예제 #1
0
/* Prints all results that can be found in the outbox into the interactor */
static void gnc_hbci_printresult(HBCI_Outbox *outbox, GNCInteractor *inter)
{
    /* Got no sysid. */
    GWEN_DB_NODE *rsp, *n;
    g_assert(outbox);
    if (!inter)
        return;

    rsp = HBCI_Outbox_response(outbox);
    n = GWEN_DB_GetFirstGroup(rsp);
    while (n)
    {
        if (strcasecmp(GWEN_DB_GroupName(n), "msgresult") == 0)
        {
            GWEN_DB_NODE *r = GWEN_DB_GetFirstGroup(n);
            while (r)
            {
                if (strcasecmp(GWEN_DB_GroupName(r), "result") == 0)
                {
                    gchar *logtext;
                    int resultcode;
                    const char *text, *elementref, *param;

                    resultcode = GWEN_DB_GetIntValue(r, "resultcode", 0, 0);
                    text = GWEN_DB_GetCharValue(r, "text", 0, "Response without text");
                    elementref = GWEN_DB_GetCharValue(r, "elementref", 0, "");
                    param = GWEN_DB_GetCharValue(r, "param", 0, "");

                    if (strlen(elementref) > 0 || strlen(param) > 0)
                        logtext = g_strdup_printf("%s (%d; Elementref %s; Param %s)", text,
                                                  resultcode, elementref, param);
                    else
                        logtext = g_strdup_printf("%s (%d)", text, resultcode);
                    GNCInteractor_add_log_text(inter, logtext);
                    g_free(logtext);
                }
                r = GWEN_DB_GetNextGroup(r);
            }
        }
        else if (strcasecmp(GWEN_DB_GroupName(n), "segresult") == 0)
        {
            GWEN_DB_NODE *r = GWEN_DB_GetFirstGroup(n);
            while (r)
            {
                if (strcasecmp(GWEN_DB_GroupName(r), "result") == 0)
                {
                }
                r = GWEN_DB_GetNextGroup(r);
            }
        }
        n = GWEN_DB_GetNextGroup(n);
    } /* while */

    GWEN_DB_Group_free(rsp);
}
예제 #2
0
파일: user.c 프로젝트: maduhu/aqbanking-1
void AH_User_LoadSepaDescriptors(AB_USER *u) {
  AH_USER *ue;
  GWEN_DB_NODE *db;
  int rv;

  assert(u);
  ue=GWEN_INHERIT_GETDATA(AB_USER, AH_USER, u);
  assert(ue);

  /* read directly from BPD */

  GWEN_StringList_Clear(ue->sepaDescriptors);
  db=GWEN_DB_Group_new("bpd");
  rv=AH_Job_SampleBpdVersions("JobGetAccountSepaInfo", u, db);
  if (rv<0) {
      DBG_INFO(AQHBCI_LOGDOMAIN, "No BPD for TAN job");
  }
  else {
    GWEN_DB_NODE *dbV;

    dbV=GWEN_DB_GetFirstGroup(db);
    while(dbV) {
      int version;

      version=atoi(GWEN_DB_GroupName(dbV));
      if (version>0) {
	GWEN_DB_NODE *dbT;

	/* always overwrite with latest version received */
	GWEN_StringList_Clear(ue->sepaDescriptors);
	dbT=GWEN_DB_FindFirstGroup(dbV, "SupportedSepaFormats");
	if (!dbT) {
	  DBG_INFO(AQHBCI_LOGDOMAIN, "No SEPA descriptor found");
	}
	while(dbT) {
	  int i;

	  for (i=0; i<100; i++) {
	    const char *s;

	    s=GWEN_DB_GetCharValue(dbT, "format", i, NULL);
	    if (! (s && *s))
	      break;
	    GWEN_StringList_AppendString(ue->sepaDescriptors, s, 0, 1);
	    DBG_INFO(AQHBCI_LOGDOMAIN,
		     "Adding SEPA descriptor [%s] for GV version %d",
		     s, version);
	  }

	  dbT=GWEN_DB_FindNextGroup(dbT, "SupportedSepaFormats");
	}
      }

      dbV=GWEN_DB_GetNextGroup(dbV);
    }
  }
  GWEN_DB_Group_free(db);
}
예제 #3
0
int GWEN_DBIO_XmlDb__ExportGroup(GWEN_DBIO *dbio,
				 GWEN_DB_NODE *data,
				 GWEN_XMLNODE *node,
				 const char *newName) {
  const char *s;
  GWEN_XMLNODE *n;
  GWEN_DB_NODE *dbT;
  int rv;

  if (newName)
    s=newName;
  else
    s=GWEN_DB_GroupName(data);
  assert(s && *s);

  n=GWEN_XMLNode_new(GWEN_XMLNodeTypeTag, s);
  GWEN_XMLNode_SetProperty(n, "type", "group");
  GWEN_XMLNode_AddChild(node, n);

