int AH_User_InputTanWithChallenge(AB_USER *u,
const char *challenge,
char *pwbuffer,
int minLen,
int maxLen){
int rv;
char buffer[1024];
const char *un;
const char *bn=NULL;
GWEN_BUFFER *nbuf;
GWEN_BUFFER *xbuf;
AB_BANKINFO *bi;
assert(u);
un=AB_User_GetUserId(u);
/* find bank name */
bi=AB_Banking_GetBankInfo(AB_User_GetBanking(u),
"de",
"*",
AB_User_GetBankCode(u));
if (bi)
bn=AB_BankInfo_GetBankName(bi);
if (!bn)
AB_User_GetBankCode(u);
buffer[0]=0;
buffer[sizeof(buffer)-1]=0;
xbuf=GWEN_Buffer_new(0, 256, 0, 1);
/* text version */
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the TAN\n"
"for user %s at %s.\n"), un, bn);
buffer[sizeof(buffer)-1]=0;
GWEN_Buffer_AppendString(xbuf, buffer);
if (challenge && *challenge) {
GWEN_Buffer_AppendString(xbuf, I18N("The server provided the following challenge:"));
GWEN_Buffer_AppendString(xbuf, "\n");
GWEN_Buffer_AppendString(xbuf, challenge);
}
/* html version */
GWEN_Buffer_AppendString(xbuf,
"<html>"
"<p>");
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the TAN for user <i>%s</i> at <i>%s</i>."), un, bn);
buffer[sizeof(buffer)-1]=0;
GWEN_Buffer_AppendString(xbuf, buffer);
GWEN_Buffer_AppendString(xbuf, "</p>");
if (challenge && *challenge) {
GWEN_Buffer_AppendString(xbuf, "<p>");
GWEN_Buffer_AppendString(xbuf, I18N("The server provided the following challenge:"));
GWEN_Buffer_AppendString(xbuf, "</p>"
"<p align=\"center\" >"
"<font color=\"blue\">");
GWEN_Buffer_AppendString(xbuf, challenge);
GWEN_Buffer_AppendString(xbuf,
"</font>"
"</p>"
"</html>");
}
nbuf=GWEN_Buffer_new(0, 256 ,0 ,1);
AH_User_MkTanName(u, challenge, nbuf);
rv=GWEN_Gui_GetPassword(GWEN_GUI_INPUT_FLAGS_TAN |
/*GWEN_GUI_INPUT_FLAGS_NUMERIC |*/
GWEN_GUI_INPUT_FLAGS_SHOW,
GWEN_Buffer_GetStart(nbuf),
I18N("Enter TAN"),
GWEN_Buffer_GetStart(xbuf),
pwbuffer,
minLen,
maxLen,
0);
GWEN_Buffer_free(xbuf);
GWEN_Buffer_free(nbuf);
AB_BankInfo_free(bi);
return rv;
}
int AH_User_InputTanWithChallenge2(AB_USER *u,
const char *challenge,
const char *challengeHhd,
char *pwbuffer,
int minLen,
int maxLen){
int rv;
char buffer[1024];
const char *un;
const char *bn=NULL;
GWEN_BUFFER *nbuf;
GWEN_BUFFER *xbuf;
AB_BANKINFO *bi;
uint32_t iflags=0;
assert(u);
un=AB_User_GetUserId(u);
/* find bank name */
bi=AB_Banking_GetBankInfo(AB_User_GetBanking(u),
"de",
"*",
AB_User_GetBankCode(u));
if (bi)
bn=AB_BankInfo_GetBankName(bi);
if (!bn)
AB_User_GetBankCode(u);
iflags=GWEN_GUI_INPUT_FLAGS_TAN | GWEN_GUI_INPUT_FLAGS_SHOW;
buffer[0]=0;
buffer[sizeof(buffer)-1]=0;
xbuf=GWEN_Buffer_new(0, 256, 0, 1);
if (challengeHhd && *challengeHhd) {
DBG_ERROR(AQHBCI_LOGDOMAIN, "ChallengeHHD is [%s]", challengeHhd);
GWEN_Buffer_AppendString(xbuf, "$OBEGIN$");
rv=AH_HHD14_Translate(challengeHhd, xbuf);
if (rv<0) {
GWEN_Buffer_free(xbuf);
AB_BankInfo_free(bi);
return rv;
}
GWEN_Buffer_AppendString(xbuf, "$OEND$");
iflags|=GWEN_GUI_INPUT_FLAGS_OPTICAL;
/* text version */
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the TAN\n"
"for user %s at %s.\n"), un, bn);
buffer[sizeof(buffer)-1]=0;
GWEN_Buffer_AppendString(xbuf, buffer);
if (challenge && *challenge) {
GWEN_Buffer_AppendString(xbuf, challenge);
GWEN_Buffer_AppendString(xbuf, "\n");
}
else {
GWEN_Buffer_AppendString(xbuf, I18N("Please enter the TAN from the device."));
}
}
else if (challenge && *challenge) {
const char *s;
/* look for "CHLGUC" */
s=GWEN_Text_StrCaseStr(challenge, "CHLGUC");
if (s) {
DBG_ERROR(AQHBCI_LOGDOMAIN, "Challenge contains CHLGUC");
