int AH_Msg_DecryptRdh(AH_MSG *hmsg, GWEN_DB_NODE *gr){ AB_USER *u; int rv; assert(hmsg); u=AH_Dialog_GetDialogOwner(hmsg->dialog); switch(AH_User_GetRdhType(u)) { case 0: case 1: rv=AH_Msg_DecryptRdh1(hmsg, gr); break; case 2: rv=AH_Msg_DecryptRdh2(hmsg, gr); break; case 3: rv=AH_Msg_DecryptRdh3(hmsg, gr); break; case 5: rv=AH_Msg_DecryptRdh5(hmsg, gr); break; case 9: rv=AH_Msg_DecryptRdh9(hmsg, gr); break; case 10: rv=AH_Msg_DecryptRdh10(hmsg, gr); break; default: DBG_ERROR(AQHBCI_LOGDOMAIN, "RDH %d not supported", AH_User_GetRdhType(u)); rv=GWEN_ERROR_INVALID; } return rv; }
int AH_Msg_SignRdh(AH_MSG *hmsg, GWEN_BUFFER *rawBuf, const char *signer) { AB_USER *su; int rv; assert(hmsg); su=AB_Banking_FindUser(AH_HBCI_GetBankingApi(AH_Dialog_GetHbci(hmsg->dialog)), AH_PROVIDER_NAME, "de", "*", signer, "*"); if (!su) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Unknown user \"%s\"", signer); return GWEN_ERROR_NOT_FOUND; } switch(AH_User_GetRdhType(su)) { case 0: case 1: rv=AH_Msg_SignRdh1(hmsg, su, rawBuf, signer); break; case 2: rv=AH_Msg_SignRdh2(hmsg, su, rawBuf, signer); break; case 3: rv=AH_Msg_SignRdh3(hmsg, su, rawBuf, signer); break; case 5: rv=AH_Msg_SignRdh5(hmsg, su, rawBuf, signer); break; case 9: rv=AH_Msg_SignRdh9(hmsg, su, rawBuf, signer); break; case 10: rv=AH_Msg_SignRdh10(hmsg, su, rawBuf, signer); break; default: DBG_ERROR(AQHBCI_LOGDOMAIN, "RDH %d not supported", AH_User_GetRdhType(su)); rv=GWEN_ERROR_INVALID; } return rv; }
int AH_MsgRdh_PrepareCryptoSeg2(AH_MSG *hmsg, AB_USER *u, const GWEN_CRYPT_TOKEN_KEYINFO *ki, GWEN_DB_NODE *cfg, int crypt, int createCtrlRef) { char sdate[9]; char stime[7]; char ctrlref[15]; struct tm *lt; time_t tt; const char *userId; const char *peerId; assert(hmsg); assert(u); assert(cfg); userId=AB_User_GetUserId(u); assert(userId); assert(*userId); peerId=AH_User_GetPeerId(u); if (!peerId || *peerId==0) { DBG_INFO(AQHBCI_LOGDOMAIN, "No PeerId in user, using user id"); peerId=userId; } tt=time(0); lt=localtime(&tt); if (createCtrlRef) { /* create control reference */ if (!strftime(ctrlref, sizeof(ctrlref), "%Y%m%d%H%M%S", lt)) { DBG_INFO(AQHBCI_LOGDOMAIN, "CtrlRef string too long"); return GWEN_ERROR_INTERNAL; } GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT, "ctrlref", ctrlref); } /* create date */ if (!strftime(sdate, sizeof(sdate), "%Y%m%d", lt)) { DBG_INFO(AQHBCI_LOGDOMAIN, "Date string too long"); return GWEN_ERROR_INTERNAL; } /* create time */ if (!strftime(stime, sizeof(stime), "%H%M%S", lt)) { DBG_INFO(AQHBCI_LOGDOMAIN, "Date string too long"); return GWEN_ERROR_INTERNAL; } GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "SecDetails/dir", 1); GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT, "SecStamp/date", sdate); GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT, "SecStamp/time", stime); GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT, "key/bankcode", AB_User_GetBankCode(u)); GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT, "key/userid", crypt?peerId:userId); GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT, "key/keytype", crypt?"V":"S"); GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "key/keynum", GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki)); GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "key/keyversion", GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki)); GWEN_DB_SetCharValue(cfg, GWEN_DB_FLAGS_DEFAULT, "secProfile/code", "RDH"); GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "secProfile/version", AH_User_GetRdhType(u)); if (crypt) { GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "function", 4); /* crypt */ GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "cryptAlgo/algo", 13); /* 2-KEY-TRIPLE-DES */ GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "cryptAlgo/mode", 2); /* CBC (0-Padding) */ } else { GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "function", 2); /* sign with signature key */ GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "signAlgo/algo", 10); /* RSA */ GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "signAlgo/mode", 17); /* ISO-9796-2 */ GWEN_DB_SetIntValue(cfg, GWEN_DB_FLAGS_DEFAULT, "hashAlgo/algo", 999); /* RMD160 */ } return 0; }