Beispiel #1
0
AB_USER *AB_Banking_FindUser(const AB_BANKING *ab,
                             const char *backendName,
                             const char *country,
                             const char *bankId,
                             const char *userId,
                             const char *customerId) {
  AB_USER *u;

  assert(ab);
  if (AB_User_List_GetCount(ab->users)==0) {
    DBG_INFO(AQBANKING_LOGDOMAIN, "No users");
    return 0;
  }
  u=AB_User_List_First(ab->users);
  assert(u);

  if (!backendName) backendName="*";
  if (!country) country="*";
  if (!bankId) bankId="*";
  if (!userId) userId="*";
  if (!customerId) customerId="*";

  while(u) {
    const char *lCountry;
    const char *lBankCode;
    const char *lUserId;
    const char *lCustomerId;

    lCountry=AB_User_GetCountry(u);
    if (!lCountry)
      lCountry="";
    lBankCode=AB_User_GetBankCode(u);
    if (!lBankCode)
      lBankCode="";
    lUserId=AB_User_GetUserId(u);
    if (!lUserId)
      lUserId="";
    lCustomerId=AB_User_GetCustomerId(u);
    if (!lCustomerId)
      lCustomerId="";

    if ((-1!=GWEN_Text_ComparePattern(AB_User_GetBackendName(u),
                                      backendName, 0)) &&
        (-1!=GWEN_Text_ComparePattern(lCountry,
                                      country, 0)) &&
        (-1!=GWEN_Text_ComparePattern(lBankCode,
                                      bankId, 0)) &&
        (-1!=GWEN_Text_ComparePattern(lUserId,
                                      userId, 0)) &&
        (-1!=GWEN_Text_ComparePattern(lCustomerId,
                                      customerId, 0)))
      break;
    u=AB_User_List_Next(u);
  } /* while */

  return u;
}
Beispiel #2
0
static void createUserListBoxString(const AB_USER *u, GWEN_BUFFER *tbuf)
{
  const char *s;
  char numbuf[32];
  uint32_t uid;

  /* column 1 */
  uid=AB_User_GetUniqueId(u);
  snprintf(numbuf, sizeof(numbuf)-1, "%06d", uid);
  numbuf[sizeof(numbuf)-1]=0;
  GWEN_Buffer_AppendString(tbuf, numbuf);
  GWEN_Buffer_AppendString(tbuf, "\t");

  /* column 2 */
  s=AB_User_GetBankCode(u);
  if (s && *s)
    GWEN_Buffer_AppendString(tbuf, s);
  GWEN_Buffer_AppendString(tbuf, "\t");

  /* column 3 */
  s=AB_User_GetUserId(u);
  if (s && *s)
    GWEN_Buffer_AppendString(tbuf, s);
  GWEN_Buffer_AppendString(tbuf, "\t");

  /* column 4 */
  s=AB_User_GetCustomerId(u);
  if (s && *s)
    GWEN_Buffer_AppendString(tbuf, s);
  GWEN_Buffer_AppendString(tbuf, "\t");

  /* column 5 */
  s=AB_User_GetUserName(u);
  if (s && *s)
    GWEN_Buffer_AppendString(tbuf, s);
  GWEN_Buffer_AppendString(tbuf, "\t");

  /* column 6 */
  s=AB_User_GetBackendName(u);
  if (s && *s)
    GWEN_Buffer_AppendString(tbuf, s);
}
Beispiel #3
0
int AH_NewKeyFileDialog_DoIt(GWEN_DIALOG *dlg) {
  AH_NEWKEYFILE_DIALOG *xdlg;
  AB_USER *u;
  GWEN_URL *url;
  int rv;
  uint32_t pid;
  AB_IMEXPORTER_CONTEXT *ctx;
  AB_PROVIDER *pro;
  GWEN_PLUGIN_MANAGER *pm;
  GWEN_PLUGIN *pl;
  GWEN_CRYPT_TOKEN *ct;

  assert(dlg);
  xdlg=GWEN_INHERIT_GETDATA(GWEN_DIALOG, AH_NEWKEYFILE_DIALOG, dlg);
  assert(xdlg);

  rv=AH_NewKeyFileDialog_GetFilePageData(dlg);
  if (rv<0) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "No file?");
    // TODO: show error message
    return GWEN_DialogEvent_ResultHandled;
  }

  pro=AB_Banking_GetProvider(xdlg->banking, "aqhbci");
  if (pro==NULL) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not find backend, maybe some plugins are not installed?");
    GWEN_Gui_ShowError(I18N("Error"),
		       "%s",
		       I18N("Could not find HBCI backend, maybe some plugins are not installed?"));
    return GWEN_DialogEvent_ResultHandled;
  }

  u=AB_Banking_CreateUser(xdlg->banking, "aqhbci");
  if (u==NULL) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not create user, maybe backend missing?");
    GWEN_Gui_ShowError(I18N("Error"), "%s", I18N("Could not find HBCI backend, maybe some plugins are not installed?"));
    return GWEN_DialogEvent_ResultHandled;
  }

  /* generic setup */
  AB_User_SetUserName(u, xdlg->userName);
  AB_User_SetUserId(u, xdlg->userId);
  if (xdlg->customerId && *(xdlg->customerId))
    AB_User_SetCustomerId(u, xdlg->customerId);
  else
    AB_User_SetCustomerId(u, xdlg->userId);
  AB_User_SetCountry(u, "de");

  AB_User_SetBankCode(u, xdlg->bankCode);

  /* HBCI setup */
  AH_User_SetTokenType(u, "ohbci");
  AH_User_SetTokenName(u, AH_NewKeyFileDialog_GetFileName(dlg));
  AH_User_SetTokenContextId(u, 1);
  AH_User_SetCryptMode(u, AH_CryptMode_Rdh);
  AH_User_SetStatus(u, AH_UserStatusPending);
  AH_User_SetHbciVersion(u, xdlg->hbciVersion);
  AH_User_SetRdhType(u, xdlg->rdhVersion);
  AH_User_SetFlags(u, xdlg->flags);

  /* create CryptToken */
  pm=GWEN_PluginManager_FindPluginManager(GWEN_CRYPT_TOKEN_PLUGIN_TYPENAME);
  if (pm==0) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Plugin manager not found");
    GWEN_Gui_ShowError(I18N("Error"),
		       I18N("CryptToken plugin for type %s is not available. Did you install all necessary packages?"),
		       GWEN_CRYPT_TOKEN_PLUGIN_TYPENAME);
    return 3;
  }

  pl=GWEN_PluginManager_GetPlugin(pm, AH_User_GetTokenType(u));
  if (pl==0) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Plugin not found");
    GWEN_Gui_ShowError(I18N("Error"),
		       I18N("CryptToken plugin for type %s is not available. Did you install all necessary packages?"),
		       AH_User_GetTokenType(u));
    AB_User_free(u);
    return GWEN_DialogEvent_ResultHandled;
  }

  ct=GWEN_Crypt_Token_Plugin_CreateToken(pl, AH_User_GetTokenName(u));
  if (ct==0) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not create crypt token");
    AB_User_free(u);
    return GWEN_DialogEvent_ResultHandled;
  }