GWEN_Buffer_AppendString(xbuf, "$OBEGIN$");
rv=AH_HHD14_Translate(s, xbuf);
if (rv<0) {
GWEN_Buffer_free(xbuf);
AB_BankInfo_free(bi);
return rv;
}
GWEN_Buffer_AppendString(xbuf, "$OEND$");
iflags|=GWEN_GUI_INPUT_FLAGS_OPTICAL;
/* text version */
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the TAN\n"
"for user %s at %s.\n"), un, bn);
buffer[sizeof(buffer)-1]=0;
GWEN_Buffer_AppendString(xbuf, buffer);
/* extract text */
s=GWEN_Text_StrCaseStr(challenge, "CHLGTEXT");
if (s) {
/* skip "CHLGTEXT" and 4 digits */
s+=12;
/* add rest of the message (replace HTML tags, if any) */
AH_User_AddTextWithoutTags(s, xbuf);
}
else {
/* create own text */
GWEN_Buffer_AppendString(xbuf, I18N("Please enter the TAN from the device."));
}
}
else {
/* no optical challenge */
DBG_ERROR(AQHBCI_LOGDOMAIN, "Challenge contains no optical data");
GWEN_Buffer_AppendString(xbuf, I18N("The server provided the following challenge:"));
GWEN_Buffer_AppendString(xbuf, "\n");
GWEN_Buffer_AppendString(xbuf, challenge);
}
}
nbuf=GWEN_Buffer_new(0, 256 ,0 ,1);
AH_User_MkTanName(u, challenge, nbuf);
rv=GWEN_Gui_GetPassword(iflags,
GWEN_Buffer_GetStart(nbuf),
I18N("Enter TAN"),
GWEN_Buffer_GetStart(xbuf),
pwbuffer,
minLen,
maxLen,
0);
GWEN_Buffer_free(xbuf);
GWEN_Buffer_free(nbuf);
AB_BankInfo_free(bi);
return rv;
}
int listUsers(AB_BANKING *ab,
GWEN_DB_NODE *dbArgs,
int argc,
char **argv) {
GWEN_DB_NODE *db;
int rv;
int xml=0;
AB_USER_LIST2 *ul;
const GWEN_ARGS args[]={
{
0, /* flags */
GWEN_ArgsType_Int, /* type */
"xml", /* name */
0, /* minnum */
1, /* maxnum */
0, /* short option */
"xml", /* long option */
"Export as xml", /* short description */
0
},
{
GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */
GWEN_ArgsType_Int, /* type */
"help", /* name */
0, /* minnum */
0, /* maxnum */
"h", /* short option */
"help", /* long option */
"Show this help screen", /* short description */
"Show this help screen" /* long description */
}
};
db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local");
rv=GWEN_Args_Check(argc, argv, 1,
0 /*GWEN_ARGS_MODE_ALLOW_FREEPARAM*/,
args,
db);
if (rv==GWEN_ARGS_RESULT_ERROR) {
fprintf(stderr, "ERROR: Could not parse arguments\n");
return 1;
}
else if (rv==GWEN_ARGS_RESULT_HELP) {
GWEN_BUFFER *ubuf;
ubuf=GWEN_Buffer_new(0, 1024, 0, 1);
if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) {
fprintf(stderr, "ERROR: Could not create help string\n");
return 1;
}
fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf));
GWEN_Buffer_free(ubuf);
return 0;
}
rv=AB_Banking_Init(ab);
if (rv) {
DBG_ERROR(0, "Error on init (%d)", rv);
return 2;
}
rv=AB_Banking_OnlineInit(ab);
if (rv) {
DBG_ERROR(0, "Error on init (%d)", rv);
return 2;
}
xml=GWEN_DB_VariableExists(db, "xml");
if( xml ) {
fprintf( stdout, "<?xml version=\"1.0\"?>\n" );
fprintf( stdout, "<users>\n" );
}
ul=AB_Banking_FindUsers(ab, EBC_PROVIDER_NAME, "*", "*", "*", "*");
if (ul) {
AB_USER_LIST2_ITERATOR *uit;
uit=AB_User_List2_First(ul);
if (uit) {
AB_USER *u;
int i=0;
u=AB_User_List2Iterator_Data(uit);
assert(u);
while(u) {
if( !xml ) {
fprintf(stdout, "User %d: Bank: %s/%s User Id: %s Customer Id: %s\n",
i++,
AB_User_GetCountry(u),
AB_User_GetBankCode(u),
AB_User_GetUserId(u),
AB_User_GetCustomerId(u));
}
else {
const char *name = AB_User_GetUserName(u);
fprintf( stdout, " <user>\n" );
fprintf( stdout, " <userUniqueId>%d</userUniqueId>\n", AB_User_GetUniqueId(u) );
if( !name )
fprintf( stdout, " <UserName></UserName>\n" );
else
