int AH_User_InputTan(AB_USER *u,
char *pwbuffer,
int minLen,
int maxLen){
int rv;
char buffer[512];
const char *un;
const char *bn=NULL;
GWEN_BUFFER *nbuf;
AB_BANKINFO *bi;
assert(u);
un=AB_User_GetUserId(u);
/* find bank name */
bi=AB_Banking_GetBankInfo(AB_User_GetBanking(u),
"de",
"*",
AB_User_GetBankCode(u));
if (bi)
bn=AB_BankInfo_GetBankName(bi);
if (!bn)
AB_User_GetBankCode(u);
buffer[0]=0;
buffer[sizeof(buffer)-1]=0;
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the next TAN\n"
"for user %s at %s."
"<html>"
"Please enter the next TAN for user <i>%s</i> at "
"<i>%s</i>."
"</html>"),
un, bn,
un, bn);
buffer[sizeof(buffer)-1]=0;
nbuf=GWEN_Buffer_new(0, 256 ,0 ,1);
AH_User_MkTanName(u, NULL, nbuf);
rv=GWEN_Gui_GetPassword(GWEN_GUI_INPUT_FLAGS_TAN |
/*GWEN_GUI_INPUT_FLAGS_NUMERIC |*/
GWEN_GUI_INPUT_FLAGS_SHOW,
GWEN_Buffer_GetStart(nbuf),
I18N("Enter TAN"),
buffer,
pwbuffer,
minLen,
maxLen,
0);
GWEN_Buffer_free(nbuf);
AB_BankInfo_free(bi);
return rv;
}
AB_USER *AB_Banking_FindUser(const AB_BANKING *ab,
const char *backendName,
const char *country,
const char *bankId,
const char *userId,
const char *customerId) {
AB_USER *u;
assert(ab);
if (AB_User_List_GetCount(ab->users)==0) {
DBG_INFO(AQBANKING_LOGDOMAIN, "No users");
return 0;
}
u=AB_User_List_First(ab->users);
assert(u);
if (!backendName) backendName="*";
if (!country) country="*";
if (!bankId) bankId="*";
if (!userId) userId="*";
if (!customerId) customerId="*";
while(u) {
const char *lCountry;
const char *lBankCode;
const char *lUserId;
const char *lCustomerId;
lCountry=AB_User_GetCountry(u);
if (!lCountry)
lCountry="";
lBankCode=AB_User_GetBankCode(u);
if (!lBankCode)
lBankCode="";
lUserId=AB_User_GetUserId(u);
if (!lUserId)
lUserId="";
lCustomerId=AB_User_GetCustomerId(u);
if (!lCustomerId)
lCustomerId="";
if ((-1!=GWEN_Text_ComparePattern(AB_User_GetBackendName(u),
backendName, 0)) &&
(-1!=GWEN_Text_ComparePattern(lCountry,
country, 0)) &&
(-1!=GWEN_Text_ComparePattern(lBankCode,
bankId, 0)) &&
(-1!=GWEN_Text_ComparePattern(lUserId,
userId, 0)) &&
(-1!=GWEN_Text_ComparePattern(lCustomerId,
customerId, 0)))
break;
u=AB_User_List_Next(u);
} /* while */
return u;
}
static void createUserListBoxString(const AB_USER *u, GWEN_BUFFER *tbuf)
{
const char *s;
char numbuf[32];
uint32_t uid;
/* column 1 */
uid=AB_User_GetUniqueId(u);
snprintf(numbuf, sizeof(numbuf)-1, "%06d", uid);
numbuf[sizeof(numbuf)-1]=0;
GWEN_Buffer_AppendString(tbuf, numbuf);
GWEN_Buffer_AppendString(tbuf, "\t");
/* column 2 */
s=AB_User_GetBankCode(u);
if (s && *s)
GWEN_Buffer_AppendString(tbuf, s);
GWEN_Buffer_AppendString(tbuf, "\t");
/* column 3 */
s=AB_User_GetUserId(u);
if (s && *s)
GWEN_Buffer_AppendString(tbuf, s);
GWEN_Buffer_AppendString(tbuf, "\t");
/* column 4 */
s=AB_User_GetCustomerId(u);
if (s && *s)
GWEN_Buffer_AppendString(tbuf, s);
GWEN_Buffer_AppendString(tbuf, "\t");
/* column 5 */
s=AB_User_GetUserName(u);
if (s && *s)
GWEN_Buffer_AppendString(tbuf, s);
GWEN_Buffer_AppendString(tbuf, "\t");
/* column 6 */
s=AB_User_GetBackendName(u);
if (s && *s)
GWEN_Buffer_AppendString(tbuf, s);
}
int AH_User_MkTanName(const AB_USER *u,
const char *challenge,
GWEN_BUFFER *buf) {
AH_USER *ue;
assert(u);
ue=GWEN_INHERIT_GETDATA(AB_USER, AH_USER, u);
assert(ue);
if (ue->tokenType && ue->tokenName) {
GWEN_Buffer_AppendString(buf, "TAN_");
GWEN_Buffer_AppendString(buf, ue->tokenType);
GWEN_Buffer_AppendString(buf, "_");
GWEN_Buffer_AppendString(buf, ue->tokenName);
if (challenge) {
GWEN_Buffer_AppendString(buf, "_");
GWEN_Buffer_AppendString(buf, challenge);
}
return 0;
}
else {
const char *s;
DBG_DEBUG(AQHBCI_LOGDOMAIN, "No tokenType or tokenName");
GWEN_Buffer_AppendString(buf, "TAN_");
s=AB_User_GetBankCode(u);
if (s)
GWEN_Buffer_AppendString(buf, s);