  /* store variables */
  dbT=GWEN_DB_GetFirstVar(data);
  while(dbT) {
    if (!(GWEN_DB_GetNodeFlags(dbT) & GWEN_DB_NODE_FLAGS_VOLATILE)) {
      rv=GWEN_DBIO_XmlDb__ExportVar(dbio, dbT, n);
      if (rv) {
	DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
	return rv;
      }
    }
    dbT=GWEN_DB_GetNextVar(dbT);
  }

  /* store groups */
  dbT=GWEN_DB_GetFirstGroup(data);
  while(dbT) {
    if (!(GWEN_DB_GetNodeFlags(dbT) & GWEN_DB_NODE_FLAGS_VOLATILE)) {
      rv=GWEN_DBIO_XmlDb__ExportGroup(dbio, dbT, n, 0);
      if (rv) {
	DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
	return rv;
      }
    }
    dbT=GWEN_DB_GetNextGroup(dbT);
  }

  return 0;
}
예제 #4
0
int AH_Msg_VerifyPinTan(AH_MSG *hmsg, GWEN_DB_NODE *gr) {
  AH_HBCI *h;
  GWEN_LIST *sigheads;
  GWEN_LIST *sigtails;
  GWEN_DB_NODE *n;
  int nonSigHeads;
  int nSigheads;
  unsigned int dataBegin;
//  char *dataStart;
//  unsigned int dataLength;
  unsigned int i;
  AB_USER *u;

  assert(hmsg);
  h=AH_Dialog_GetHbci(hmsg->dialog);
  assert(h);
  u=AH_Dialog_GetDialogOwner(hmsg->dialog);
  assert(u);

  /* let's go */
  sigheads=GWEN_List_new();

  /* enumerate signature heads */
  nonSigHeads=0;
  nSigheads=0;
  n=GWEN_DB_GetFirstGroup(gr);
  while(n) {
    if (strcasecmp(GWEN_DB_GroupName(n), "SigHead")==0) {
      /* found a signature head */
      if (nonSigHeads) {
        DBG_ERROR(AQHBCI_LOGDOMAIN, "Found some unsigned parts at the beginning");
        GWEN_List_free(sigheads);
        return GWEN_ERROR_BAD_DATA;
      }
      GWEN_List_PushBack(sigheads, n);
      nSigheads++;
    }
    else if (strcasecmp(GWEN_DB_GroupName(n), "MsgHead")!=0) {
      if (nSigheads)
        break;
      nonSigHeads++;
    }
    n=GWEN_DB_GetNextGroup(n);
  } /* while */

  if (!n) {
    if (nSigheads) {
      DBG_ERROR(AQHBCI_LOGDOMAIN,
		"Found Signature heads but no other segments");
      GWEN_List_free(sigheads);
      return GWEN_ERROR_BAD_DATA;
    }
    DBG_DEBUG(AQHBCI_LOGDOMAIN, "No signatures");
    GWEN_List_free(sigheads);
    return 0;
  }

  /* store begin of signed data */
  dataBegin=GWEN_DB_GetIntValue(n, "segment/pos", 0, 0);
  if (!dataBegin) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "No position specifications in segment");
    GWEN_List_free(sigheads);
    return GWEN_ERROR_BAD_DATA;
  }

  /* now get first signature tail */
  while(n) {
    if (strcasecmp(GWEN_DB_GroupName(n), "SigTail")==0) {
      unsigned int currpos;

      /* found a signature tail */
      currpos=GWEN_DB_GetIntValue(n, "segment/pos", 0, 0);
      if (!currpos || dataBegin>currpos) {
        DBG_ERROR(AQHBCI_LOGDOMAIN, "Bad position specification in Signature tail");
        GWEN_List_free(sigheads);
        return GWEN_ERROR_BAD_DATA;
      }
//      dataLength=currpos-dataBegin;
      break;
    }
    n=GWEN_DB_GetNextGroup(n);
  } /* while */

  if (!n) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "No signature tail found");
    GWEN_List_free(sigheads);
    return GWEN_ERROR_BAD_DATA;
  }

  sigtails=GWEN_List_new();
  while(n) {
    if (strcasecmp(GWEN_DB_GroupName(n), "SigTail")!=0)
      break;
    GWEN_List_PushBack(sigtails, n);
    n=GWEN_DB_GetNextGroup(n);
  } /* while */

  if (!n) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Message tail expected");
    GWEN_List_free(sigheads);
    GWEN_List_free(sigtails);
    return GWEN_ERROR_BAD_DATA;
  }

  if (strcasecmp(GWEN_DB_GroupName(n), "MsgTail")!=0) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Unexpected segment (msg tail expected)");
    GWEN_List_free(sigheads);
    GWEN_List_free(sigtails);
    return GWEN_ERROR_BAD_DATA;
  }

  n=GWEN_DB_GetNextGroup(n);
  if (n) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Unexpected segment (end expected)");
    GWEN_List_free(sigheads);
    GWEN_List_free(sigtails);
    return GWEN_ERROR_BAD_DATA;
  }

  if (GWEN_List_GetSize(sigheads)!=
      GWEN_List_GetSize(sigtails)) {
    DBG_ERROR(AQHBCI_LOGDOMAIN,
              "Number of signature heads (%d) does not match "
              "number of signature tails (%d)",
              GWEN_List_GetSize(sigheads),
              GWEN_List_GetSize(sigtails));
    GWEN_List_free(sigheads);
    GWEN_List_free(sigtails);
    return GWEN_ERROR_BAD_DATA;
  }