fprintf( stdout, " <UserName><![CDATA[%s]]></UserName>\n", name );
fprintf( stdout, " <UserId>%s</UserId>\n", AB_User_GetUserId(u) );
fprintf( stdout, " <CustomerId>%s</CustomerId>\n", AB_User_GetCustomerId(u) );
fprintf( stdout, " <BankCode>%s</BankCode>\n", AB_User_GetBankCode(u) );
fprintf( stdout, " <Country>%s</Country>\n", AB_User_GetCountry(u) );
fprintf( stdout, " <LastSessionId>%d</LastSessionId>\n", AB_User_GetLastSessionId(u) );
fprintf( stdout, " </user>\n\n" );
}
u=AB_User_List2Iterator_Next(uit);
}
AB_User_List2Iterator_free(uit);
}
AB_User_List2_free(ul);
}
else {
fprintf(stderr, "No users found.\n");
}
if( xml ) {
fprintf( stdout, "</users>\n" );
}
rv=AB_Banking_OnlineFini(ab);
if (rv) {
fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv);
return 5;
}
rv=AB_Banking_Fini(ab);
if (rv) {
fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv);
return 5;
}
return 0;
}
int AH_User_InputPasswd(AB_USER *u,
char *pwbuffer,
int minLen, int maxLen,
int flags){
GWEN_BUFFER *nbuf;
int rv;
const char *numeric_warning = "";
char buffer[512];
const char *un;
const char *bn=NULL;
AB_BANKINFO *bi;
assert(u);
un=AB_User_GetUserId(u);
/* find bank name */
bi=AB_Banking_GetBankInfo(AB_User_GetBanking(u),
"de",
"*",
AB_User_GetBankCode(u));
if (bi)
bn=AB_BankInfo_GetBankName(bi);
if (!bn)
AB_User_GetBankCode(u);
buffer[0]=0;
buffer[sizeof(buffer)-1]=0;
if (flags & GWEN_GUI_INPUT_FLAGS_NUMERIC) {
numeric_warning = I18N(" You must only enter numbers, not letters.");
}
if (flags & GWEN_GUI_INPUT_FLAGS_CONFIRM) {
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter a new password for \n"
"user %s at %s\n"
"The input must be at least %d characters long.%s"
"<html>"
"<p>"
"Please enter a new password for user <i>%s</i> at "
"<i>%s</i>."
"</p>"
"<p>"
"The input must be at least %d characters long.%s"
"</p>"
"</html>"),
un, bn,
minLen,
numeric_warning,
un, bn,
minLen,
numeric_warning);
}
else {
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the password for \n"
"user %s at %s\n"
"%s"
"<html>"
"Please enter the password for user <i>%s</i> at"
"<i>%s</i>.<br>"
"%s"
"</html>"),
un, bn,
numeric_warning,
un, bn,
numeric_warning);
}
buffer[sizeof(buffer)-1]=0;
AB_BankInfo_free(bi);
nbuf=GWEN_Buffer_new(0, 256 ,0 ,1);
AH_User_MkPasswdName(u, nbuf);
rv=GWEN_Gui_GetPassword(flags,
GWEN_Buffer_GetStart(nbuf),
I18N("Enter Password"),
buffer,
pwbuffer,
minLen,
maxLen,
0);
GWEN_Buffer_free(nbuf);
return rv;
}
int EBC_Provider_XchgIniRequest_H002(AB_PROVIDER *pro,
GWEN_HTTP_SESSION *sess,
AB_USER *u)
{
int rv;
GWEN_CRYPT_TOKEN *ct;
const GWEN_CRYPT_TOKEN_CONTEXT *ctx;
uint32_t kid;
const GWEN_CRYPT_TOKEN_KEYINFO *signKeyInfo=NULL;
xmlNsPtr ns;
EB_MSG *msg;
const char *userId;
EB_MSG *mRsp;
EB_RC rc;
xmlDocPtr doc;
xmlNodePtr root_node = NULL;
xmlNodePtr node = NULL;
GWEN_BUFFER *tbuf;
const char *signVersion;
const char *s;
GWEN_BUFFER *bufKey;
GWEN_BUFFER *bufZip;
GWEN_BUFFER *bufB64;
userId=AB_User_GetUserId(u);
/* get crypt token and context */
rv=EBC_Provider_MountToken(pro, u, &ct, &ctx);
if (rv<0) {
DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
return rv;
}
/* get crypt key info */
kid=GWEN_Crypt_Token_Context_GetSignKeyId(ctx);
if (kid) {
signKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
0);
if (signKeyInfo==NULL) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Sign key info not found on crypt token");
GWEN_Gui_ProgressLog(0,
GWEN_LoggerLevel_Error,
I18N("Sign key info not found on crypt token"));
