(); + if (!mSocket->waitForBytesWritten()) + { + qCWarning(network) << "Cannot wait for socket anymore... abort!"; + } } } diff --git a/src/ui/functional/CMakeLists.txt b/src/ui/functional/CMakeLists.txt index cdfc5d3bb..46a108e38 100644 --- a/src/ui/functional/CMakeLists.txt +++ b/src/ui/functional/CMakeLists.txt @@ -11,3 +11,7 @@ target_link_libraries(AusweisAppUiFunctional ${Qt}::Core AusweisAppUi AusweisApp target_compile_definitions(AusweisAppUiFunctional PRIVATE QT_STATICPLUGIN) set_target_properties(AusweisAppUiFunctional PROPERTIES PUBLIC_HEADER "AusweisApp2.h") + +if(IOS) + target_link_options(AusweisAppUiFunctional PUBLIC -exported_symbols_list ${CMAKE_CURRENT_SOURCE_DIR}/exported_symbols.txt) +endif() diff --git a/src/ui/functional/exported_symbols.txt b/src/ui/functional/exported_symbols.txt new file mode 100644 index 000000000..73f190594 --- /dev/null +++ b/src/ui/functional/exported_symbols.txt @@ -0,0 +1,4 @@ +_ausweisapp2_init +_ausweisapp2_shutdown +_ausweisapp2_is_running +_ausweisapp2_send diff --git a/src/ui/json/MessageDispatcher.cpp b/src/ui/json/MessageDispatcher.cpp index cc5d7a1ad..03bb84f33 100644 --- a/src/ui/json/MessageDispatcher.cpp +++ b/src/ui/json/MessageDispatcher.cpp @@ -387,8 +387,19 @@ MsgHandler MessageDispatcher::interrupt() #ifdef Q_OS_IOS { const auto allowedStates = {MsgType::ENTER_PIN, MsgType::ENTER_CAN, MsgType::ENTER_PUK, MsgType::ENTER_NEW_PIN}; - return handleCurrentState(cmdType, allowedStates, [] { - Env::getSingleton()->stopScanAll(QLatin1String("")); // Null string is interpreted as 'success' + const auto lastPaceResult = mContext.getContext()->getLastPaceResult(); + return handleCurrentState(cmdType, allowedStates, [lastPaceResult] { + switch (lastPaceResult) + { + case CardReturnCode::OK: + case CardReturnCode::OK_PUK: + Env::getSingleton()->stopScanAll(); // Null string is interpreted as 'success' + break; + + default: + Env::getSingleton()->stopScanAll(Env::getSingleton()->getMessages().getSessionFailed()); + } + return MsgHandler::Void; }); } diff --git a/src/ui/json/messages/MsgHandlerChangePin.cpp b/src/ui/json/messages/MsgHandlerChangePin.cpp index 496aa7f22..f01b2c08b 100644 --- a/src/ui/json/messages/MsgHandlerChangePin.cpp +++ b/src/ui/json/messages/MsgHandlerChangePin.cpp @@ -36,4 +36,10 @@ MsgHandlerChangePin::MsgHandlerChangePin(const QSharedPointergetLastPaceResult() == CardReturnCode::OK && !pContext->isWorkflowCancelled(); + + const auto& failureCode = pContext->getFailureCode(); + if (failureCode.has_value()) + { + mJsonObject[QLatin1String("reason")] = Enum::getName(failureCode.value().getReason()); + } } diff --git a/src/ui/qml/ApplicationModel.cpp b/src/ui/qml/ApplicationModel.cpp index 8d63b5bf4..dcc7c906d 100644 --- a/src/ui/qml/ApplicationModel.cpp +++ b/src/ui/qml/ApplicationModel.cpp @@ -76,7 +76,7 @@ ApplicationModel::ApplicationModel() mFeedbackTimer.setSingleShot(true); connect(&mFeedbackTimer, &QTimer::timeout, this, &ApplicationModel::onShowNextFeedback, Qt::QueuedConnection); - onApplicationStateChanged(qGuiApp->applicationState()); + onApplicationStateChanged(QGuiApplication::applicationState()); connect(qGuiApp, &QGuiApplication::applicationStateChanged, this, &ApplicationModel::onApplicationStateChanged); } @@ -216,16 +216,16 @@ ApplicationModel::Workflow ApplicationModel::getCurrentWorkflow() const { return Workflow::WORKFLOW_SELF_AUTHENTICATION; } - if (mContext.objectCast()) - { - return Workflow::WORKFLOW_AUTHENTICATION; - } #if __has_include("context/PersonalizationContext.h") if (mContext.objectCast()) { return Workflow::WORKFLOW_SMART; } #endif + if (mContext.objectCast()) + { + return Workflow::WORKFLOW_AUTHENTICATION; + } return Workflow::WORKFLOW_NONE; } diff --git a/src/ui/qml/HistoryModel.cpp b/src/ui/qml/HistoryModel.cpp index 8337f40c5..2e68b9fc9 100644 --- a/src/ui/qml/HistoryModel.cpp +++ b/src/ui/qml/HistoryModel.cpp @@ -136,7 +136,13 @@ QVariant HistoryModel::data(const QModelIndex& pIndex, int pRole) const } case REQUESTEDDATA: - return AccessRoleAndRightsUtil::joinFromTechnicalName(entry.getRequestedData(), AccessRoleAndRightsUtil::READ); + if (const auto& data = entry.getRequestedData(); !data.isEmpty()) + { + return AccessRoleAndRightsUtil::joinFromTechnicalName(data, AccessRoleAndRightsUtil::READ); + } + + //: LABEL ALL_PLATFORMS + return tr("No data stored on your ID card was read, only confirmed whether you are in possession of a valid ID card."); case WRITTENDATA: return AccessRoleAndRightsUtil::joinFromTechnicalName(entry.getRequestedData(), AccessRoleAndRightsUtil::WRITE); diff --git a/src/ui/qml/WorkflowModel.cpp b/src/ui/qml/WorkflowModel.cpp index 87c54f444..081c4638c 100644 --- a/src/ui/qml/WorkflowModel.cpp +++ b/src/ui/qml/WorkflowModel.cpp @@ -274,7 +274,7 @@ QString WorkflowModel::getStatusHintText() const return Env::getSingleton()->getActivateOnlineFunctionHint(); case GlobalStatus::Code::Card_ValidityVerificationFailed: - return tr("Contact your local citizens' office (Bürgeramt) to apply for a new ID card or to unblock the ID card."); + return tr("Contact your local citizens' office (B\u00FCrgeramt) to apply for a new ID card or to unblock the ID card."); default: return QString(); diff --git a/src/workflows/base/controller/ChangePinController.cpp b/src/workflows/base/controller/ChangePinController.cpp index 37c8c57c3..e6dfed37a 100644 --- a/src/workflows/base/controller/ChangePinController.cpp +++ b/src/workflows/base/controller/ChangePinController.cpp @@ -61,6 +61,7 @@ ChangePinController::ChangePinController(QSharedPointer pConte sUpdateRetryCounterFinal->addTransition(sUpdateRetryCounterFinal, &AbstractState::fireContinue, sCleanUpReaderManager); sUpdateRetryCounterFinal->addTransition(sUpdateRetryCounterFinal, &AbstractState::fireAbort, sCleanUpReaderManager); + sUpdateRetryCounterFinal->addTransition(sUpdateRetryCounterFinal, &StateUpdateRetryCounter::fireNoCardConnection, sCleanUpReaderManager); sCleanUpReaderManager->addTransition(sCleanUpReaderManager, &AbstractState::fireContinue, sFinal); sCleanUpReaderManager->addTransition(sCleanUpReaderManager, &AbstractState::fireAbort, sFinal); diff --git a/src/workflows/base/states/CompositeStatePace.cpp b/src/workflows/base/states/CompositeStatePace.cpp index 0d1ce2af8..f76275cf8 100644 --- a/src/workflows/base/states/CompositeStatePace.cpp +++ b/src/workflows/base/states/CompositeStatePace.cpp @@ -72,12 +72,15 @@ CompositeStatePace::CompositeStatePace(const QSharedPointer& pC sUpdateRetryCounter->addTransition(sUpdateRetryCounter, &AbstractState::fireContinue, sVerifyRetryCounter); sUpdateRetryCounter->addTransition(sUpdateRetryCounter, &AbstractState::fireAbort, sMaintainCardConnection); + sUpdateRetryCounter->addTransition(sUpdateRetryCounter, &StateUpdateRetryCounter::fireNoCardConnection, sMaintainCardConnection); sVerifyRetryCounter->addTransition(sVerifyRetryCounter, &AbstractState::fireContinue, sPreparePace); sVerifyRetryCounter->addTransition(sVerifyRetryCounter, &AbstractState::fireAbort, sMaintainCardConnection); + sVerifyRetryCounter->addTransition(sVerifyRetryCounter, &StateVerifyRetryCounter::fireNoCardConnection, sMaintainCardConnection); sPreparePace->addTransition(sPreparePace, &AbstractState::fireContinue, sMaintainCardConnection); sPreparePace->addTransition(sPreparePace, &AbstractState::fireAbort, sMaintainCardConnection); + sPreparePace->addTransition(sPreparePace, &StatePreparePace::fireNoCardConnection, sMaintainCardConnection); sPreparePace->addTransition(sPreparePace, &StatePreparePace::fireEnterPacePassword, sEnterPacePassword); sPreparePace->addTransition(sPreparePace, &StatePreparePace::fireEstablishPaceChannel, sEstablishPaceChannel); @@ -86,8 +89,9 @@ CompositeStatePace::CompositeStatePace(const QSharedPointer& pC sEnterPacePassword->addTransition(sEnterPacePassword, &StateEnterPacePassword::firePropagateAbort, sMaintainCardConnection); sEstablishPaceChannel->addTransition(sEstablishPaceChannel, &AbstractState::fireContinue, sMaintainCardConnection); + sEstablishPaceChannel->addTransition(sEstablishPaceChannel, &StateEstablishPaceChannel::fireNoCardConnection, sMaintainCardConnection); sEstablishPaceChannel->addTransition(sEstablishPaceChannel, &AbstractState::fireAbort, sMaintainCardConnection); - sEstablishPaceChannel->addTransition(sEstablishPaceChannel, &StateEstablishPaceChannel::firePropagateAbort, sMaintainCardConnection); + sEstablishPaceChannel->addTransition(sEstablishPaceChannel, &StateEstablishPaceChannel::firePaceChannelFailed, sMaintainCardConnection); connect(sEstablishPaceChannel, &StateEstablishPaceChannel::firePaceChannelEstablished, this, &CompositeStatePace::fireContinue); sEstablishPaceChannel->addTransition(sEstablishPaceChannel, &StateEstablishPaceChannel::firePaceChannelInoperative, sClearPacePasswordsBeforeDestroy); sEstablishPaceChannel->addTransition(sEstablishPaceChannel, &StateEstablishPaceChannel::fireAbortAndUnfortunateCardPosition, sUnfortunateCardPosition); diff --git a/src/workflows/base/states/CompositeStateTrustedChannel.cpp b/src/workflows/base/states/CompositeStateTrustedChannel.cpp index e81f7cfef..40f1035d0 100644 --- a/src/workflows/base/states/CompositeStateTrustedChannel.cpp +++ b/src/workflows/base/states/CompositeStateTrustedChannel.cpp @@ -106,6 +106,7 @@ CompositeStateTrustedChannel::CompositeStateTrustedChannel(const QSharedPointer< sSendDidAuthenticateResponseEac1->addTransition(sSendDidAuthenticateResponseEac1, &AbstractState::fireContinue, sEacAdditionalInputType); sSendDidAuthenticateResponseEac1->addTransition(sSendDidAuthenticateResponseEac1, &AbstractState::fireAbort, sDestroyPace); + sSendDidAuthenticateResponseEac1->addTransition(sSendDidAuthenticateResponseEac1, &StateSendDIDAuthenticateResponseEAC1::fireReceivedStartPaosResponse, sDestroyPace); sEacAdditionalInputType->addTransition(sEacAdditionalInputType, &AbstractState::fireContinue, sProcessCertificatesFromEac2); sEacAdditionalInputType->addTransition(sEacAdditionalInputType, &AbstractState::fireAbort, sSendDidAuthenticatResponseEacAdditionalInput); @@ -113,6 +114,7 @@ CompositeStateTrustedChannel::CompositeStateTrustedChannel(const QSharedPointer< sSendDidAuthenticatResponseEacAdditionalInput->addTransition(sSendDidAuthenticatResponseEacAdditionalInput, &AbstractState::fireContinue, sProcessCertificatesFromEac2); sSendDidAuthenticatResponseEacAdditionalInput->addTransition(sSendDidAuthenticatResponseEacAdditionalInput, &AbstractState::fireAbort, sDestroyPace); + sSendDidAuthenticatResponseEacAdditionalInput->addTransition(sSendDidAuthenticatResponseEacAdditionalInput, &StateSendDIDAuthenticateResponseEACAdditionalInputType::fireReceivedStartPaosResponse, sDestroyPace); sProcessCertificatesFromEac2->addTransition(sProcessCertificatesFromEac2, &AbstractState::fireContinue, sDidAuthenticateEac2); sProcessCertificatesFromEac2->addTransition(sProcessCertificatesFromEac2, &AbstractState::fireAbort, sSendDidAuthenticateResponseEac2); @@ -122,13 +124,14 @@ CompositeStateTrustedChannel::CompositeStateTrustedChannel(const QSharedPointer< sSendDidAuthenticateResponseEac2->addTransition(sSendDidAuthenticateResponseEac2, &AbstractState::fireContinue, sTransmit); sSendDidAuthenticateResponseEac2->addTransition(sSendDidAuthenticateResponseEac2, &AbstractState::fireAbort, sDestroyPace); + sSendDidAuthenticateResponseEac2->addTransition(sSendDidAuthenticateResponseEac2, &StateSendDIDAuthenticateResponseEAC2::fireReceivedStartPaosResponse, sDestroyPace); sTransmit->addTransition(sTransmit, &AbstractState::fireContinue, sSendTransmitResponse); sTransmit->addTransition(sTransmit, &AbstractState::fireAbort, sSendTransmitResponse); - sSendTransmitResponse->addTransition(sSendTransmitResponse, &AbstractState::fireContinue, sDestroyPace); + sSendTransmitResponse->addTransition(sSendTransmitResponse, &AbstractState::fireContinue, sTransmit); sSendTransmitResponse->addTransition(sSendTransmitResponse, &AbstractState::fireAbort, sDestroyPace); - sSendTransmitResponse->addTransition(sSendTransmitResponse, &StateSendTransmitResponse::fireReceivedTransmit, sTransmit); + sSendTransmitResponse->addTransition(sSendTransmitResponse, &StateSendTransmitResponse::fireReceivedStartPaosResponse, sDestroyPace); sDestroyPace->addTransition(sDestroyPace, &AbstractState::fireContinue, sClearPacePasswords); sDestroyPace->addTransition(sDestroyPace, &AbstractState::fireAbort, sClearPacePasswords); @@ -138,6 +141,7 @@ CompositeStateTrustedChannel::CompositeStateTrustedChannel(const QSharedPointer< sUpdateRetryCounterFinal->addTransition(sUpdateRetryCounterFinal, &AbstractState::fireContinue, sCleanUpReaderManager); sUpdateRetryCounterFinal->addTransition(sUpdateRetryCounterFinal, &AbstractState::fireAbort, sCleanUpReaderManager); + sUpdateRetryCounterFinal->addTransition(sUpdateRetryCounterFinal, &StateUpdateRetryCounter::fireNoCardConnection, sCleanUpReaderManager); sCleanUpReaderManager->addTransition(sCleanUpReaderManager, &AbstractState::fireContinue, sStartPaosResponse); sCleanUpReaderManager->addTransition(sCleanUpReaderManager, &AbstractState::fireAbort, sStartPaosResponse); diff --git a/src/workflows/base/states/StateCheckRefreshAddress.cpp b/src/workflows/base/states/StateCheckRefreshAddress.cpp index 64e7f4985..76dc288fc 100644 --- a/src/workflows/base/states/StateCheckRefreshAddress.cpp +++ b/src/workflows/base/states/StateCheckRefreshAddress.cpp @@ -173,19 +173,27 @@ void StateCheckRefreshAddress::onSslErrors(const QList& pErrors) if (TlsChecker::containsFatalError(mReply, pErrors)) { reportCommunicationError({GlobalStatus::Code::Network_Ssl_Establishment_Error, {GlobalStatus::ExternalInformation::LAST_URL, mReply->url().toString()} - }, {FailureCode::Reason::Check_Refresh_Address_Fatal_Ssl_Error_Before_Reply}); + }, FailureCode::Reason::Check_Refresh_Address_Fatal_Ssl_Error_Before_Reply); } } -void StateCheckRefreshAddress::reportCommunicationError(const GlobalStatus& pStatus, const FailureCode& pFailure) +void StateCheckRefreshAddress::reportCommunicationError(const GlobalStatus& pStatus, FailureCode::Reason pFailure, const QString& pErrorString) { qCritical() << pStatus; updateStatus(pStatus); clearConnections(); mReply->abort(); - Q_EMIT fireAbort(pFailure); + + if (pErrorString.isEmpty()) + { + Q_EMIT fireAbort(pFailure); + return; + } + + Q_EMIT fireAbort({pFailure, {FailureCode::Info::Network_Error, mReply->errorString()} + }); } @@ -209,7 +217,7 @@ bool StateCheckRefreshAddress::checkSslConnectionAndSaveCertificate(const QSslCo if (!TlsChecker::hasValidEphemeralKeyLength(pSslConfiguration.ephemeralServerKey())) { reportCommunicationError({GlobalStatus::Code::Workflow_Network_Ssl_Connection_Unsupported_Algorithm_Or_Length, infoMap}, - {FailureCode::Reason::Check_Refresh_Address_Invalid_Ephemeral_Key_Length}); + FailureCode::Reason::Check_Refresh_Address_Invalid_Ephemeral_Key_Length); return false; } @@ -224,12 +232,12 @@ bool StateCheckRefreshAddress::checkSslConnectionAndSaveCertificate(const QSslCo case CertificateChecker::CertificateStatus::Unsupported_Algorithm_Or_Length: reportCommunicationError({CertificateChecker::getGlobalStatus(statusCode, false), infoMap}, - {FailureCode::Reason::Check_Refresh_Address_Unsupported_Certificate}); + FailureCode::Reason::Check_Refresh_Address_Unsupported_Certificate); break; case CertificateChecker::CertificateStatus::Hash_Not_In_Description: reportCommunicationError({CertificateChecker::getGlobalStatus(statusCode, false), infoMap}, - {FailureCode::Reason::Check_Refresh_Address_Hash_Missing_In_Certificate}); + FailureCode::Reason::Check_Refresh_Address_Hash_Missing_In_Certificate); } @@ -250,27 +258,27 @@ void StateCheckRefreshAddress::onNetworkReply() { case NetworkManager::NetworkError::ServiceUnavailable: reportCommunicationError({GlobalStatus::Code::Network_ServiceUnavailable, {GlobalStatus::ExternalInformation::LAST_URL, mUrl.toString()} - }, {FailureCode::Reason::Check_Refresh_Address_Service_Unavailable}); + }, FailureCode::Reason::Check_Refresh_Address_Service_Unavailable, mReply->errorString()); break; case NetworkManager::NetworkError::TimeOut: reportCommunicationError({GlobalStatus::Code::Network_TimeOut, {GlobalStatus::ExternalInformation::LAST_URL, mUrl.toString()} - }, {FailureCode::Reason::Check_Refresh_Address_Service_Timeout}); + }, FailureCode::Reason::Check_Refresh_Address_Service_Timeout, mReply->errorString()); break; case NetworkManager::NetworkError::ProxyError: reportCommunicationError({GlobalStatus::Code::Network_Proxy_Error, {GlobalStatus::ExternalInformation::LAST_URL, mUrl.toString()} - }, {FailureCode::Reason::Check_Refresh_Address_Proxy_Error}); + }, FailureCode::Reason::Check_Refresh_Address_Proxy_Error, mReply->errorString()); break; case NetworkManager::NetworkError::SecurityError: reportCommunicationError({GlobalStatus::Code::Network_Ssl_Establishment_Error, {GlobalStatus::ExternalInformation::LAST_URL, mUrl.toString()} - }, {FailureCode::Reason::Check_Refresh_Address_Fatal_Ssl_Error_After_Reply}); + }, FailureCode::Reason::Check_Refresh_Address_Fatal_Ssl_Error_After_Reply, mReply->errorString()); break; case NetworkManager::NetworkError::OtherError: reportCommunicationError({GlobalStatus::Code::Network_Other_Error, {GlobalStatus::ExternalInformation::LAST_URL, mUrl.toString()} - }, {FailureCode::Reason::Check_Refresh_Address_Unknown_Network_Error}); + }, FailureCode::Reason::Check_Refresh_Address_Unknown_Network_Error, mReply->errorString()); break; } return; @@ -284,7 +292,7 @@ void StateCheckRefreshAddress::onNetworkReply() {GlobalStatus::ExternalInformation::LAST_URL, mUrl.toString()} }; reportCommunicationError({GlobalStatus::Code::Workflow_Network_Expected_Redirect, infoMap}, - {FailureCode::Reason::Check_Refresh_Address_Invalid_Http_Response}); + FailureCode::Reason::Check_Refresh_Address_Invalid_Http_Response); return; } @@ -293,7 +301,7 @@ void StateCheckRefreshAddress::onNetworkReply() { qCritical() << "Got empty redirect URL"; reportCommunicationError({GlobalStatus::Code::Workflow_Network_Empty_Redirect_Url, {GlobalStatus::ExternalInformation::LAST_URL, mUrl.toString()} - }, {FailureCode::Reason::Check_Refresh_Address_Empty}); + }, FailureCode::Reason::Check_Refresh_Address_Empty); return; } @@ -305,7 +313,7 @@ void StateCheckRefreshAddress::onNetworkReply() {GlobalStatus::ExternalInformation::LAST_URL, mUrl.toString()} }; reportCommunicationError({GlobalStatus::Code::Workflow_Network_Malformed_Redirect_Url, infoMap}, - {FailureCode::Reason::Check_Refresh_Address_Invalid_Url}); + FailureCode::Reason::Check_Refresh_Address_Invalid_Url); return; } @@ -325,7 +333,7 @@ void StateCheckRefreshAddress::onNetworkReply() {GlobalStatus::ExternalInformation::LAST_URL, redirectUrl.toString()} }; reportCommunicationError({GlobalStatus::Code::Workflow_Network_Invalid_Scheme, infoMap}, - {FailureCode::Reason::Check_Refresh_Address_No_Https_Scheme}); + FailureCode::Reason::Check_Refresh_Address_No_Https_Scheme); return; } } @@ -419,7 +427,7 @@ void StateCheckRefreshAddress::onNetworkErrorFetchingServerCertificate(QNetworkR } qCritical() << "An error occurred fetching the server certificate:" << mReply->errorString(); reportCommunicationError({GlobalStatus::Code::Workflow_Network_Empty_Redirect_Url, {GlobalStatus::ExternalInformation::LAST_URL, mReply->url().toString()} - }, {FailureCode::Reason::Check_Refresh_Address_Fetch_Certificate_Error}); + }, FailureCode::Reason::Check_Refresh_Address_Fetch_Certificate_Error); } diff --git a/src/workflows/base/states/StateCheckRefreshAddress.h b/src/workflows/base/states/StateCheckRefreshAddress.h index 03fa8ec6c..3fd10e1c0 100644 --- a/src/workflows/base/states/StateCheckRefreshAddress.h +++ b/src/workflows/base/states/StateCheckRefreshAddress.h @@ -50,7 +50,7 @@ class StateCheckRefreshAddress void fetchServerCertificate(); bool checkSslConnectionAndSaveCertificate(const QSslConfiguration& pSslConfiguration); void doneSuccess(); - void reportCommunicationError(const GlobalStatus& pStatus, const FailureCode& pFailure); + void reportCommunicationError(const GlobalStatus& pStatus, FailureCode::Reason pFailure, const QString& pErrorString = QString()); private Q_SLOTS: void onSslHandshakeDone(); diff --git a/src/workflows/base/states/StateConnectCard.cpp b/src/workflows/base/states/StateConnectCard.cpp index 01d17039c..9ab124e74 100644 --- a/src/workflows/base/states/StateConnectCard.cpp +++ b/src/workflows/base/states/StateConnectCard.cpp @@ -27,7 +27,6 @@ void StateConnectCard::run() const auto readerManager = Env::getSingleton(); mConnections += connect(readerManager, &ReaderManager::fireCardInserted, this, &StateConnectCard::onCardInserted); mConnections += connect(readerManager, &ReaderManager::fireReaderRemoved, this, &StateConnectCard::onReaderRemoved); - mConnections += connect(readerManager, &ReaderManager::fireStatusChanged, this, &StateConnectCard::onReaderStatusChanged); onCardInserted(); } @@ -96,30 +95,6 @@ void StateConnectCard::onCommandDone(QSharedPointer } -void StateConnectCard::onReaderStatusChanged(const ReaderManagerPlugInInfo& pInfo) -{ - Q_UNUSED(pInfo) - -#if defined(Q_OS_IOS) - if (!Env::getSingleton()->isUsedAsSDK()) - { - return; - } - - const auto activePlugins = getContext()->getReaderPlugInTypes(); - if (activePlugins.size() > 1 || !activePlugins.contains(ReaderManagerPlugInType::NFC)) - { - return; - } - - if (!Env::getSingleton()->isScanRunning(ReaderManagerPlugInType::NFC)) - { - Q_EMIT getContext()->fireCancelWorkflow(); - } -#endif -} - - void StateConnectCard::onReaderRemoved(const ReaderInfo& pInfo) { if (pInfo.getName() == getContext()->getReaderName()) diff --git a/src/workflows/base/states/StateConnectCard.h b/src/workflows/base/states/StateConnectCard.h index 4cbd6238b..7ca38522e 100644 --- a/src/workflows/base/states/StateConnectCard.h +++ b/src/workflows/base/states/StateConnectCard.h @@ -29,7 +29,6 @@ class StateConnectCard void onCardInserted(); void onCommandDone(QSharedPointer pCommand); void onReaderRemoved(const ReaderInfo& pInfo); - void onReaderStatusChanged(const ReaderManagerPlugInInfo& pInfo); public: void onEntry(QEvent* pEvent) override; diff --git a/src/workflows/base/states/StateDestroyPace.cpp b/src/workflows/base/states/StateDestroyPace.cpp index cb2eb9c2c..e55688aa2 100644 --- a/src/workflows/base/states/StateDestroyPace.cpp +++ b/src/workflows/base/states/StateDestroyPace.cpp @@ -24,8 +24,8 @@ void StateDestroyPace::run() auto cardConnection = getContext()->getCardConnection(); if (!cardConnection) { - qCDebug(statemachine) << "No card connection available."; - Q_EMIT fireAbort(FailureCode::Reason::Destroy_Pace_No_Connection_To_Destroy); + qCDebug(statemachine) << "Nothing to do. No card connection available."; + Q_EMIT fireContinue(); return; } diff --git a/src/workflows/base/states/StateEnterPacePassword.cpp b/src/workflows/base/states/StateEnterPacePassword.cpp index 39a8c7445..8811ae385 100644 --- a/src/workflows/base/states/StateEnterPacePassword.cpp +++ b/src/workflows/base/states/StateEnterPacePassword.cpp @@ -4,6 +4,8 @@ #include "StateEnterPacePassword.h" +#include "VolatileSettings.h" + using namespace governikus; @@ -40,8 +42,9 @@ void StateEnterPacePassword::onEntry(QEvent* pEvent) break; default: + const auto* volatileSettings = Env::getSingleton(); //: INFO IOS The current session was interrupted because of a wrong password. - stopNfcScanIfNecessary(tr("Access denied.")); + stopNfcScanIfNecessary(volatileSettings->isUsedAsSDK() ? volatileSettings->getMessages().getSessionFailed() : tr("Access denied.")); } AbstractState::onEntry(pEvent); diff --git a/src/workflows/base/states/StateEstablishPaceChannel.cpp b/src/workflows/base/states/StateEstablishPaceChannel.cpp index 43ca6ac64..5eee4101f 100644 --- a/src/workflows/base/states/StateEstablishPaceChannel.cpp +++ b/src/workflows/base/states/StateEstablishPaceChannel.cpp @@ -25,7 +25,7 @@ void StateEstablishPaceChannel::run() if (getContext()->getStatus().isError()) { Q_ASSERT(getContext()->getFailureCode().has_value()); - Q_EMIT firePropagateAbort(); + Q_EMIT firePaceChannelFailed(); return; } @@ -60,11 +60,6 @@ void StateEstablishPaceChannel::run() case PacePasswordId::PACE_PIN: password = getContext()->getPin().toLatin1(); - if (authContext && password.size() == 5) - { - abortToChangePin(FailureCode::Reason::Establish_Pace_Channel_Transport_Pin); - return; - } break; case PacePasswordId::PACE_PUK: @@ -81,7 +76,8 @@ void StateEstablishPaceChannel::run() if (!cardConnection) { qCDebug(statemachine) << "No card connection available."; - abort(FailureCode::Reason::Establish_Pace_Channel_No_Card_Connection); + getContext()->setLastPaceResult(CardReturnCode::CARD_NOT_FOUND); + Q_EMIT fireNoCardConnection(); return; } @@ -90,10 +86,8 @@ void StateEstablishPaceChannel::run() qCCritical(statemachine) << "We hit an invalid state! PACE password is empty for basic reader."; Q_ASSERT(false); - qCDebug(statemachine) << "Resetting all PACE passwords."; - getContext()->resetPacePasswords(); - - abort(FailureCode::Reason::Establish_Pace_Channel_Basic_Reader_No_Pin); + updateStatus(GlobalStatus::Code::Card_Invalid_Pin); + Q_EMIT fireAbort(FailureCode::Reason::Establish_Pace_Channel_Basic_Reader_No_Pin); return; } @@ -125,13 +119,6 @@ void StateEstablishPaceChannel::onUserCancelled() } -void StateEstablishPaceChannel::abort(FailureCode::Reason pReason) -{ - getContext()->resetLastPaceResult(); - Q_EMIT fireAbort(pReason); -} - - void StateEstablishPaceChannel::abortToChangePin(FailureCode::Reason pReason) { if (auto authContext = getContext().objectCast()) @@ -248,9 +235,7 @@ void StateEstablishPaceChannel::onEstablishConnectionDone(QSharedPointer::getName(returnCode)} - }); + Q_EMIT firePaceChannelFailed(); return; } diff --git a/src/workflows/base/states/StateEstablishPaceChannel.h b/src/workflows/base/states/StateEstablishPaceChannel.h index 89e14f609..144bad649 100644 --- a/src/workflows/base/states/StateEstablishPaceChannel.h +++ b/src/workflows/base/states/StateEstablishPaceChannel.h @@ -34,7 +34,6 @@ class StateEstablishPaceChannel void run() override; void onUserCancelled() override; - void abort(FailureCode::Reason pReason); void abortToChangePin(FailureCode::Reason pReason); void handleNpaPosition(CardReturnCode pReturnCode); @@ -42,10 +41,11 @@ class StateEstablishPaceChannel void onEstablishConnectionDone(QSharedPointer pCommand); Q_SIGNALS: + void fireNoCardConnection(); void firePaceChannelEstablished(); void firePaceChannelInoperative(); void fireAbortAndUnfortunateCardPosition(); - void firePropagateAbort(); + void firePaceChannelFailed(); }; } // namespace governikus diff --git a/src/workflows/base/states/StateGenericSendReceive.cpp b/src/workflows/base/states/StateGenericSendReceive.cpp index d168c60b7..9e4f6b5ef 100644 --- a/src/workflows/base/states/StateGenericSendReceive.cpp +++ b/src/workflows/base/states/StateGenericSendReceive.cpp @@ -331,6 +331,13 @@ void StateGenericSendReceive::onReplyFinished() return; } + if (receivedType == PaosType::STARTPAOS_RESPONSE) + { + setReceivedMessage(paosHandler.getPaosMessage()); + Q_EMIT fireReceivedStartPaosResponse(); + return; + } + if (mOtherResponseTypes.contains(receivedType)) { setReceivedMessage(paosHandler.getPaosMessage()); diff --git a/src/workflows/base/states/StateGenericSendReceive.h b/src/workflows/base/states/StateGenericSendReceive.h index a956b1aaf..65147ea89 100644 --- a/src/workflows/base/states/StateGenericSendReceive.h +++ b/src/workflows/base/states/StateGenericSendReceive.h @@ -57,6 +57,9 @@ class StateGenericSendReceive public: void onExit(QEvent* pEvent) override; + + Q_SIGNALS: + void fireReceivedStartPaosResponse(); }; class StateSendStartPaos @@ -70,8 +73,7 @@ class StateSendStartPaos : StateGenericSendReceive(pContext, PaosType::INITIALIZE_FRAMEWORK, { - PaosType::DID_AUTHENTICATE_EAC1, - PaosType::STARTPAOS_RESPONSE + PaosType::DID_AUTHENTICATE_EAC1 }) { } @@ -95,15 +97,10 @@ class StateSendStartPaos { Q_EMIT fireReceivedExtractCvcsFromEac1InputType(); } - else if (pResponseType == PaosType::STARTPAOS_RESPONSE) - { - Q_EMIT fireReceivedStartPaosResponse(); - } } Q_SIGNALS: void fireReceivedExtractCvcsFromEac1InputType(); - void fireReceivedStartPaosResponse(); }; @@ -117,10 +114,7 @@ class StateSendInitializeFrameworkResponse private: explicit StateSendInitializeFrameworkResponse(const QSharedPointer& pContext) : StateGenericSendReceive(pContext, - PaosType::DID_AUTHENTICATE_EAC1, - { - PaosType::STARTPAOS_RESPONSE - }) + PaosType::DID_AUTHENTICATE_EAC1) { } @@ -137,18 +131,6 @@ class StateSendInitializeFrameworkResponse } - void emitStateMachineSignal(PaosType pResponseType) override - { - if (pResponseType == PaosType::STARTPAOS_RESPONSE) - { - Q_EMIT fireReceivedStartPaosResponse(); - } - } - - Q_SIGNALS: - void fireReceivedStartPaosResponse(); - - }; class StateSendDIDAuthenticateResponseEAC1 @@ -160,10 +142,7 @@ class StateSendDIDAuthenticateResponseEAC1 private: explicit StateSendDIDAuthenticateResponseEAC1(const QSharedPointer& pContext) : StateGenericSendReceive(pContext, - PaosType::DID_AUTHENTICATE_EAC2, - { - PaosType::STARTPAOS_RESPONSE - }) + PaosType::DID_AUTHENTICATE_EAC2) { setAbortOnCardRemoved(); } @@ -192,10 +171,7 @@ class StateSendDIDAuthenticateResponseEACAdditionalInputType private: explicit StateSendDIDAuthenticateResponseEACAdditionalInputType(const