int EBC_Provider_FillDataEncryptionInfoNode(AB_PROVIDER *pro, AB_USER *u, const GWEN_CRYPT_KEY *skey, xmlNodePtr node) { EBC_PROVIDER *dp; int rv; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; const GWEN_CRYPT_TOKEN_KEYINFO *ki; uint32_t keyId; GWEN_BUFFER *hbuf; xmlNodePtr nodeX = NULL; const char *s; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get key id for server crypt key */ keyId=GWEN_Crypt_Token_Context_GetEncipherKeyId(ctx); ki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0xffffffff, 0); if (ki==NULL) { DBG_INFO(AQEBICS_LOGDOMAIN, "Keyinfo %04x not found on crypt token [%s:%s]", keyId, GWEN_Crypt_Token_GetTypeName(ct), GWEN_Crypt_Token_GetTokenName(ct)); GWEN_Crypt_Token_Close(ct, 0, 0); return GWEN_ERROR_NOT_FOUND; } hbuf=GWEN_Buffer_new(0, 256, 0, 1); s=EBC_User_GetCryptVersion(u); if (!(s && *s)) s="E001"; if (strcasecmp(s, "E001")==0) { rv=EB_Key_Info_BuildHashSha1(ki, hbuf, 1); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Crypt_Token_Close(ct, 0, 0); return rv; } nodeX=xmlNewTextChild(node, NULL, BAD_CAST "EncryptionPubKeyDigest", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); assert(nodeX); xmlNewProp(nodeX, BAD_CAST "Version", BAD_CAST "E001"); xmlNewProp(nodeX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/2000/09/xmldsig#sha1"); } else if (strcasecmp(s, "E002")==0) { rv=EB_Key_Info_BuildHashSha256(ki, hbuf, 1); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Crypt_Token_Close(ct, 0, 0); return rv; } nodeX=xmlNewTextChild(node, NULL, BAD_CAST "EncryptionPubKeyDigest", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); assert(nodeX); xmlNewProp(nodeX, BAD_CAST "Version", BAD_CAST "E002"); xmlNewProp(nodeX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/2001/04/xmlenc#sha256"); } /* add encrypted transactio key */ hbuf=GWEN_Buffer_new(0, 256, 0, 1); rv=EBC_Provider_EncryptKey(pro, u, skey, hbuf); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Crypt_Token_Close(ct, 0, 0); return rv; } nodeX=xmlNewTextChild(node, NULL, BAD_CAST "TransactionKey", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); assert(nodeX); return 0; }
int EBC_Provider_EuSign_A004(AB_PROVIDER *pro, AB_USER *u, const char *requestType, const uint8_t *pMsg, uint32_t lMsg, GWEN_BUFFER *sbuf) { EBC_PROVIDER *dp; GWEN_MDIGEST *md; GWEN_BUFFER *hbuf; GWEN_BUFFER *ebuf; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; const GWEN_CRYPT_TOKEN_KEYINFO *ki; uint32_t keyId; int ksize; uint32_t l; GWEN_CRYPT_PADDALGO *algo; EB_EU *eu; GWEN_TIME *ti; int rv; const char *userId; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); userId=AB_User_GetUserId(u); md=GWEN_MDigest_Rmd160_new(); assert(md); rv=GWEN_MDigest_Begin(md); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_MDigest_free(md); return rv; } rv=GWEN_MDigest_Update(md, pMsg, lMsg); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_MDigest_free(md); return rv; } rv=GWEN_MDigest_End(md); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_MDigest_free(md); return rv; } hbuf=GWEN_Buffer_new(0, GWEN_MDigest_GetDigestSize(md), 0, 1); GWEN_Buffer_AppendBytes(hbuf, (const char*)GWEN_MDigest_GetDigestPtr(md), GWEN_MDigest_GetDigestSize(md)); GWEN_MDigest_free(md); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get key id */ keyId=GWEN_Crypt_Token_Context_GetSignKeyId(ctx); ki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0xffffffff, 0); if (ki==NULL) { DBG_INFO(AQEBICS_LOGDOMAIN, "Keyinfo %04x not found on crypt token [%s:%s]", keyId, GWEN_Crypt_Token_GetTypeName(ct), GWEN_Crypt_Token_GetTokenName(ct)); GWEN_Crypt_Token_Close(ct, 0, 0); GWEN_Buffer_free(hbuf); return GWEN_ERROR_NOT_FOUND; } ksize=GWEN_Crypt_Token_KeyInfo_GetKeySize(ki); /* select padd algo */ algo=GWEN_Crypt_PaddAlgo_new(GWEN_Crypt_PaddAlgoId_Iso9796_2); GWEN_Crypt_PaddAlgo_SetPaddSize(algo, ksize); /* actually sign */ ebuf=GWEN_Buffer_new(0, ksize+16, 0, 1); l=GWEN_Buffer_GetMaxUnsegmentedWrite(ebuf); rv=GWEN_Crypt_Token_Sign(ct, keyId, algo, (const uint8_t*)GWEN_Buffer_GetStart(hbuf), GWEN_Buffer_GetUsedBytes(hbuf), (uint8_t*)GWEN_Buffer_GetPosPointer(ebuf), &l, NULL, /* ignore seq counter */ 0); GWEN_Crypt_PaddAlgo_free(algo); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(ebuf); GWEN_Buffer_free(hbuf); return rv; } GWEN_Buffer_IncrementPos(ebuf, l); GWEN_Buffer_AdjustUsedBytes(ebuf); GWEN_Buffer_free(hbuf); /* assemble EU */ eu=EB_Eu_new(); EB_Eu_SetVersion(eu, "A004"); EB_Eu_SetModLen(eu, ksize*8); EB_Eu_SetJobType(eu, requestType); EB_Eu_SetSignature(eu, (const uint8_t*) GWEN_Buffer_GetStart(ebuf), GWEN_Buffer_GetUsedBytes(ebuf)); GWEN_Buffer_free(ebuf); ti=GWEN_CurrentTime(); EB_Eu_SetCreationTime(eu, ti); EB_Eu_SetSignatureTime(eu, ti); GWEN_Time_free(ti); EB_Eu_SetUserId(eu, userId); /* store EU in given buffer */ EB_Eu_toBuffer(eu, sbuf); EB_Eu_free(eu); return 0; }