  /* ok, now verify all signatures */
//  dataStart=GWEN_Buffer_GetStart(hmsg->buffer)+dataBegin;
  for (i=0; i< GWEN_List_GetSize(sigtails); i++) {
    GWEN_DB_NODE *sighead;
    GWEN_DB_NODE *sigtail;
    const char *signerId;

    /* get signature tail */
    sigtail=(GWEN_DB_NODE*)GWEN_List_GetBack(sigtails);

    /* get corresponding signature head */
    sighead=(GWEN_DB_NODE*)GWEN_List_GetFront(sigheads);

    if (!sighead || !sigtail) {
      DBG_ERROR(AQHBCI_LOGDOMAIN,
		"No signature head/tail left (internal error)");
      GWEN_List_free(sigheads);
      GWEN_List_free(sigtails);
      return GWEN_ERROR_INTERNAL;
    }

    GWEN_List_PopBack(sigtails);
    GWEN_List_PopFront(sigheads);

    signerId=GWEN_DB_GetCharValue(sighead, "key/userid", 0,
				  I18N("unknown"));

    /* some checks */
    if (strcasecmp(GWEN_DB_GetCharValue(sighead, "ctrlref", 0, ""),
                   GWEN_DB_GetCharValue(sigtail, "ctrlref", 0, ""))!=0) {
      DBG_ERROR(AQHBCI_LOGDOMAIN, "Non-matching signature tail");
      GWEN_List_free(sigheads);
      GWEN_List_free(sigtails);
      return GWEN_ERROR_BAD_DATA;
    }

    /* verify signature */
    DBG_INFO(AQHBCI_LOGDOMAIN, "Message signed by \"%s\"", signerId);
    AH_Msg_AddSignerId(hmsg, signerId);

    DBG_DEBUG(AQHBCI_LOGDOMAIN, "Verification done");
  } /* for */

  GWEN_List_free(sigheads);
  GWEN_List_free(sigtails);
  return 0;
}
예제 #5
0
int AHB_DTAUS__Export(GWEN_DBIO *dbio,
		      GWEN_SYNCIO *sio,
                      GWEN_DB_NODE *data,
		      GWEN_DB_NODE *cfg,
		      uint32_t flags){
  AB_VALUE *sumEUR;
  AB_VALUE *sumDEM;
  AB_VALUE *sumBankCodes;
  AB_VALUE *sumAccountIds;
  unsigned int cSets;
  GWEN_BUFFER *dst;
  GWEN_DB_NODE *gr;
  int isDebitNote;
  //int isEuro;
  const uint8_t *p;
  uint32_t size;
  int rv;

  isDebitNote=(strcasecmp(GWEN_DB_GetCharValue(cfg, "type", 0, "transfer"),
                          "debitnote")==0);
  //isEuro=(strcasecmp(GWEN_DB_GetCharValue(cfg, "currency", 0, "EUR"),
  //                   "EUR")==0);
  cSets=0;
  sumEUR=AB_Value_new();
  sumDEM=AB_Value_new();
  sumBankCodes=AB_Value_new();
  sumAccountIds=AB_Value_new();

  dst=GWEN_Buffer_new(0, 1024, 0, 1);
  GWEN_Buffer_SetHardLimit(dst, AHB_DTAUS_HARDLIMIT);

  /* create A set */
  if (AHB_DTAUS__CreateSetA(dst, cfg)) {
    DBG_INFO(AQBANKING_LOGDOMAIN, "Error creating A set");
    GWEN_Buffer_free(dst);
    AB_Value_free(sumAccountIds);
    AB_Value_free(sumBankCodes);
    AB_Value_free(sumDEM);
    AB_Value_free(sumEUR);
    return -1;
  }

  /* create C sets */
  gr=GWEN_DB_GetFirstGroup(data);
  while(gr) {
    const char *gn;

    gn=GWEN_DB_GroupName(gr);
    if ((isDebitNote && strcasecmp(gn, "debitnote")==0) ||
	(!isDebitNote &&
	 (strcasecmp(gn, "transfer")==0 ||
	  strcasecmp(gn, "transaction")==0))){
      if (AHB_DTAUS__CreateSetC(dst, cfg, gr,
				sumEUR, sumDEM,
				sumBankCodes, sumAccountIds)) {
        DBG_ERROR(AQBANKING_LOGDOMAIN, "Error creating C set from this data:");
        GWEN_DB_Dump(gr, 2);
        GWEN_Buffer_free(dst);
	AB_Value_free(sumAccountIds);
	AB_Value_free(sumBankCodes);
	AB_Value_free(sumDEM);
	AB_Value_free(sumEUR);
	return -1;
      }
      cSets++;
    } /* if group matches */
    else {
      DBG_ERROR(AQBANKING_LOGDOMAIN, "Ignoring group [%s]",
		GWEN_DB_GroupName(gr));
    }
    gr=GWEN_DB_GetNextGroup(gr);
  } /* while */

