int AH_Msg_DecryptRdh(AH_MSG *hmsg, GWEN_DB_NODE *gr){
AB_USER *u;
int rv;
assert(hmsg);
u=AH_Dialog_GetDialogOwner(hmsg->dialog);
switch(AH_User_GetRdhType(u)) {
case 0:
case 1:
rv=AH_Msg_DecryptRdh1(hmsg, gr);
break;
case 2:
rv=AH_Msg_DecryptRdh2(hmsg, gr);
break;
case 3:
rv=AH_Msg_DecryptRdh3(hmsg, gr);
break;
case 5:
rv=AH_Msg_DecryptRdh5(hmsg, gr);
break;
case 9:
rv=AH_Msg_DecryptRdh9(hmsg, gr);
break;
case 10:
rv=AH_Msg_DecryptRdh10(hmsg, gr);
break;
default:
DBG_ERROR(AQHBCI_LOGDOMAIN, "RDH %d not supported", AH_User_GetRdhType(u));
rv=GWEN_ERROR_INVALID;
}
return rv;
}
int AH_Msg_SignRdh(AH_MSG *hmsg,
GWEN_BUFFER *rawBuf,
const char *signer) {
AB_USER *su;
int rv;
assert(hmsg);
su=AB_Banking_FindUser(AH_HBCI_GetBankingApi(AH_Dialog_GetHbci(hmsg->dialog)),
AH_PROVIDER_NAME,
"de", "*",
signer, "*");
if (!su) {
DBG_ERROR(AQHBCI_LOGDOMAIN,
"Unknown user \"%s\"",
signer);
return GWEN_ERROR_NOT_FOUND;
}
switch(AH_User_GetRdhType(su)) {
case 0:
case 1:
rv=AH_Msg_SignRdh1(hmsg, su, rawBuf, signer);
break;
case 2:
rv=AH_Msg_SignRdh2(hmsg, su, rawBuf, signer);
break;
case 3:
rv=AH_Msg_SignRdh3(hmsg, su, rawBuf, signer);
break;
case 5:
rv=AH_Msg_SignRdh5(hmsg, su, rawBuf, signer);
break;
case 9:
rv=AH_Msg_SignRdh9(hmsg, su, rawBuf, signer);
break;
case 10:
rv=AH_Msg_SignRdh10(hmsg, su, rawBuf, signer);
break;
default:
DBG_ERROR(AQHBCI_LOGDOMAIN, "RDH %d not supported", AH_User_GetRdhType(su));
rv=GWEN_ERROR_INVALID;
}
return rv;
}
int AH_MsgRdh_PrepareCryptoSeg2(AH_MSG *hmsg,
AB_USER *u,
const GWEN_CRYPT_TOKEN_KEYINFO *ki,
GWEN_DB_NODE *cfg,
int crypt,
int createCtrlRef) {
char sdate[9];
char stime[7];
char ctrlref[15];
struct tm *lt;
time_t tt;
const char *userId;
const char *peerId;
assert(hmsg);
assert(u);
assert(cfg);
userId=AB_User_GetUserId(u);
assert(userId);
assert(*userId);
peerId=AH_User_GetPeerId(u);
if (!peerId || *peerId==0) {
DBG_INFO(AQHBCI_LOGDOMAIN, "No PeerId in user, using user id");
peerId=userId;
}
tt=time(0);
lt=localtime(&tt);
if (createCtrlRef) {
/* create control reference */
if (!strftime(ctrlref, sizeof(ctrlref),
"%Y%m%d%H%M%S", lt)) {
DBG_INFO(AQHBCI_LOGDOMAIN, "CtrlRef string too long");
return GWEN_ERROR_INTERNAL;
}
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"ctrlref", ctrlref);
}
/* create date */
if (!strftime(sdate, sizeof(sdate),
"%Y%m%d", lt)) {
DBG_INFO(AQHBCI_LOGDOMAIN, "Date string too long");
return GWEN_ERROR_INTERNAL;
}
/* create time */
if (!strftime(stime, sizeof(stime),
"%H%M%S", lt)) {
DBG_INFO(AQHBCI_LOGDOMAIN, "Date string too long");
return GWEN_ERROR_INTERNAL;
}
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"SecDetails/dir", 1);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"SecStamp/date", sdate);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"SecStamp/time", stime);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/bankcode",
AB_User_GetBankCode(u));
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/userid",
crypt?peerId:userId);
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/keytype",
crypt?"V":"S");
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/keynum",
GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"key/keyversion",
GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"secProfile/code",
"RDH");
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT,
"secProfile/version",
AH_User_GetRdhType(u));
if (crypt) {
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "function", 4); /* crypt */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "cryptAlgo/algo", 13); /* 2-KEY-TRIPLE-DES */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "cryptAlgo/mode", 2); /* CBC (0-Padding) */
}
else {
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "function", 2); /* sign with signature key */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "signAlgo/algo", 10); /* RSA */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "signAlgo/mode", 17); /* ISO-9796-2 */
GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "hashAlgo/algo", 999); /* RMD160 */
}
return 0;
}