GWEN_Buffer_AppendString(buf, "_");
GWEN_Buffer_AppendString(buf, AB_User_GetUserId(u));
if (challenge) {
GWEN_Buffer_AppendString(buf, "_");
GWEN_Buffer_AppendString(buf, challenge);
}
return 0;
}
}
int AH_User_MkPasswdName(const AB_USER *u, GWEN_BUFFER *buf) {
AH_USER *ue;
assert(u);
ue=GWEN_INHERIT_GETDATA(AB_USER, AH_USER, u);
assert(ue);
if (ue->tokenType==NULL) {
DBG_ERROR(AQHBCI_LOGDOMAIN, "Missing tokenType or tokenName");
return GWEN_ERROR_NO_DATA;
}
if (strcasecmp(ue->tokenType, "pintan")==0) {
const char *s;
GWEN_Buffer_AppendString(buf, "PIN_");
s=AB_User_GetBankCode(u);
if (s)
GWEN_Buffer_AppendString(buf, s);
GWEN_Buffer_AppendString(buf, "_");
GWEN_Buffer_AppendString(buf, AB_User_GetUserId(u));
return 0;
}
else {
if (ue->tokenName) {
GWEN_Buffer_AppendString(buf, "PASSWORD_");
GWEN_Buffer_AppendString(buf, ue->tokenType);
GWEN_Buffer_AppendString(buf, "_");
GWEN_Buffer_AppendString(buf, ue->tokenName);
return 0;
}
else {
DBG_ERROR(AQHBCI_LOGDOMAIN, "Missing tokenName");
return GWEN_ERROR_NO_DATA;
}
}
}
int AH_MsgPinTan_PrepareCryptoSeg(AH_MSG *hmsg,
AB_USER *u,
GWEN_DB_NODE *cfg,
int crypt,
int createCtrlRef) {
char sdate[9];
char stime[7];
char ctrlref[15];
struct tm *lt;
time_t tt;
const char *userId;
const char *peerId;
assert(hmsg);
assert(u);
assert(cfg);
userId=AB_User_GetUserId(u);
assert(userId);
assert(*userId);
peerId=AH_User_GetPeerId(u);
if (!peerId || *peerId==0)
peerId=userId;
tt=time(0);
lt=localtime(&tt);
if (createCtrlRef) {
/* create control reference */
if (!strftime(ctrlref, sizeof(ctrlref),
"%Y%m%d%H%M%S", lt)) {
DBG_INFO(AQHBCI_LOGDOMAIN, "CtrlRef string too long");
return GWEN_ERROR_INTERNAL;
}
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"ctrlref", ctrlref);
}
/* create date */
if (!strftime(sdate, sizeof(sdate),
"%Y%m%d", lt)) {
DBG_INFO(AQHBCI_LOGDOMAIN, "Date string too long");
return GWEN_ERROR_INTERNAL;
}
/* create time */
if (!strftime(stime, sizeof(stime),
"%H%M%S", lt)) {
DBG_INFO(AQHBCI_LOGDOMAIN, "Date string too long");
return GWEN_ERROR_INTERNAL;
}
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"SecDetails/dir", 1);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"SecStamp/date", sdate);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"SecStamp/time", stime);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/bankcode",
AB_User_GetBankCode(u));
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/userid",
crypt?peerId:userId);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/keytype",
crypt?"V":"S");
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/keynum", 1);
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/keyversion", 1);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"secProfile/code",
"PIN");
if (crypt)
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"secProfile/version", 1);
else
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"secProfile/version",
(hmsg->itanMethod==999)?1:2);
return 0;
}
int mkPinList(AB_BANKING *ab,
GWEN_DB_NODE *dbArgs,
int argc,
char **argv) {
GWEN_DB_NODE *db;
AB_PROVIDER *pro;
GWEN_SYNCIO *sio;
AB_USER_LIST2 *ul;
int rv;
const char *outFile;
const GWEN_ARGS args[]={
{
GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */
GWEN_ArgsType_Char, /* type */
"outFile", /* name */
0, /* minnum */
1, /* maxnum */
"o", /* short option */
"outfile", /* long option */
"Specify the name of the output file", /* short description */
"Specify the name of the output file" /* long description */
},
{
GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */
GWEN_ArgsType_Int, /* type */
"help", /* name */
0, /* minnum */
0, /* maxnum */
"h", /* short option */
"help", /* long option */
"Show this help screen", /* short description */
"Show this help screen" /* long description */
}
};