  /* create E set */
  if (AHB_DTAUS__CreateSetE(dst, cfg, cSets,
                            sumEUR, sumDEM,
                            sumBankCodes, sumAccountIds)) {
    DBG_INFO(AQBANKING_LOGDOMAIN, "Error creating E set");
    GWEN_Buffer_free(dst);
    AB_Value_free(sumAccountIds);
    AB_Value_free(sumBankCodes);
    AB_Value_free(sumDEM);
    AB_Value_free(sumEUR);
    return -1;
  }

  AB_Value_free(sumAccountIds);
  AB_Value_free(sumBankCodes);
  AB_Value_free(sumDEM);
  AB_Value_free(sumEUR);

  /* DTAUS finished, write it */
  p=(const uint8_t*)GWEN_Buffer_GetStart(dst);
  size=GWEN_Buffer_GetUsedBytes(dst);
  rv=GWEN_SyncIo_WriteForced(sio, p, size);
  if (rv<0) {
    DBG_ERROR(AQBANKING_LOGDOMAIN, "Broken pipe");
    GWEN_Buffer_free(dst);
    return GWEN_ERROR_IO;
  }
  GWEN_Buffer_free(dst);

  return 0;
}
예제 #6
0
int AHB_DTAUS__CreateSetA(GWEN_BUFFER *dst,
                          GWEN_DB_NODE *cfg) {
  unsigned int i;
  GWEN_TIME *gt;
  char buffer[16];
  int day, month, year;
  const char *p;
  GWEN_DB_NODE *dbT;

  DBG_DEBUG(AQBANKING_LOGDOMAIN, "Creating A set");
  /* field 1, 2: record header */
  GWEN_Buffer_AppendString(dst, "0128A");

  /* field 3: type */
  p=GWEN_DB_GetCharValue(cfg, "type", 0, "transfer");
  if (strcasecmp(p, "transfer")==0 ||
      strcasecmp(p, "transaction")==0)
    GWEN_Buffer_AppendString(dst, "GK");
  else if (strcasecmp(p, "debitnote")==0)
    GWEN_Buffer_AppendString(dst, "LK");
  else {
    DBG_ERROR(AQBANKING_LOGDOMAIN, "Unknown group \"%s\"", GWEN_DB_GroupName(cfg));
    return -1;
  }

  /* field 4: bank code */
  if (AHB_DTAUS__AddNum(dst, 8,
                          GWEN_DB_GetCharValue(cfg,
                                               "bankCode",
                                               0, "0"))) {
    DBG_ERROR(AQBANKING_LOGDOMAIN, "Error writing bankCode to buffer");
    return -1;
  }

  /* field 5: 0s */
  for (i=0; i<8; i++) GWEN_Buffer_AppendByte(dst, '0');

  /* field 6: sender name */
  if (AHB_DTAUS__AddWord(dst, 27,
                         GWEN_DB_GetCharValue(cfg,
                                              "name",
                                              0, "0"))) {
    DBG_ERROR(AQBANKING_LOGDOMAIN, "Error writing name to buffer");
    return -1;
  }

  /* field 7: date */
  gt=GWEN_CurrentTime();
  if (GWEN_Time_GetBrokenDownDate(gt, &day, &month, &year)) {
    DBG_ERROR(AQBANKING_LOGDOMAIN, "Unable to break down date");
    GWEN_Time_free(gt);
    return -1;
  }
  GWEN_Time_free(gt);
  snprintf(buffer, sizeof(buffer), "%02d%02d%02d", day, month+1, year%100);
  if (AHB_DTAUS__AddWord(dst, 6, buffer)) {
    DBG_ERROR(AQBANKING_LOGDOMAIN, "Error writing to buffer");
    return -1;
  }

  /* field 8: blanks */
  for (i=0; i<4; i++) GWEN_Buffer_AppendByte(dst, ' ');

  /* field 9: account id */
  if (AHB_DTAUS__AddNum(dst, 10,
                        GWEN_DB_GetCharValue(cfg,
                                             "accountid",
                                             0, ""))) {
    DBG_ERROR(AQBANKING_LOGDOMAIN, "Error writing accountid to buffer");
    return -1;
  }

  /* field 10: customer reference */
  if (AHB_DTAUS__AddNum(dst, 10,
                        GWEN_DB_GetCharValue(cfg,
                                             "custref",
                                             0, "0"))) {
    DBG_ERROR(AQBANKING_LOGDOMAIN, "Error writing custref to buffer");
    return -1;
  }

  /* field 11a: blanks */
  for (i=0; i<15; i++) GWEN_Buffer_AppendByte(dst, ' ');

