int AH_NewKeyFileDialog_DoIt(GWEN_DIALOG *dlg) { AH_NEWKEYFILE_DIALOG *xdlg; AB_USER *u; GWEN_URL *url; int rv; uint32_t pid; AB_IMEXPORTER_CONTEXT *ctx; AB_PROVIDER *pro; GWEN_PLUGIN_MANAGER *pm; GWEN_PLUGIN *pl; GWEN_CRYPT_TOKEN *ct; assert(dlg); xdlg=GWEN_INHERIT_GETDATA(GWEN_DIALOG, AH_NEWKEYFILE_DIALOG, dlg); assert(xdlg); rv=AH_NewKeyFileDialog_GetFilePageData(dlg); if (rv<0) { DBG_ERROR(AQHBCI_LOGDOMAIN, "No file?"); // TODO: show error message return GWEN_DialogEvent_ResultHandled; } pro=AB_Banking_GetProvider(xdlg->banking, "aqhbci"); if (pro==NULL) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not find backend, maybe some plugins are not installed?"); GWEN_Gui_ShowError(I18N("Error"), "%s", I18N("Could not find HBCI backend, maybe some plugins are not installed?")); return GWEN_DialogEvent_ResultHandled; } u=AB_Banking_CreateUser(xdlg->banking, "aqhbci"); if (u==NULL) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not create user, maybe backend missing?"); GWEN_Gui_ShowError(I18N("Error"), "%s", I18N("Could not find HBCI backend, maybe some plugins are not installed?")); return GWEN_DialogEvent_ResultHandled; } /* generic setup */ AB_User_SetUserName(u, xdlg->userName); AB_User_SetUserId(u, xdlg->userId); if (xdlg->customerId && *(xdlg->customerId)) AB_User_SetCustomerId(u, xdlg->customerId); else AB_User_SetCustomerId(u, xdlg->userId); AB_User_SetCountry(u, "de"); AB_User_SetBankCode(u, xdlg->bankCode); /* HBCI setup */ AH_User_SetTokenType(u, "ohbci"); AH_User_SetTokenName(u, AH_NewKeyFileDialog_GetFileName(dlg)); AH_User_SetTokenContextId(u, 1); AH_User_SetCryptMode(u, AH_CryptMode_Rdh); AH_User_SetStatus(u, AH_UserStatusPending); AH_User_SetHbciVersion(u, xdlg->hbciVersion); AH_User_SetRdhType(u, xdlg->rdhVersion); AH_User_SetFlags(u, xdlg->flags); /* create CryptToken */ pm=GWEN_PluginManager_FindPluginManager(GWEN_CRYPT_TOKEN_PLUGIN_TYPENAME); if (pm==0) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Plugin manager not found"); GWEN_Gui_ShowError(I18N("Error"), I18N("CryptToken plugin for type %s is not available. Did you install all necessary packages?"), GWEN_CRYPT_TOKEN_PLUGIN_TYPENAME); return 3; } pl=GWEN_PluginManager_GetPlugin(pm, AH_User_GetTokenType(u)); if (pl==0) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Plugin not found"); GWEN_Gui_ShowError(I18N("Error"), I18N("CryptToken plugin for type %s is not available. Did you install all necessary packages?"), AH_User_GetTokenType(u)); AB_User_free(u); return GWEN_DialogEvent_ResultHandled; } ct=GWEN_Crypt_Token_Plugin_CreateToken(pl, AH_User_GetTokenName(u)); if (ct==0) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not create crypt token"); AB_User_free(u); return GWEN_DialogEvent_ResultHandled; } /* create crypt token */ rv=GWEN_Crypt_Token_Create(ct, 0); if (rv<0) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not create token"); GWEN_Gui_ShowError(I18N("Error"), I18N("The keyfile %s could not be created. Maybe there already is a file of that name (%d)."), GWEN_Crypt_Token_GetTokenName(ct), rv); AB_User_free(u); return