db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local");
rv=GWEN_Args_Check(argc, argv, 1,
0 /*GWEN_ARGS_MODE_ALLOW_FREEPARAM*/,
args,
db);
if (rv==GWEN_ARGS_RESULT_ERROR) {
fprintf(stderr, "ERROR: Could not parse arguments\n");
return 1;
}
else if (rv==GWEN_ARGS_RESULT_HELP) {
GWEN_BUFFER *ubuf;
ubuf=GWEN_Buffer_new(0, 1024, 0, 1);
if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) {
fprintf(stderr, "ERROR: Could not create help string\n");
return 1;
}
fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf));
GWEN_Buffer_free(ubuf);
return 0;
}
outFile=GWEN_DB_GetCharValue(db, "outfile", 0, 0);
rv=AB_Banking_Init(ab);
if (rv) {
DBG_ERROR(0, "Error on init (%d)", rv);
return 2;
}
rv=AB_Banking_OnlineInit(ab);
if (rv) {
DBG_ERROR(0, "Error on init (%d)", rv);
return 2;
}
pro=AB_Banking_GetProvider(ab, "aqebics");
assert(pro);
if (outFile==0) {
sio=GWEN_SyncIo_File_fromStdout();
GWEN_SyncIo_AddFlags(sio, GWEN_SYNCIO_FLAGS_DONTCLOSE);
}
else {
sio=GWEN_SyncIo_File_new(outFile, GWEN_SyncIo_File_CreationMode_CreateAlways);
GWEN_SyncIo_AddFlags(sio,
GWEN_SYNCIO_FILE_FLAGS_READ |
GWEN_SYNCIO_FILE_FLAGS_WRITE |
GWEN_SYNCIO_FILE_FLAGS_UREAD |
GWEN_SYNCIO_FILE_FLAGS_UWRITE |
GWEN_SYNCIO_FILE_FLAGS_GREAD |
GWEN_SYNCIO_FILE_FLAGS_GWRITE);
rv=GWEN_SyncIo_Connect(sio);
if (rv<0) {
DBG_ERROR(0, "Error opening output file: %s",
strerror(errno));
return 4;
}
}
GWEN_SyncIo_WriteLine(sio,
"# This is a PIN file to be used "
"with AqBanking");
GWEN_SyncIo_WriteLine(sio,
"# Please insert the PINs/passwords "
"for the users below");
ul=AB_Banking_FindUsers(ab, "aqebics", "*", "*", "*", "*");
if (ul) {
AB_USER_LIST2_ITERATOR *uit;
uit=AB_User_List2_First(ul);
if (uit) {
AB_USER *u;
u=AB_User_List2Iterator_Data(uit);
assert(u);
while(u) {
const char *s;
GWEN_BUFFER *nbuf;
int rv;
GWEN_SyncIo_WriteLine(sio, "");
GWEN_SyncIo_WriteString(sio, "# User \"");
s=AB_User_GetUserId(u);
assert(s);
GWEN_SyncIo_WriteString(sio, s);
GWEN_SyncIo_WriteString(sio, "\" at \"");
s=AB_User_GetBankCode(u);
GWEN_SyncIo_WriteString(sio, s);
GWEN_SyncIo_WriteLine(sio, "\"");
nbuf=GWEN_Buffer_new(0, 256 ,0 ,1);
rv=EBC_User_MkPasswdName(u, nbuf);
if (rv==0) {
GWEN_BUFFER *obuf;
obuf=GWEN_Buffer_new(0, 256 ,0 ,1);
if (GWEN_Text_EscapeToBufferTolerant(GWEN_Buffer_GetStart(nbuf),
obuf)) {
DBG_ERROR(0, "Error escaping name to buffer");
return 3;
}
GWEN_SyncIo_WriteString(sio, GWEN_Buffer_GetStart(obuf));
GWEN_SyncIo_WriteLine(sio, " = \"\"");
GWEN_Buffer_free(obuf);
}
GWEN_Buffer_free(nbuf);
u=AB_User_List2Iterator_Next(uit);
}
AB_User_List2Iterator_free(uit);
}
AB_User_List2_free(ul);
}
rv=GWEN_SyncIo_Disconnect(sio);
if (rv<0) {
DBG_ERROR_ERR(0, rv);
GWEN_SyncIo_free(sio);
return 4;
}
GWEN_SyncIo_free(sio);
rv=AB_Banking_OnlineFini(ab);
if (rv) {
fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv);
return 5;
}
rv=AB_Banking_Fini(ab);
if (rv) {
fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv);
return 5;
}
return 0;
}
int AH_Job_GetTransactionsCreditCard_Process(AH_JOB *j, AB_IMEXPORTER_CONTEXT *ctx)
{
AH_JOB_GETTRANSACTIONS *aj;
AB_ACCOUNT *a;
AB_IMEXPORTER_ACCOUNTINFO *ai;
AB_USER *u;
GWEN_DB_NODE *dbResponses;
GWEN_DB_NODE *dbCurr;
GWEN_BUFFER *tbooked;
GWEN_BUFFER *tnoted;
int rv;
DBG_INFO(AQHBCI_LOGDOMAIN, "Processing JobGetTransactionsCreditCard");
assert(j);
aj=GWEN_INHERIT_GETDATA(AH_JOB, AH_JOB_GETTRANSACTIONS, j);
assert(aj);
tbooked=GWEN_Buffer_new(0, 1024, 0, 1);
tnoted=GWEN_Buffer_new(0, 1024, 0, 1);
dbResponses=AH_Job_GetResponses(j);
assert(dbResponses);
DBG_INFO(AQHBCI_LOGDOMAIN, "Response:");
GWEN_DB_Dump(dbResponses, 2);
DBG_INFO(AQHBCI_LOGDOMAIN, "Response end");
a=AH_AccountJob_GetAccount(j);
assert(a);
ai=AB_ImExporterContext_GetOrAddAccountInfo(ctx,
AB_Account_GetUniqueId(a),
AB_Account_GetIban(a),
AB_Account_GetBankCode(a),