return GWEN_ERROR_NOT_FOUND;
}
}
signVersion=EBC_User_GetSignVersion(u);
if (!(signVersion && *signVersion))
signVersion="A004";
if (strcasecmp(signVersion, "A004")==0) {
/* encode according to "DFUE-Abkommen" */
bufKey=GWEN_Buffer_new(0, 512, 0, 1);
rc=EB_Key_Info_toBin(signKeyInfo, userId, "A004", 1024, bufKey);
if (rc) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error writing key (rc=%06x)", rc);
GWEN_Buffer_free(bufKey);
return GWEN_ERROR_GENERIC;
}
/* zip order */
bufZip=GWEN_Buffer_new(0, 512, 0, 1);
if (EB_Zip_Deflate(GWEN_Buffer_GetStart(bufKey),
GWEN_Buffer_GetUsedBytes(bufKey),
bufZip)) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Unable to zip key data");
GWEN_Buffer_free(bufZip);
GWEN_Buffer_free(bufKey);
return GWEN_ERROR_GENERIC;
}
GWEN_Buffer_free(bufKey);
/* base64 encode for order */
bufB64=GWEN_Buffer_new(0, 800, 0, 1);
if (GWEN_Base64_Encode((const unsigned char *)GWEN_Buffer_GetStart(bufZip),
GWEN_Buffer_GetUsedBytes(bufZip),
bufB64, 0)) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error encoding key");
GWEN_Buffer_free(bufB64);
GWEN_Buffer_free(bufZip);
return GWEN_ERROR_GENERIC;
}
GWEN_Buffer_free(bufZip);
}
else {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Unsupported sign version [%s]", signVersion);
return GWEN_ERROR_INTERNAL;
}
/* create request */
msg=EB_Msg_new();
doc=EB_Msg_GetDoc(msg);
root_node=xmlNewNode(NULL, BAD_CAST "ebicsUnsecuredRequest");
xmlDocSetRootElement(doc, root_node);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.ebics.org/H002",
NULL);
assert(ns);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
BAD_CAST "ds");
assert(ns);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
BAD_CAST "xsi");
xmlNewNsProp(root_node,
ns,
BAD_CAST "schemaLocation", /* xsi:schemaLocation */
BAD_CAST "http://www.ebics.org/H002 "
"http://www.ebics.org/H002/ebics_keymgmt_request.xsd");
xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H002");
xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1");
/* header */
node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL);
xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true");
xmlNewChild(node, NULL, BAD_CAST "static", NULL);
xmlNewChild(node, NULL, BAD_CAST "mutable", NULL);
/* body */
node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL);
/* fill */
s=EBC_User_GetPeerId(u);
if (s)
EB_Msg_SetCharValue(msg, "header/static/HostID", s);
s=AB_User_GetCustomerId(u);
if (s)
EB_Msg_SetCharValue(msg, "header/static/PartnerID", s);
EB_Msg_SetCharValue(msg, "header/static/UserID",
AB_User_GetUserId(u));
EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", "INI");
tbuf=GWEN_Buffer_new(0, 16, 0, 1);
rv=EBC_Provider_Generate_OrderId(pro, tbuf);
if (rv<0) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error creating order id (%d)", rv);
GWEN_Buffer_free(tbuf);
GWEN_Buffer_free(bufB64);
EB_Msg_free(msg);
return rv;
}
EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderID",
GWEN_Buffer_GetStart(tbuf));
GWEN_Buffer_free(tbuf);
EB_Msg_SetCharValue(msg,
"header/static/OrderDetails/OrderAttribute",
"DZNNN");
EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0000");
EB_Msg_SetCharValue(msg, "body/DataTransfer/OrderData",
GWEN_Buffer_GetStart(bufB64));
GWEN_Buffer_free(bufB64);
/* exchange requests */
rv=EBC_Dialog_ExchangeMessages(sess, msg, &mRsp);
if (rv<0 || rv>=300) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
EB_Msg_free(msg);
return rv;