  /* create crypt token */
  rv=GWEN_Crypt_Token_Create(ct, 0);
  if (rv<0) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not create token");
    GWEN_Gui_ShowError(I18N("Error"),
		       I18N("The keyfile %s could not be created. Maybe there already is a file of that name (%d)."),
		       GWEN_Crypt_Token_GetTokenName(ct),
		       rv);
    AB_User_free(u);
    return GWEN_DialogEvent_ResultHandled;
  }

  /* close crypt token */
  rv=GWEN_Crypt_Token_Close(ct, 0, 0);
  if (rv) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not close token");
    GWEN_Gui_ShowError(I18N("Error"),
		       I18N("The keyfile %s could not be closed. Please check disc space."),
		       GWEN_Crypt_Token_GetTokenName(ct),
		       rv);
    AB_User_free(u);
    unlink(AH_User_GetTokenName(u));
    return GWEN_DialogEvent_ResultHandled;
  }

  url=GWEN_Url_fromString(xdlg->url);
  assert(url);
  GWEN_Url_SetProtocol(url, "hbci");
  if (GWEN_Url_GetPort(url)==0)
    GWEN_Url_SetPort(url, 3000);
  AH_User_SetServerUrl(u, url);
  GWEN_Url_free(url);

  rv=AB_Banking_AddUser(xdlg->banking, u);
  if (rv<0) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not add user (%d)", rv);
    GWEN_Gui_ShowError(I18N("Error"),
		       I18N("Could not add HBCI user, maybe there already is a user of that id (%d)"),
		       rv);
    AB_User_free(u);
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not add user, maybe there already is a user of the same id (%d)?", rv);
    return GWEN_DialogEvent_ResultHandled;
  }

  pid=GWEN_Gui_ProgressStart(GWEN_GUI_PROGRESS_DELAY |
			     GWEN_GUI_PROGRESS_ALLOW_EMBED |
			     GWEN_GUI_PROGRESS_SHOW_PROGRESS |
			     GWEN_GUI_PROGRESS_SHOW_ABORT,
			     I18N("Setting Up Keyfile User"),
			     I18N("The server keys will now be retrieved, keys created and sent to the bank."),
			     3, /* getkeys, mkKeys, sendKeys */
			     0);
  /* lock new user */
  rv=AB_Banking_BeginExclUseUser(xdlg->banking, u);
  if (rv<0) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not lock user (%d)", rv);
    GWEN_Gui_ProgressLog2(pid,
			  GWEN_LoggerLevel_Error,
			  I18N("Unable to lock users (%d)"), rv);
    AB_Banking_DeleteUser(xdlg->banking, u);
    unlink(AH_NewKeyFileDialog_GetFileName(dlg));
    GWEN_Gui_ProgressEnd(pid);
    return GWEN_DialogEvent_ResultHandled;
  }

  /* get server keys id */
  GWEN_Gui_ProgressLog(pid,
		       GWEN_LoggerLevel_Notice,
		       I18N("Retrieving server keys"));
  ctx=AB_ImExporterContext_new();
  rv=AH_Provider_GetServerKeys(pro, u, ctx, 0, 1, 0);
  if (rv<0) {
    AB_Banking_EndExclUseUser(xdlg->banking, u, 1);
    DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv);
    AB_Banking_DeleteUser(xdlg->banking, u);
    unlink(AH_NewKeyFileDialog_GetFileName(dlg));
    GWEN_Gui_ProgressEnd(pid);
    return GWEN_DialogEvent_ResultHandled;
  }

  rv=AH_NewKeyFileDialog_CheckBankIniLetter(dlg, u);
  if (rv<0) {
    AB_Banking_EndExclUseUser(xdlg->banking, u, 1);
    DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv);
    AB_Banking_DeleteUser(xdlg->banking, u);
    unlink(AH_NewKeyFileDialog_GetFileName(dlg));
    GWEN_Gui_ProgressLog(pid,
			 GWEN_LoggerLevel_Error,
			 I18N("Bad bank keys, you should contact your bank."));
    GWEN_Gui_ProgressEnd(pid);
    return GWEN_DialogEvent_ResultHandled;
  }

  rv=GWEN_Gui_ProgressAdvance(pid, GWEN_GUI_PROGRESS_ONE);
  if (rv==GWEN_ERROR_USER_ABORTED) {
    AB_Banking_EndExclUseUser(xdlg->banking, u, 1);
    DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv);
    AB_Banking_DeleteUser(xdlg->banking, u);
    unlink(AH_NewKeyFileDialog_GetFileName(dlg));
    GWEN_Gui_ProgressLog(pid,
			 GWEN_LoggerLevel_Error,
			 I18N("Aborted by user."));
    GWEN_Gui_ProgressEnd(pid);
    return GWEN_DialogEvent_ResultHandled;
  }

  /* generate keys */
  rv=AH_Provider_CreateKeys(pro, u, 0);
  if (rv<0) {
    AB_Banking_EndExclUseUser(xdlg->banking, u, 1);
    DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv);
    AB_Banking_DeleteUser(xdlg->banking, u);
    unlink(AH_NewKeyFileDialog_GetFileName(dlg));
    GWEN_Gui_ProgressLog2(pid,
			  GWEN_LoggerLevel_Error,
			  I18N("Error generating keys: %d"), rv);
    GWEN_Gui_ProgressEnd(pid);
    return GWEN_DialogEvent_ResultHandled;
  }

  rv=GWEN_Gui_ProgressAdvance(pid, GWEN_GUI_PROGRESS_ONE);
  if (rv==GWEN_ERROR_USER_ABORTED) {
    AB_Banking_EndExclUseUser(xdlg->banking, u, 1);
    DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv);
    AB_Banking_DeleteUser(xdlg->banking, u);
    unlink(AH_NewKeyFileDialog_GetFileName(dlg));
    GWEN_Gui_ProgressLog(pid,
			 GWEN_LoggerLevel_Error,
			 I18N("Aborted by user."));
    GWEN_Gui_ProgressEnd(pid);
    return GWEN_DialogEvent_ResultHandled;
  }

  /* send user keys */
  GWEN_Gui_ProgressLog(pid,
		       GWEN_LoggerLevel_Notice,
		       I18N("Sending user keys"));
  ctx=AB_ImExporterContext_new();
  rv=AH_Provider_SendUserKeys2(pro, u, ctx, 0, 0, 1, 0); /* withAuthKey, withProgress, nounmount, doLock */
  if (rv<0) {
    AB_Banking_EndExclUseUser(xdlg->banking, u, 1);
    DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv);
    AB_Banking_DeleteUser(xdlg->banking, u);
    unlink(AH_NewKeyFileDialog_GetFileName(dlg));
    GWEN_Gui_ProgressEnd(pid);
    return GWEN_DialogEvent_ResultHandled;
  }

  rv=GWEN_Gui_ProgressAdvance(pid, GWEN_GUI_PROGRESS_ONE);
  if (rv==GWEN_ERROR_USER_ABORTED) {
    AB_Banking_EndExclUseUser(xdlg->banking, u, 1);
    DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv);
    AB_Banking_DeleteUser(xdlg->banking, u);
    //unlink(AH_NewKeyFileDialog_GetFileName(dlg));
    GWEN_Gui_ProgressLog(pid,
			 GWEN_LoggerLevel_Error,
			 I18N("Aborted by user."));
    GWEN_Gui_ProgressEnd(pid);
    return GWEN_DialogEvent_ResultHandled;
  }