AB_Account_GetAccountNumber(a),
AB_Account_GetAccountType(a));
assert(ai);
AB_ImExporterAccountInfo_SetAccountId(ai, AB_Account_GetUniqueId(a));
u=AH_Job_GetUser(j);
assert(u);
/* search for "Transactions" */
dbCurr=GWEN_DB_GetFirstGroup(dbResponses);
while (dbCurr) {
GWEN_DB_NODE *dbXA;
rv=AH_Job_CheckEncryption(j, dbCurr);
if (rv) {
DBG_INFO(AQHBCI_LOGDOMAIN, "Compromised security (encryption)");
GWEN_Buffer_free(tbooked);
GWEN_Buffer_free(tnoted);
AH_Job_SetStatus(j, AH_JobStatusError);
return rv;
}
rv=AH_Job_CheckSignature(j, dbCurr);
if (rv) {
DBG_INFO(AQHBCI_LOGDOMAIN, "Compromised security (signature)");
GWEN_Buffer_free(tbooked);
GWEN_Buffer_free(tnoted);
AH_Job_SetStatus(j, AH_JobStatusError);
return rv;
}
dbXA=GWEN_DB_GetGroup(dbCurr, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
"data/transactionscreditcard");
if (dbXA) {
GWEN_DB_NODE *dbT;
GWEN_DB_NODE *dbV;
GWEN_DATE *date;
GWEN_DATE *valutaDate;
const char *p;
const char *ref;
int i;
dbT=GWEN_DB_GetGroup(dbXA, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
"entries");
while (dbT) {
AB_VALUE *v1;
AB_VALUE *v2;
GWEN_STRINGLIST *purpose;
AB_TRANSACTION *t;
/* read date (Buchungsdatum) */
p=GWEN_DB_GetCharValue(dbT, "date", 0, 0);
if (p)
date=GWEN_Date_fromStringWithTemplate(p, "YYYYMMDD");
else
date=NULL;
/* read valutaData (Umsatzdatum) */
p=GWEN_DB_GetCharValue(dbT, "valutaDate", 0, 0);
if (p)
valutaDate=GWEN_Date_fromStringWithTemplate(p, "YYYYMMDD");
else
valutaDate=NULL;
/* read value */
dbV=GWEN_DB_GetGroup(dbT, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
"value");
if (dbV)
v1=AB_Value_fromDb(dbV);
else
v1=NULL;
v2=0;
if (!v1) {
DBG_ERROR(AQHBCI_LOGDOMAIN, "Error parsing value from DB");
}
else {
p=GWEN_DB_GetCharValue(dbT, "debitMark", 0, 0);
if (p) {
if (strcasecmp(p, "D")==0 ||
strcasecmp(p, "RC")==0) {
v2=AB_Value_dup(v1);
AB_Value_Negate(v2);
}
else if (strcasecmp(p, "C")==0 ||
strcasecmp(p, "RD")==0)
v2=AB_Value_dup(v1);
else {
DBG_ERROR(AQHBCI_LOGDOMAIN, "Bad debit mark \"%s\"", p);
v2=0;
}
}
AB_Value_free(v1);
}
/* read purpose */
purpose=GWEN_StringList_new();
for (i=0; i<10; i++) {
p=GWEN_DB_GetCharValue(dbT, "purpose", i, 0);
if (!p)
break;
GWEN_StringList_AppendString(purpose, p, 0, 0);
}
/* read reference */
ref=GWEN_DB_GetCharValue(dbT, "reference", 0, 0);
if (ref)
GWEN_StringList_AppendString(purpose, ref, 0, 0);
t=AB_Transaction_new();
if (ref)
AB_Transaction_SetFiId(t, ref);
AB_Transaction_SetUniqueAccountId(t, AB_Account_GetUniqueId(a));
AB_Transaction_SetLocalBankCode(t, AB_User_GetBankCode(u));
AB_Transaction_SetLocalAccountNumber(t, AB_Account_GetAccountNumber(a));
AB_Transaction_SetValutaDate(t, valutaDate);
AB_Transaction_SetDate(t, date);
AB_Transaction_SetValue(t, v2);
AB_Transaction_SetPurposeFromStringList(t, purpose);
DBG_INFO(AQHBCI_LOGDOMAIN, "Adding transaction");
AB_ImExporterAccountInfo_AddTransaction(ai, t);
GWEN_StringList_free(purpose);
AB_Value_free(v2);
GWEN_Date_free(date);
GWEN_Date_free(valutaDate);
dbT = GWEN_DB_FindNextGroup(dbT, "entries");
} //while (dbT)
} //if (dbXA)
dbCurr=GWEN_DB_GetNextGroup(dbCurr);
}
return 0;
}
int AH_MsgRdh_PrepareCryptoSeg2(AH_MSG *hmsg,
AB_USER *u,
const GWEN_CRYPT_TOKEN_KEYINFO *ki,
GWEN_DB_NODE *cfg,
int crypt,
int createCtrlRef) {
char sdate[9];
char stime[7];
char ctrlref[15];
struct tm *lt;
time_t tt;
const char *userId;
const char *peerId;
assert(hmsg);
assert(u);
assert(cfg);
userId=AB_User_GetUserId(u);
assert(userId);
assert(*userId);
peerId=AH_User_GetPeerId(u);
if (!peerId || *peerId==0) {
DBG_INFO(AQHBCI_LOGDOMAIN, "No PeerId in user, using user id");
peerId=userId;
}
tt=time(0);
lt=localtime(&tt);
if (createCtrlRef) {
/* create control reference */
if (!strftime(ctrlref, sizeof(ctrlref),
"%Y%m%d%H%M%S", lt)) {