static int EBC_Provider_SignMessage_X001(AB_PROVIDER *pro, EB_MSG *msg, AB_USER *u, xmlNodePtr node) { EBC_PROVIDER *dp; int rv; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; const GWEN_CRYPT_TOKEN_KEYINFO *ki; uint32_t keyId; GWEN_BUFFER *hbuf; GWEN_BUFFER *bbuf; xmlNodePtr nodeX = NULL; xmlNodePtr nodeXX = NULL; xmlNodePtr nodeXXX = NULL; xmlNodePtr nodeXXXX = NULL; xmlNsPtr ns; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get key id */ keyId=GWEN_Crypt_Token_Context_GetAuthSignKeyId(ctx); ki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0xffffffff, 0); if (ki==NULL) { DBG_INFO(AQEBICS_LOGDOMAIN, "Keyinfo %04x not found on crypt token [%s:%s]", keyId, GWEN_Crypt_Token_GetTypeName(ct), GWEN_Crypt_Token_GetTokenName(ct)); GWEN_Crypt_Token_Close(ct, 0, 0); return GWEN_ERROR_NOT_FOUND; } /* prepare signature nodes */ ns=xmlSearchNs(EB_Msg_GetDoc(msg), node, BAD_CAST "ds"); assert(ns); /* build hash */ bbuf=GWEN_Buffer_new(0, 256, 0, 1); rv=EB_Msg_BuildHashSha1(msg, bbuf); if (rv) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not build hash"); GWEN_Buffer_free(bbuf); return rv; } /* base64 encode */ hbuf=GWEN_Buffer_new(0, 256, 0, 1); rv=GWEN_Base64_Encode((const uint8_t*)GWEN_Buffer_GetStart(bbuf), GWEN_Buffer_GetUsedBytes(bbuf), hbuf, 0); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Buffer_free(bbuf); return rv; } GWEN_Buffer_free(bbuf); /* create signature node */ nodeX=xmlNewChild(node, ns, BAD_CAST "SignedInfo", NULL); nodeXX=xmlNewChild(nodeX, ns, BAD_CAST "CanonicalizationMethod", NULL); xmlNewProp(nodeXX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); nodeXX=xmlNewChild(nodeX, ns, BAD_CAST "SignatureMethod", NULL); xmlNewProp(nodeXX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/2000/09/xmldsig#rsa-sha1"); nodeXX=xmlNewChild(nodeX, ns, BAD_CAST "Reference", NULL); xmlNewProp(nodeXX, BAD_CAST "URI", BAD_CAST "#xpointer(//*[@authenticate='true'])"); nodeXXX=xmlNewChild(nodeXX, ns, BAD_CAST "Transforms", NULL); nodeXXXX=xmlNewChild(nodeXXX, ns, BAD_CAST "Transform", NULL); xmlNewProp(nodeXXXX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); nodeXXX=xmlNewChild(nodeXX, ns, BAD_CAST "DigestMethod", NULL); xmlNewProp(nodeXXX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/2000/09/xmldsig#sha1"); /* store hash value */ xmlNewTextChild(nodeXX, ns, BAD_CAST "DigestValue", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); /* build hash over SignedInfo */ bbuf=GWEN_Buffer_new(0, 256, 0, 1); rv=EB_Xml_BuildNodeHashSha1(nodeX, "#xpointer(//*)", bbuf); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(bbuf); return rv; } /* sign hash */ if (1) { GWEN_CRYPT_PADDALGO *algo; int ksize; uint32_t l; const uint8_t prefix[]={ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14}; /* add prefix to hash of SignedInfo */ hbuf=GWEN_Buffer_new(0, 256, 0, 1); ksize=GWEN_Crypt_Token_KeyInfo_GetKeySize(ki); GWEN_Buffer_AppendBytes(hbuf, (const char*)prefix, sizeof(prefix)); GWEN_Buffer_AppendBuffer(hbuf, bbuf); GWEN_Buffer_Reset(bbuf); /* select padd algo */ algo=GWEN_Crypt_PaddAlgo_new(GWEN_Crypt_PaddAlgoId_Pkcs1_1); GWEN_Crypt_PaddAlgo_SetPaddSize(algo, ksize); /* actually sign */ GWEN_Buffer_AllocRoom(bbuf, ksize+16); l=GWEN_Buffer_GetMaxUnsegmentedWrite(bbuf); rv=GWEN_Crypt_Token_Sign(ct, keyId, algo, (const uint8_t*)GWEN_Buffer_GetStart(hbuf), GWEN_Buffer_GetUsedBytes(hbuf), (uint8_t*)GWEN_Buffer_GetPosPointer(bbuf), &l, NULL, /* ignore seq counter */ 0); GWEN_Crypt_PaddAlgo_free(algo); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(bbuf); GWEN_Buffer_free(hbuf); return rv; } GWEN_Buffer_IncrementPos(bbuf, l); GWEN_Buffer_AdjustUsedBytes(bbuf); /* base 64 encode signature */ GWEN_Buffer_Reset(hbuf); rv=GWEN_Base64_Encode((const uint8_t*)GWEN_Buffer_GetStart(bbuf), GWEN_Buffer_GetUsedBytes(bbuf), hbuf, 0); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Buffer_free(bbuf); return rv; } GWEN_Buffer_free(bbuf); /* store signature */ xmlNewTextChild(node, ns, BAD_CAST "SignatureValue", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); } return 0; }