  /* field 11b: date of execution */
  dbT=GWEN_DB_GetGroup(cfg, GWEN_PATH_FLAGS_NAMEMUSTEXIST, "execdate");
  if (dbT) {
    GWEN_TIME *ti;

    ti=GWEN_Time_fromDb(dbT);
    if (!ti) {
      DBG_ERROR(AQBANKING_LOGDOMAIN, "Bad execution date");
      return -1;
    }

    if (GWEN_Time_GetBrokenDownDate(ti, &day, &month, &year)) {
      DBG_ERROR(AQBANKING_LOGDOMAIN, "Bad execution date");
      GWEN_Time_free(ti);
      return -1;
    }
    snprintf(buffer, sizeof(buffer), "%02d%02d%04d", day, month+1, year);

    if (AHB_DTAUS__AddWord(dst, 8, buffer)) {
      DBG_ERROR(AQBANKING_LOGDOMAIN, "Error writing execdate to buffer");
      GWEN_Time_free(ti);
      return -1;
    }
    GWEN_Time_free(ti);
  }
  else {
    if (AHB_DTAUS__AddWord(dst, 8, "")) {
      DBG_ERROR(AQBANKING_LOGDOMAIN, "Error writing to buffer");
      return -1;
    }
  }

  /* field 11c: blanks */
  for (i=0; i<24; i++) GWEN_Buffer_AppendByte(dst, ' ');

  /* field 12: currency */
  p=GWEN_DB_GetCharValue(cfg, "currency", 0, "EUR");
  if (strcasecmp(p, "EUR")==0)
    GWEN_Buffer_AppendByte(dst, '1');
  else if (strcasecmp(p, "DEM")==0)
    GWEN_Buffer_AppendByte(dst, ' ');
  else {
    DBG_ERROR(AQBANKING_LOGDOMAIN, "Unknown currency \"%s\"", p);
    return -1;
  }

  return 0;
}
예제 #7
0
int AH_Msg_VerifyRdh2(AH_MSG *hmsg, GWEN_DB_NODE *gr) {
  AH_HBCI *h;
  GWEN_LIST *sigheads;
  GWEN_LIST *sigtails;
  GWEN_DB_NODE *n;
  int nonSigHeads;
  int nSigheads;
  unsigned int dataBegin;
  char *dataStart;
  unsigned int dataLength;
  unsigned int i;
  AB_USER *u;
  GWEN_CRYPT_TOKEN *ct;
  const GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  const GWEN_CRYPT_TOKEN_KEYINFO *ki;
  uint32_t keyId;
  int ksize;
  int rv;
  uint32_t gid;

  assert(hmsg);
  h=AH_Dialog_GetHbci(hmsg->dialog);
  assert(h);
  u=AH_Dialog_GetDialogOwner(hmsg->dialog);
  assert(u);

  gid=0;

  /* get crypt token of signer */
  rv=AB_Banking_GetCryptToken(AH_HBCI_GetBankingApi(h),
			   AH_User_GetTokenType(u),
			   AH_User_GetTokenName(u),
			   &ct);
  if (rv) {
    DBG_INFO(AQHBCI_LOGDOMAIN,
	     "Could not get crypt token for user \"%s\" (%d)",
	     AB_User_GetUserId(u), rv);
    return rv;
  }

  /* open CryptToken if necessary */
  if (!GWEN_Crypt_Token_IsOpen(ct)) {
    GWEN_Crypt_Token_AddModes(ct, GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN);
    rv=GWEN_Crypt_Token_Open(ct, 0, gid);
    if (rv) {
      DBG_INFO(AQHBCI_LOGDOMAIN,
	       "Could not open crypt token for user \"%s\" (%d)",
	       AB_User_GetUserId(u), rv);
      return rv;
    }
  }

  /* get context and key info */
  ctx=GWEN_Crypt_Token_GetContext(ct,
				  AH_User_GetTokenContextId(u),
				  gid);
  if (ctx==NULL) {
    DBG_INFO(AQHBCI_LOGDOMAIN,
	     "Context %d not found on crypt token [%s:%s]",
	     AH_User_GetTokenContextId(u),
	     GWEN_Crypt_Token_GetTypeName(ct),
	     GWEN_Crypt_Token_GetTokenName(ct));
    return GWEN_ERROR_NOT_FOUND;
  }

  /* let's go */
  sigheads=GWEN_List_new();

  /* enumerate signature heads */
  nonSigHeads=0;
  nSigheads=0;
  n=GWEN_DB_GetFirstGroup(gr);
  while(n) {
    if (strcasecmp(GWEN_DB_GroupName(n), "SigHead")==0) {
      /* found a signature head */
      if (nonSigHeads) {
	DBG_ERROR(AQHBCI_LOGDOMAIN,
		  "Found some unsigned parts at the beginning");
        GWEN_List_free(sigheads);
        return GWEN_ERROR_BAD_DATA;
      }
      GWEN_List_PushBack(sigheads, n);
      nSigheads++;
    }
    else if (strcasecmp(GWEN_DB_GroupName(n), "MsgHead")!=0) {
      if (nSigheads)
        break;
      nonSigHeads++;
    }
    n=GWEN_DB_GetNextGroup(n);
  } /* while */

  if (!n) {
    if (nSigheads) {
      DBG_ERROR(AQHBCI_LOGDOMAIN,
		"Found Signature heads but no other segments");
      GWEN_List_free(sigheads);
      return GWEN_ERROR_BAD_DATA;
    }
    DBG_DEBUG(AQHBCI_LOGDOMAIN, "No signatures");
    GWEN_List_free(sigheads);
    return 0;
  }