DBG_INFO(AQHBCI_LOGDOMAIN, "CtrlRef string too long");
return GWEN_ERROR_INTERNAL;
}
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"ctrlref", ctrlref);
}
/* create date */
if (!strftime(sdate, sizeof(sdate),
"%Y%m%d", lt)) {
DBG_INFO(AQHBCI_LOGDOMAIN, "Date string too long");
return GWEN_ERROR_INTERNAL;
}
/* create time */
if (!strftime(stime, sizeof(stime),
"%H%M%S", lt)) {
DBG_INFO(AQHBCI_LOGDOMAIN, "Date string too long");
return GWEN_ERROR_INTERNAL;
}
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"SecDetails/dir", 1);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"SecStamp/date", sdate);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"SecStamp/time", stime);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/bankcode",
AB_User_GetBankCode(u));
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/userid",
crypt?peerId:userId);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/keytype",
crypt?"V":"S");
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/keynum",
GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/keyversion",
GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"secProfile/code",
"RDH");
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"secProfile/version",
AH_User_GetRdhType(u));
if (crypt) {
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "function", 4); /* crypt */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "cryptAlgo/algo", 13); /* 2-KEY-TRIPLE-DES */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "cryptAlgo/mode", 2); /* CBC (0-Padding) */
}
else {
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "function", 2); /* sign with signature key */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "signAlgo/algo", 10); /* RSA */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "signAlgo/mode", 17); /* ISO-9796-2 */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "hashAlgo/algo", 999); /* RMD160 */
}
return 0;
}
int AH_User_InputTanWithChallenge2(AB_USER *u,
const char *challenge,
const char *challengeHhd,
char *pwbuffer,
int minLen,
int maxLen){
int rv;
char buffer[1024];
const char *un;
const char *bn=NULL;
GWEN_BUFFER *nbuf;
GWEN_BUFFER *xbuf;
AB_BANKINFO *bi;
uint32_t iflags=0;
assert(u);
un=AB_User_GetUserId(u);
/* find bank name */
bi=AB_Banking_GetBankInfo(AB_User_GetBanking(u),
"de",
"*",
AB_User_GetBankCode(u));
if (bi)
bn=AB_BankInfo_GetBankName(bi);
if (!bn)
AB_User_GetBankCode(u);
iflags=GWEN_GUI_INPUT_FLAGS_TAN | GWEN_GUI_INPUT_FLAGS_SHOW;
buffer[0]=0;
buffer[sizeof(buffer)-1]=0;
xbuf=GWEN_Buffer_new(0, 256, 0, 1);
if (challengeHhd && *challengeHhd) {
DBG_ERROR(AQHBCI_LOGDOMAIN, "ChallengeHHD is [%s]", challengeHhd);
GWEN_Buffer_AppendString(xbuf, "$OBEGIN$");
rv=AH_HHD14_Translate(challengeHhd, xbuf);
if (rv<0) {
GWEN_Buffer_free(xbuf);
AB_BankInfo_free(bi);
return rv;
}
GWEN_Buffer_AppendString(xbuf, "$OEND$");
iflags|=GWEN_GUI_INPUT_FLAGS_OPTICAL;
/* text version */
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the TAN\n"
"for user %s at %s.\n"), un, bn);
buffer[sizeof(buffer)-1]=0;
GWEN_Buffer_AppendString(xbuf, buffer);
if (challenge && *challenge) {
GWEN_Buffer_AppendString(xbuf, challenge);
GWEN_Buffer_AppendString(xbuf, "\n");
}
else {
GWEN_Buffer_AppendString(xbuf, I18N("Please enter the TAN from the device."));
}
}
else if (challenge && *challenge) {
const char *s;
/* look for "CHLGUC" */
s=GWEN_Text_StrCaseStr(challenge, "CHLGUC");
if (s) {
DBG_ERROR(AQHBCI_LOGDOMAIN, "Challenge contains CHLGUC");
GWEN_Buffer_AppendString(xbuf, "$OBEGIN$");
rv=AH_HHD14_Translate(s, xbuf);
if (rv<0) {
GWEN_Buffer_free(xbuf);
AB_BankInfo_free(bi);
return rv;
}
GWEN_Buffer_AppendString(xbuf, "$OEND$");
iflags|=GWEN_GUI_INPUT_FLAGS_OPTICAL;
/* text version */
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the TAN\n"