int EBC_Provider_EuSign_A005(AB_PROVIDER *pro, AB_USER *u, const char *requestType, const uint8_t *pMsg, uint32_t lMsg, GWEN_BUFFER *sbuf) { EBC_PROVIDER *dp; GWEN_BUFFER *xbuf; GWEN_BUFFER *hbuf; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; const GWEN_CRYPT_TOKEN_KEYINFO *ki; uint32_t keyId; int ksize; uint32_t l; GWEN_CRYPT_PADDALGO *algo; int rv; int numPaddBytes=0; const uint8_t digestInfo[]= { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 }; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get key id */ keyId=GWEN_Crypt_Token_Context_GetSignKeyId(ctx); ki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0xffffffff, 0); if (ki==NULL) { DBG_INFO(AQEBICS_LOGDOMAIN, "Keyinfo %04x not found on crypt token [%s:%s]", keyId, GWEN_Crypt_Token_GetTypeName(ct), GWEN_Crypt_Token_GetTokenName(ct)); GWEN_Crypt_Token_Close(ct, 0, 0); return GWEN_ERROR_NOT_FOUND; } xbuf=GWEN_Buffer_new(0, 40, 0, 1); EBC_Provider_Sha256(pMsg, lMsg, xbuf); /* add digestInfo to hash of SignedInfo */ hbuf=GWEN_Buffer_new(0, 256, 0, 1); ksize=GWEN_Crypt_Token_KeyInfo_GetKeySize(ki); GWEN_Buffer_AppendByte(hbuf, 0x01); /* block type */ numPaddBytes=ksize-3-sizeof(digestInfo)-GWEN_Buffer_GetUsedBytes(xbuf); if (numPaddBytes<1) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Invalid number of padd bytes, key too small (%d)", numPaddBytes); GWEN_Buffer_free(xbuf); GWEN_Buffer_free(hbuf); return GWEN_ERROR_INTERNAL; } GWEN_Buffer_FillWithBytes(hbuf, 0xff, numPaddBytes); GWEN_Buffer_AppendByte(hbuf, 0x01); /* separator */ GWEN_Buffer_AppendBytes(hbuf, (const char *)digestInfo, sizeof(digestInfo)); /* digest info */ GWEN_Buffer_AppendBytes(hbuf, GWEN_Buffer_GetStart(xbuf), GWEN_Buffer_GetUsedBytes(xbuf)); /* hash */ GWEN_Buffer_free(xbuf); /* select padd algo */ algo=GWEN_Crypt_PaddAlgo_new(GWEN_Crypt_PaddAlgoId_None); GWEN_Crypt_PaddAlgo_SetPaddSize(algo, ksize); /* actually sign */ GWEN_Buffer_AllocRoom(sbuf, ksize+16); l=GWEN_Buffer_GetMaxUnsegmentedWrite(sbuf); rv=GWEN_Crypt_Token_Sign(ct, keyId, algo, (const uint8_t *)GWEN_Buffer_GetStart(hbuf), GWEN_Buffer_GetUsedBytes(hbuf), (uint8_t *)GWEN_Buffer_GetPosPointer(sbuf), &l, NULL, /* ignore seq counter */ 0); GWEN_Crypt_PaddAlgo_free(algo); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); return rv; } GWEN_Buffer_IncrementPos(sbuf, l); GWEN_Buffer_AdjustUsedBytes(sbuf); GWEN_Buffer_free(hbuf); return 0; }
static int EBC_Provider_XchgHpbRequest_H003(AB_PROVIDER *pro, GWEN_HTTP_SESSION *sess, AB_USER *u) { EBC_PROVIDER *dp; int rv; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; uint32_t keyId; xmlNsPtr ns; EB_MSG *msg; EB_MSG *mRsp; EB_RC rc; xmlDocPtr doc; xmlNodePtr root_node = NULL; xmlNodePtr node = NULL; xmlNodePtr sigNode = NULL; GWEN_BUFFER *tbuf; const char *s; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* create request */ msg=EB_Msg_new(); doc=EB_Msg_GetDoc(msg); root_node=xmlNewNode(NULL, BAD_CAST "ebicsNoPubKeyDigestsRequest"); xmlDocSetRootElement(doc, root_node); ns=xmlNewNs(root_node, BAD_CAST "http://www.ebics.org/H003", NULL); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2000/09/xmldsig#", BAD_CAST "ds"); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2001/XMLSchema-instance", BAD_CAST "xsi"); xmlNewNsProp(root_node, ns, BAD_CAST "schemaLocation", /* xsi:schemaLocation */ BAD_CAST "http://www.ebics.org/H003 " "http://www.ebics.org/H003/ebics_keymgmt_request.xsd"); xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H003"); xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1"); /* header */ node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL); xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true"); xmlNewChild(node, NULL, BAD_CAST "static", NULL); xmlNewChild(node, NULL, BAD_CAST "mutable", NULL); sigNode=xmlNewChild(root_node, NULL, BAD_CAST "AuthSignature", NULL); /* body */ node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL); /* fill */ s=EBC_User_GetPeerId(u); if (s) EB_Msg_SetCharValue(msg, "header/static/HostID", s); /* generate Nonce */ tbuf=GWEN_Buffer_new(0, 128, 0, 