  /* only now we need the verify key */
  keyId=GWEN_Crypt_Token_Context_GetVerifyKeyId(ctx);
  if (keyId==0) {
    DBG_INFO(AQHBCI_LOGDOMAIN,
	     "No verify key id on crypt token [%s:%s]",
	     GWEN_Crypt_Token_GetTypeName(ct),
	     GWEN_Crypt_Token_GetTokenName(ct));
    return GWEN_ERROR_NOT_FOUND;
  }
  ki=GWEN_Crypt_Token_GetKeyInfo(ct,
				 keyId,
				 0xffffffff,
				 gid);
  if (ki==NULL) {
    DBG_INFO(AQHBCI_LOGDOMAIN,
	     "Keyinfo %04x not found on crypt token [%s:%s]",
	     keyId,
	     GWEN_Crypt_Token_GetTypeName(ct),
	     GWEN_Crypt_Token_GetTokenName(ct));
    /* no longer return an error, it might be ok to not have a key info
     * even if we do not propagate the error here the check functions will
     * later find out that the signature is missing */
    return 0;
  }

  ksize=GWEN_Crypt_Token_KeyInfo_GetKeySize(ki);
  assert(ksize<=256);

  /* store begin of signed data */
  dataBegin=GWEN_DB_GetIntValue(n, "segment/pos", 0, 0);
  if (!dataBegin) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "No position specifications in segment");
    GWEN_List_free(sigheads);
    return GWEN_ERROR_BAD_DATA;
  }

  /* now get first signature tail */
  while(n) {
    if (strcasecmp(GWEN_DB_GroupName(n), "SigTail")==0) {
      unsigned int currpos;

      /* found a signature tail */
      currpos=GWEN_DB_GetIntValue(n, "segment/pos", 0, 0);
      if (!currpos || dataBegin>currpos) {
        DBG_ERROR(AQHBCI_LOGDOMAIN, "Bad position specification in Signature tail");
        GWEN_List_free(sigheads);
        return GWEN_ERROR_BAD_DATA;
      }
      dataLength=currpos-dataBegin;
      break;
    }
    n=GWEN_DB_GetNextGroup(n);
  } /* while */

  if (!n) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "No signature tail found");
    GWEN_List_free(sigheads);
    return GWEN_ERROR_BAD_DATA;
  }

  sigtails=GWEN_List_new();
  while(n) {
    if (strcasecmp(GWEN_DB_GroupName(n), "SigTail")!=0)
      break;
    GWEN_List_PushBack(sigtails, n);
    n=GWEN_DB_GetNextGroup(n);
  } /* while */

  if (!n) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Message tail expected");
    GWEN_List_free(sigheads);
    GWEN_List_free(sigtails);
    return GWEN_ERROR_BAD_DATA;
  }

  if (strcasecmp(GWEN_DB_GroupName(n), "MsgTail")!=0) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Unexpected segment (msg tail expected)");
    GWEN_List_free(sigheads);
    GWEN_List_free(sigtails);
    return GWEN_ERROR_BAD_DATA;
  }

  n=GWEN_DB_GetNextGroup(n);
  if (n) {
    DBG_ERROR(AQHBCI_LOGDOMAIN, "Unexpected segment (end expected)");
    GWEN_List_free(sigheads);
    GWEN_List_free(sigtails);
    return GWEN_ERROR_BAD_DATA;
  }

  if (GWEN_List_GetSize(sigheads)!=
      GWEN_List_GetSize(sigtails)) {
    DBG_ERROR(AQHBCI_LOGDOMAIN,
              "Number of signature heads (%d) does not match "
              "number of signature tails (%d)",
              GWEN_List_GetSize(sigheads),
              GWEN_List_GetSize(sigtails));
    GWEN_List_free(sigheads);
    GWEN_List_free(sigtails);
    return GWEN_ERROR_BAD_DATA;
  }

  /* ok, now verify all signatures */
  dataStart=GWEN_Buffer_GetStart(hmsg->buffer)+dataBegin;
  for (i=0; i< GWEN_List_GetSize(sigtails); i++) {
    GWEN_DB_NODE *sighead;
    GWEN_DB_NODE *sigtail;
    const uint8_t *p;
    uint32_t l;
    int rv;
    uint8_t hash[20];
    const char *signerId;

    /* get signature tail */
    sigtail=(GWEN_DB_NODE*)GWEN_List_GetBack(sigtails);

    /* get corresponding signature head */
    sighead=(GWEN_DB_NODE*)GWEN_List_GetFront(sigheads);

    if (!sighead || !sigtail) {
      DBG_ERROR(AQHBCI_LOGDOMAIN,
		"No signature head/tail left (internal error)");
      GWEN_List_free(sigheads);
      GWEN_List_free(sigtails);
      return GWEN_ERROR_INTERNAL;
    }