"for user %s at %s.\n"), un, bn);
buffer[sizeof(buffer)-1]=0;
GWEN_Buffer_AppendString(xbuf, buffer);
/* extract text */
s=GWEN_Text_StrCaseStr(challenge, "CHLGTEXT");
if (s) {
/* skip "CHLGTEXT" and 4 digits */
s+=12;
/* add rest of the message (replace HTML tags, if any) */
AH_User_AddTextWithoutTags(s, xbuf);
}
else {
/* create own text */
GWEN_Buffer_AppendString(xbuf, I18N("Please enter the TAN from the device."));
}
}
else {
/* no optical challenge */
DBG_ERROR(AQHBCI_LOGDOMAIN, "Challenge contains no optical data");
GWEN_Buffer_AppendString(xbuf, I18N("The server provided the following challenge:"));
GWEN_Buffer_AppendString(xbuf, "\n");
GWEN_Buffer_AppendString(xbuf, challenge);
}
}
nbuf=GWEN_Buffer_new(0, 256 ,0 ,1);
AH_User_MkTanName(u, challenge, nbuf);
rv=GWEN_Gui_GetPassword(iflags,
GWEN_Buffer_GetStart(nbuf),
I18N("Enter TAN"),
GWEN_Buffer_GetStart(xbuf),
pwbuffer,
minLen,
maxLen,
0);
GWEN_Buffer_free(xbuf);
GWEN_Buffer_free(nbuf);
AB_BankInfo_free(bi);
return rv;
}
int AH_User_InputTanWithChallenge(AB_USER *u,
const char *challenge,
char *pwbuffer,
int minLen,
int maxLen){
int rv;
char buffer[1024];
const char *un;
const char *bn=NULL;
GWEN_BUFFER *nbuf;
GWEN_BUFFER *xbuf;
AB_BANKINFO *bi;
assert(u);
un=AB_User_GetUserId(u);
/* find bank name */
bi=AB_Banking_GetBankInfo(AB_User_GetBanking(u),
"de",
"*",
AB_User_GetBankCode(u));
if (bi)
bn=AB_BankInfo_GetBankName(bi);
if (!bn)
AB_User_GetBankCode(u);
buffer[0]=0;
buffer[sizeof(buffer)-1]=0;
xbuf=GWEN_Buffer_new(0, 256, 0, 1);
/* text version */
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the TAN\n"
"for user %s at %s.\n"), un, bn);
buffer[sizeof(buffer)-1]=0;
GWEN_Buffer_AppendString(xbuf, buffer);
if (challenge && *challenge) {
GWEN_Buffer_AppendString(xbuf, I18N("The server provided the following challenge:"));
GWEN_Buffer_AppendString(xbuf, "\n");
GWEN_Buffer_AppendString(xbuf, challenge);
}
/* html version */
GWEN_Buffer_AppendString(xbuf,
"<html>"
"<p>");
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the TAN for user <i>%s</i> at <i>%s</i>."), un, bn);
buffer[sizeof(buffer)-1]=0;
GWEN_Buffer_AppendString(xbuf, buffer);
GWEN_Buffer_AppendString(xbuf, "</p>");
if (challenge && *challenge) {
GWEN_Buffer_AppendString(xbuf, "<p>");
GWEN_Buffer_AppendString(xbuf, I18N("The server provided the following challenge:"));
GWEN_Buffer_AppendString(xbuf, "</p>"
"<p align=\"center\" >"
"<font color=\"blue\">");
GWEN_Buffer_AppendString(xbuf, challenge);
GWEN_Buffer_AppendString(xbuf,
"</font>"
"</p>"
"</html>");
}
nbuf=GWEN_Buffer_new(0, 256 ,0 ,1);
AH_User_MkTanName(u, challenge, nbuf);
rv=GWEN_Gui_GetPassword(GWEN_GUI_INPUT_FLAGS_TAN |
/*GWEN_GUI_INPUT_FLAGS_NUMERIC |*/
GWEN_GUI_INPUT_FLAGS_SHOW,
GWEN_Buffer_GetStart(nbuf),
I18N("Enter TAN"),
GWEN_Buffer_GetStart(xbuf),
pwbuffer,
minLen,
maxLen,
0);
GWEN_Buffer_free(xbuf);
GWEN_Buffer_free(nbuf);
AB_BankInfo_free(bi);
return rv;
}
int AH_User_InputPasswd(AB_USER *u,
char *pwbuffer,
int minLen, int maxLen,
int flags){
GWEN_BUFFER *nbuf;
int rv;
const char *numeric_warning = "";
char buffer[512];
const char *un;
const char *bn=NULL;
AB_BANKINFO *bi;
assert(u);
un=AB_User_GetUserId(u);
/* find bank name */
bi=AB_Banking_GetBankInfo(AB_User_GetBanking(u),
"de",
"*",
AB_User_GetBankCode(u));
if (bi)
bn=AB_BankInfo_GetBankName(bi);
if (!bn)
AB_User_GetBankCode(u);
buffer[0]=0;
buffer[sizeof(buffer)-1]=0;
if (flags & GWEN_GUI_INPUT_FLAGS_NUMERIC) {
numeric_warning = I18N(" You must only enter numbers, not letters.");
}
if (flags & GWEN_GUI_INPUT_FLAGS_CONFIRM) {
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter a new password for \n"
"user %s at %s\n"
"The input must be at least %d characters long.%s"
"<html>"
"<p>"
"Please enter a new password for user <i>%s</i> at "
"<i>%s</i>."