GWEN_DialogEvent_ResultHandled; } /* close crypt token */ rv=GWEN_Crypt_Token_Close(ct, 0, 0); if (rv) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not close token"); GWEN_Gui_ShowError(I18N("Error"), I18N("The keyfile %s could not be closed. Please check disc space."), GWEN_Crypt_Token_GetTokenName(ct), rv); AB_User_free(u); unlink(AH_User_GetTokenName(u)); return GWEN_DialogEvent_ResultHandled; } url=GWEN_Url_fromString(xdlg->url); assert(url); GWEN_Url_SetProtocol(url, "hbci"); if (GWEN_Url_GetPort(url)==0) GWEN_Url_SetPort(url, 3000); AH_User_SetServerUrl(u, url); GWEN_Url_free(url); rv=AB_Banking_AddUser(xdlg->banking, u); if (rv<0) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not add user (%d)", rv); GWEN_Gui_ShowError(I18N("Error"), I18N("Could not add HBCI user, maybe there already is a user of that id (%d)"), rv); AB_User_free(u); DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not add user, maybe there already is a user of the same id (%d)?", rv); return GWEN_DialogEvent_ResultHandled; } pid=GWEN_Gui_ProgressStart(GWEN_GUI_PROGRESS_DELAY | GWEN_GUI_PROGRESS_ALLOW_EMBED | GWEN_GUI_PROGRESS_SHOW_PROGRESS | GWEN_GUI_PROGRESS_SHOW_ABORT, I18N("Setting Up Keyfile User"), I18N("The server keys will now be retrieved, keys created and sent to the bank."), 3, /* getkeys, mkKeys, sendKeys */ 0); /* lock new user */ rv=AB_Banking_BeginExclUseUser(xdlg->banking, u); if (rv<0) { DBG_ERROR(AQHBCI_LOGDOMAIN, "Could not lock user (%d)", rv); GWEN_Gui_ProgressLog2(pid, GWEN_LoggerLevel_Error, I18N("Unable to lock users (%d)"), rv); AB_Banking_DeleteUser(xdlg->banking, u); unlink(AH_NewKeyFileDialog_GetFileName(dlg)); GWEN_Gui_ProgressEnd(pid); return GWEN_DialogEvent_ResultHandled; } /* get server keys id */ GWEN_Gui_ProgressLog(pid, GWEN_LoggerLevel_Notice, I18N("Retrieving server keys")); ctx=AB_ImExporterContext_new(); rv=AH_Provider_GetServerKeys(pro, u, ctx, 0, 1, 0); if (rv<0) { AB_Banking_EndExclUseUser(xdlg->banking, u, 1); DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv); AB_Banking_DeleteUser(xdlg->banking, u); unlink(AH_NewKeyFileDialog_GetFileName(dlg)); GWEN_Gui_ProgressEnd(pid); return GWEN_DialogEvent_ResultHandled; } rv=AH_NewKeyFileDialog_CheckBankIniLetter(dlg, u); if (rv<0) { AB_Banking_EndExclUseUser(xdlg->banking, u, 1); DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv); AB_Banking_DeleteUser(xdlg->banking, u); unlink(AH_NewKeyFileDialog_GetFileName(dlg)); GWEN_Gui_ProgressLog(pid, GWEN_LoggerLevel_Error, I18N("Bad bank keys, you should contact your bank.")); GWEN_Gui_ProgressEnd(pid); return GWEN_DialogEvent_ResultHandled; } rv=GWEN_Gui_ProgressAdvance(pid, GWEN_GUI_PROGRESS_ONE); if (rv==GWEN_ERROR_USER_ABORTED) { AB_Banking_EndExclUseUser(xdlg->banking, u, 1); DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv); AB_Banking_DeleteUser(xdlg->banking, u); unlink(AH_NewKeyFileDialog_GetFileName(dlg)); GWEN_Gui_ProgressLog(pid, GWEN_LoggerLevel_Error, I18N("Aborted by user.")); GWEN_Gui_ProgressEnd(pid); return GWEN_DialogEvent_ResultHandled; } /* generate