    GWEN_List_PopBack(sigtails);
    GWEN_List_PopFront(sigheads);

    signerId=GWEN_DB_GetCharValue(sighead, "key/userid", 0,
				  I18N("unknown"));

    /* some checks */
    if (strcasecmp(GWEN_DB_GetCharValue(sighead, "ctrlref", 0, ""),
                   GWEN_DB_GetCharValue(sigtail, "ctrlref", 0, ""))!=0) {
      DBG_ERROR(AQHBCI_LOGDOMAIN, "Non-matching signature tail");
      GWEN_List_free(sigheads);
      GWEN_List_free(sigtails);
      return GWEN_ERROR_BAD_DATA;
    }

    /* hash signature head and data */
    if (1) {
      GWEN_MDIGEST *md;

      /* hash sighead + data */
      p=(const uint8_t*)GWEN_Buffer_GetStart(hmsg->buffer);
      p+=GWEN_DB_GetIntValue(sighead,
			     "segment/pos",
			     0,
			     0);
      l=GWEN_DB_GetIntValue(sighead,
			    "segment/length",
			    0,
			    0);

      md=GWEN_MDigest_Rmd160_new();
      rv=GWEN_MDigest_Begin(md);
      if (rv==0)
        /* digest signature head */
	rv=GWEN_MDigest_Update(md, p, l);
      if (rv==0)
	/* digest data */
	rv=GWEN_MDigest_Update(md, (const uint8_t*)dataStart, dataLength);
      if (rv==0)
	rv=GWEN_MDigest_End(md);
      if (rv<0) {
	DBG_ERROR(AQHBCI_LOGDOMAIN, "Hash error (%d)", rv);
	GWEN_MDigest_free(md);
	GWEN_List_free(sigheads);
	GWEN_List_free(sigtails);
	return rv;
      }
      memmove(hash,
	      GWEN_MDigest_GetDigestPtr(md),
	      GWEN_MDigest_GetDigestSize(md));
      GWEN_MDigest_free(md);
    }

    /* verify signature */
    p=GWEN_DB_GetBinValue(sigtail, "signature", 0, 0, 0, &l);
    if (p && l) {
      GWEN_CRYPT_PADDALGO *algo;

      algo=GWEN_Crypt_PaddAlgo_new(GWEN_Crypt_PaddAlgoId_Iso9796_2);
      GWEN_Crypt_PaddAlgo_SetPaddSize(algo, ksize);
      rv=GWEN_Crypt_Token_Verify(ct, keyId,
				 algo,
				 hash, 20, p, l, 0, gid);
      GWEN_Crypt_PaddAlgo_free(algo);
      if (rv) {
	if (rv==GWEN_ERROR_NO_KEY) {
	  DBG_ERROR(AQHBCI_LOGDOMAIN,
		    "Unable to verify signature of user \"%s\" (no key)",
		    signerId);
	  GWEN_Gui_ProgressLog(gid,
			       GWEN_LoggerLevel_Error,
			       I18N("Unable to verify signature (no key)"));
	}
	else {
	  GWEN_BUFFER *tbuf;

	  tbuf=GWEN_Buffer_new(0, 32, 0, 1);
	  if (rv==GWEN_ERROR_VERIFY) {
	    DBG_ERROR(AQHBCI_LOGDOMAIN,
		      "Invalid signature of user \"%s\"", signerId);
	    GWEN_Gui_ProgressLog(gid,
				 GWEN_LoggerLevel_Error,
				 I18N("Invalid signature!!!"));
	    GWEN_Buffer_AppendString(tbuf, "!");
	  }
	  else {
	    GWEN_Gui_ProgressLog(gid,
				 GWEN_LoggerLevel_Error,
				 I18N("Could not verify signature"));
	    DBG_ERROR(AQHBCI_LOGDOMAIN,
		      "Could not verify data with medium of user \"%s\" (%d)",
		      AB_User_GetUserId(u), rv);
	    GWEN_Buffer_AppendString(tbuf, "?");
	  }

	  GWEN_Buffer_AppendString(tbuf, signerId);
	  AH_Msg_AddSignerId(hmsg, GWEN_Buffer_GetStart(tbuf));
	  GWEN_Buffer_free(tbuf);
	}
      }
      else {
	DBG_INFO(AQHBCI_LOGDOMAIN, "Message signed by \"%s\"", signerId);
	AH_Msg_AddSignerId(hmsg, signerId);
      }
    }
    else {
      DBG_DEBUG(AQHBCI_LOGDOMAIN, "No signature");
      GWEN_List_free(sigheads);
      GWEN_List_free(sigtails);
      return GWEN_ERROR_BAD_DATA;
    }

    DBG_DEBUG(AQHBCI_LOGDOMAIN, "Verification done");
  } /* for */

  GWEN_List_free(sigheads);
  GWEN_List_free(sigtails);
  return 0;
}
예제 #8
0
파일: user.c 프로젝트: maduhu/aqbanking-1
void AH_User_LoadTanMethods(AB_USER *u) {
  AH_USER *ue;

  assert(u);
  ue=GWEN_INHERIT_GETDATA(AB_USER, AH_USER, u);
  assert(ue);