}
EB_Msg_free(msg);
/* check response */
assert(mRsp);
/* log results */
EBC_Provider_LogRequestResults(pro, mRsp, NULL);
rc=EB_Msg_GetResultCode(mRsp);
if ((rc & 0xff0000)==0x090000 ||
(rc & 0xff0000)==0x060000) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
EB_Msg_free(mRsp);
return AB_ERROR_SECURITY;
}
rc=EB_Msg_GetBodyResultCode(mRsp);
if (rc) {
if ((rc & 0xff0000)==0x090000 ||
(rc & 0xff0000)==0x060000) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
EB_Msg_free(mRsp);
if ((rc & 0xfff00)==0x091300 ||
(rc & 0xfff00)==0x091200)
return AB_ERROR_SECURITY;
else
return GWEN_ERROR_GENERIC;
}
}
EB_Msg_free(mRsp);
/* adjust user status and flags */
DBG_NOTICE(AQEBICS_LOGDOMAIN, "Adjusting user flags");
EBC_User_AddFlags(u, EBC_USER_FLAGS_INI);
if ((EBC_User_GetFlags(u) & (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
==
(EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
EBC_User_SetStatus(u, EBC_UserStatus_Init2);
else
EBC_User_SetStatus(u, EBC_UserStatus_Init1);
return 0;
}
int EBC_Provider_XchgHiaRequest_H003(AB_PROVIDER *pro,
GWEN_HTTP_SESSION *sess,
AB_USER *u)
{
int rv;
GWEN_CRYPT_TOKEN *ct;
const GWEN_CRYPT_TOKEN_CONTEXT *ctx;
uint32_t kid;
const GWEN_CRYPT_TOKEN_KEYINFO *cryptKeyInfo=NULL;
const GWEN_CRYPT_TOKEN_KEYINFO *authKeyInfo=NULL;
xmlNsPtr ns;
EB_MSG *msg;
const char *userId;
const char *partnerId;
EB_MSG *mRsp;
EB_RC rc;
xmlDocPtr doc;
xmlNodePtr root_node = NULL;
xmlNodePtr node = NULL;
/*xmlNodePtr nodeX = NULL;*/
GWEN_BUFFER *mbuf;
GWEN_BUFFER *tbuf;
const char *s;
userId=AB_User_GetUserId(u);
partnerId=AB_User_GetCustomerId(u);
/* get crypt token and context */
rv=EBC_Provider_MountToken(pro, u, &ct, &ctx);
if (rv<0) {
DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
return rv;
}
/* get crypt key info */
kid=GWEN_Crypt_Token_Context_GetDecipherKeyId(ctx);
if (kid) {
cryptKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
0);
if (cryptKeyInfo==NULL) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Crypt key info not found on crypt token");
GWEN_Gui_ProgressLog(0,
GWEN_LoggerLevel_Error,
I18N("Crypt key info not found on crypt token"));
return GWEN_ERROR_NOT_FOUND;
}
}
/* get auth sign key info */
kid=GWEN_Crypt_Token_Context_GetAuthSignKeyId(ctx);
if (kid) {
authKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
0);
if (authKeyInfo==NULL) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Auth key info not found on crypt token");
GWEN_Gui_ProgressLog(0,
GWEN_LoggerLevel_Error,
I18N("Auth key info not found on crypt token"));
return GWEN_ERROR_NOT_FOUND;
}
}
/* create HIARequestOrderData */
doc=xmlNewDoc(BAD_CAST "1.0");
doc->encoding=xmlCharStrdup("UTF-8");
root_node=xmlNewNode(NULL, BAD_CAST "HIARequestOrderData");
xmlDocSetRootElement(doc, root_node);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.ebics.org/H003",
NULL);
assert(ns);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
BAD_CAST "ds");
assert(ns);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
BAD_CAST "xsi");
xmlNewNsProp(root_node,
ns,
BAD_CAST "schemaLocation", /* xsi:schemaLocation */
BAD_CAST "http://www.ebics.org/H003 "
"http://www.ebics.org/H003/ebics_orders.xsd");
/* create auth key tree */
node=xmlNewChild(root_node, NULL,
BAD_CAST "AuthenticationPubKeyInfo", NULL);
rv=EB_Key_Info_toXml(authKeyInfo, node);
if (rv<0) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv);
xmlFreeDoc(doc);
return GWEN_ERROR_INVALID;
}
xmlNewChild(node, NULL,