1); rv=EBC_Provider_GenerateNonce(pro, tbuf); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(tbuf); EB_Msg_free(msg); return rv; } EB_Msg_SetCharValue(msg, "header/static/Nonce", GWEN_Buffer_GetStart(tbuf)); GWEN_Buffer_Reset(tbuf); /* generate timestamp */ rv=EBC_Provider_GenerateTimeStamp(pro, u, tbuf); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(tbuf); EB_Msg_free(msg); return rv; } EB_Msg_SetCharValue(msg, "header/static/Timestamp", GWEN_Buffer_GetStart(tbuf)); GWEN_Buffer_free(tbuf); s=AB_User_GetCustomerId(u); if (s) EB_Msg_SetCharValue(msg, "header/static/PartnerID", s); EB_Msg_SetCharValue(msg, "header/static/UserID", AB_User_GetUserId(u)); EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", "HPB"); EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderAttribute", "DZHNN"); EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0000"); /* sign */ rv=EBC_Provider_SignMessage(pro, msg, u, sigNode); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); EB_Msg_free(msg); return rv; } /* exchange requests */ rv=EBC_Dialog_ExchangeMessages(sess, msg, &mRsp); if (rv<0 || rv>=300) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv); EB_Msg_free(msg); return rv; } EB_Msg_free(msg); /* check response */ assert(mRsp); /* log results */ EBC_Provider_LogRequestResults(pro, mRsp, NULL); rc=EB_Msg_GetResultCode(mRsp); if ((rc & 0xff0000)==0x090000 || (rc & 0xff0000)==0x060000) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc); EB_Msg_free(mRsp); return AB_ERROR_SECURITY; } rc=EB_Msg_GetBodyResultCode(mRsp); if (rc) { if ((rc & 0xff0000)==0x090000 || (rc & 0xff0000)==0x060000) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc); EB_Msg_free(mRsp); if ((rc & 0xfff00)==0x091300 || (rc & 0xfff00)==0x091200) return AB_ERROR_SECURITY; else return GWEN_ERROR_GENERIC; } } if (1) { xmlDocPtr orderDoc=NULL; xmlNodePtr root_node=NULL; xmlNodePtr node=NULL; GWEN_CRYPT_KEY *skey=NULL; GWEN_BUFFER *buf1; GWEN_BUFFER *buf2; const char *s; /* extract keys and store them */ node=EB_Xml_GetNode(EB_Msg_GetRootNode(mRsp), "body/DataTransfer/DataEncryptionInfo", GWEN_PATH_FLAGS_NAMEMUSTEXIST); if (node==NULL) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Bad message from server: Missing session key"); EB_Msg_free(mRsp); return GWEN_ERROR_BAD_DATA; } rv=EBC_Provider_ExtractSessionKey(pro, u, node, &skey); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); EB_Msg_free(mRsp); return rv; } s=EB_Msg_GetCharValue(mRsp, "body/DataTransfer/OrderData", NULL); if (!s) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Bad message from server: Missing OrderData"); EB_Msg_free(mRsp); return GWEN_ERROR_BAD_DATA; } buf1=GWEN_Buffer_new(0, strlen(s), 0, 1); rv=GWEN_Base64_Decode((const uint8_t*)s, 0, buf1); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "Could not decode OrderData (%d)", rv); GWEN_Buffer_free(buf1); EB_Msg_free(mRsp); return rv; } /* decode data */ buf2=GWEN_Buffer_new(0, GWEN_Buffer_GetUsedBytes(buf1), 0, 1); rv=EBC_Provider_DecryptData(pro, u, skey, (const uint8_t*)GWEN_Buffer_GetStart(buf1), GWEN_Buffer_GetUsedBytes(buf1), buf2); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "Could not decrypt OrderData (%d)", rv); GWEN_Buffer_free(buf2); GWEN_Buffer_free(buf1); return rv; } /* parse XML document */ rv=EB_Xml_DocFromBuffer(GWEN_Buffer_GetStart(buf2), GWEN_Buffer_GetUsedBytes(buf2), &orderDoc); GWEN_Buffer_free(buf2); GWEN_Buffer_free(buf1); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); EB_Msg_free(mRsp); return rv; } /* get keys */ root_node=xmlDocGetRootElement(orderDoc); /* get auth key */ node=EB_Xml_GetNode(root_node, "AuthenticationPubKeyInfo", GWEN_PATH_FLAGS_NAMEMUSTEXIST); if (node==NULL) { DBG_ERROR(AQEBICS_LOGDOMAIN, "No authentication key found"); xmlFreeDoc(orderDoc); EB_Msg_free(mRsp); return GWEN_ERROR_BAD_DATA; } else { const GWEN_CRYPT_TOKEN_KEYINFO *cki; GWEN_CRYPT_TOKEN_KEYINFO *ki; keyId=GWEN_Crypt_Token_Context_GetAuthVerifyKeyId(ctx); cki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0, 0); if (cki) ki=GWEN_Crypt_Token_KeyInfo_dup(cki); else ki=GWEN_Crypt_Token_KeyInfo_new(keyId, GWEN_Crypt_CryptAlgoId_Rsa, 128); GWEN_Crypt_Token_KeyInfo_SetFlags(ki, 0); rc=EB_Key_Info_ReadXml(ki, node); if (rc) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%06x)", rc); GWEN_Crypt_Token_KeyInfo_free(ki); xmlFreeDoc(orderDoc); EB_Msg_free(mRsp); return