keys */ rv=AH_Provider_CreateKeys(pro, u, 0); if (rv<0) { AB_Banking_EndExclUseUser(xdlg->banking, u, 1); DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv); AB_Banking_DeleteUser(xdlg->banking, u); unlink(AH_NewKeyFileDialog_GetFileName(dlg)); GWEN_Gui_ProgressLog2(pid, GWEN_LoggerLevel_Error, I18N("Error generating keys: %d"), rv); GWEN_Gui_ProgressEnd(pid); return GWEN_DialogEvent_ResultHandled; } rv=GWEN_Gui_ProgressAdvance(pid, GWEN_GUI_PROGRESS_ONE); if (rv==GWEN_ERROR_USER_ABORTED) { AB_Banking_EndExclUseUser(xdlg->banking, u, 1); DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv); AB_Banking_DeleteUser(xdlg->banking, u); unlink(AH_NewKeyFileDialog_GetFileName(dlg)); GWEN_Gui_ProgressLog(pid, GWEN_LoggerLevel_Error, I18N("Aborted by user.")); GWEN_Gui_ProgressEnd(pid); return GWEN_DialogEvent_ResultHandled; } /* send user keys */ GWEN_Gui_ProgressLog(pid, GWEN_LoggerLevel_Notice, I18N("Sending user keys")); ctx=AB_ImExporterContext_new(); rv=AH_Provider_SendUserKeys2(pro, u, ctx, 0, 0, 1, 0); /* withAuthKey, withProgress, nounmount, doLock */ if (rv<0) { AB_Banking_EndExclUseUser(xdlg->banking, u, 1); DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv); AB_Banking_DeleteUser(xdlg->banking, u); unlink(AH_NewKeyFileDialog_GetFileName(dlg)); GWEN_Gui_ProgressEnd(pid); return GWEN_DialogEvent_ResultHandled; } rv=GWEN_Gui_ProgressAdvance(pid, GWEN_GUI_PROGRESS_ONE); if (rv==GWEN_ERROR_USER_ABORTED) { AB_Banking_EndExclUseUser(xdlg->banking, u, 1); DBG_INFO(AQHBCI_LOGDOMAIN, "here (%d)", rv); AB_Banking_DeleteUser(xdlg->banking, u); //unlink(AH_NewKeyFileDialog_GetFileName(dlg)); GWEN_Gui_ProgressLog(pid, GWEN_LoggerLevel_Error, I18N("Aborted by user.")); GWEN_Gui_ProgressEnd(pid); return GWEN_DialogEvent_ResultHandled; } /* unlock user */ rv=AB_Banking_EndExclUseUser(xdlg->banking, u, 0); if (rv<0) { DBG_INFO(AQHBCI_LOGDOMAIN, "Could not unlock customer [%s] (%d)", AB_User_GetCustomerId(u), rv); GWEN_Gui_ProgressLog2(pid, GWEN_LoggerLevel_Error, I18N("Could not unlock user %s (%d)"), AB_User_GetUserId(u), rv); AB_Banking_EndExclUseUser(xdlg->banking, u, 1); AB_Banking_DeleteUser(xdlg->banking, u); GWEN_Gui_ProgressEnd(pid); return GWEN_DialogEvent_ResultHandled; } GWEN_Gui_ProgressEnd(pid); AH_NewKeyFileDialog_EnterPage(dlg, PAGE_END, 1); xdlg->user=u; return GWEN_DialogEvent_ResultHandled; }
int addUser(AB_PROVIDER *pro, GWEN_DB_NODE *dbArgs, int argc, char **argv) { GWEN_DB_NODE *db; int rv; GWEN_BUFFER *nameBuffer=NULL; const char *tokenName; const char *tokenType; const char *bankId; const char *userId; const char *customerId; const char *userName; const char *hostName; const char *server; const char *ebicsVersion; int importing; uint32_t cid; const GWEN_ARGS args[]= { { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "bankId", /* name */ 0, /* minnum */ 1, /* maxnum */ "b", /* short option */ "bank", /* long option */ "Specify the bank code", /* short description */ "Specify the bank code" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "userId", /* name */ 0, /* minnum */ 1, /* maxnum */ "u", /* short option */ "user", /* long option */ "Specify the user id (Benutzerkennung)", /* short description */ "Specify the user id (Benutzerkennung)" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "customerId", /* name */ 0, /* minnum */ 1, /* maxnum */ "c", /* short option */ "customer", /* long option */ "Specify the customer id (Kundennummer)", /* short description */ "Specify the customer id (Kundennummer)" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenType", /* name */ 1, /* minnum */ 1, /* maxnum */ "t", /* short option */ "tokentype", /* long option */ "Specify the crypt token type", /* short description */ "Specify the crypt token type" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenName", /* name */ 0, /* minnum */ 1, /* maxnum */ "n", /* short option */ "tokenname", /* long option */ "Specify the crypt token name", /* short description */ "Specify the crypt token name" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "serverAddr", /* name */ 0, /* minnum */ 1, /* maxnum */ "s", /* short option */ "server", /* long option */ "Specify the server URL", /* short description */ "Specify the server URL" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "hostName", /* name */ 1, /* minnum */ 1, /* maxnum */ "H", /* short option */ "hostname", /* long option */ "Specify the EBICS hostname", /* short description */ "Specify the EBICS hostname" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "userName", /* name */ 1, /* minnum */ 1, /* maxnum */ "N", /* short option */ "username", /* long option */ "Specify the realname of the user", /* short description */ "Specify the realname of the user" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "ebicsVersion", /* name */ 0, /* minnum */ 1, /* maxnum */ "E", /* short option */ "ebicsversion", /* long option */ "Specify the EBICS version to use (e.g. H002)", /* short description */ "Specify the EBICS version to use (e.g. H002)" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Int, /* type */ "context", /* name */ 0, /* minnum */ 1, /* maxnum */ 0, /* short option */ "context", /* long option */ "Select a context on the medium", /* short description */ "Select a context on the medium" /* long description */ }, { 0, /* flags */ GWEN_ArgsType_Int, /* type */ "import", /* name */ 0, /* minnum */ 1, /* maxnum */ 0, /* short option */ "import", /* long option */ "Import a user which has already been in use (e.g. with previous versions)", "Import a user which has already been in use (e.g. with previous versions)" }, { GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */ GWEN_ArgsType_Int, /* type */ "help", /* name */ 0, /* minnum */ 0, /* maxnum */ "h", /* short option */ "help", /* long option */ "Show this help screen", /* short description */ "Show this help screen" /* long description */ } }; db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local"); rv=GWEN_Args_Check(argc, argv, 1, 0 /*GWEN_ARGS_MODE_ALLOW_FREEPARAM*/, args, db); if (rv==GWEN_ARGS_RESULT_ERROR) { fprintf(stderr, "ERROR: Could not