QSharedPointer& pContext) : StateGenericSendReceive(pContext, - PaosType::DID_AUTHENTICATE_EAC_ADDITIONAL_INPUT_TYPE, - { - PaosType::STARTPAOS_RESPONSE - }) + PaosType::DID_AUTHENTICATE_EAC_ADDITIONAL_INPUT_TYPE) { setAbortOnCardRemoved(); } @@ -224,10 +200,7 @@ class StateSendDIDAuthenticateResponseEAC2 private: explicit StateSendDIDAuthenticateResponseEAC2(const QSharedPointer& pContext) : StateGenericSendReceive(pContext, - PaosType::TRANSMIT, - { - PaosType::STARTPAOS_RESPONSE - }) + PaosType::TRANSMIT) { setAbortOnCardRemoved(); } @@ -256,10 +229,7 @@ class StateSendTransmitResponse private: explicit StateSendTransmitResponse(const QSharedPointer& pContext) : StateGenericSendReceive(pContext, - PaosType::STARTPAOS_RESPONSE, - { - PaosType::TRANSMIT - }) + PaosType::TRANSMIT) { setAbortOnCardRemoved(); } @@ -277,17 +247,6 @@ class StateSendTransmitResponse } - void emitStateMachineSignal(PaosType pResponseType) override - { - if (pResponseType == PaosType::TRANSMIT) - { - Q_EMIT fireReceivedTransmit(); - } - } - - Q_SIGNALS: - void fireReceivedTransmit(); - }; } // namespace governikus diff --git a/src/workflows/base/states/StateGetTcToken.cpp b/src/workflows/base/states/StateGetTcToken.cpp index 370515d1a..e183f1605 100644 --- a/src/workflows/base/states/StateGetTcToken.cpp +++ b/src/workflows/base/states/StateGetTcToken.cpp @@ -9,7 +9,7 @@ #include "NetworkManager.h" #include "TlsChecker.h" -#include +#include #include #include #include @@ -31,12 +31,12 @@ StateGetTcToken::StateGetTcToken(const QSharedPointer& pContext void StateGetTcToken::run() { - auto url = getContext()->getTcTokenUrl(); - qDebug() << "Got TC Token URL:" << url; + const auto& url = getContext()->getTcTokenUrl(); getContext()->setProgress(0, tr("Fetch TCToken")); if (!isValidRedirectUrl(url)) { + qCCritical(network) << "TCToken URL is invalid:" << url; Q_EMIT fireAbort(FailureCode::Reason::Get_TcToken_Invalid_Url); return; } @@ -53,7 +53,7 @@ bool StateGetTcToken::isValidRedirectUrl(const QUrl& pUrl) { if (pUrl.isEmpty()) { - qCritical() << "Error while connecting to the provider. The server returns an invalid or empty redirect URL."; + qCCritical(network) << "Error while connecting to the provider. The server returns an invalid or empty redirect URL."; updateStatus(GlobalStatus::Code::Workflow_TrustedChannel_Server_Format_Error); return false; } @@ -68,8 +68,8 @@ bool StateGetTcToken::isValidRedirectUrl(const QUrl& pUrl) } else { - qCritical() << httpsError1; - qCritical() << httpsError2; + qCCritical(network) << httpsError1; + qCCritical(network) << httpsError2; // according to TR-03124-1 in case of a non-HTTPS URL a createTrustedChannelEstablishmentError error must be sent // in contrast a HTTP error 404 must be sent, if the TCToken could not be determined getContext()->setTcTokenNotFound(false); @@ -87,6 +87,7 @@ bool StateGetTcToken::isValidRedirectUrl(const QUrl& pUrl) void StateGetTcToken::sendRequest(const QUrl& pUrl) { + qCDebug(network) << "Fetch TCToken URL:" << pUrl; QNetworkRequest request(pUrl); mReply = Env::getSingleton()->get(request); mConnections += connect(mReply.data(), &QNetworkReply::sslErrors, this, &StateGetTcToken::onSslErrors); @@ -127,7 +128,7 @@ void StateGetTcToken::onSslHandshakeDone() { clearConnections(); mReply->abort(); - qCritical() << "Error while connecting to the provider. The server's SSL certificate uses an unsupported key algorithm or length."; + qCCritical(network) << "Error while connecting to the provider. The server's SSL certificate uses an unsupported key algorithm or length."; updateStatus(status); Q_EMIT fireAbort(FailureCode::Reason::Get_TcToken_Invalid_Certificate_Key_Length); return; @@ -137,7 +138,7 @@ void StateGetTcToken::onSslHandshakeDone() { clearConnections(); mReply->abort(); - qCritical() << "Error while connecting to the provider. The SSL connection uses an unsupported key algorithm or length."; + qCCritical(network) << "Error while connecting to the provider. The SSL connection uses an unsupported key algorithm or length."; updateStatus(status); Q_EMIT fireAbort(FailureCode::Reason::Get_TcToken_Invalid_Ephemeral_Key_Length); return; @@ -151,12 +152,12 @@ void StateGetTcToken::onSslHandshakeDone() void StateGetTcToken::onNetworkReply() { - qCDebug(network) << "Received TCToken from eID-Service"; + qCDebug(network) << "TCToken request finished"; const auto statusCode = NetworkManager::getLoggedStatusCode(mReply, spawnMessageLogger(network)); if (mReply->error() != QNetworkReply::NoError) { - qCritical() << NetworkManager::toStatus(mReply); + qCCritical(network) << NetworkManager::toStatus(mReply); updateStatus(NetworkManager::toTrustedChannelStatus(mReply)); Q_EMIT fireAbort({FailureCode::Reason::Get_TcToken_Network_Error, {FailureCode::Info::Network_Error, mReply->errorString()} @@ -166,6 +167,7 @@ void StateGetTcToken::onNetworkReply() if (statusCode == HTTP_STATUS_OK) { + qCDebug(network) << "Received TCToken from eID-Service"; parseTcToken(); return; } @@ -202,7 +204,7 @@ void StateGetTcToken::parseTcToken() QByteArray data = mReply->readAll(); if (data.isEmpty()) { - qDebug() << "Received no data."; + qCDebug(network) << "Received no data."; updateStatus({GlobalStatus::Code::Workflow_TrustedChannel_No_Data_Received, {GlobalStatus::ExternalInformation::LAST_URL, mReply->url().toString()} }); Q_EMIT fireAbort(FailureCode::Reason::Get_TcToken_Empty_Data); @@ -224,7 +226,7 @@ void StateGetTcToken::parseTcToken() return; } - qCritical() << "TCToken invalid"; + qCCritical(network) << "TCToken invalid"; updateStatus({GlobalStatus::Code::Workflow_TrustedChannel_Server_Format_Error, {GlobalStatus::ExternalInformation::LAST_URL, mReply->url().toString()} }); Q_EMIT fireAbort(FailureCode::Reason::Get_TcToken_Invalid_Data); diff --git a/src/workflows/base/states/StatePreparePace.cpp b/src/workflows/base/states/StatePreparePace.cpp index fb5ed84e2..085a309e2 100644 --- a/src/workflows/base/states/StatePreparePace.cpp +++ b/src/workflows/base/states/StatePreparePace.cpp @@ -25,7 +25,7 @@ void StatePreparePace::run() if (!cardConnection) { qCDebug(statemachine) << "Card connection lost."; - Q_EMIT fireAbort(FailureCode::Reason::Prepace_Pace_No_Card_Connection); + Q_EMIT fireNoCardConnection(); return; } diff --git a/src/workflows/base/states/StatePreparePace.h b/src/workflows/base/states/StatePreparePace.h index e8f83b974..5e177cf05 100644 --- a/src/workflows/base/states/StatePreparePace.h +++ b/src/workflows/base/states/StatePreparePace.h @@ -30,6 +30,7 @@ class StatePreparePace bool requestPaceCanIfStillRequired(); Q_SIGNALS: + void fireNoCardConnection(); void fireEnterPacePassword(); void fireEstablishPaceChannel(); }; diff --git a/src/workflows/base/states/StateSelectReader.cpp b/src/workflows/base/states/StateSelectReader.cpp index 520e46cc1..d846d36a0 100644 --- a/src/workflows/base/states/StateSelectReader.cpp +++ b/src/workflows/base/states/StateSelectReader.cpp @@ -30,6 +30,7 @@ void StateSelectReader::run() mConnections += connect(readerManager, &ReaderManager::fireReaderRemoved, this, &StateSelectReader::onReaderInfoChanged); mConnections += connect(readerManager, &ReaderManager::fireCardInserted, this, &StateSelectReader::onReaderInfoChanged); mConnections += connect(readerManager, &ReaderManager::fireCardRemoved, this, &StateSelectReader::onReaderInfoChanged); + mConnections += connect(readerManager, &ReaderManager::fireStatusChanged, this, &StateSelectReader::onReaderStatusChanged); onReaderInfoChanged(); @@ -94,6 +95,24 @@ void StateSelectReader::onReaderInfoChanged() } +void StateSelectReader::onReaderStatusChanged(const ReaderManagerPlugInInfo& pInfo) const +{ +#if defined(Q_OS_IOS) + if (!Env::getSingleton()->isUsedAsSDK() || pInfo.getPlugInType() != ReaderManagerPlugInType::NFC) + { + return; + } + + if (!Env::getSingleton()->isScanRunning(ReaderManagerPlugInType::NFC)) + { + Q_EMIT getContext()->fireCancelWorkflow(); + } +#else + Q_UNUSED(pInfo) +#endif +} + + void StateSelectReader::onEntry(QEvent* pEvent) { const WorkflowContext* const context = getContext().data(); diff --git a/src/workflows/base/states/StateSelectReader.h b/src/workflows/base/states/StateSelectReader.h index 714fcd03e..1a2446333 100644 --- a/src/workflows/base/states/StateSelectReader.h +++ b/src/workflows/base/states/StateSelectReader.h @@ -24,6 +24,7 @@ class StateSelectReader private Q_SLOTS: void onReaderInfoChanged(); + void onReaderStatusChanged(const ReaderManagerPlugInInfo& pInfo) const; public: void onEntry(QEvent* pEvent) override; diff --git a/src/workflows/base/states/StateStartPaosResponse.cpp b/src/workflows/base/states/StateStartPaosResponse.cpp index a273f156e..e48bcee56 100644 --- a/src/workflows/base/states/StateStartPaosResponse.cpp +++ b/src/workflows/base/states/StateStartPaosResponse.cpp @@ -25,6 +25,7 @@ void StateStartPaosResponse::run() const QSharedPointer& startPaosResponse = getContext()->getStartPaosResponse(); if (!startPaosResponse) { + updateStatus(GlobalStatus::Code::Workflow_Start_Paos_Response_Missing); Q_EMIT fireAbort(FailureCode::Reason::Start_Paos_Response_Missing); return; } diff --git a/src/workflows/base/states/StateUpdateRetryCounter.cpp b/src/workflows/base/states/StateUpdateRetryCounter.cpp index 111b69006..d6ff7d92e 100644 --- a/src/workflows/base/states/StateUpdateRetryCounter.cpp +++ b/src/workflows/base/states/StateUpdateRetryCounter.cpp @@ -26,7 +26,7 @@ void StateUpdateRetryCounter::run() if (!cardConnection) { qCDebug(statemachine) << "No card connection available."; - Q_EMIT fireAbort(FailureCode::Reason::Update_Retry_Counter_No_Card_Connection); + Q_EMIT fireNoCardConnection(); return; } @@ -42,11 +42,9 @@ void StateUpdateRetryCounter::onUpdateRetryCounterDone(QSharedPointergetReturnCode(); if (returnCode != CardReturnCode::OK) { - qCCritical(statemachine) << "An error occurred while communicating with the card