GWEN_ERROR_BAD_DATA; } rv=GWEN_Crypt_Token_SetKeyInfo(ct, keyId, ki, 0); GWEN_Crypt_Token_KeyInfo_free(ki); if (rv) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); xmlFreeDoc(orderDoc); EB_Msg_free(mRsp); return rv; } DBG_NOTICE(AQEBICS_LOGDOMAIN, "Auth key stored"); } /* get crypt key */ node=EB_Xml_GetNode(root_node, "EncryptionPubKeyInfo", GWEN_PATH_FLAGS_NAMEMUSTEXIST); if (node==NULL) { DBG_ERROR(AQEBICS_LOGDOMAIN, "No encryption key found"); xmlFreeDoc(orderDoc); EB_Msg_free(mRsp); return GWEN_ERROR_BAD_DATA; } else { const GWEN_CRYPT_TOKEN_KEYINFO *cki; GWEN_CRYPT_TOKEN_KEYINFO *ki; keyId=GWEN_Crypt_Token_Context_GetEncipherKeyId(ctx); cki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0, 0); if (cki) ki=GWEN_Crypt_Token_KeyInfo_dup(cki); else ki=GWEN_Crypt_Token_KeyInfo_new(keyId, GWEN_Crypt_CryptAlgoId_Rsa, 128); GWEN_Crypt_Token_KeyInfo_SetFlags(ki, 0); rc=EB_Key_Info_ReadXml(ki, node); if (rc) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%06x)", rc); GWEN_Crypt_Token_KeyInfo_free(ki); xmlFreeDoc(orderDoc); EB_Msg_free(mRsp); return GWEN_ERROR_BAD_DATA; } rv=GWEN_Crypt_Token_SetKeyInfo(ct, keyId, ki, 0); GWEN_Crypt_Token_KeyInfo_free(ki); if (rv) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); xmlFreeDoc(orderDoc); EB_Msg_free(mRsp); return rv; } DBG_NOTICE(AQEBICS_LOGDOMAIN, "Crypt key stored"); } xmlFreeDoc(orderDoc); } EB_Msg_free(mRsp); /* adjust user status and flags */ DBG_NOTICE(AQEBICS_LOGDOMAIN, "Adjusting user flags"); if ((EBC_User_GetFlags(u) & (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA)) == (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA)) EBC_User_SetStatus(u, EBC_UserStatus_Enabled); return 0; }
int EBC_Provider_XchgIniRequest_H002(AB_PROVIDER *pro, GWEN_HTTP_SESSION *sess, AB_USER *u) { int rv; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; uint32_t kid; const GWEN_CRYPT_TOKEN_KEYINFO *signKeyInfo=NULL; xmlNsPtr ns; EB_MSG *msg; const char *userId; EB_MSG *mRsp; EB_RC rc; xmlDocPtr doc; xmlNodePtr root_node = NULL; xmlNodePtr node = NULL; GWEN_BUFFER *tbuf; const char *signVersion; const char *s; GWEN_BUFFER *bufKey; GWEN_BUFFER *bufZip; GWEN_BUFFER *bufB64; userId=AB_User_GetUserId(u); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get crypt key info */ kid=GWEN_Crypt_Token_Context_GetSignKeyId(ctx); if (kid) { signKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid, GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS | GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT | GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION | GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER, 0); if (signKeyInfo==NULL) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Sign key info not found on crypt token"); GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Error, I18N("Sign key info not found on crypt token")); return GWEN_ERROR_NOT_FOUND; } } signVersion=EBC_User_GetSignVersion(u); if (!(signVersion && *signVersion)) signVersion="A004"; if (strcasecmp(signVersion, "A004")==0) { /* encode according to "DFUE-Abkommen" */ bufKey=GWEN_Buffer_new(0, 512, 0, 1); rc=EB_Key_Info_toBin(signKeyInfo, userId, "A004", 1024, bufKey); if (rc) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error writing key (rc=%06x)", rc); GWEN_Buffer_free(bufKey); return GWEN_ERROR_GENERIC; } /* zip order */ bufZip=GWEN_Buffer_new(0, 512, 0, 1); if (EB_Zip_Deflate(GWEN_Buffer_GetStart(bufKey), GWEN_Buffer_GetUsedBytes(bufKey), bufZip)) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Unable to zip key data"); GWEN_Buffer_free(bufZip); GWEN_Buffer_free(bufKey); return GWEN_ERROR_GENERIC; } GWEN_Buffer_free(bufKey); /* base64 encode for order */ bufB64=GWEN_Buffer_new(0, 800, 0, 1); if (GWEN_Base64_Encode((const unsigned char *)GWEN_Buffer_GetStart(bufZip), GWEN_Buffer_GetUsedBytes(bufZip), bufB64, 0)) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error encoding key"); GWEN_Buffer_free(bufB64); GWEN_Buffer_free(bufZip); return GWEN_ERROR_GENERIC; } GWEN_Buffer_free(bufZip); } else { DBG_ERROR(AQEBICS_LOGDOMAIN, "Unsupported sign version [%s]", signVersion); return GWEN_ERROR_INTERNAL; } /* create request */ msg=EB_Msg_new(); doc=EB_Msg_GetDoc(msg); root_node=xmlNewNode(NULL, BAD_CAST "ebicsUnsecuredRequest"); xmlDocSetRootElement(doc, root_node); ns=xmlNewNs(root_node, BAD_CAST "http://www.ebics.org/H002", NULL); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2000/09/xmldsig#", BAD_CAST "ds"); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2001/XMLSchema-instance", BAD_CAST "xsi"); xmlNewNsProp(root_node, ns, BAD_CAST "schemaLocation", /* xsi:schemaLocation */ BAD_CAST "http://www.ebics.org/H002 " "http://www.ebics.org/H002/ebics_keymgmt_request.xsd"); xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H002"); xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1"); /* header */ node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL); xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true"); xmlNewChild(node, NULL, BAD_CAST "static", NULL); xmlNewChild(node, NULL, BAD_CAST "mutable", NULL); /* body */ node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL); /* fill */ s=EBC_User_GetPeerId(u); if (s) EB_Msg_SetCharValue(msg, "header/static/HostID", s); s=AB_User_GetCustomerId(u); if (s) EB_Msg_SetCharValue(msg, "header/static/PartnerID", s); EB_Msg_SetCharValue(msg, "header/static/UserID", AB_User_GetUserId(u)); EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", "INI"); tbuf=GWEN_Buffer_new(0, 16, 0, 1); rv=EBC_Provider_Generate_OrderId(pro, tbuf); if (rv<0) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error creating order id (%d)", rv); GWEN_Buffer_free(tbuf); GWEN_Buffer_free(bufB64); EB_Msg_free(msg); return rv; } EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderID", GWEN_Buffer_GetStart(tbuf)); GWEN_Buffer_free(tbuf); EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderAttribute", "DZNNN"); EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0000"); EB_Msg_SetCharValue(msg, "body/DataTransfer/OrderData", GWEN_Buffer_GetStart(bufB64)); GWEN_Buffer_free(bufB64); /* exchange requests */ rv=EBC_Dialog_ExchangeMessages(sess, msg, &mRsp); if (rv<0 || rv>=300) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv); EB_Msg_free(msg); return rv; } EB_Msg_free(msg); /* check response */ assert(mRsp); /* log results */ EBC_Provider_LogRequestResults(pro, mRsp, NULL); rc=EB_Msg_GetResultCode(mRsp); if ((rc & 0xff0000)==0x090000 || (rc & 0xff0000)==0x060000) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc); EB_Msg_free(mRsp); return AB_ERROR_SECURITY; } rc=EB_Msg_GetBodyResultCode(mRsp); if (rc) { if ((rc & 0xff0000)==0x090000 || (rc & 0xff0000)==0x060000) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc); EB_Msg_free(mRsp); if ((rc & 0xfff00)==0x091300 || (rc & 0xfff00)==0x091200) return AB_ERROR_SECURITY; else return GWEN_ERROR_GENERIC; } } EB_Msg_free(mRsp); /* adjust user status and flags */ DBG_NOTICE(AQEBICS_LOGDOMAIN, "Adjusting user flags"); EBC_User_AddFlags(u, EBC_USER_FLAGS_INI); if ((EBC_User_GetFlags(u) & (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA)) == (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA)) EBC_User_SetStatus(u, EBC_UserStatus_Init2); else EBC_User_SetStatus(u, EBC_UserStatus_Init1); return 0; }
int EBC_Provider_XchgHiaRequest_H003(AB_PROVIDER *pro, GWEN_HTTP_SESSION *sess, AB_USER *u) { int rv; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; uint32_t kid; const GWEN_CRYPT_TOKEN_KEYINFO *cryptKeyInfo=NULL; const GWEN_CRYPT_TOKEN_KEYINFO *authKeyInfo=NULL; xmlNsPtr ns; EB_MSG *msg; const char *userId; const char *partnerId; EB_MSG *mRsp; EB_RC rc; xmlDocPtr doc; xmlNodePtr root_node = NULL; xmlNodePtr node = NULL; /*xmlNodePtr nodeX = NULL;*/ GWEN_BUFFER *mbuf; GWEN_BUFFER *tbuf; const char *s; userId=AB_User_GetUserId(u); partnerId=AB_User_GetCustomerId(u); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get crypt key info */ kid=GWEN_Crypt_Token_Context_GetDecipherKeyId(ctx); if (kid) { cryptKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid, GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS | GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT | GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION | GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER, 0); if (cryptKeyInfo==NULL) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Crypt key info not found on crypt token"); GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Error, I18N("Crypt key info not found on crypt token")); return GWEN_ERROR_NOT_FOUND; } } /* get auth sign key info */ kid=GWEN_Crypt_Token_Context_GetAuthSignKeyId(ctx); if (kid) { authKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid, GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS | GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT | GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION | GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER, 0); if (authKeyInfo==NULL) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Auth key info not found on crypt token"); GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Error, I18N("Auth key info not found on crypt token")); return GWEN_ERROR_NOT_FOUND; } } /* create HIARequestOrderData */ doc=xmlNewDoc(BAD_CAST "1.0"); doc->encoding=xmlCharStrdup("UTF-8"); root_node=xmlNewNode(NULL, BAD_CAST "HIARequestOrderData"); xmlDocSetRootElement(doc, root_node); ns=xmlNewNs(root_node, BAD_CAST "http://www.ebics.org/H003", NULL); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2000/09/xmldsig#", BAD_CAST "ds"); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2001/XMLSchema-instance", BAD_CAST "xsi"); xmlNewNsProp(root_node, ns, BAD_CAST "schemaLocation", /* xsi:schemaLocation */ BAD_CAST "http://www.ebics.org/H003 " "http://www.ebics.org/H003/ebics_orders.xsd"); /* create auth key tree */ node=xmlNewChild(root_node, NULL, BAD_CAST "AuthenticationPubKeyInfo", NULL); rv=EB_Key_Info_toXml(authKeyInfo, node); if (rv<0) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv); xmlFreeDoc(doc); return GWEN_ERROR_INVALID; } xmlNewChild(node, NULL, BAD_CAST "AuthenticationVersion", BAD_CAST "X002"); /* create crypt key tree */ node=xmlNewChild(root_node, NULL, BAD_CAST "EncryptionPubKeyInfo", NULL); rv=EB_Key_Info_toXml(cryptKeyInfo, node); if (rv<0) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv); xmlFreeDoc(doc); return rv; } xmlNewChild(node, NULL, BAD_CAST "EncryptionVersion", BAD_CAST "E002"); /* store partner id and user id */ node=xmlNewChild(root_node, NULL, BAD_CAST "PartnerID", BAD_CAST partnerId); node=xmlNewChild(root_node, NULL, BAD_CAST "UserID", BAD_CAST userId); /* compress and base64 doc */ mbuf=GWEN_Buffer_new(0, 512, 0, 1); rv=EB_Xml_Compress64Doc(doc, mbuf); if (rv<0) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error compressing/encoding doc (%d)", rv); xmlFreeDoc(doc); return rv; } xmlFreeDoc(doc); /* create request */ msg=EB_Msg_new(); doc=EB_Msg_GetDoc(msg); root_node=xmlNewNode(NULL, BAD_CAST "ebicsUnsecuredRequest"); xmlDocSetRootElement(doc, root_node); ns=xmlNewNs(root_node, BAD_CAST "http://www.ebics.org/H003", NULL); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2000/09/xmldsig#", BAD_CAST "ds"); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2001/XMLSchema-instance", BAD_CAST "xsi"); xmlNewNsProp(root_node, ns, BAD_CAST "schemaLocation", /* xsi:schemaLocation */ BAD_CAST "http://www.ebics.org/H003 " "http://www.ebics.org/H003/ebics_keymgmt_request.xsd"); xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H003"); xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1"); /* header */ node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL); xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true"); xmlNewChild(node, NULL, BAD_CAST "static", NULL); xmlNewChild(node, NULL, BAD_CAST "mutable", NULL); /* body */ node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL); /* fill */ s=EBC_User_GetPeerId(u); if (s) EB_Msg_SetCharValue(msg, "header/static/HostID", s); s=AB_User_GetCustomerId(u); if (s) EB_Msg_SetCharValue(msg, "header/static/PartnerID", s); EB_Msg_SetCharValue(msg, "header/static/UserID", AB_User_GetUserId(u)); EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", "HIA"); tbuf=GWEN_Buffer_new(0, 16, 0, 1); rv=EBC_Provider_Generate_OrderId(pro, tbuf); if (rv<0) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv); GWEN_Buffer_free(tbuf); GWEN_Buffer_free(mbuf); EB_Msg_free(msg); return rv; } EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderID", GWEN_Buffer_GetStart(tbuf)); GWEN_Buffer_free(tbuf); EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderAttribute", "DZNNN"); EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0200"); EB_Msg_SetCharValue(msg, "body/DataTransfer/OrderData", GWEN_Buffer_GetStart(mbuf)); GWEN_Buffer_free(mbuf); /* exchange requests */ rv=EBC_Dialog_ExchangeMessages(sess, msg, &mRsp); if (rv<0 || rv>=300) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv); EB_Msg_free(msg); return rv; } EB_Msg_free(msg); /* check response */ assert(mRsp); /* log results */ EBC_Provider_LogRequestResults(pro, mRsp, NULL); rc=EB_Msg_GetResultCode(mRsp); if ((rc & 0xff0000)==0x090000 || (rc & 0xff0000)==0x060000) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc); EB_Msg_free(mRsp); return AB_ERROR_SECURITY; } rc=EB_Msg_GetBodyResultCode(mRsp); if (rc) { if ((rc & 0xff0000)==0x090000 || (rc & 0xff0000)==0x060000) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc); EB_Msg_free(mRsp); if ((rc & 0xfff00)==0x091300 || (rc & 0xfff00)==0x091200) return AB_ERROR_SECURITY; else return GWEN_ERROR_GENERIC; } } EB_Msg_free(mRsp); /* adjust user status and flags */ DBG_NOTICE(AQEBICS_LOGDOMAIN, "Adjusting user flags"); EBC_User_AddFlags(u, EBC_USER_FLAGS_HIA); if ((EBC_User_GetFlags(u) & (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA)) == (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA)) EBC_User_SetStatus(u, EBC_UserStatus_Init2); else EBC_User_SetStatus(u, EBC_UserStatus_Init1); return 0; }
int EBC_Provider_XchgPubRequest_H002(AB_PROVIDER *pro, GWEN_HTTP_SESSION *sess, AB_USER *u, const char *signVersion) { EBC_PROVIDER *dp; int rv; const char *userId; const char *partnerId; GWEN_BUFFER *bufKey; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; uint32_t kid; const GWEN_CRYPT_TOKEN_KEYINFO *signKeyInfo=NULL; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); userId=AB_User_GetUserId(u); partnerId=AB_User_GetCustomerId(u); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get crypt key info */ kid=GWEN_Crypt_Token_Context_GetTempSignKeyId(ctx); if (kid) { signKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid, GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS | GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT | GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION | GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER, 0); if (signKeyInfo==NULL) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Sign key info not found on crypt token"); GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Error, I18N("Sign key info not found on crypt token")); return GWEN_ERROR_NOT_FOUND; } } if (strcasecmp(signVersion, "A004")==0) { EB_RC rc; /* encode according to "DFUE-Abkommen" */ bufKey=GWEN_Buffer_new(0, 512, 0, 1); rc=EB_Key_Info_toBin(signKeyInfo, userId, "A004", 1024, bufKey); if (rc) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error writing key (rc=%06x)", rc); GWEN_Buffer_free(bufKey); return GWEN_ERROR_GENERIC; } } else { xmlDocPtr doc; xmlNodePtr root_node = NULL; xmlNodePtr node = NULL; xmlNsPtr ns; /* create INIRequestOrderData */ doc=xmlNewDoc(BAD_CAST "1.0"); doc->encoding=xmlCharStrdup("UTF-8"); root_node=xmlNewNode(NULL, BAD_CAST "PUBRequestOrderData"); xmlDocSetRootElement(doc, root_node); ns=xmlNewNs(root_node, BAD_CAST "http://www.ebics.org/H002", NULL); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2000/09/xmldsig#", BAD_CAST "ds"); assert(ns); ns=xmlNewNs(root_node, BAD_CAST "http://www.w3.org/2001/XMLSchema-instance", BAD_CAST "xsi"); xmlNewNsProp(root_node, ns, BAD_CAST "schemaLocation", /* xsi:schemaLocation */ BAD_CAST "http://www.ebics.org/H002 " "http://www.ebics.org/H002/ebics_orders.xsd"); /* create sign key tree */ node=xmlNewChild(root_node, NULL, BAD_CAST "SignaturePubKeyInfo", NULL); rv=EB_Key_Info_toXml(signKeyInfo, node); if (rv<0) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv); xmlFreeDoc(doc); return GWEN_ERROR_INVALID; } xmlNewChild(node, NULL, BAD_CAST "SignatureVersion", BAD_CAST signVersion); /* store partner id and user id */ node=xmlNewChild(root_node, NULL, BAD_CAST "PartnerID", BAD_CAST partnerId); node=xmlNewChild(root_node, NULL, BAD_CAST "UserID", BAD_CAST userId); /* compress and base64 doc */ bufKey=GWEN_Buffer_new(0, 4096, 0, 1); rv=EB_Xml_Compress64Doc(doc, bufKey); if (rv<0) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Error compressing/encoding doc (%d)", rv); xmlFreeDoc(doc); return rv; } xmlFreeDoc(doc); } rv=EBC_Provider_XchgUploadRequest(pro, sess, u, "PUB", (const uint8_t*)GWEN_Buffer_GetStart(bufKey), GWEN_Buffer_GetUsedBytes(bufKey)); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(bufKey); return rv; } GWEN_Buffer_free(bufKey); return 0; }