  /* unlock user */
  rv=AB_Banking_EndExclUseUser(xdlg->banking, u, 0);
  if (rv<0) {
    DBG_INFO(AQHBCI_LOGDOMAIN,
	     "Could not unlock customer [%s] (%d)",
	     AB_User_GetCustomerId(u), rv);
    GWEN_Gui_ProgressLog2(pid,
			  GWEN_LoggerLevel_Error,
			  I18N("Could not unlock user %s (%d)"),
			  AB_User_GetUserId(u), rv);
    AB_Banking_EndExclUseUser(xdlg->banking, u, 1);
    AB_Banking_DeleteUser(xdlg->banking, u);
    GWEN_Gui_ProgressEnd(pid);
    return GWEN_DialogEvent_ResultHandled;
  }

  GWEN_Gui_ProgressEnd(pid);
  AH_NewKeyFileDialog_EnterPage(dlg, PAGE_END, 1);

  xdlg->user=u;

  return GWEN_DialogEvent_ResultHandled;
}
Beispiel #4
0
int EBC_Provider_MkEuZipDoc_A004(AB_PROVIDER *pro,
				 AB_USER *u,
				 const char *requestType,
				 const uint8_t *pMsg,
				 uint32_t lMsg,
				 GWEN_BUFFER *sbuf) {
  int rv;
  xmlDocPtr doc;
  xmlNodePtr root_node;
  xmlNodePtr node;
  xmlNsPtr ns;
  GWEN_BUFFER *tbuf;
  GWEN_BUFFER *bbuf;

  tbuf=GWEN_Buffer_new(0, 256, 0, 1);
  rv=EBC_Provider_EuSign_A004(pro, u, requestType, pMsg, lMsg, tbuf);
  if (rv) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    GWEN_Buffer_free(tbuf);
    return rv;
  }

  bbuf=GWEN_Buffer_new(0, (GWEN_Buffer_GetUsedBytes(tbuf)*3)/2, 0, 1);
  rv=GWEN_Base64_Encode((const uint8_t*)GWEN_Buffer_GetStart(tbuf),
			GWEN_Buffer_GetUsedBytes(tbuf),
			bbuf, 0);
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    GWEN_Buffer_free(bbuf);
    GWEN_Buffer_free(tbuf);
    return rv;
  }
  GWEN_Buffer_free(tbuf);

  doc=xmlNewDoc(BAD_CAST "1.0");

  root_node=xmlNewNode(NULL, BAD_CAST "UserSignatureData");
  xmlDocSetRootElement(doc, root_node);
  ns=xmlNewNs(root_node,
	      BAD_CAST "http://www.ebics.org/H002",
	      NULL);
  assert(ns);
  ns=xmlNewNs(root_node,
	      BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
	      BAD_CAST "xsi");
  xmlNewNsProp(root_node,
	       ns,
	       BAD_CAST "schemaLocation", /* xsi:schemaLocation */
	       BAD_CAST "http://www.ebics.org/H002 "
	       "http://www.ebics.org/H002/ebics_orders.xsd");

  node=xmlNewTextChild(root_node, NULL,
		       BAD_CAST "OrderSignature",
		       BAD_CAST GWEN_Buffer_GetStart(bbuf));
  GWEN_Buffer_free(bbuf);

  xmlNewProp(node,
	     BAD_CAST "PartnerID",
	     BAD_CAST AB_User_GetCustomerId(u));


  rv=EB_Xml_CompressDoc(doc, sbuf);
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    xmlFreeDoc(doc);
    return rv;
  }

  xmlFreeDoc(doc);


  return 0;
}
Beispiel #5
0
static int EBC_Provider_XchgHpbRequest_H003(AB_PROVIDER *pro,
					    GWEN_HTTP_SESSION *sess,
					    AB_USER *u) {
  EBC_PROVIDER *dp;
  int rv;
  GWEN_CRYPT_TOKEN *ct;
  const GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  uint32_t keyId;
  xmlNsPtr ns;
  EB_MSG *msg;
  EB_MSG *mRsp;
  EB_RC rc;
  xmlDocPtr doc;
  xmlNodePtr root_node = NULL;
  xmlNodePtr node = NULL;
  xmlNodePtr sigNode = NULL;
  GWEN_BUFFER *tbuf;
  const char *s;

  assert(pro);
  dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro);
  assert(dp);

  /* get crypt token and context */
  rv=EBC_Provider_MountToken(pro, u, &ct, &ctx);
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* create request */
  msg=EB_Msg_new();
  doc=EB_Msg_GetDoc(msg);
  root_node=xmlNewNode(NULL, BAD_CAST "ebicsNoPubKeyDigestsRequest");
  xmlDocSetRootElement(doc, root_node);
  ns=xmlNewNs(root_node,
	      BAD_CAST "http://www.ebics.org/H003",
	      NULL);
  assert(ns);
  ns=xmlNewNs(root_node,
	      BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
	      BAD_CAST "ds");
  assert(ns);
  ns=xmlNewNs(root_node,
	      BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
	      BAD_CAST "xsi");
  xmlNewNsProp(root_node,
	       ns,
	       BAD_CAST "schemaLocation", /* xsi:schemaLocation */
	       BAD_CAST "http://www.ebics.org/H003 "
	       "http://www.ebics.org/H003/ebics_keymgmt_request.xsd");

  xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H003");
  xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1");

  /* header */
  node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL);
  xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true");
  xmlNewChild(node, NULL, BAD_CAST "static", NULL);
  xmlNewChild(node, NULL, BAD_CAST "mutable", NULL);

  sigNode=xmlNewChild(root_node, NULL, BAD_CAST "AuthSignature", NULL);

  /* body */
  node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL);

  /* fill */
  s=EBC_User_GetPeerId(u);
  if (s)
    EB_Msg_SetCharValue(msg, "header/static/HostID", s);

  /* generate Nonce */
  tbuf=GWEN_Buffer_new(0, 128, 0, 1);
  rv=EBC_Provider_GenerateNonce(pro, tbuf);
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    GWEN_Buffer_free(tbuf);
    EB_Msg_free(msg);
    return rv;
  }
  EB_Msg_SetCharValue(msg, "header/static/Nonce", GWEN_Buffer_GetStart(tbuf));
  GWEN_Buffer_Reset(tbuf);

  /* generate timestamp */
  rv=EBC_Provider_GenerateTimeStamp(pro, u, tbuf);
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    GWEN_Buffer_free(tbuf);
    EB_Msg_free(msg);
    return rv;
  }
  EB_Msg_SetCharValue(msg, "header/static/Timestamp", GWEN_Buffer_GetStart(tbuf));
  GWEN_Buffer_free(tbuf);

  s=AB_User_GetCustomerId(u);
  if (s)
    EB_Msg_SetCharValue(msg, "header/static/PartnerID", s);
  EB_Msg_SetCharValue(msg, "header/static/UserID",
		      AB_User_GetUserId(u));
  EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", "HPB");