reader, cannot determine retry counter, abort state"; + qCCritical(statemachine) << "An error (" << returnCode << ") occurred while communicating with the card reader, cannot determine retry counter, abort state"; getContext()->resetCardConnection(); - Q_EMIT fireAbort({FailureCode::Reason::Update_Retry_Counter_Communication_Error, - {FailureCode::Info::Card_Return_Code, Enum::getName(returnCode)} - }); + Q_EMIT fireNoCardConnection(); return; } diff --git a/src/workflows/base/states/StateUpdateRetryCounter.h b/src/workflows/base/states/StateUpdateRetryCounter.h index 9d34ea635..988b1510f 100644 --- a/src/workflows/base/states/StateUpdateRetryCounter.h +++ b/src/workflows/base/states/StateUpdateRetryCounter.h @@ -31,6 +31,9 @@ class StateUpdateRetryCounter private Q_SLOTS: void onUpdateRetryCounterDone(QSharedPointer pCommand); + + Q_SIGNALS: + void fireNoCardConnection(); }; } // namespace governikus diff --git a/src/workflows/base/states/StateVerifyRetryCounter.cpp b/src/workflows/base/states/StateVerifyRetryCounter.cpp index 6715b240e..b670df15a 100644 --- a/src/workflows/base/states/StateVerifyRetryCounter.cpp +++ b/src/workflows/base/states/StateVerifyRetryCounter.cpp @@ -24,7 +24,7 @@ void StateVerifyRetryCounter::run() if (!cardConnection) { qCDebug(statemachine) << "Card connection lost."; - Q_EMIT fireAbort(FailureCode::Reason::Verify_Retry_Counter_No_Card_Connection); + Q_EMIT fireNoCardConnection(); return; } diff --git a/src/workflows/base/states/StateVerifyRetryCounter.h b/src/workflows/base/states/StateVerifyRetryCounter.h index 558ac60cf..674ac3f07 100644 --- a/src/workflows/base/states/StateVerifyRetryCounter.h +++ b/src/workflows/base/states/StateVerifyRetryCounter.h @@ -28,8 +28,7 @@ class StateVerifyRetryCounter void run() override; Q_SIGNALS: - void fireEnterPacePassword(); - void fireEstablishPaceChannel(); + void fireNoCardConnection(); }; } // namespace governikus diff --git a/src/workflows/base/states/StateWriteHistory.cpp b/src/workflows/base/states/StateWriteHistory.cpp index 78fe27431..beb80b8c5 100644 --- a/src/workflows/base/states/StateWriteHistory.cpp +++ b/src/workflows/base/states/StateWriteHistory.cpp @@ -35,22 +35,10 @@ void StateWriteHistory::run() return; } - if (context->getDidAuthenticateEac1() == nullptr) - { - qWarning() << "No EAC1 structure in context."; - Q_EMIT fireAbort(FailureCode::Reason::Write_History_No_Eac1); - return; - } - - if (context->getAccessRightManager()->getEffectiveAccessRights().isEmpty()) - { - qWarning() << "No effective CHAT in context."; - Q_EMIT fireAbort(FailureCode::Reason::Write_History_No_Chat); - return; - } - - if (auto certDesc = context->getDidAuthenticateEac1()->getCertificateDescription()) + Q_ASSERT(context->getDidAuthenticateEac1()); + if (const auto& eac1 = context->getDidAuthenticateEac1(); eac1&& eac1->getCertificateDescription()) { + auto certDesc = eac1->getCertificateDescription(); auto subjectName = certDesc->getSubjectName(); auto termsOfUsage = certDesc->getTermsOfUsage(); auto subjectUrl = certDesc->getSubjectUrl(); diff --git a/src/workflows/ifd/controller/IfdServiceController.cpp b/src/workflows/ifd/controller/IfdServiceController.cpp index 34cdf8011..9990c83ac 100644 --- a/src/workflows/ifd/controller/IfdServiceController.cpp +++ b/src/workflows/ifd/controller/IfdServiceController.cpp @@ -61,9 +61,11 @@ IfdServiceController::IfdServiceController(QSharedPointer pCo sUpdateRetryCounter->addTransition(sUpdateRetryCounter, &AbstractState::fireContinue, sVerifyRetryCounter); sUpdateRetryCounter->addTransition(sUpdateRetryCounter, &AbstractState::fireAbort, sEstablishPaceChannelResponse); + sUpdateRetryCounter->addTransition(sUpdateRetryCounter, &StateUpdateRetryCounter::fireNoCardConnection, sEstablishPaceChannelResponse); sVerifyRetryCounter->addTransition(sVerifyRetryCounter, &AbstractState::fireContinue, sPreparePaceIfd); sVerifyRetryCounter->addTransition(sVerifyRetryCounter, &AbstractState::fireAbort, sEstablishPaceChannelResponse); + sVerifyRetryCounter->addTransition(sVerifyRetryCounter, &StateVerifyRetryCounter::fireNoCardConnection, sEstablishPaceChannelResponse); sPreparePaceIfd->addTransition(sPreparePaceIfd, &AbstractState::fireContinue, sEstablishPaceChannelIfd); sPreparePaceIfd->addTransition(sPreparePaceIfd, &AbstractState::fireAbort, sEstablishPaceChannelResponse); diff --git a/src/workflows/ifd/states/StateProcessIfdMessages.cpp b/src/workflows/ifd/states/StateProcessIfdMessages.cpp index 37b81e26b..e94515f26 100644 --- a/src/workflows/ifd/states/StateProcessIfdMessages.cpp +++ b/src/workflows/ifd/states/StateProcessIfdMessages.cpp @@ -105,7 +105,8 @@ void StateProcessIfdMessages::onReaderStatusChanged(const ReaderManagerPlugInInf const auto& context = getContext(); if (context->getIfdServer()->isConnected()) { - Q_EMIT fireAbort(FailureCode::Reason::Process_Ifd_Messages_No_Server_Connection); + qCDebug(statemachine) << "Stopping IfdService because NFC was disabled."; + Q_EMIT fireContinue(); } } diff --git a/src/workflows/personalization/states/StateSendStartPaosPersonalization.cpp b/src/workflows/personalization/states/StateSendStartPaosPersonalization.cpp index 1d48f9e80..27af1fef8 100644 --- a/src/workflows/personalization/states/StateSendStartPaosPersonalization.cpp +++ b/src/workflows/personalization/states/StateSendStartPaosPersonalization.cpp @@ -12,9 +12,8 @@ using namespace governikus; StateSendStartPaosPersonalization::StateSendStartPaosPersonalization(const QSharedPointer& pContext) : StateGenericSendReceive(pContext, PaosType::TRANSMIT, - { - PaosType::STARTPAOS_RESPONSE - }, true) + {}, + true) { } @@ -29,12 +28,3 @@ QSharedPointer StateSendStartPaosPersonalization::getAsCreator() { return getContext()->getStartPaos(); } - - -void StateSendStartPaosPersonalization::emitStateMachineSignal(PaosType pResponseType) -{ - if (pResponseType == PaosType::STARTPAOS_RESPONSE) - { - Q_EMIT fireReceivedStartPaosResponse(); - } -} diff --git a/src/workflows/personalization/states/StateSendStartPaosPersonalization.h b/src/workflows/personalization/states/StateSendStartPaosPersonalization.h index 46204a302..4a857c95f 100644 --- a/src/workflows/personalization/states/StateSendStartPaosPersonalization.h +++ b/src/workflows/personalization/states/StateSendStartPaosPersonalization.h @@ -22,12 +22,6 @@ class StateSendStartPaosPersonalization protected: QSharedPointer getAsResponse() override; QSharedPointer getAsCreator() override; - void emitStateMachineSignal(PaosType pResponseType) override; - - Q_SIGNALS: - void fireReceivedStartPaosResponse(); - - }; } // namespace governikus diff --git a/src/workflows/personalization/states/StateSendTransmitResponsePersonalization.cpp b/src/workflows/personalization/states/StateSendTransmitResponsePersonalization.cpp index 386ee6501..6a28a55c2 100644 --- a/src/workflows/personalization/states/StateSendTransmitResponsePersonalization.cpp +++ b/src/workflows/personalization/states/StateSendTransmitResponsePersonalization.cpp @@ -12,9 +12,8 @@ using namespace governikus; StateSendTransmitResponsePersonalization::StateSendTransmitResponsePersonalization(const QSharedPointer& pContext) : StateGenericSendReceive(pContext, PaosType::TRANSMIT, - { - PaosType::STARTPAOS_RESPONSE - }, true) + {}, + true) { } @@ -29,12 +28,3 @@ QSharedPointer StateSendTransmitResponsePersonalization::getAsCreat { return getContext()->getTransmitResponse(); } - - -void StateSendTransmitResponsePersonalization::emitStateMachineSignal(PaosType pResponseType) -{ - if (pResponseType == PaosType::STARTPAOS_RESPONSE) - { - Q_EMIT fireReceivedStartPaosResponse(); - } -} diff --git a/src/workflows/personalization/states/StateSendTransmitResponsePersonalization.h b/src/workflows/personalization/states/StateSendTransmitResponsePersonalization.h index df2f5abc6..d16192ba6 100644 --- a/src/workflows/personalization/states/StateSendTransmitResponsePersonalization.h +++ b/src/workflows/personalization/states/StateSendTransmitResponsePersonalization.h @@ -22,12 +22,6 @@ class StateSendTransmitResponsePersonalization protected: QSharedPointer getAsResponse() override; QSharedPointer getAsCreator() override; - void emitStateMachineSignal(PaosType pResponseType) override; - - Q_SIGNALS: - void fireReceivedStartPaosResponse(); - - }; } // namespace governikus diff --git a/src/workflows/personalization/states/StateStartPaosResponsePersonalization.cpp b/src/workflows/personalization/states/StateStartPaosResponsePersonalization.cpp index 306c23273..432cb8cfc 100644 --- a/src/workflows/personalization/states/StateStartPaosResponsePersonalization.cpp +++ b/src/workflows/personalization/states/StateStartPaosResponsePersonalization.cpp @@ -23,6 +23,7 @@ void StateStartPaosResponsePersonalization::run() const QSharedPointer& startPaosResponse = getContext()->getStartPaosResponse(); if (!startPaosResponse) { + updateStatus(GlobalStatus::Code::Workflow_Start_Paos_Response_Missing); Q_EMIT fireAbort(FailureCode::Reason::Start_Paos_Response_Personalization_Empty); return; } diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 16a2fc302..8eea27836 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -40,6 +40,11 @@ function(GET_TEST_ENV testenv testname) list(APPEND ENV "QT_ENABLE_REGEXP_JIT=0") + if((LINUX OR BSD) AND "${testname}" MATCHES "card_pcsc_PcscReader") + list(APPEND ENV "ASAN_OPTIONS=verify_asan_link_order=0") + list(APPEND ENV "LD_PRELOAD=${PROJECT_BINARY_DIR}/test/helper/pcsc/libPcsc.so") + endif() + set(${testenv} "${ENV}" PARENT_SCOPE) endfunction() diff --git a/test/fixture/card/simulatorFiles.json b/test/fixture/card/simulatorFiles.json index 8476990d8..b4ebaa763 100644 --- a/test/fixture/card/simulatorFiles.json +++ b/test/fixture/card/simulatorFiles.json @@ -25,5 +25,11 @@ {"fileId": "0114", "shortFileId": "14", "content": "7416a1140c125245534944454e4345205045524d49542032"}, {"fileId": "0115", "shortFileId": "15", "content": "7515131374656c3a2b34392d3033302d31323334353637"}, {"fileId": "0116", "shortFileId": "16", "content": "761516136572696b61406d75737465726d616e6e2e6465"} +], +"keys": +[ + {"id": 1, "private": "0353859c2ec67780ba39015de8c682af2326d43de9ce1e07737087bd1e17cb22"}, + {"id": 2, "private": "9ad0ad7f4dfaaa06988339fc31d3a111f4c7964ac7f377373a2454327c43e2ff"}, + {"id": 41, "private": "a07eb62e891daa84643e0afcc1af006891b669b8f51e379477dbeab8c987a610"} ] } diff --git a/test/helper/CMakeLists.txt b/test/helper/CMakeLists.txt index 27703d249..00eefcc57 100644 --- a/test/helper/CMakeLists.txt +++ b/test/helper/CMakeLists.txt @@ -11,6 +11,7 @@ if(TARGET AusweisAppIfd) endif() add_subdirectory(ui) +add_subdirectory(pcsc) # TestModule detection misses indirect dependency currently if(TARGET AusweisAppTestHelperUiWebsocket) diff --git a/test/helper/pcsc/CMakeLists.txt b/test/helper/pcsc/CMakeLists.txt new file mode 100644 index 000000000..6af1ae377 --- /dev/null +++ b/test/helper/pcsc/CMakeLists.txt @@ -0,0 +1,6 @@ +if(LINUX OR BSD) + file(GLOB SRC "*.cpp") + + add_library(Pcsc SHARED "${SRC}") + target_link_libraries(Pcsc ${Qt}::Core PkgConfig::PCSC) +endif() diff --git a/test/helper/pcsc/main.cpp b/test/helper/pcsc/main.cpp new file mode 100644 index 000000000..6916fb47d --- /dev/null +++ b/test/helper/pcsc/main.cpp @@ -0,0 +1,86 @@ +/** + * Copyright (c) 2023 Governikus GmbH & Co. KG, Germany + */ + +#include +#include +#include +#ifndef Q_OS_WIN + #include +#endif + + +LONG SCardEstablishContext(DWORD dwScope, LPCVOID pvReserved1, LPCVOID pvReserved2, LPSCARDCONTEXT phContext) +{ + Q_UNUSED(dwScope) + Q_UNUSED(pvReserved1) + Q_UNUSED(pvReserved2) + * phContext = 4; + + return SCARD_S_SUCCESS; +} + + +LONG SCardConnect(SCARDCONTEXT hContext, LPCSTR szReader, DWORD dwShareMode, DWORD dwPreferredProtocols, LPSCARDHANDLE phCard, LPDWORD pdwActiveProtocol) +{ + Q_ASSERT(hContext == 4); + Q_UNUSED(szReader) + Q_UNUSED(dwShareMode) + Q_UNUSED(dwPreferredProtocols) + * phCard = 8; + Q_UNUSED(pdwActiveProtocol) + + return SCARD_S_SUCCESS; +} + + +LONG SCardControl(SCARDHANDLE hCard, DWORD dwControlCode, LPCVOID pbSendBuffer, DWORD cbSendLength, LPVOID pbRecvBuffer, DWORD cbRecvLength, LPDWORD lpBytesReturned) +{ + Q_ASSERT(hCard == 8); + Q_UNUSED(dwControlCode) + Q_UNUSED(pbSendBuffer) + Q_UNUSED(cbSendLength) + + const auto featuresTLV = QByteArray::fromHex("120442330012"); + Q_ASSERT(static_cast(cbRecvLength) >= featuresTLV.size()); + memcpy(pbRecvBuffer, featuresTLV.data(), static_cast(featuresTLV.size())); + *lpBytesReturned = static_cast(featuresTLV.size()); + + return SCARD_S_SUCCESS; +} + + +LONG SCardDisconnect(SCARDHANDLE hCard, DWORD dwDisposition) +{ + Q_ASSERT(hCard == 8); + Q_UNUSED(dwDisposition) + + return SCARD_S_SUCCESS; +} + + +LONG SCardGetStatusChange(SCARDCONTEXT hContext, DWORD dwTimeout, SCARD_READERSTATE* rgReaderStates, DWORD cReaders) +{ + Q_ASSERT(hContext == 4); + Q_UNUSED(dwTimeout) + Q_UNUSED(rgReaderStates) + Q_UNUSED(cReaders) + + return SCARD_S_SUCCESS; +} + + +LONG SCardCancel(SCARDCONTEXT hContext) +{ + Q_ASSERT(hContext == 4); + + return SCARD_S_SUCCESS; +} + + +LONG SCardReleaseContext(SCARDCONTEXT hContext) +{ + Q_ASSERT(hContext == 4); + + return SCARD_S_SUCCESS; +} diff --git a/test/qt/card/pcsc/test_PcscReader.cpp b/test/qt/card/pcsc/test_PcscReader.cpp new file mode 100644 index 000000000..f20568661 --- /dev/null +++ b/test/qt/card/pcsc/test_PcscReader.cpp @@ -0,0 +1,52 @@ +/** + * Copyright (c) 2023 Governikus GmbH & Co. KG, Germany + */ + +/*! + * \brief Unit tests for \ref PcscReader + */ + +#include "PcscReader.h" + +#include + +using namespace governikus; + + +class test_PcscReader + : public QObject +{ + Q_OBJECT + + private Q_SLOTS: + void createDestroy() + { +#if !(defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)) && !defined(Q_OS_FREEBSD) + QSKIP("Using LD_PRELOAD is not supported"); +#endif + + const QString readerName = QStringLiteral("PCSC"); + + QTest::ignoreMessage(QtDebugMsg, QStringLiteral("\"%1\"").arg(readerName).toUtf8().data()); + QScopedPointer reader(new PcscReader(readerName)); + QCOMPARE(reader->objectName(), readerName); + QVERIFY(reader->getState().szReader); + QVERIFY(!reader->hasFeature(FeatureID::TLV_PROPERTIES)); + + QTest::ignoreMessage(QtDebugMsg, QStringLiteral("\"%1\"").arg(readerName).toUtf8().data()); + QTest::ignoreMessage(QtDebugMsg, QStringLiteral("\"%1\"").arg(readerName).toUtf8().data()); + reader.reset(new PcscReader(readerName)); + + QCOMPARE(reader->init(), PcscUtils::Scard_S_Success); + QVERIFY(reader->hasFeature(FeatureID::TLV_PROPERTIES)); + QCOMPARE(reader->getFeatureValue(FeatureID::TLV_PROPERTIES), 1110638610); + + QTest::ignoreMessage(QtDebugMsg, QStringLiteral("\"%1\"").arg(readerName).toUtf8().data()); + reader.reset(); + } + + +}; + +QTEST_GUILESS_MAIN(test_PcscReader) +#include "test_PcscReader.moc" diff --git a/test/qt/card/pcsc/test_PcscReaderManagerPlugIn.cpp b/test/qt/card/pcsc/test_PcscReaderManagerPlugIn.cpp new file mode 100644 index 000000000..c114f645b --- /dev/null +++ b/test/qt/card/pcsc/test_PcscReaderManagerPlugIn.cpp @@ -0,0 +1,45 @@ +/** + * Copyright (c) 2023 Governikus GmbH & Co. KG, Germany + */ + +/*! + * \brief Unit tests for \ref PcscReaderManagerPlugIn + */ + +#include "PcscReaderManagerPlugIn.h" + +#include + +using namespace governikus; + + +class test_PcscReaderManagerPlugIn + : public QObject +{ + Q_OBJECT + + private Q_SLOTS: + void addReaders() + { +#if !(defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)) && !defined(Q_OS_FREEBSD) + QSKIP("Using LD_PRELOAD is not supported"); +#endif + + const QString readerName = QStringLiteral("PCSC"); + + PcscReaderManagerPlugIn plugin; + QCOMPARE(plugin.objectName(), QStringLiteral("PcscReaderManager")); + QVERIFY(plugin.getReaders().isEmpty()); + + QSignalSpy spyAdded(&plugin, &PcscReaderManagerPlugIn::fireReaderAdded); + QTest::ignoreMessage(QtDebugMsg, QStringLiteral("fireReaderAdded: \"%1\" ( 1 reader in total )").arg(readerName).toUtf8().data()); + plugin.addReaders({readerName}); + QCOMPARE(spyAdded.size(), 1); + QCOMPARE(plugin.getReaders().size(), 1); + } + + +}; + +QTEST_GUILESS_MAIN(test_PcscReaderManagerPlugIn) +#include "test_PcscReaderManagerPlugIn.moc" diff --git a/test/qt/card/simulator/test_SimulatorCard.cpp b/test/qt/card/simulator/test_SimulatorCard.cpp index 0c462030a..4653e5c9a 100644 --- a/test/qt/card/simulator/test_SimulatorCard.cpp +++ b/test/qt/card/simulator/test_SimulatorCard.cpp @@ -67,6 +67,16 @@ class test_SimulatorCard "56A7864104373CD3BAD6245F6EDEB382E066C57107B84BF5EF2834201AAEA41CC0D472890308" "3687C8C37C1D005C61BE2C122364101C2CBC41FFC3EC48C96E3F1D4F646ABE8701010100") << QByteArray::fromHex("7C2281206C877EC6E470BCC1C40F5AAC180D90EDB907AC091E33D402BDD3C99CD0DDE5039000"); + QTest::newRow("generalAuthenticateRi - wrong key") + << QByteArray::fromHex("008600000001257C820121A082011D060A04007F000702020502018120A9FB57DBA1EEA9BC3E" + "660A909D838D726E3BF623D52620282013481D1F6E537782207D5A0975FC2C3057EEF6753041" + "7AFFE7FB8055C126DC5C6CE94A4B44F330B5D9832026DC5C6CE94A4B44F330B5D9BBD77CBF95" + "8416295CF7E1CE6BCCDC18FF8C07B68441048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1" + "E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D" + "54C72F0469978520A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E829748" + "56A7864104373CD3BAD6245F6EDEB382E066C57107B84BF5EF2834201AAEA41CC0D472890308" + "3687C8C37C1D005C61BE2C122364101C2CBC41FFC3EC48C96E3F1D4F646ABE8701010100") + << QByteArray::fromHex("6981"); QTest::newRow("verify - existing") << QByteArray::fromHex("802080000B060904007f000703010403") << QByteArray::fromHex("9000"); QTest::newRow("verify - unknown") << QByteArray::fromHex("802080000B060904007f000703010404") << QByteArray::fromHex("6300"); QTest::newRow("verify - not proprietary") << QByteArray::fromHex("002080000B060904007f000703010403") << QByteArray::fromHex("6E00"); @@ -79,6 +89,9 @@ class test_SimulatorCard QFETCH(QByteArray, response); SimulatorCard card((SimulatorFileSystem())); + // Fill mCaKeyId for the restricted identification + card.transmit(CommandApdu(QByteArray::fromHex("002241A40F800A04007F00070202030202840129"))); + // Fill mRiKeyId for the restricted identification card.transmit(CommandApdu(QByteArray::fromHex("002241A40F800A04007F00070202050203840101"))); diff --git a/test/qt/card/simulator/test_SimulatorFileSystem.cpp b/test/qt/card/simulator/test_SimulatorFileSystem.cpp index 21e677a50..64be8ef22 100644 --- a/test/qt/card/simulator/test_SimulatorFileSystem.cpp +++ b/test/qt/card/simulator/test_SimulatorFileSystem.cpp @@ -9,6 +9,7 @@ #include "ResourceLoader.h" #include "TestFileHelper.h" +#include #include #include @@ -40,24 +41,36 @@ class test_SimulatorFileSystem void initTestCase() { - QJsonObject file; - file.insert("fileId", QJsonValue("0101")); - file.insert("shortFileId", QJsonValue("01")); - QJsonValue value(file); - - QJsonArray innerArray; - innerArray.append(value); - - QJsonArray array; - array.append(QJsonValue(innerArray)); - array.append(QJsonValue(value)); - - QJsonObject object; - object[QLatin1String("files")] = array; + QJsonDocument doc = QJsonDocument::fromJson(QByteArray(R"({ + "files": [ + [ + { + "fileId": "0101", + "shortFileId": "01" + } + ], + { + "fileId": "0101", + "shortFileId": "01" + } + ], + "keys": [ + [ + { + "id": 1 + } + ], + { + "id": 1 + } + ] +})")); QTest::ignoreMessage(QtWarningMsg, R"(Skipping file entry. Expected JSON object, got QJsonValue(array, QJsonArray([{"fileId":"0101","shortFileId":"01"}])))"); QTest::ignoreMessage(QtWarningMsg, R"(Skipping file entry. Expected JSON object with 'fileId', 'shortFileId' and 'content', got