BAD_CAST "AuthenticationVersion",
BAD_CAST "X002");
/* create crypt key tree */
node=xmlNewChild(root_node, NULL,
BAD_CAST "EncryptionPubKeyInfo", NULL);
rv=EB_Key_Info_toXml(cryptKeyInfo, node);
if (rv<0) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv);
xmlFreeDoc(doc);
return rv;
}
xmlNewChild(node, NULL,
BAD_CAST "EncryptionVersion",
BAD_CAST "E002");
/* store partner id and user id */
node=xmlNewChild(root_node, NULL,
BAD_CAST "PartnerID",
BAD_CAST partnerId);
node=xmlNewChild(root_node, NULL,
BAD_CAST "UserID",
BAD_CAST userId);
/* compress and base64 doc */
mbuf=GWEN_Buffer_new(0, 512, 0, 1);
rv=EB_Xml_Compress64Doc(doc, mbuf);
if (rv<0) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error compressing/encoding doc (%d)", rv);
xmlFreeDoc(doc);
return rv;
}
xmlFreeDoc(doc);
/* create request */
msg=EB_Msg_new();
doc=EB_Msg_GetDoc(msg);
root_node=xmlNewNode(NULL, BAD_CAST "ebicsUnsecuredRequest");
xmlDocSetRootElement(doc, root_node);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.ebics.org/H003",
NULL);
assert(ns);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
BAD_CAST "ds");
assert(ns);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
BAD_CAST "xsi");
xmlNewNsProp(root_node,
ns,
BAD_CAST "schemaLocation", /* xsi:schemaLocation */
BAD_CAST "http://www.ebics.org/H003 "
"http://www.ebics.org/H003/ebics_keymgmt_request.xsd");
xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H003");
xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1");
/* header */
node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL);
xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true");
xmlNewChild(node, NULL, BAD_CAST "static", NULL);
xmlNewChild(node, NULL, BAD_CAST "mutable", NULL);
/* body */
node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL);
/* fill */
s=EBC_User_GetPeerId(u);
if (s)
EB_Msg_SetCharValue(msg, "header/static/HostID", s);
s=AB_User_GetCustomerId(u);
if (s)
EB_Msg_SetCharValue(msg, "header/static/PartnerID", s);
EB_Msg_SetCharValue(msg, "header/static/UserID",
AB_User_GetUserId(u));
EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", "HIA");
tbuf=GWEN_Buffer_new(0, 16, 0, 1);
rv=EBC_Provider_Generate_OrderId(pro, tbuf);
if (rv<0) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
GWEN_Buffer_free(tbuf);
GWEN_Buffer_free(mbuf);
EB_Msg_free(msg);
return rv;
}
EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderID",
GWEN_Buffer_GetStart(tbuf));
GWEN_Buffer_free(tbuf);
EB_Msg_SetCharValue(msg,
"header/static/OrderDetails/OrderAttribute",
"DZNNN");
EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0200");
EB_Msg_SetCharValue(msg, "body/DataTransfer/OrderData",
GWEN_Buffer_GetStart(mbuf));
GWEN_Buffer_free(mbuf);
/* exchange requests */
rv=EBC_Dialog_ExchangeMessages(sess, msg, &mRsp);
if (rv<0 || rv>=300) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
EB_Msg_free(msg);
return rv;
}
EB_Msg_free(msg);
/* check response */
assert(mRsp);
/* log results */
EBC_Provider_LogRequestResults(pro, mRsp, NULL);
rc=EB_Msg_GetResultCode(mRsp);
if ((rc & 0xff0000)==0x090000 ||
(rc & 0xff0000)==0x060000) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
EB_Msg_free(mRsp);
return AB_ERROR_SECURITY;
}
rc=EB_Msg_GetBodyResultCode(mRsp);
if (rc) {
if ((rc & 0xff0000)==0x090000 ||
(rc & 0xff0000)==0x060000) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
EB_Msg_free(mRsp);
if ((rc & 0xfff00)==0x091300 ||
(rc & 0xfff00)==0x091200)
return AB_ERROR_SECURITY;