"</p>"
"<p>"
"The input must be at least %d characters long.%s"
"</p>"
"</html>"),
un, bn,
minLen,
numeric_warning,
un, bn,
minLen,
numeric_warning);
}
else {
snprintf(buffer, sizeof(buffer)-1,
I18N("Please enter the password for \n"
"user %s at %s\n"
"%s"
"<html>"
"Please enter the password for user <i>%s</i> at"
"<i>%s</i>.<br>"
"%s"
"</html>"),
un, bn,
numeric_warning,
un, bn,
numeric_warning);
}
buffer[sizeof(buffer)-1]=0;
AB_BankInfo_free(bi);
nbuf=GWEN_Buffer_new(0, 256 ,0 ,1);
AH_User_MkPasswdName(u, nbuf);
rv=GWEN_Gui_GetPassword(flags,
GWEN_Buffer_GetStart(nbuf),
I18N("Enter Password"),
buffer,
pwbuffer,
minLen,
maxLen,
0);
GWEN_Buffer_free(nbuf);
return rv;
}
int listUsers(AB_BANKING *ab,
GWEN_DB_NODE *dbArgs,
int argc,
char **argv) {
GWEN_DB_NODE *db;
int rv;
int xml=0;
AB_USER_LIST2 *ul;
const GWEN_ARGS args[]={
{
0, /* flags */
GWEN_ArgsType_Int, /* type */
"xml", /* name */
0, /* minnum */
1, /* maxnum */
0, /* short option */
"xml", /* long option */
"Export as xml", /* short description */
0
},
{
GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */
GWEN_ArgsType_Int, /* type */
"help", /* name */
0, /* minnum */
0, /* maxnum */
"h", /* short option */
"help", /* long option */
"Show this help screen", /* short description */
"Show this help screen" /* long description */
}
};
db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local");
rv=GWEN_Args_Check(argc, argv, 1,
0 /*GWEN_ARGS_MODE_ALLOW_FREEPARAM*/,
args,
db);
if (rv==GWEN_ARGS_RESULT_ERROR) {
fprintf(stderr, "ERROR: Could not parse arguments\n");
return 1;
}
else if (rv==GWEN_ARGS_RESULT_HELP) {
GWEN_BUFFER *ubuf;
ubuf=GWEN_Buffer_new(0, 1024, 0, 1);
if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) {
fprintf(stderr, "ERROR: Could not create help string\n");
return 1;
}
fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf));
GWEN_Buffer_free(ubuf);
return 0;
}
rv=AB_Banking_Init(ab);
if (rv) {
DBG_ERROR(0, "Error on init (%d)", rv);
return 2;
}
rv=AB_Banking_OnlineInit(ab);
if (rv) {
DBG_ERROR(0, "Error on init (%d)", rv);
return 2;
}
xml=GWEN_DB_VariableExists(db, "xml");
if( xml ) {
fprintf( stdout, "<?xml version=\"1.0\"?>\n" );
fprintf( stdout, "<users>\n" );
}
ul=AB_Banking_FindUsers(ab, EBC_PROVIDER_NAME, "*", "*", "*", "*");
if (ul) {
AB_USER_LIST2_ITERATOR *uit;
uit=AB_User_List2_First(ul);
if (uit) {
AB_USER *u;
int i=0;
u=AB_User_List2Iterator_Data(uit);
assert(u);
while(u) {
if( !xml ) {
fprintf(stdout, "User %d: Bank: %s/%s User Id: %s Customer Id: %s\n",
i++,
AB_User_GetCountry(u),
AB_User_GetBankCode(u),
AB_User_GetUserId(u),
AB_User_GetCustomerId(u));
}
else {
const char *name = AB_User_GetUserName(u);
fprintf( stdout, " <user>\n" );
fprintf( stdout, " <userUniqueId>%d</userUniqueId>\n", AB_User_GetUniqueId(u) );
if( !name )
fprintf( stdout, " <UserName></UserName>\n" );
else
fprintf( stdout, " <UserName><![CDATA[%s]]></UserName>\n", name );
fprintf( stdout, " <UserId>%s</UserId>\n", AB_User_GetUserId(u) );
fprintf( stdout, " <CustomerId>%s</CustomerId>\n", AB_User_GetCustomerId(u) );
fprintf( stdout, " <BankCode>%s</BankCode>\n", AB_User_GetBankCode(u) );
fprintf( stdout, " <Country>%s</Country>\n", AB_User_GetCountry(u) );
fprintf( stdout, " <LastSessionId>%d</LastSessionId>\n", AB_User_GetLastSessionId(u) );
fprintf( stdout, " </user>\n\n" );
}
u=AB_User_List2Iterator_Next(uit);
}
AB_User_List2Iterator_free(uit);
}
AB_User_List2_free(ul);
}
else {
fprintf(stderr, "No users found.\n");
}
if( xml ) {
fprintf( stdout, "</users>\n" );
}
rv=AB_Banking_OnlineFini(ab);
if (rv) {
fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv);
return 5;
}
rv=AB_Banking_Fini(ab);
if (rv) {
fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv);
return 5;
}
return 0;
}
/* --------------------------------------------------------------- FUNCTION */
int AH_Job_GetTransactions__ReadTransactions(AH_JOB *j,
AB_IMEXPORTER_ACCOUNTINFO *ai,
const char *docType,
int noted,
GWEN_BUFFER *buf){
GWEN_DBIO *dbio;
GWEN_SYNCIO *sio;
int rv;
GWEN_DB_NODE *db;
GWEN_DB_NODE *dbDay;
GWEN_DB_NODE *dbParams;
AB_ACCOUNT *a;
AB_USER *u;
uint32_t progressId;
uint64_t cnt=0;
a=AH_AccountJob_GetAccount(j);