parse arguments\n"); return 1; } else if (rv==GWEN_ARGS_RESULT_HELP) { GWEN_BUFFER *ubuf; ubuf=GWEN_Buffer_new(0, 1024, 0, 1); if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) { fprintf(stderr, "ERROR: Could not create help string\n"); return 1; } fprintf(stdout, "%s\n", GWEN_Buffer_GetStart(ubuf)); GWEN_Buffer_free(ubuf); return 0; } tokenType=GWEN_DB_GetCharValue(db, "tokenType", 0, 0); tokenName=GWEN_DB_GetCharValue(db, "tokenName", 0, 0); bankId=GWEN_DB_GetCharValue(db, "bankId", 0, 0); userId=GWEN_DB_GetCharValue(db, "userId", 0, 0); customerId=GWEN_DB_GetCharValue(db, "customerId", 0, 0); hostName=GWEN_DB_GetCharValue(db, "hostName", 0, 0); userName=GWEN_DB_GetCharValue(db, "userName", 0, 0); server=GWEN_DB_GetCharValue(db, "serverAddr", 0, 0); cid=GWEN_DB_GetIntValue(db, "context", 0, 0); importing=GWEN_DB_GetIntValue(db, "import", 0, 0); ebicsVersion=GWEN_DB_GetCharValue(db, "ebicsVersion", 0, "H003"); if (1) { const char *lbankId; const char *luserId; const char *lcustomerId; const char *lserverAddr; GWEN_URL *url; GWEN_CRYPT_TOKEN_CONTEXT *ctx=NULL; AB_USER *user; if (1) { GWEN_PLUGIN_MANAGER *pm; GWEN_PLUGIN *pl; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *cctx; if (cid==0) { DBG_ERROR(0, "No context given."); return 1; } /* get crypt token */ pm=GWEN_PluginManager_FindPluginManager("ct"); if (pm==0) { DBG_ERROR(0, "Plugin manager not found"); return 3; } pl=GWEN_PluginManager_GetPlugin(pm, tokenType); if (pl==0) { DBG_ERROR(0, "Plugin not found"); return 3; } DBG_INFO(0, "Plugin found"); ct=GWEN_Crypt_Token_Plugin_CreateToken(pl, tokenName); if (ct==0) { DBG_ERROR(0, "Could not create crypt token"); return 3; } /* open crypt token */ rv=GWEN_Crypt_Token_Open(ct, 0, 0); if (rv) { DBG_ERROR(0, "Could not open token (%d)", rv); return 3; } /* get real token name */ nameBuffer=GWEN_Buffer_new(0, 64, 0, 1); GWEN_Buffer_AppendString(nameBuffer, GWEN_Crypt_Token_GetTokenName(ct)); tokenName=GWEN_Buffer_GetStart(nameBuffer); cctx=GWEN_Crypt_Token_GetContext(ct, cid, 0); if (cctx==NULL) { DBG_ERROR(0, "Context %02x not found", cid); return 3; } ctx=GWEN_Crypt_Token_Context_dup(cctx); lbankId=bankId?bankId:GWEN_Crypt_Token_Context_GetServiceId(ctx); luserId=userId?userId:GWEN_Crypt_Token_Context_GetUserId(ctx); lcustomerId=customerId?customerId:luserId; lserverAddr=server?server:GWEN_Crypt_Token_Context_GetAddress(ctx); rv=GWEN_Crypt_Token_Close(ct, 0, 0); if (rv) { DBG_ERROR(0, "Could not close token (%d)", rv); return 3; } GWEN_Crypt_Token_free(ct); } if (!lbankId || !*lbankId) { DBG_ERROR(0, "No bank id stored and none given"); return 3; } if (!luserId || !