  EB_Msg_SetCharValue(msg,
		      "header/static/OrderDetails/OrderAttribute",
		      "DZHNN");
  EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0000");

  /* sign */
  rv=EBC_Provider_SignMessage(pro, msg, u, sigNode);
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    EB_Msg_free(msg);
    return rv;
  }

  /* exchange requests */
  rv=EBC_Dialog_ExchangeMessages(sess, msg, &mRsp);
  if (rv<0 || rv>=300) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
    EB_Msg_free(msg);
    return rv;
  }
  EB_Msg_free(msg);

  /* check response */
  assert(mRsp);

  /* log results */
  EBC_Provider_LogRequestResults(pro, mRsp, NULL);

  rc=EB_Msg_GetResultCode(mRsp);
  if ((rc & 0xff0000)==0x090000 ||
      (rc & 0xff0000)==0x060000) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
    EB_Msg_free(mRsp);
    return AB_ERROR_SECURITY;
  }
  rc=EB_Msg_GetBodyResultCode(mRsp);
  if (rc) {
    if ((rc & 0xff0000)==0x090000 ||
	(rc & 0xff0000)==0x060000) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
      EB_Msg_free(mRsp);
      if ((rc & 0xfff00)==0x091300 ||
	  (rc & 0xfff00)==0x091200)
	return AB_ERROR_SECURITY;
      else
	return GWEN_ERROR_GENERIC;
    }
  }
  if (1) {
    xmlDocPtr orderDoc=NULL;
    xmlNodePtr root_node=NULL;
    xmlNodePtr node=NULL;
    GWEN_CRYPT_KEY *skey=NULL;
    GWEN_BUFFER *buf1;
    GWEN_BUFFER *buf2;
    const char *s;

    /* extract keys and store them */
    node=EB_Xml_GetNode(EB_Msg_GetRootNode(mRsp),
			"body/DataTransfer/DataEncryptionInfo",
			GWEN_PATH_FLAGS_NAMEMUSTEXIST);
    if (node==NULL) {
      DBG_ERROR(AQEBICS_LOGDOMAIN,
		"Bad message from server: Missing session key");
      EB_Msg_free(mRsp);
      return GWEN_ERROR_BAD_DATA;
    }
    rv=EBC_Provider_ExtractSessionKey(pro, u, node, &skey);
    if (rv<0) {
      DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
      EB_Msg_free(mRsp);
      return rv;
    }

    s=EB_Msg_GetCharValue(mRsp, "body/DataTransfer/OrderData", NULL);
    if (!s) {
      DBG_ERROR(AQEBICS_LOGDOMAIN,
		"Bad message from server: Missing OrderData");
      EB_Msg_free(mRsp);
      return GWEN_ERROR_BAD_DATA;
    }
    buf1=GWEN_Buffer_new(0, strlen(s), 0, 1);
    rv=GWEN_Base64_Decode((const uint8_t*)s, 0, buf1);
    if (rv<0) {
      DBG_INFO(AQEBICS_LOGDOMAIN, "Could not decode OrderData (%d)", rv);
      GWEN_Buffer_free(buf1);
      EB_Msg_free(mRsp);
      return rv;
    }

    /* decode data */
    buf2=GWEN_Buffer_new(0, GWEN_Buffer_GetUsedBytes(buf1), 0, 1);
    rv=EBC_Provider_DecryptData(pro, u, skey,
				(const uint8_t*)GWEN_Buffer_GetStart(buf1),
				GWEN_Buffer_GetUsedBytes(buf1),
				buf2);
    if (rv<0) {
      DBG_INFO(AQEBICS_LOGDOMAIN, "Could not decrypt OrderData (%d)", rv);
      GWEN_Buffer_free(buf2);
      GWEN_Buffer_free(buf1);
      return rv;
    }

    /* parse XML document */
    rv=EB_Xml_DocFromBuffer(GWEN_Buffer_GetStart(buf2),
			    GWEN_Buffer_GetUsedBytes(buf2),
			    &orderDoc);
    GWEN_Buffer_free(buf2);
    GWEN_Buffer_free(buf1);
    if (rv<0) {
      DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
      EB_Msg_free(mRsp);
      return rv;
    }

    /* get keys */
    root_node=xmlDocGetRootElement(orderDoc);

    /* get auth key */
    node=EB_Xml_GetNode(root_node, "AuthenticationPubKeyInfo",
			GWEN_PATH_FLAGS_NAMEMUSTEXIST);
    if (node==NULL) {
      DBG_ERROR(AQEBICS_LOGDOMAIN,
		"No authentication key found");
      xmlFreeDoc(orderDoc);
      EB_Msg_free(mRsp);
      return GWEN_ERROR_BAD_DATA;
    }
    else {
      const GWEN_CRYPT_TOKEN_KEYINFO *cki;
      GWEN_CRYPT_TOKEN_KEYINFO *ki;

      keyId=GWEN_Crypt_Token_Context_GetAuthVerifyKeyId(ctx);

      cki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0, 0);
      if (cki)
	ki=GWEN_Crypt_Token_KeyInfo_dup(cki);
      else
	ki=GWEN_Crypt_Token_KeyInfo_new(keyId,
					GWEN_Crypt_CryptAlgoId_Rsa,
					128);
      GWEN_Crypt_Token_KeyInfo_SetFlags(ki, 0);
      rc=EB_Key_Info_ReadXml(ki, node);
      if (rc) {
	DBG_INFO(AQEBICS_LOGDOMAIN, "here (%06x)", rc);
        GWEN_Crypt_Token_KeyInfo_free(ki);
	xmlFreeDoc(orderDoc);
	EB_Msg_free(mRsp);
	return GWEN_ERROR_BAD_DATA;
      }

      rv=GWEN_Crypt_Token_SetKeyInfo(ct, keyId, ki, 0);
      GWEN_Crypt_Token_KeyInfo_free(ki);
      if (rv) {
	DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
	xmlFreeDoc(orderDoc);
	EB_Msg_free(mRsp);
	return rv;
      }