assert(a);
u=AH_Job_GetUser(j);
assert(u);
dbio=GWEN_DBIO_GetPlugin("swift");
if (!dbio) {
DBG_ERROR(AQHBCI_LOGDOMAIN, "Plugin SWIFT is not found");
GWEN_Gui_ProgressLog(0,
GWEN_LoggerLevel_Error,
I18N("Plugin \"SWIFT\" not found."));
return AB_ERROR_PLUGIN_MISSING;
}
GWEN_Buffer_Rewind(buf);
sio=GWEN_SyncIo_Memory_new(buf, 0);
db=GWEN_DB_Group_new("transactions");
dbParams=GWEN_DB_Group_new("params");
GWEN_DB_SetCharValue(dbParams, GWEN_DB_FLAGS_OVERWRITE_VARS,
"type", docType);
if (AH_User_GetFlags(u) & AH_USER_FLAGS_KEEP_MULTIPLE_BLANKS)
GWEN_DB_SetIntValue(dbParams, GWEN_DB_FLAGS_OVERWRITE_VARS,
"keepMultipleBlanks", 1);
else
GWEN_DB_SetIntValue(dbParams, GWEN_DB_FLAGS_OVERWRITE_VARS,
"keepMultipleBlanks", 0);
rv=GWEN_DBIO_Import(dbio, sio,
db, dbParams,
GWEN_PATH_FLAGS_CREATE_GROUP);
if (rv<0) {
DBG_ERROR(AQHBCI_LOGDOMAIN,
"Error parsing SWIFT %s (%d)",
docType, rv);
GWEN_DB_Group_free(dbParams);
GWEN_DB_Group_free(db);
GWEN_SyncIo_free(sio);
GWEN_DBIO_free(dbio);
return rv;
}
GWEN_DB_Group_free(dbParams);
GWEN_SyncIo_free(sio);
GWEN_DBIO_free(dbio);
/* first count the groups */
dbDay=GWEN_DB_FindFirstGroup(db, "day");
while(dbDay) {
GWEN_DB_NODE *dbT;
dbT=GWEN_DB_FindFirstGroup(dbDay, "transaction");
while(dbT) {
cnt++;
dbT=GWEN_DB_FindNextGroup(dbT, "transaction");
} /* while */
dbDay=GWEN_DB_FindNextGroup(dbDay, "day");
} /* while */
progressId=GWEN_Gui_ProgressStart(GWEN_GUI_PROGRESS_DELAY |
GWEN_GUI_PROGRESS_ALLOW_EMBED |
GWEN_GUI_PROGRESS_SHOW_PROGRESS |
GWEN_GUI_PROGRESS_SHOW_ABORT,
I18N("Importing transactions..."),
NULL,
cnt,
0);
/* add transactions to list */
dbDay=GWEN_DB_FindFirstGroup(db, "day");
while(dbDay) {
GWEN_DB_NODE *dbT;
dbT=GWEN_DB_FindFirstGroup(dbDay, "transaction");
while(dbT) {
AB_TRANSACTION *t;
t=AB_Transaction_fromDb(dbT);
if (!t) {
DBG_ERROR(AQHBCI_LOGDOMAIN, "Bad transaction data:");
GWEN_DB_Dump(dbT, 2);
}
else {
const char *s;
AB_Transaction_SetLocalBankCode(t, AB_User_GetBankCode(u));
AB_Transaction_SetLocalAccountNumber(t,
AB_Account_GetAccountNumber(a));
/* some translations */
s=AB_Transaction_GetRemoteIban(t);
if (!(s && *s)) {
const char *sAid;
/* no remote IBAN set, check whether the bank sends this info in the
* fields for national account specifications (instead of the SWIFT
* field "?38" which was specified for this case) */
sAid=AB_Transaction_GetRemoteAccountNumber(t);
if (sAid && *sAid && AB_Banking_CheckIban(sAid)==0) {
/* there is a remote account number specification, and that is an IBAN,
* so we set that accordingly */
DBG_INFO(AQBANKING_LOGDOMAIN, "Setting remote IBAN from account number");
AB_Transaction_SetRemoteIban(t, sAid);
/* set remote BIC if it not already is */
s=AB_Transaction_GetRemoteBic(t);
if (!(s && *s)) {
const char *sBid;
sBid=AB_Transaction_GetRemoteBankCode(t);
if (sBid && *sBid) {
DBG_INFO(AQBANKING_LOGDOMAIN, "Setting remote BIC from bank code");
AB_Transaction_SetRemoteBic(t, sBid);
}
}
}
}
DBG_INFO(AQHBCI_LOGDOMAIN, "Adding transaction");
if (noted)
AB_ImExporterAccountInfo_AddNotedTransaction(ai, t);
else
AB_ImExporterAccountInfo_AddTransaction(ai, t);
}
if (GWEN_ERROR_USER_ABORTED==
GWEN_Gui_ProgressAdvance(progressId, GWEN_GUI_PROGRESS_ONE)) {
GWEN_Gui_ProgressEnd(progressId);
return GWEN_ERROR_USER_ABORTED;
}
dbT=GWEN_DB_FindNextGroup(dbT, "transaction");
} /* while */
/* read all endsaldos */
if (!noted) {
dbT=GWEN_DB_FindFirstGroup(dbDay, "endSaldo");
while (dbT) {
GWEN_DB_NODE *dbX;
GWEN_TIME *ti=0;
dbX=GWEN_DB_GetGroup(dbT, GWEN_PATH_FLAGS_NAMEMUSTEXIST, "date");
if (dbX)
ti=GWEN_Time_fromDb(dbX);
dbX=GWEN_DB_GetGroup(dbT, GWEN_PATH_FLAGS_NAMEMUSTEXIST, "value");
if (dbX) {
AB_VALUE *v;
v=AB_Value_fromDb(dbX);
if (v) {
AB_BALANCE *bal;
AB_ACCOUNT_STATUS *as;
bal=AB_Balance_new(v, ti);
AB_Value_free(v);
as=AB_AccountStatus_new();
if (ti)
AB_AccountStatus_SetTime(as, ti);
AB_AccountStatus_SetNotedBalance(as, bal);
AB_Balance_free(bal);
AB_ImExporterAccountInfo_AddAccountStatus(ai, as);
}
}
GWEN_Time_free(ti);
dbT=GWEN_DB_FindNextGroup(dbT, "endSaldo");
} /* while */
}
dbDay=GWEN_DB_FindNextGroup(dbDay, "day");
} /* while */
GWEN_Gui_ProgressEnd(progressId);
GWEN_DB_Group_free(db);
return 0;
}