else
return GWEN_ERROR_GENERIC;
}
}
EB_Msg_free(mRsp);
/* adjust user status and flags */
DBG_NOTICE(AQEBICS_LOGDOMAIN, "Adjusting user flags");
EBC_User_AddFlags(u, EBC_USER_FLAGS_HIA);
if ((EBC_User_GetFlags(u) & (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
==
(EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
EBC_User_SetStatus(u, EBC_UserStatus_Init2);
else
EBC_User_SetStatus(u, EBC_UserStatus_Init1);
return 0;
}
int AB_Banking_AddUser(AB_BANKING *ab, AB_USER *u) {
int rv;
AB_USER *uTmp;
char groupName[32];
GWEN_DB_NODE *db;
GWEN_DB_NODE *dbP;
const char *s;
assert(ab);
assert(u);
s=AB_User_GetUserId(u);
if (!s || *s==0) {
DBG_ERROR(AQBANKING_LOGDOMAIN,
"Missing user id");
return GWEN_ERROR_INVALID;
}
uTmp=AB_User_List_First(ab->users);
while(uTmp) {
if (uTmp==u) {
DBG_INFO(AQBANKING_LOGDOMAIN,
"User already added!");
return GWEN_ERROR_INVALID;
}
uTmp=AB_User_List_Next(uTmp);
}
rv=AB_Provider_ExtendUser(AB_User_GetProvider(u), u,
AB_ProviderExtendMode_Add,
NULL);
if (rv)
return rv;
db=GWEN_DB_Group_new("user");
AB_User_toDb(u, db);
dbP=GWEN_DB_GetGroup(db, GWEN_DB_FLAGS_DEFAULT,
"data/backend");
rv=AB_Provider_ExtendUser(AB_User_GetProvider(u), u,
AB_ProviderExtendMode_Save,
dbP);
if (rv) {
DBG_INFO(AQBANKING_LOGDOMAIN, "here (%d)", rv);
GWEN_DB_Group_free(db);
return rv;
}
rv=GWEN_ConfigMgr_GetUniqueId(ab->configMgr,
AB_CFG_GROUP_USERS,
groupName, sizeof(groupName)-1);
if (rv<0) {
DBG_ERROR(AQBANKING_LOGDOMAIN,
"Unable to create a unique id for user [%08x] (%d)",
AB_User_GetUniqueId(u), rv);
GWEN_DB_Group_free(db);
return rv;
}
groupName[sizeof(groupName)-1]=0;
rv=GWEN_ConfigMgr_LockGroup(ab->configMgr,
AB_CFG_GROUP_USERS,
groupName);
if (rv<0) {
DBG_ERROR(AQBANKING_LOGDOMAIN,
"Unable to lock user config [%08x] (%d)",
AB_User_GetUniqueId(u), rv);
GWEN_DB_Group_free(db);
return rv;
}
rv=GWEN_ConfigMgr_SetGroup(ab->configMgr,
AB_CFG_GROUP_USERS,
groupName,
db);
GWEN_DB_Group_free(db);
if (rv<0) {
DBG_ERROR(AQBANKING_LOGDOMAIN,
"Unable to save user config [%08x] (%d)",
AB_User_GetUniqueId(u), rv);
GWEN_ConfigMgr_UnlockGroup(ab->configMgr,
AB_CFG_GROUP_USERS,
groupName);
return rv;
}
/* unlock */
rv=GWEN_ConfigMgr_UnlockGroup(ab->configMgr,
AB_CFG_GROUP_USERS,
groupName);
if (rv<0) {
DBG_ERROR(AQBANKING_LOGDOMAIN,
"Unable to unlock user config [%08x] (%d)",
AB_User_GetUniqueId(u), rv);
return rv;
}
AB_User_SetDbId(u, groupName);
AB_User_List_Add(u, ab->users);
return 0;
}
AB_USER_LIST2 *AB_Banking_FindUsers(const AB_BANKING *ab,
const char *backendName,
const char *country,
const char *bankId,
const char *userId,
const char *customerId) {
AB_USER_LIST2 *ul;
AB_USER *u;
assert(ab);
if (AB_User_List_GetCount(ab->users)==0) {
DBG_INFO(AQBANKING_LOGDOMAIN, "No users");
return 0;
}
ul=AB_User_List2_new();
u=AB_User_List_First(ab->users);
assert(u);
if (!backendName) backendName="*";
if (!country) country="*";
if (!bankId) bankId="*";
if (!userId) userId="*";
if (!customerId) customerId="*";
while(u) {
const char *lCountry;
const char *lBankCode;
const char *lUserId;
const char *lCustomerId;
lCountry=AB_User_GetCountry(u);
if (!lCountry)
lCountry="";
lBankCode=AB_User_GetBankCode(u);
if (!lBankCode)
lBankCode="";
lUserId=AB_User_GetUserId(u);
if (!lUserId)
lUserId="";
lCustomerId=AB_User_GetCustomerId(u);
if (!lCustomerId)
lCustomerId="";
if ((-1!=GWEN_Text_ComparePattern(AB_User_GetBackendName(u),
backendName, 0)) &&
(-1!=GWEN_Text_ComparePattern(lCountry,
country, 0)) &&