      DBG_NOTICE(AQEBICS_LOGDOMAIN, "Auth key stored");
    }

    /* get crypt key */
    node=EB_Xml_GetNode(root_node, "EncryptionPubKeyInfo",
			GWEN_PATH_FLAGS_NAMEMUSTEXIST);
    if (node==NULL) {
      DBG_ERROR(AQEBICS_LOGDOMAIN,
		"No encryption key found");
      xmlFreeDoc(orderDoc);
      EB_Msg_free(mRsp);
      return GWEN_ERROR_BAD_DATA;
    }
    else {
      const GWEN_CRYPT_TOKEN_KEYINFO *cki;
      GWEN_CRYPT_TOKEN_KEYINFO *ki;

      keyId=GWEN_Crypt_Token_Context_GetEncipherKeyId(ctx);

      cki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0, 0);
      if (cki)
	ki=GWEN_Crypt_Token_KeyInfo_dup(cki);
      else
	ki=GWEN_Crypt_Token_KeyInfo_new(keyId,
					GWEN_Crypt_CryptAlgoId_Rsa,
					128);
      GWEN_Crypt_Token_KeyInfo_SetFlags(ki, 0);
      rc=EB_Key_Info_ReadXml(ki, node);
      if (rc) {
	DBG_INFO(AQEBICS_LOGDOMAIN, "here (%06x)", rc);
        GWEN_Crypt_Token_KeyInfo_free(ki);
	xmlFreeDoc(orderDoc);
	EB_Msg_free(mRsp);
	return GWEN_ERROR_BAD_DATA;
      }

      rv=GWEN_Crypt_Token_SetKeyInfo(ct, keyId, ki, 0);
      GWEN_Crypt_Token_KeyInfo_free(ki);
      if (rv) {
	DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
	xmlFreeDoc(orderDoc);
	EB_Msg_free(mRsp);
	return rv;
      }

      DBG_NOTICE(AQEBICS_LOGDOMAIN, "Crypt key stored");
    }

    xmlFreeDoc(orderDoc);
  }

  EB_Msg_free(mRsp);

  /* adjust user status and flags */
  DBG_NOTICE(AQEBICS_LOGDOMAIN, "Adjusting user flags");
  if ((EBC_User_GetFlags(u) &
       (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
      ==
      (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
    EBC_User_SetStatus(u, EBC_UserStatus_Enabled);

  return 0;
}
Beispiel #6
0
EB_MSG *EBC_Provider_MkUnsecuredRequest_H004(AB_PROVIDER *pro,
                                             AB_USER *u,
                                             const char *orderType,
                                             const char *orderAttribute,
                                             const char *orderData)
{
  EB_MSG *msg;
  xmlDocPtr doc;
  xmlNodePtr root_node = NULL;
  xmlNodePtr node = NULL;
  xmlNsPtr ns;
  const char *s;
  GWEN_BUFFER *tbuf;
  int rv;

  /* create request */
  msg=EB_Msg_new();
  doc=EB_Msg_GetDoc(msg);
  root_node=xmlNewNode(NULL, BAD_CAST "ebicsUnsecuredRequest");
  xmlDocSetRootElement(doc, root_node);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.ebics.org/H004",
              NULL);
  assert(ns);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
              BAD_CAST "ds");
  assert(ns);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
              BAD_CAST "xsi");
  xmlNewNsProp(root_node,
               ns,
               BAD_CAST "schemaLocation", /* xsi:schemaLocation */
               BAD_CAST "urn:org:ebics:H004 ebics_ keymgmt_request_H004.xsd");
  xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H004");
  xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1");

  /* header */
  node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL);
  xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true");
  xmlNewChild(node, NULL, BAD_CAST "static", NULL);
  xmlNewChild(node, NULL, BAD_CAST "mutable", NULL);

  /* body */
  node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL);

  /* fill */
  s=EBC_User_GetPeerId(u);
  if (s)
    EB_Msg_SetCharValue(msg, "header/static/HostID", s);
  s=AB_User_GetCustomerId(u);
  if (s)
    EB_Msg_SetCharValue(msg, "header/static/PartnerID", s);
  EB_Msg_SetCharValue(msg, "header/static/UserID", AB_User_GetUserId(u));
  EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", orderType);

  tbuf=GWEN_Buffer_new(0, 16, 0, 1);
  rv=EBC_Provider_Generate_OrderId(pro, tbuf);
  if (rv<0) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
    GWEN_Buffer_free(tbuf);
    EB_Msg_free(msg);
    return NULL;
  }
  EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderID", GWEN_Buffer_GetStart(tbuf));
  GWEN_Buffer_free(tbuf);

  EB_Msg_SetCharValue(msg,
                      "header/static/OrderDetails/OrderAttribute",
                      orderAttribute);
  EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0200");
  EB_Msg_SetCharValue(msg, "body/DataTransfer/OrderData", orderData);

  return msg;
}
Beispiel #7
0
int listUsers(AB_BANKING *ab,
              GWEN_DB_NODE *dbArgs,
              int argc,
              char **argv) {
  GWEN_DB_NODE *db;
  int rv;
  int xml=0;
  AB_USER_LIST2 *ul;

  const GWEN_ARGS args[]={
  {
    0,                             /* flags */
    GWEN_ArgsType_Int,             /* type */
    "xml",                        /* name */
    0,                            /* minnum */
    1,                            /* maxnum */
    0,                            /* short option */
    "xml",                /* long option */
    "Export as xml",  /* short description */
    0
  },
  {
    GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */
    GWEN_ArgsType_Int,            /* type */
    "help",                       /* name */
    0,                            /* minnum */
    0,                            /* maxnum */
    "h",                          /* short option */
    "help",                       /* long option */
    "Show this help screen",      /* short description */
    "Show this help screen"       /* long description */
  }
  };

  db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local");
  rv=GWEN_Args_Check(argc, argv, 1,
                     0 /*GWEN_ARGS_MODE_ALLOW_FREEPARAM*/,
                     args,
                     db);
  if (rv==GWEN_ARGS_RESULT_ERROR) {
    fprintf(stderr, "ERROR: Could not parse arguments\n");
    return 1;
  }
  else if (rv==GWEN_ARGS_RESULT_HELP) {
    GWEN_BUFFER *ubuf;

    ubuf=GWEN_Buffer_new(0, 1024, 0, 1);
    if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) {
      fprintf(stderr, "ERROR: Could not create help string\n");
      return 1;
    }
    fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf));
    GWEN_Buffer_free(ubuf);
    return 0;
  }

  rv=AB_Banking_Init(ab);
  if (rv) {
    DBG_ERROR(0, "Error on init (%d)", rv);
    return 2;
  }

  rv=AB_Banking_OnlineInit(ab);
  if (rv) {
    DBG_ERROR(0, "Error on init (%d)", rv);
    return 2;
  }

  xml=GWEN_DB_VariableExists(db, "xml");

  if( xml ) {
    fprintf( stdout, "<?xml version=\"1.0\"?>\n" );
    fprintf( stdout, "<users>\n" );
  }

  ul=AB_Banking_FindUsers(ab, EBC_PROVIDER_NAME, "*", "*", "*", "*");
  if (ul) {
    AB_USER_LIST2_ITERATOR *uit;

    uit=AB_User_List2_First(ul);
    if (uit) {
      AB_USER *u;
      int i=0;