  /* read directly from BPD */
  if (ue->cryptMode==AH_CryptMode_Pintan) {
    GWEN_DB_NODE *db;
    int rv;

    AH_TanMethod_List_Clear(ue->tanMethodDescriptions);
    db=GWEN_DB_Group_new("bpd");
    rv=AH_Job_SampleBpdVersions("JobTan", u, db);
    if (rv<0) {
      DBG_INFO(AQHBCI_LOGDOMAIN, "No BPD for TAN job");
    }
    else {
      GWEN_DB_NODE *dbV;

      dbV=GWEN_DB_GetFirstGroup(db);
      while(dbV) {
	int version;

	version=atoi(GWEN_DB_GroupName(dbV));
	if (version>0) {
	  GWEN_DB_NODE *dbT;

	  dbT=GWEN_DB_FindFirstGroup(dbV, "tanMethod");
	  if (!dbT) {
	    DBG_INFO(AQHBCI_LOGDOMAIN, "No tan method found");
	  }
	  while(dbT) {
	    AH_TAN_METHOD *tm;
	    const char *s;

	    tm=AH_TanMethod_new();
	    AH_TanMethod_SetFunction(tm, GWEN_DB_GetIntValue(dbT, "function", 0, 0));
	    AH_TanMethod_SetProcess(tm, GWEN_DB_GetIntValue(dbT, "process", 0, 0));
	    AH_TanMethod_SetMethodId(tm, GWEN_DB_GetCharValue(dbT, "methodId", 0, 0));
	    AH_TanMethod_SetMethodName(tm, GWEN_DB_GetCharValue(dbT, "methodName", 0, 0));
	    AH_TanMethod_SetTanMaxLen(tm, GWEN_DB_GetIntValue(dbT, "tanMaxLen", 0, 0));
	    AH_TanMethod_SetFormatId(tm, GWEN_DB_GetCharValue(dbT, "formatId", 0, 0));
	    AH_TanMethod_SetPrompt(tm, GWEN_DB_GetCharValue(dbT, "prompt", 0, 0));
	    AH_TanMethod_SetReturnMaxLen(tm, GWEN_DB_GetIntValue(dbT, "returnMaxLen", 0, 0));
	    AH_TanMethod_SetMaxActiveLists(tm, GWEN_DB_GetIntValue(dbT, "maxActiveLists", 0, 0));
	    AH_TanMethod_SetGvVersion(tm, GWEN_DB_GetIntValue(dbT, "gvVersion", 0, 0));
	    s=GWEN_DB_GetCharValue(dbT, "multiTanAllowed", 0, NULL);
	    if (s && strcasecmp(s, "j")==0)
	      AH_TanMethod_SetMultiTanAllowed(tm, 1);
	    AH_TanMethod_SetTimeShiftAllowed(tm, GWEN_DB_GetIntValue(dbT, "timeShiftAllowed", 0, 0));
	    AH_TanMethod_SetTanListMode(tm, GWEN_DB_GetIntValue(dbT, "tanListMode", 0, 0));
	    s=GWEN_DB_GetCharValue(dbT, "stornoAllowed", 0, NULL);
	    if (s && strcasecmp(s, "j")==0)
	      AH_TanMethod_SetStornoAllowed(tm, 1);
	    s=GWEN_DB_GetCharValue(dbT, "needChallengeClass", 0, NULL);
	    if (s && strcasecmp(s, "j")==0)
	      AH_TanMethod_SetNeedChallengeClass(tm, 1);
	    s=GWEN_DB_GetCharValue(dbT, "needChallengeAmount", 0, NULL);
	    if (s && strcasecmp(s, "j")==0)
	      AH_TanMethod_SetNeedChallengeAmount(tm, 1);
	    AH_TanMethod_SetInitMode(tm, GWEN_DB_GetIntValue(dbT, "initMode", 0, 0));
	    s=GWEN_DB_GetCharValue(dbT, "tanMediumIdNeeded", 0, NULL);
	    if (s && strcasecmp(s, "j")==0)
	      AH_TanMethod_SetNeedTanMediumId(tm, 1);
	    AH_TanMethod_SetMaxActiveTanMedia(tm, GWEN_DB_GetIntValue(dbT, "maxActiveMedia", 0, 0));

	    DBG_INFO(AQHBCI_LOGDOMAIN,
		     "Adding TAN method %d [%s] for GV version %d",
		     AH_TanMethod_GetFunction(tm),
		     AH_TanMethod_GetMethodId(tm),
		     version);
	    AH_TanMethod_SetGvVersion(tm, version);
	    AH_TanMethod_List_Add(tm, ue->tanMethodDescriptions);

	    dbT=GWEN_DB_FindNextGroup(dbT, "tanMethod");
	  }
	}

	dbV=GWEN_DB_GetNextGroup(dbV);
      }
    }
    GWEN_DB_Group_free(db);
  }
}