(-1!=GWEN_Text_ComparePattern(lBankCode,
bankId, 0)) &&
(-1!=GWEN_Text_ComparePattern(lUserId,
userId, 0)) &&
(-1!=GWEN_Text_ComparePattern(lCustomerId,
customerId, 0))) {
AB_User_List2_PushBack(ul, u);
}
u=AB_User_List_Next(u);
} /* while */
if (AB_User_List2_GetSize(ul)==0) {
AB_User_List2_free(ul);
return 0;
}
return ul;
}
int EBC_Provider_XchgPubRequest_H002(AB_PROVIDER *pro,
GWEN_HTTP_SESSION *sess,
AB_USER *u,
const char *signVersion) {
EBC_PROVIDER *dp;
int rv;
const char *userId;
const char *partnerId;
GWEN_BUFFER *bufKey;
GWEN_CRYPT_TOKEN *ct;
const GWEN_CRYPT_TOKEN_CONTEXT *ctx;
uint32_t kid;
const GWEN_CRYPT_TOKEN_KEYINFO *signKeyInfo=NULL;
assert(pro);
dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro);
assert(dp);
userId=AB_User_GetUserId(u);
partnerId=AB_User_GetCustomerId(u);
/* get crypt token and context */
rv=EBC_Provider_MountToken(pro, u, &ct, &ctx);
if (rv<0) {
DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
return rv;
}
/* get crypt key info */
kid=GWEN_Crypt_Token_Context_GetTempSignKeyId(ctx);
if (kid) {
signKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
0);
if (signKeyInfo==NULL) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Sign key info not found on crypt token");
GWEN_Gui_ProgressLog(0,
GWEN_LoggerLevel_Error,
I18N("Sign key info not found on crypt token"));
return GWEN_ERROR_NOT_FOUND;
}
}
if (strcasecmp(signVersion, "A004")==0) {
EB_RC rc;
/* encode according to "DFUE-Abkommen" */
bufKey=GWEN_Buffer_new(0, 512, 0, 1);
rc=EB_Key_Info_toBin(signKeyInfo, userId, "A004", 1024, bufKey);
if (rc) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error writing key (rc=%06x)", rc);
GWEN_Buffer_free(bufKey);
return GWEN_ERROR_GENERIC;
}
}
else {
xmlDocPtr doc;
xmlNodePtr root_node = NULL;
xmlNodePtr node = NULL;
xmlNsPtr ns;
/* create INIRequestOrderData */
doc=xmlNewDoc(BAD_CAST "1.0");
doc->encoding=xmlCharStrdup("UTF-8");
root_node=xmlNewNode(NULL, BAD_CAST "PUBRequestOrderData");
xmlDocSetRootElement(doc, root_node);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.ebics.org/H002",
NULL);
assert(ns);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
BAD_CAST "ds");
assert(ns);
ns=xmlNewNs(root_node,
BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
BAD_CAST "xsi");
xmlNewNsProp(root_node,
ns,
BAD_CAST "schemaLocation", /* xsi:schemaLocation */
BAD_CAST "http://www.ebics.org/H002 "
"http://www.ebics.org/H002/ebics_orders.xsd");
/* create sign key tree */
node=xmlNewChild(root_node, NULL,
BAD_CAST "SignaturePubKeyInfo", NULL);
rv=EB_Key_Info_toXml(signKeyInfo, node);
if (rv<0) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv);
xmlFreeDoc(doc);
return GWEN_ERROR_INVALID;
}
xmlNewChild(node, NULL,
BAD_CAST "SignatureVersion",
BAD_CAST signVersion);
/* store partner id and user id */
node=xmlNewChild(root_node, NULL,
BAD_CAST "PartnerID",
BAD_CAST partnerId);
node=xmlNewChild(root_node, NULL,
BAD_CAST "UserID",
BAD_CAST userId);
/* compress and base64 doc */
bufKey=GWEN_Buffer_new(0, 4096, 0, 1);
rv=EB_Xml_Compress64Doc(doc, bufKey);
if (rv<0) {
DBG_ERROR(AQEBICS_LOGDOMAIN, "Error compressing/encoding doc (%d)", rv);
xmlFreeDoc(doc);
return rv;
}
xmlFreeDoc(doc);
}
rv=EBC_Provider_XchgUploadRequest(pro, sess, u, "PUB",
(const uint8_t*)GWEN_Buffer_GetStart(bufKey),
GWEN_Buffer_GetUsedBytes(bufKey));
if (rv<0) {
DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
GWEN_Buffer_free(bufKey);
return rv;
}
GWEN_Buffer_free(bufKey);
return 0;
}