      u=AB_User_List2Iterator_Data(uit);
      assert(u);
      while(u) {
        if( !xml ) {
          fprintf(stdout, "User %d: Bank: %s/%s User Id: %s Customer Id: %s\n",
                  i++,
                  AB_User_GetCountry(u),
                  AB_User_GetBankCode(u),
                  AB_User_GetUserId(u),
                  AB_User_GetCustomerId(u));
        }
        else {
          const char *name = AB_User_GetUserName(u);
          fprintf( stdout, "  <user>\n" );
          fprintf( stdout, "    <userUniqueId>%d</userUniqueId>\n", AB_User_GetUniqueId(u) );
          if( !name )
            fprintf( stdout, "    <UserName></UserName>\n" );
          else
            fprintf( stdout, "    <UserName><![CDATA[%s]]></UserName>\n", name );
          fprintf( stdout, "    <UserId>%s</UserId>\n", AB_User_GetUserId(u) );
          fprintf( stdout, "    <CustomerId>%s</CustomerId>\n", AB_User_GetCustomerId(u) );
          fprintf( stdout, "    <BankCode>%s</BankCode>\n", AB_User_GetBankCode(u) );
          fprintf( stdout, "    <Country>%s</Country>\n", AB_User_GetCountry(u) );
          fprintf( stdout, "    <LastSessionId>%d</LastSessionId>\n", AB_User_GetLastSessionId(u) );
          fprintf( stdout, "  </user>\n\n" );
        }
        u=AB_User_List2Iterator_Next(uit);
      }
      AB_User_List2Iterator_free(uit);
    }
    AB_User_List2_free(ul);
  }
  else {
    fprintf(stderr, "No users found.\n");
  }


  if( xml ) {
    fprintf( stdout, "</users>\n" );
  }


  rv=AB_Banking_OnlineFini(ab);
  if (rv) {
    fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv);
    return 5;
  }

  rv=AB_Banking_Fini(ab);
  if (rv) {
    fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv);
    return 5;
  }

  return 0;
}
Beispiel #8
0
int EBC_Provider_XchgIniRequest_H002(AB_PROVIDER *pro,
                                     GWEN_HTTP_SESSION *sess,
                                     AB_USER *u)
{
  int rv;
  GWEN_CRYPT_TOKEN *ct;
  const GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  uint32_t kid;
  const GWEN_CRYPT_TOKEN_KEYINFO *signKeyInfo=NULL;
  xmlNsPtr ns;
  EB_MSG *msg;
  const char *userId;
  EB_MSG *mRsp;
  EB_RC rc;
  xmlDocPtr doc;
  xmlNodePtr root_node = NULL;
  xmlNodePtr node = NULL;
  GWEN_BUFFER *tbuf;
  const char *signVersion;
  const char *s;
  GWEN_BUFFER *bufKey;
  GWEN_BUFFER *bufZip;
  GWEN_BUFFER *bufB64;

  userId=AB_User_GetUserId(u);

  /* get crypt token and context */
  rv=EBC_Provider_MountToken(pro, u, &ct, &ctx);
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* get crypt key info */
  kid=GWEN_Crypt_Token_Context_GetSignKeyId(ctx);
  if (kid) {
    signKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
                                            GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
                                            GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
                                            GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
                                            GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
                                            0);
    if (signKeyInfo==NULL) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Sign key info not found on crypt token");
      GWEN_Gui_ProgressLog(0,
                           GWEN_LoggerLevel_Error,
                           I18N("Sign key info not found on crypt token"));
      return GWEN_ERROR_NOT_FOUND;
    }
  }

  signVersion=EBC_User_GetSignVersion(u);
  if (!(signVersion && *signVersion))
    signVersion="A004";

  if (strcasecmp(signVersion, "A004")==0) {
    /* encode according to "DFUE-Abkommen" */
    bufKey=GWEN_Buffer_new(0, 512, 0, 1);
    rc=EB_Key_Info_toBin(signKeyInfo, userId, "A004", 1024, bufKey);
    if (rc) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Error writing key (rc=%06x)", rc);
      GWEN_Buffer_free(bufKey);
      return GWEN_ERROR_GENERIC;
    }

    /* zip order */
    bufZip=GWEN_Buffer_new(0, 512, 0, 1);
    if (EB_Zip_Deflate(GWEN_Buffer_GetStart(bufKey),
                       GWEN_Buffer_GetUsedBytes(bufKey),
                       bufZip)) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Unable to zip key data");
      GWEN_Buffer_free(bufZip);
      GWEN_Buffer_free(bufKey);
      return GWEN_ERROR_GENERIC;
    }
    GWEN_Buffer_free(bufKey);

    /* base64 encode for order */
    bufB64=GWEN_Buffer_new(0, 800, 0, 1);
    if (GWEN_Base64_Encode((const unsigned char *)GWEN_Buffer_GetStart(bufZip),
                           GWEN_Buffer_GetUsedBytes(bufZip),
                           bufB64, 0)) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Error encoding key");
      GWEN_Buffer_free(bufB64);
      GWEN_Buffer_free(bufZip);
      return GWEN_ERROR_GENERIC;
    }
    GWEN_Buffer_free(bufZip);
  }
  else {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Unsupported sign version [%s]", signVersion);
    return GWEN_ERROR_INTERNAL;
  }

  /* create request */
  msg=EB_Msg_new();
  doc=EB_Msg_GetDoc(msg);
  root_node=xmlNewNode(NULL, BAD_CAST "ebicsUnsecuredRequest");
  xmlDocSetRootElement(doc, root_node);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.ebics.org/H002",
              NULL);
  assert(ns);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
              BAD_CAST "ds");
  assert(ns);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
              BAD_CAST "xsi");
  xmlNewNsProp(root_node,
               ns,
               BAD_CAST "schemaLocation", /* xsi:schemaLocation */
               BAD_CAST "http://www.ebics.org/H002 "
               "http://www.ebics.org/H002/ebics_keymgmt_request.xsd");
  xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H002");
  xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1");

  /* header */
  node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL);
  xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true");
  xmlNewChild(node, NULL, BAD_CAST "static", NULL);
  xmlNewChild(node, NULL, BAD_CAST "mutable", NULL);

  /* body */
  node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL);

  /* fill */
  s=EBC_User_GetPeerId(u);
  if (s)
    EB_Msg_SetCharValue(msg, "header/static/HostID", s);
  s=AB_User_GetCustomerId(u);
  if (s)
    EB_Msg_SetCharValue(msg, "header/static/PartnerID", s);
  EB_Msg_SetCharValue(msg, "header/static/UserID",
                      AB_User_GetUserId(u));
  EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", "INI");
  tbuf=GWEN_Buffer_new(0, 16, 0, 1);
  rv=EBC_Provider_Generate_OrderId(pro, tbuf);
  if (rv<0) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error creating order id (%d)", rv);
    GWEN_Buffer_free(tbuf);
    GWEN_Buffer_free(bufB64);
    EB_Msg_free(msg);
    return rv;
  }
  EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderID",
                      GWEN_Buffer_GetStart(tbuf));
  GWEN_Buffer_free(tbuf);
  EB_Msg_SetCharValue(msg,
                      "header/static/OrderDetails/OrderAttribute",
                      "DZNNN");
  EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0000");
  EB_Msg_SetCharValue(msg, "body/DataTransfer/OrderData",
                      GWEN_Buffer_GetStart(bufB64));
  GWEN_Buffer_free(bufB64);

  /* exchange requests */
  rv=EBC_Dialog_ExchangeMessages(sess, msg, &mRsp);
  if (rv<0 || rv>=300) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
    EB_Msg_free(msg);
    return rv;
  }
  EB_Msg_free(msg);