QJsonObject({"fileId":"0101","shortFileId":"01"}))"); - SimulatorFileSystem fs(object); + QTest::ignoreMessage(QtWarningMsg, R"(Skipping key entry. Expected JSON object, got QJsonValue(array, QJsonArray([{"id":1}])))"); + QTest::ignoreMessage(QtWarningMsg, R"(Skipping key entry. Expected JSON object with 'id' and 'private', got QJsonObject({"id":1}))"); + SimulatorFileSystem fs(doc.object()); } diff --git a/test/qt/configuration/test_ProviderConfigurationParser.cpp b/test/qt/configuration/test_ProviderConfigurationParser.cpp index e78c05468..447c0c4e6 100644 --- a/test/qt/configuration/test_ProviderConfigurationParser.cpp +++ b/test/qt/configuration/test_ProviderConfigurationParser.cpp @@ -224,8 +224,8 @@ class test_ProviderConfigurationParser QTest::addColumn("majorVersion"); QTest::addColumn("count"); - const int all = 112; - const int withEidSupport = 90; + const int all = 113; + const int withEidSupport = 91; QTest::newRow("win") << QOperatingSystemVersion::Windows << -1 << all; QTest::newRow("mac") << QOperatingSystemVersion::MacOS << -1 << all; QTest::newRow("linux") << QOperatingSystemVersion::Unknown << -1 << all; diff --git a/test/qt/ui/qml/test_ApplicationModel.cpp b/test/qt/ui/qml/test_ApplicationModel.cpp index 05f0e8cdc..339ba8617 100644 --- a/test/qt/ui/qml/test_ApplicationModel.cpp +++ b/test/qt/ui/qml/test_ApplicationModel.cpp @@ -8,6 +8,14 @@ #include "ApplicationModel.h" +#include "MockActivationContext.h" +#include "context/AuthContext.h" +#include "context/ChangePinContext.h" +#include "context/SelfAuthContext.h" +#if __has_include("context/PersonalizationContext.h") + #include "context/PersonalizationContext.h" +#endif + #include using namespace governikus; @@ -42,6 +50,32 @@ class test_ApplicationModel } + void test_getCurrentWorkflow_data() + { + QTest::addColumn>("context"); + QTest::addColumn("workflow"); + + QTest::addRow("No Context") << QSharedPointer() << ApplicationModel::Workflow::WORKFLOW_NONE; + QTest::addRow("AuthContext") << QSharedPointer(new AuthContext(QSharedPointer::create())) << ApplicationModel::Workflow::WORKFLOW_AUTHENTICATION; + QTest::addRow("ChangePinContext") << QSharedPointer(new ChangePinContext()) << ApplicationModel::Workflow::WORKFLOW_CHANGE_PIN; + QTest::addRow("SelfAuthContext") << QSharedPointer(new SelfAuthContext()) << ApplicationModel::Workflow::WORKFLOW_SELF_AUTHENTICATION; +#if __has_include("context/PersonalizationContext.h") + QTest::addRow("PersonalizationContext") << QSharedPointer(new PersonalizationContext(QString())) << ApplicationModel::Workflow::WORKFLOW_SMART; +#endif + } + + + void test_getCurrentWorkflow() + { + QFETCH(QSharedPointer, context); + QFETCH(ApplicationModel::Workflow, workflow); + + auto model = Env::getSingleton(); + model->resetContext(context); + QCOMPARE(model->getCurrentWorkflow(), workflow); + } + + }; QTEST_MAIN(test_ApplicationModel) diff --git a/test/qt/ui/webservice/test_UIPlugInWebService.cpp b/test/qt/ui/webservice/test_UIPlugInWebService.cpp index bee49e5e7..69d17b60d 100644 --- a/test/qt/ui/webservice/test_UIPlugInWebService.cpp +++ b/test/qt/ui/webservice/test_UIPlugInWebService.cpp @@ -142,11 +142,12 @@ class test_UIPlugInWebService { QTest::addColumn("url"); QTest::addColumn("header"); + QTest::addColumn("size"); QTest::addColumn("error"); - QTest::newRow("favicon") << QString("/favicon.ico") << QString("image/x-icon") << QNetworkReply::NoError; - QTest::newRow("logo") << QString("/images/html_templates/Logo_AusweisApp2.png") << QString("image/png") << QNetworkReply::NoError; - QTest::newRow("nothing") << QString("/images/html_templates/nothing.gif") << QString("text/plain; charset=utf-8") << QNetworkReply::ContentNotFoundError; + QTest::newRow("favicon") << QString("/favicon.ico") << QString("image/x-icon") << 94921 << QNetworkReply::NoError; + QTest::newRow("logo") << QString("/images/html_templates/Logo_AusweisApp2.png") << QString("image/png") << 3291 << QNetworkReply::NoError; + QTest::newRow("nothing") << QString("/images/html_templates/nothing.gif") << QString() << 0 << QNetworkReply::ContentNotFoundError; } @@ -154,11 +155,13 @@ class test_UIPlugInWebService { QFETCH(QString, url); QFETCH(QString, header); + QFETCH(int, size); QFETCH(QNetworkReply::NetworkError, error); HttpServerRequestor requestor; QSharedPointer reply = requestor.getRequest(getUrl(url)); QVERIFY(reply); + QCOMPARE(reply->readAll().size(), size); QCOMPARE(reply->error(), error); const auto& contentType = reply->header(QNetworkRequest::ContentTypeHeader); diff --git a/test/qt/workflows/personalization/test_StateGetChallenge.cpp b/test/qt/workflows/personalization/test_StateGetChallenge.cpp index 69670c2dd..f3cd84375 100644 --- a/test/qt/workflows/personalization/test_StateGetChallenge.cpp +++ b/test/qt/workflows/personalization/test_StateGetChallenge.cpp @@ -4,12 +4,10 @@ #include "states/StateGetChallenge.h" -#include "LogHandler.h" #include "ResourceLoader.h" #include "context/PersonalizationContext.h" #include "MockNetworkReply.h" -#include "TestFileHelper.h" #include @@ -36,7 +34,6 @@ class test_StateGetChallenge void init() { - Env::getSingleton()->init(); mContext.reset(new PersonalizationContext(QStringLiteral("https://dummy/v1/%1"))); mState.reset(new StateGetChallenge(mContext)); mState->setStateName("StateGetChallenge"); @@ -80,12 +77,10 @@ class test_StateGetChallenge { mState->mReply.reset(new MockNetworkReply(), &QObject::deleteLater); - QSignalSpy logSpy(Env::getSingleton()->getEventHandler(), &LogEventHandler::fireLog); QSignalSpy spyAbort(mState.data(), &StateGetChallenge::fireAbort); + QTest::ignoreMessage(QtDebugMsg, "No valid challenge to prepare personalization"); mState->onNetworkReply(); - const QString logMsg(logSpy.takeLast().at(0).toString()); - QVERIFY(logMsg.contains("No valid challenge to prepare personalization")); QCOMPARE(spyAbort.count(), 1); QCOMPARE(mState->getContext()->getStatus(), GlobalStatus::Code::Workflow_Server_Incomplete_Information_Provided); QCOMPARE(mState->getContext()->getFailureCode() == FailureCode::Reason::Get_Challenge_Invalid, true); @@ -113,12 +108,10 @@ class test_StateGetChallenge mState->mReply.reset(reply, &QObject::deleteLater); reply->setAttribute(QNetworkRequest::Attribute::HttpStatusCodeAttribute, 500); - QSignalSpy logSpy(Env::getSingleton()->getEventHandler(), &LogEventHandler::fireLog); QSignalSpy spyAbort(mState.data(), &StateGetChallenge::fireAbort); + QTest::ignoreMessage(QtDebugMsg, "Network request failed"); mState->onNetworkReply(); - const QString logMsg(logSpy.takeLast().at(0).toString()); - QVERIFY(logMsg.contains("Network request failed")); QCOMPARE(spyAbort.count(), 1); QCOMPARE(mState->getContext()->getStatus(), GlobalStatus::Code::Workflow_Server_Incomplete_Information_Provided); diff --git a/test/qt/workflows/personalization/test_StateGetSessionId.cpp b/test/qt/workflows/personalization/test_StateGetSessionId.cpp index 65922710a..afa33a93b 100644 --- a/test/qt/workflows/personalization/test_StateGetSessionId.cpp +++ b/test/qt/workflows/personalization/test_StateGetSessionId.cpp @@ -4,11 +4,9 @@ #include "states/StateGetSessionId.h" -#include "LogHandler.h" #include "context/PersonalizationContext.h" #include "MockNetworkReply.h" -#include "TestFileHelper.h" #include @@ -29,7 +27,6 @@ class test_StateGetSessionId private Q_SLOTS: void init() { - Env::getSingleton()->init(); mContext = QSharedPointer::create(QString()); mState.reset(new StateGetSessionId(mContext)); mState->setStateName("StateGetSessionId"); @@ -75,12 +72,10 @@ class test_StateGetSessionId mState->mReply.reset(new MockNetworkReply(data), &QObject::deleteLater); - QSignalSpy logSpy(Env::getSingleton()->getEventHandler(), &LogEventHandler::fireLog); QSignalSpy spyAbort(mState.data(), &StateGetSessionId::fireAbort); + QTest::ignoreMessage(QtDebugMsg, "No valid sessionID to prepare personalization"); mState->onNetworkReply(); - const QString logMsg(logSpy.takeLast().at(0).toString()); - QVERIFY(logMsg.contains("No valid sessionID to prepare personalization")); QCOMPARE(spyAbort.count(), 1); QCOMPARE(mState->getContext()->getStatus(), GlobalStatus::Code::Workflow_Server_Incomplete_Information_Provided); QCOMPARE(mState->getContext()->getFailureCode(), FailureCode::Reason::Get_Session_Id_Invalid); @@ -120,12 +115,10 @@ class test_StateGetSessionId mState->mReply.reset(reply, &QObject::deleteLater); reply->setAttribute(QNetworkRequest::Attribute::HttpStatusCodeAttribute, 500); - QSignalSpy logSpy(Env::getSingleton()->getEventHandler(), &LogEventHandler::fireLog); QSignalSpy spyAbort(mState.data(), &StateGetSessionId::fireAbort); + QTest::ignoreMessage(QtDebugMsg, "Network request failed"); mState->onNetworkReply(); - const QString logMsg(logSpy.takeLast().at(0).toString()); - QVERIFY(logMsg.contains("Network request failed")); QCOMPARE(spyAbort.count(), 1); QCOMPARE(mState->getContext()->getStatus(), GlobalStatus::Code::Workflow_Server_Incomplete_Information_Provided); const FailureCode::FailureInfoMap infoMap { diff --git a/test/qt/workflows/personalization/test_StatePreparePersonalization.cpp b/test/qt/workflows/personalization/test_StatePreparePersonalization.cpp index 8fb687e72..e85692b01 100644 --- a/test/qt/workflows/personalization/test_StatePreparePersonalization.cpp +++ b/test/qt/workflows/personalization/test_StatePreparePersonalization.cpp @@ -9,7 +9,6 @@ #include "context/PersonalizationContext.h" #include "MockNetworkManager.h" -#include "TestFileHelper.h" #include @@ -96,12 +95,10 @@ class test_StatePreparePersonalization mState->mReply.reset(reply, &QObject::deleteLater); reply->setAttribute(QNetworkRequest::Attribute::HttpStatusCodeAttribute, 500); - QSignalSpy logSpy(Env::getSingleton()->getEventHandler(), &LogEventHandler::fireLog); QSignalSpy spyAbort(mState.data(), &StatePreparePersonalization::fireAbort); + QTest::ignoreMessage(QtDebugMsg, QRegularExpression("Network