  /* check response */
  assert(mRsp);

  /* log results */
  EBC_Provider_LogRequestResults(pro, mRsp, NULL);

  rc=EB_Msg_GetResultCode(mRsp);
  if ((rc & 0xff0000)==0x090000 ||
      (rc & 0xff0000)==0x060000) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
    EB_Msg_free(mRsp);
    return AB_ERROR_SECURITY;
  }
  rc=EB_Msg_GetBodyResultCode(mRsp);
  if (rc) {
    if ((rc & 0xff0000)==0x090000 ||
        (rc & 0xff0000)==0x060000) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
      EB_Msg_free(mRsp);
      if ((rc & 0xfff00)==0x091300 ||
          (rc & 0xfff00)==0x091200)
        return AB_ERROR_SECURITY;
      else
        return GWEN_ERROR_GENERIC;
    }
  }

  EB_Msg_free(mRsp);

  /* adjust user status and flags */
  DBG_NOTICE(AQEBICS_LOGDOMAIN, "Adjusting user flags");
  EBC_User_AddFlags(u, EBC_USER_FLAGS_INI);
  if ((EBC_User_GetFlags(u) & (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
      ==
      (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
    EBC_User_SetStatus(u, EBC_UserStatus_Init2);
  else
    EBC_User_SetStatus(u, EBC_UserStatus_Init1);

  return 0;
}
Beispiel #9
0
int EBC_Provider_XchgHiaRequest_H003(AB_PROVIDER *pro,
                                     GWEN_HTTP_SESSION *sess,
                                     AB_USER *u)
{
  int rv;
  GWEN_CRYPT_TOKEN *ct;
  const GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  uint32_t kid;
  const GWEN_CRYPT_TOKEN_KEYINFO *cryptKeyInfo=NULL;
  const GWEN_CRYPT_TOKEN_KEYINFO *authKeyInfo=NULL;
  xmlNsPtr ns;
  EB_MSG *msg;
  const char *userId;
  const char *partnerId;
  EB_MSG *mRsp;
  EB_RC rc;
  xmlDocPtr doc;
  xmlNodePtr root_node = NULL;
  xmlNodePtr node = NULL;
  /*xmlNodePtr nodeX = NULL;*/
  GWEN_BUFFER *mbuf;
  GWEN_BUFFER *tbuf;
  const char *s;

  userId=AB_User_GetUserId(u);
  partnerId=AB_User_GetCustomerId(u);

  /* get crypt token and context */
  rv=EBC_Provider_MountToken(pro, u, &ct, &ctx);
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* get crypt key info */
  kid=GWEN_Crypt_Token_Context_GetDecipherKeyId(ctx);
  if (kid) {
    cryptKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
                                             GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
                                             GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
                                             GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
                                             GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
                                             0);
    if (cryptKeyInfo==NULL) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Crypt key info not found on crypt token");
      GWEN_Gui_ProgressLog(0,
                           GWEN_LoggerLevel_Error,
                           I18N("Crypt key info not found on crypt token"));
      return GWEN_ERROR_NOT_FOUND;
    }
  }

  /* get auth sign key info */
  kid=GWEN_Crypt_Token_Context_GetAuthSignKeyId(ctx);
  if (kid) {
    authKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
                                            GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
                                            GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
                                            GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
                                            GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
                                            0);
    if (authKeyInfo==NULL) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Auth key info not found on crypt token");
      GWEN_Gui_ProgressLog(0,
                           GWEN_LoggerLevel_Error,
                           I18N("Auth key info not found on crypt token"));
      return GWEN_ERROR_NOT_FOUND;
    }
  }

  /* create HIARequestOrderData */
  doc=xmlNewDoc(BAD_CAST "1.0");
  doc->encoding=xmlCharStrdup("UTF-8");
  root_node=xmlNewNode(NULL, BAD_CAST "HIARequestOrderData");
  xmlDocSetRootElement(doc, root_node);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.ebics.org/H003",
              NULL);
  assert(ns);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
              BAD_CAST "ds");
  assert(ns);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
              BAD_CAST "xsi");
  xmlNewNsProp(root_node,
               ns,
               BAD_CAST "schemaLocation", /* xsi:schemaLocation */
               BAD_CAST "http://www.ebics.org/H003 "
               "http://www.ebics.org/H003/ebics_orders.xsd");

  /* create auth key tree */
  node=xmlNewChild(root_node, NULL,
                   BAD_CAST "AuthenticationPubKeyInfo", NULL);
  rv=EB_Key_Info_toXml(authKeyInfo, node);
  if (rv<0) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv);
    xmlFreeDoc(doc);
    return GWEN_ERROR_INVALID;
  }
  xmlNewChild(node, NULL,
              BAD_CAST "AuthenticationVersion",
              BAD_CAST "X002");

  /* create crypt key tree */
  node=xmlNewChild(root_node, NULL,
                   BAD_CAST "EncryptionPubKeyInfo", NULL);
  rv=EB_Key_Info_toXml(cryptKeyInfo, node);
  if (rv<0) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv);
    xmlFreeDoc(doc);
    return rv;
  }
  xmlNewChild(node, NULL,
              BAD_CAST "EncryptionVersion",
              BAD_CAST "E002");

  /* store partner id and user id */
  node=xmlNewChild(root_node, NULL,
                   BAD_CAST "PartnerID",
                   BAD_CAST partnerId);

  node=xmlNewChild(root_node, NULL,
                   BAD_CAST "UserID",
                   BAD_CAST userId);

  /* compress and base64 doc */
  mbuf=GWEN_Buffer_new(0, 512, 0, 1);
  rv=EB_Xml_Compress64Doc(doc, mbuf);
  if (rv<0) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error compressing/encoding doc (%d)", rv);
    xmlFreeDoc(doc);
    return rv;
  }
  xmlFreeDoc(doc);

  /* create request */
  msg=EB_Msg_new();
  doc=EB_Msg_GetDoc(msg);
  root_node=xmlNewNode(NULL, BAD_CAST "ebicsUnsecuredRequest");
  xmlDocSetRootElement(doc, root_node);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.ebics.org/H003",
              NULL);
  assert(ns);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
              BAD_CAST "ds");
  assert(ns);
  ns=xmlNewNs(root_node,
              BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
              BAD_CAST "xsi");
  xmlNewNsProp(root_node,
               ns,
               BAD_CAST "schemaLocation", /* xsi:schemaLocation */
               BAD_CAST "http://www.ebics.org/H003 "
               "http://www.ebics.org/H003/ebics_keymgmt_request.xsd");
  xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H003");
  xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1");

  /* header */
  node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL);
  xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true");
  xmlNewChild(node, NULL, BAD_CAST "static", NULL);
  xmlNewChild(node, NULL, BAD_CAST "mutable", NULL);

  /* body */
  node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL);

  /* fill */
  s=EBC_User_GetPeerId(u);
  if (s)
    EB_Msg_SetCharValue(msg, "header/static/HostID", s);
  s=AB_User_GetCustomerId(u);
  if (s)
    EB_Msg_SetCharValue(msg, "header/static/PartnerID", s);
  EB_Msg_SetCharValue(msg, "header/static/UserID",
                      AB_User_GetUserId(u));
  EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", "HIA");
  tbuf=GWEN_Buffer_new(0, 16, 0, 1);
  rv=EBC_Provider_Generate_OrderId(pro, tbuf);
  if (rv<0) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
    GWEN_Buffer_free(tbuf);
    GWEN_Buffer_free(mbuf);
    EB_Msg_free(msg);
    return rv;
  }
  EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderID",
                      GWEN_Buffer_GetStart(tbuf));
  GWEN_Buffer_free(tbuf);
  EB_Msg_SetCharValue(msg,
                      "header/static/OrderDetails/OrderAttribute",
                      "DZNNN");
  EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0200");
  EB_Msg_SetCharValue(msg, "body/DataTransfer/OrderData",
                      GWEN_Buffer_GetStart(mbuf));
  GWEN_Buffer_free(mbuf);

  /* exchange requests */
  rv=EBC_Dialog_ExchangeMessages(sess, msg, &mRsp);
  if (rv<0 || rv>=300) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
    EB_Msg_free(msg);
    return rv;
  }
  EB_Msg_free(msg);

  /* check response */
  assert(mRsp);

  /* log results */
  EBC_Provider_LogRequestResults(pro, mRsp, NULL);

  rc=EB_Msg_GetResultCode(mRsp);
  if ((rc & 0xff0000)==0x090000 ||
      (rc & 0xff0000)==0x060000) {
    DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
    EB_Msg_free(mRsp);
    return AB_ERROR_SECURITY;
  }
  rc=EB_Msg_GetBodyResultCode(mRsp);
  if (rc) {
    if ((rc & 0xff0000)==0x090000 ||
        (rc & 0xff0000)==0x060000) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
      EB_Msg_free(mRsp);
      if ((rc & 0xfff00)==0x091300 ||
          (rc & 0xfff00)==0x091200)
        return AB_ERROR_SECURITY;
      else
        return GWEN_ERROR_GENERIC;
    }
  }

  EB_Msg_free(mRsp);

  /* adjust user status and flags */
  DBG_NOTICE(AQEBICS_LOGDOMAIN, "Adjusting user flags");
  EBC_User_AddFlags(u, EBC_USER_FLAGS_HIA);
  if ((EBC_User_GetFlags(u) & (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
      ==
      (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
    EBC_User_SetStatus(u, EBC_UserStatus_Init2);
  else
    EBC_User_SetStatus(u, EBC_UserStatus_Init1);

  return 0;
}
Beispiel #10
0
int EBC_Provider_XchgPubRequest_H002(AB_PROVIDER *pro,
				     GWEN_HTTP_SESSION *sess,
				     AB_USER *u,
				     const char *signVersion) {
  EBC_PROVIDER *dp;
  int rv;
  const char *userId;
  const char *partnerId;
  GWEN_BUFFER *bufKey;
  GWEN_CRYPT_TOKEN *ct;
  const GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  uint32_t kid;
  const GWEN_CRYPT_TOKEN_KEYINFO *signKeyInfo=NULL;

  assert(pro);
  dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro);
  assert(dp);

  userId=AB_User_GetUserId(u);
  partnerId=AB_User_GetCustomerId(u);

  /* get crypt token and context */
  rv=EBC_Provider_MountToken(pro, u, &ct, &ctx);
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* get crypt key info */
  kid=GWEN_Crypt_Token_Context_GetTempSignKeyId(ctx);
  if (kid) {
    signKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
					    GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
					    GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
					    GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
					    GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
					    0);
    if (signKeyInfo==NULL) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Sign key info not found on crypt token");
      GWEN_Gui_ProgressLog(0,
			   GWEN_LoggerLevel_Error,
			   I18N("Sign key info not found on crypt token"));
      return GWEN_ERROR_NOT_FOUND;
    }
  }

  if (strcasecmp(signVersion, "A004")==0) {
    EB_RC rc;

    /* encode according to "DFUE-Abkommen" */
    bufKey=GWEN_Buffer_new(0, 512, 0, 1);
    rc=EB_Key_Info_toBin(signKeyInfo, userId, "A004", 1024, bufKey);
    if (rc) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Error writing key (rc=%06x)", rc);
      GWEN_Buffer_free(bufKey);
      return GWEN_ERROR_GENERIC;
    }
  }
  else {
    xmlDocPtr doc;
    xmlNodePtr root_node = NULL;
    xmlNodePtr node = NULL;
    xmlNsPtr ns;

    /* create INIRequestOrderData */
    doc=xmlNewDoc(BAD_CAST "1.0");
    doc->encoding=xmlCharStrdup("UTF-8");
    root_node=xmlNewNode(NULL, BAD_CAST "PUBRequestOrderData");
    xmlDocSetRootElement(doc, root_node);
    ns=xmlNewNs(root_node,
		BAD_CAST "http://www.ebics.org/H002",
		NULL);
    assert(ns);
    ns=xmlNewNs(root_node,
		BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
		BAD_CAST "ds");
    assert(ns);
    ns=xmlNewNs(root_node,
		BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
		BAD_CAST "xsi");
    xmlNewNsProp(root_node,
		 ns,
		 BAD_CAST "schemaLocation", /* xsi:schemaLocation */
		 BAD_CAST "http://www.ebics.org/H002 "
		 "http://www.ebics.org/H002/ebics_orders.xsd");
  
    /* create sign key tree */
    node=xmlNewChild(root_node, NULL,
		     BAD_CAST "SignaturePubKeyInfo", NULL);
    rv=EB_Key_Info_toXml(signKeyInfo, node);
    if (rv<0) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv);
      xmlFreeDoc(doc);
      return GWEN_ERROR_INVALID;
    }
    xmlNewChild(node, NULL,
                BAD_CAST "SignatureVersion",
                BAD_CAST signVersion);

    /* store partner id and user id */
    node=xmlNewChild(root_node, NULL,
		     BAD_CAST "PartnerID",
		     BAD_CAST partnerId);
  
    node=xmlNewChild(root_node, NULL,
		     BAD_CAST "UserID",
		     BAD_CAST userId);
  
    /* compress and base64 doc */
    bufKey=GWEN_Buffer_new(0, 4096, 0, 1);
    rv=EB_Xml_Compress64Doc(doc, bufKey);
    if (rv<0) {
      DBG_ERROR(AQEBICS_LOGDOMAIN, "Error compressing/encoding doc (%d)", rv);
      xmlFreeDoc(doc);
      return rv;
    }
    xmlFreeDoc(doc);
  }

  rv=EBC_Provider_XchgUploadRequest(pro, sess, u, "PUB",
				    (const uint8_t*)GWEN_Buffer_GetStart(bufKey),
				    GWEN_Buffer_GetUsedBytes(bufKey));
  if (rv<0) {
    DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
    GWEN_Buffer_free(bufKey);
    return rv;
  }

  GWEN_Buffer_free(bufKey);
  return 0;
}