request failed")); mState->onNetworkReply(); - const QString logMsg(logSpy.takeLast().at(0).toString()); - QVERIFY(logMsg.contains("Network request failed")); QCOMPARE(spyAbort.count(), 1); QCOMPARE(mState->getContext()->getStatus(), GlobalStatus::Code::Workflow_Server_Incomplete_Information_Provided); const FailureCode::FailureInfoMap infoMap { diff --git a/test/qt/workflows/states/test_StateEstablishPaceChannel.cpp b/test/qt/workflows/states/test_StateEstablishPaceChannel.cpp index f28a65f5d..a9dc2eea9 100644 --- a/test/qt/workflows/states/test_StateEstablishPaceChannel.cpp +++ b/test/qt/workflows/states/test_StateEstablishPaceChannel.cpp @@ -78,12 +78,12 @@ class test_StateEstablishPaceChannel void test_Run_NoConnection() { mAuthContext->setEstablishPaceChannelType(PacePasswordId::PACE_PIN); - QSignalSpy spyAbort(mState.data(), &StateEstablishPaceChannel::fireAbort); + QSignalSpy spyNoCardConnection(mState.data(), &StateEstablishPaceChannel::fireNoCardConnection); QTest::ignoreMessage(QtDebugMsg, "No card connection available."); mState->run(); - QCOMPARE(spyAbort.count(), 1); - QCOMPARE(mAuthContext->getFailureCode(), FailureCode::Reason::Establish_Pace_Channel_No_Card_Connection); + QCOMPARE(spyNoCardConnection.count(), 1); + QVERIFY(!mAuthContext->getFailureCode().has_value()); } @@ -108,27 +108,27 @@ class test_StateEstablishPaceChannel { mAuthContext->setStatus(GlobalStatus::Code::Card_Cancellation_By_User); mAuthContext->setFailureCode(FailureCode::Reason::User_Cancelled); - QSignalSpy spyPropagateAbort(mState.data(), &StateEstablishPaceChannel::firePropagateAbort); + QSignalSpy spyPaceChannelFailed(mState.data(), &StateEstablishPaceChannel::firePaceChannelFailed); mState->run(); - QCOMPARE(spyPropagateAbort.count(), 1); + QCOMPARE(spyPaceChannelFailed.count(), 1); } void test_OnKillWorkflow() { QSignalSpy spyAbort(mState.data(), &AbstractState::fireAbort); - QSignalSpy spyPropagateAbort(mState.data(), &StateEstablishPaceChannel::firePropagateAbort); + QSignalSpy spyPaceChannelFailed(mState.data(), &StateEstablishPaceChannel::firePaceChannelFailed); mState->setStateName("StateEstablishPaceChannel"); mState->onEntry(nullptr); QCOMPARE(spyAbort.count(), 0); - QCOMPARE(spyPropagateAbort.count(), 0); + QCOMPARE(spyPaceChannelFailed.count(), 0); mAuthContext->killWorkflow(); QTRY_COMPARE(spyAbort.count(), 1); // clazy:exclude=qstring-allocations - QTRY_COMPARE(spyPropagateAbort.count(), 1); // clazy:exclude=qstring-allocations + QTRY_COMPARE(spyPaceChannelFailed.count(), 1); // clazy:exclude=qstring-allocations } diff --git a/test/qt/workflows/states/test_StateGetTcToken.cpp b/test/qt/workflows/states/test_StateGetTcToken.cpp index 0a6cbea74..68e467c0d 100644 --- a/test/qt/workflows/states/test_StateGetTcToken.cpp +++ b/test/qt/workflows/states/test_StateGetTcToken.cpp @@ -40,12 +40,12 @@ class test_StateGetTcToken QSignalSpy spyAbort(&state, &StateGetTcToken::fireAbort); context->setTcTokenUrl(validUrl); - QTest::ignoreMessage(QtDebugMsg, "Got TC Token URL: QUrl(\"https://a.not.existing.valid.test.url.com\")"); + QTest::ignoreMessage(QtDebugMsg, "Fetch TCToken URL: QUrl(\"https://a.not.existing.valid.test.url.com\")"); state.run(); QCOMPARE(spyAbort.count(), 0); context->setTcTokenUrl(invalidUrl); - QTest::ignoreMessage(QtDebugMsg, "Got TC Token URL: QUrl(\"test\")"); + QTest::ignoreMessage(QtCriticalMsg, "TCToken URL is invalid: QUrl(\"test\")"); state.run(); QCOMPARE(spyAbort.count(), 1); QCOMPARE(context->getFailureCode(), FailureCode::Reason::Get_TcToken_Invalid_Url); diff --git a/test/qt/workflows/states/test_StatePreparePace.cpp b/test/qt/workflows/states/test_StatePreparePace.cpp index bd83b0c37..87ed27ae5 100644 --- a/test/qt/workflows/states/test_StatePreparePace.cpp +++ b/test/qt/workflows/states/test_StatePreparePace.cpp @@ -48,13 +48,13 @@ class test_StatePreparePace void test_Run_NoCardConnection() { - QSignalSpy spyAbort(mState.data(), &StatePreparePace::fireAbort); + QSignalSpy spyNoCardConnection(mState.data(), &StatePreparePace::fireNoCardConnection); QTest::ignoreMessage(QtDebugMsg, "Card connection lost."); mContext->setStateApproved(); - QTRY_COMPARE(spyAbort.count(), 1); // clazy:exclude=qstring-allocations + QTRY_COMPARE(spyNoCardConnection.count(), 1); // clazy:exclude=qstring-allocations QCOMPARE(mContext->getEstablishPaceChannelType(), PacePasswordId::UNKNOWN); - QCOMPARE(mContext->getFailureCode(), FailureCode::Reason::Prepace_Pace_No_Card_Connection); + QVERIFY(!mContext->getFailureCode().has_value()); } diff --git a/test/qt/workflows/states/test_StateStartPaosResponse.cpp b/test/qt/workflows/states/test_StateStartPaosResponse.cpp index a2fa945a3..127513971 100644 --- a/test/qt/workflows/states/test_StateStartPaosResponse.cpp +++ b/test/qt/workflows/states/test_StateStartPaosResponse.cpp @@ -39,6 +39,24 @@ class test_StateStartPaosResponse } + void missingStartPAOSResponse() + { + QSignalSpy spyAbort(mState.data(), &StateStartPaosResponse::fireAbort); + + mAuthContext->setStateApproved(); + QTRY_COMPARE(spyAbort.count(), 1); // clazy:exclude=qstring-allocations + + const GlobalStatus& status = mState->getContext()->getStatus(); + QCOMPARE(status.getStatusCode(), GlobalStatus::Code::Workflow_Start_Paos_Response_Missing); + + const ECardApiResult& result = mState->getContext()->getStartPaosResult(); + QCOMPARE(result.getMajor(), ECardApiResult::Major::Ok); + QCOMPARE(result.getMinor(), ECardApiResult::Minor::null); + + QCOMPARE(mAuthContext->getFailureCode(), FailureCode::Reason::Start_Paos_Response_Missing); + } + + void takeResultFromStartPAOSResponse() { QSharedPointer startPAOSResponse(new StartPaosResponse(TestFileHelper::readFile(":/paos/StartPAOSResponse3.xml"))); diff --git a/test/qt/workflows/states/test_StateUpdRetryCounter.cpp b/test/qt/workflows/states/test_StateUpdRetryCounter.cpp index 8c23ce3b9..d7c6bee9f 100644 --- a/test/qt/workflows/states/test_StateUpdRetryCounter.cpp +++ b/test/qt/workflows/states/test_StateUpdRetryCounter.cpp @@ -55,12 +55,14 @@ class test_StateUpdateRetryCounter StateUpdateRetryCounter counter(context); QSignalSpy spyContinue(&counter, &StateUpdateRetryCounter::fireContinue); QSignalSpy spyAbort(&counter, &StateUpdateRetryCounter::fireAbort); + QSignalSpy spyNoCardConnection(&counter, &StateUpdateRetryCounter::fireNoCardConnection); QTest::ignoreMessage(QtDebugMsg, "No card connection available."); counter.run(); QCOMPARE(spyContinue.count(), 0); - QCOMPARE(spyAbort.count(), 1); - QCOMPARE(context->getFailureCode(), FailureCode::Reason::Update_Retry_Counter_No_Card_Connection); + QCOMPARE(spyAbort.count(), 0); + QCOMPARE(spyNoCardConnection.count(), 1); + QVERIFY(!context->getFailureCode().has_value()); } @@ -72,13 +74,14 @@ class test_StateUpdateRetryCounter const QSharedPointer command(new MockCardCommand(worker)); QSignalSpy spyContinue(&counter, &StateUpdateRetryCounter::fireContinue); QSignalSpy spyAbort(&counter, &StateUpdateRetryCounter::fireAbort); + QSignalSpy spyNoCardConnection(&counter, &StateUpdateRetryCounter::fireNoCardConnection); QTest::ignoreMessage(QtDebugMsg, "StateUpdateRetryCounter::onUpdateRetryCounterDone()"); - QTest::ignoreMessage(QtCriticalMsg, "An error occurred while communicating with the card reader, cannot determine retry counter, abort state"); + QTest::ignoreMessage(QtCriticalMsg, "An error ( UNKNOWN ) occurred while communicating with the card reader, cannot determine retry counter, abort state"); counter.onUpdateRetryCounterDone(command); - QCOMPARE(spyAbort.count(), 1); - QCOMPARE(context->getFailureCode(), FailureCode::Reason::Update_Retry_Counter_Communication_Error); - + QCOMPARE(spyAbort.count(), 0); + QCOMPARE(spyNoCardConnection.count(), 1); + QVERIFY(!context->getFailureCode().has_value()); command->setMockReturnCode(CardReturnCode::OK); context->setCardConnection(QSharedPointer::create()); QTest::ignoreMessage(QtDebugMsg, "StateUpdateRetryCounter::onUpdateRetryCounterDone()"); diff --git a/test/qt/workflows/states/test_StateVerifyRetryCounter.cpp b/test/qt/workflows/states/test_StateVerifyRetryCounter.cpp index 2bbfeacb4..6e3b0b198 100644 --- a/test/qt/workflows/states/test_StateVerifyRetryCounter.cpp +++ b/test/qt/workflows/states/test_StateVerifyRetryCounter.cpp @@ -66,12 +66,12 @@ class test_StateVerifyRetryCounter void test_Run_NoConnection() { - QSignalSpy spyAbort(mState.data(), &StateVerifyRetryCounter::fireAbort); + QSignalSpy spyNoCardConnection(mState.data(), &StateVerifyRetryCounter::fireNoCardConnection); QTest::ignoreMessage(QtDebugMsg, "Card connection lost."); mContext->setStateApproved(); - QTRY_COMPARE(spyAbort.count(), 1); // clazy:exclude=qstring-allocations - QCOMPARE(mContext->getFailureCode(), FailureCode::Reason::Verify_Retry_Counter_No_Card_Connection); + QTRY_COMPARE(spyNoCardConnection.count(), 1); // clazy:exclude=qstring-allocations + QVERIFY(!mContext->getFailureCode().has_value()); } diff --git a/test/qt/workflows/states/test_StateWriteHistory.cpp b/test/qt/workflows/states/test_StateWriteHistory.cpp index fec2f6e8e..78a6c70e2 100644 --- a/test/qt/workflows/states/test_StateWriteHistory.cpp +++ b/test/qt/workflows/states/test_StateWriteHistory.cpp @@ -57,19 +57,6 @@ class test_StateWriteHistory } - void test_RunNoEffectiveAccessRights() - { - QSignalSpy spyAbort(mState.data(), &StateWriteHistory::fireAbort); - Env::getSingleton()->getHistorySettings().setEnabled(true); - *mContext->getAccessRightManager() = {}; - - QTest::ignoreMessage(QtWarningMsg, "No effective CHAT in context."); - mContext->setStateApproved(); - QTRY_COMPARE(spyAbort.count(), 1); // clazy:exclude=qstring-allocations - QCOMPARE(*mContext->getFailureCode(), FailureCode::Reason::Write_History_No_Chat); - } - - void test_RunNoError() { SDK_MODE(false);