*luserId) { DBG_ERROR(0, "No user id (Benutzerkennung) stored and none given"); return 3; } /* TODO: Check for existing users to avoid duplicates */ #if 0 user=AB_Banking_FindUser(ab, EBC_PROVIDER_NAME, "de", lbankId, luserId, lcustomerId); if (user) { DBG_ERROR(0, "User %s already exists", luserId); return 3; } #endif user=AB_Provider_CreateUserObject(pro); assert(user); AB_User_SetCountry(user, "de"); AB_User_SetBankCode(user, lbankId); AB_User_SetUserId(user, luserId); AB_User_SetCustomerId(user, lcustomerId); EBC_User_SetPeerId(user, hostName); AB_User_SetUserName(user, userName); EBC_User_SetTokenType(user, tokenType); EBC_User_SetTokenName(user, tokenName); EBC_User_SetTokenContextId(user, cid); if (ebicsVersion) { if (strcasecmp(ebicsVersion, "H002")==0) { EBC_User_SetProtoVersion(user, "H002"); EBC_User_SetSignVersion(user, "A004"); EBC_User_SetAuthVersion(user, "X001"); EBC_User_SetCryptVersion(user, "E001"); } else if (strcasecmp(ebicsVersion, "H003")==0) { EBC_User_SetProtoVersion(user, "H003"); EBC_User_SetSignVersion(user, "A005"); EBC_User_SetAuthVersion(user, "X002"); EBC_User_SetCryptVersion(user, "E002"); } else if (strcasecmp(ebicsVersion, "H004")==0) { EBC_User_SetProtoVersion(user, "H004"); EBC_User_SetSignVersion(user, "A005"); EBC_User_SetAuthVersion(user, "X002"); EBC_User_SetCryptVersion(user, "E002"); } else { fprintf(stderr, "%s", I18N("Invalid protocol version.\n" "Possible versions are H002, H003 and H004.\n")); return 3; } } /* try to get server address from database if still unknown */ if (!lserverAddr || *lserverAddr==0) { GWEN_BUFFER *tbuf; tbuf=GWEN_Buffer_new(0, 256, 0, 1); if (getBankUrl(AB_Provider_GetBanking(pro), lbankId, tbuf)) { DBG_INFO(0, "Could not find server address for \"%s\"", lbankId); } if (GWEN_Buffer_GetUsedBytes(tbuf)==0) { DBG_ERROR(0, "No address given and none available in internal db"); return 3; } url=GWEN_Url_fromString(GWEN_Buffer_GetStart(tbuf)); if (url==NULL) { DBG_ERROR(0, "Bad URL \"%s\" in internal db", GWEN_Buffer_GetStart(tbuf)); return 3; } GWEN_Buffer_free(tbuf); } else { /* set address */ url=GWEN_Url_fromString(lserverAddr); if (url==NULL) { DBG_ERROR(0, "Bad URL \"%s\"", lserverAddr); return 3; } } GWEN_Url_SetProtocol(url, "https"); if (GWEN_Url_GetPort(url)==0) GWEN_Url_SetPort(url, 443); /* set url */ if (1) { GWEN_BUFFER *tbuf; tbuf=GWEN_Buffer_new(0, 256, 0, 1); rv=GWEN_Url_toString(url, tbuf); if (rv<0) { DBG_ERROR(0, "Internal error storing URL"); return 3; } EBC_User_SetServerUrl(user, GWEN_Buffer_GetStart(tbuf)); GWEN_Buffer_free(tbuf); } GWEN_Url_free(url); if (importing) { EBC_User_AddFlags(user, EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA); EBC_User_SetStatus(user, EBC_UserStatus_Enabled); } rv=AB_Provider_AddUser(pro, user); if (rv<0) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Coud not add new user (%d)", rv); AB_User_free(user); return 4; } AB_User_free(user); /* context no longer needed */ GWEN_Crypt_Token_Context_free(ctx); } return 0; }
static int EBC_Provider_SignMessage_X001(AB_PROVIDER *pro, EB_MSG *msg, AB_USER *u, xmlNodePtr node) { EBC_PROVIDER *dp; int rv; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; const GWEN_CRYPT_TOKEN_KEYINFO *ki; uint32_t keyId; GWEN_BUFFER *hbuf; GWEN_BUFFER *bbuf; xmlNodePtr nodeX = NULL; xmlNodePtr nodeXX = NULL; xmlNodePtr nodeXXX = NULL; xmlNodePtr nodeXXXX = NULL; xmlNsPtr ns; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get key id */ keyId=GWEN_Crypt_Token_Context_GetAuthSignKeyId(ctx); ki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0xffffffff, 0); if (ki==NULL) { DBG_INFO(AQEBICS_LOGDOMAIN, "Keyinfo %04x not found on crypt token [%s:%s]", keyId, GWEN_Crypt_Token_GetTypeName(ct), GWEN_Crypt_Token_GetTokenName(ct)); GWEN_Crypt_Token_Close(ct, 0, 0); return GWEN_ERROR_NOT_FOUND; } /* prepare signature nodes */ ns=xmlSearchNs(EB_Msg_GetDoc(msg), node, BAD_CAST "ds"); assert(ns); /* build hash */ bbuf=GWEN_Buffer_new(0, 256, 0, 1); rv=EB_Msg_BuildHashSha1(msg, bbuf); if (rv) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not build hash"); GWEN_Buffer_free(bbuf); return rv; } /* base64 encode */ hbuf=GWEN_Buffer_new(0, 256, 0, 1); rv=GWEN_Base64_Encode((const uint8_t*)GWEN_Buffer_GetStart(bbuf), GWEN_Buffer_GetUsedBytes(bbuf), hbuf, 0); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Buffer_free(bbuf); return rv; } GWEN_Buffer_free(bbuf); /* create signature node */ nodeX=xmlNewChild(node, ns, BAD_CAST "SignedInfo", NULL); nodeXX=xmlNewChild(nodeX, ns, BAD_CAST "CanonicalizationMethod", NULL); xmlNewProp(nodeXX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); nodeXX=xmlNewChild(nodeX, ns, BAD_CAST "SignatureMethod", NULL); xmlNewProp(nodeXX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/2000/09/xmldsig#rsa-sha1"); nodeXX=xmlNewChild(nodeX, ns, BAD_CAST "Reference", NULL); xmlNewProp(nodeXX, BAD_CAST "URI", BAD_CAST "#xpointer(//*[@authenticate='true'])"); nodeXXX=xmlNewChild(nodeXX, ns, BAD_CAST "Transforms", NULL); nodeXXXX=xmlNewChild(nodeXXX, ns, BAD_CAST "Transform", NULL); xmlNewProp(nodeXXXX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); nodeXXX=xmlNewChild(nodeXX, ns, BAD_CAST "DigestMethod", NULL); xmlNewProp(nodeXXX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/2000/09/xmldsig#sha1"); /* store hash value */ xmlNewTextChild(nodeXX, ns, BAD_CAST "DigestValue", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); /* build hash over SignedInfo */ bbuf=GWEN_Buffer_new(0, 256, 0, 1); rv=EB_Xml_BuildNodeHashSha1(nodeX, "#xpointer(//*)", bbuf); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(bbuf); return rv; } /* sign hash */ if (1) { GWEN_CRYPT_PADDALGO *algo; int ksize; uint32_t l; const uint8_t prefix[]={ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14}; /* add prefix to hash of SignedInfo */ hbuf=GWEN_Buffer_new(0, 256, 0, 1); ksize=GWEN_Crypt_Token_KeyInfo_GetKeySize(ki); GWEN_Buffer_AppendBytes(hbuf, (const char*)prefix, sizeof(prefix)); GWEN_Buffer_AppendBuffer(hbuf, bbuf); GWEN_Buffer_Reset(bbuf); /* select padd algo */ algo=GWEN_Crypt_PaddAlgo_new(GWEN_Crypt_PaddAlgoId_Pkcs1_1); GWEN_Crypt_PaddAlgo_SetPaddSize(algo, ksize); /* actually sign */ GWEN_Buffer_AllocRoom(bbuf, ksize+16); l=GWEN_Buffer_GetMaxUnsegmentedWrite(bbuf); rv=GWEN_Crypt_Token_Sign(ct, keyId, algo, (const uint8_t*)GWEN_Buffer_GetStart(hbuf), GWEN_Buffer_GetUsedBytes(hbuf), (uint8_t*)GWEN_Buffer_GetPosPointer(bbuf), &l, NULL, /* ignore seq counter */ 0); GWEN_Crypt_PaddAlgo_free(algo); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(bbuf); GWEN_Buffer_free(hbuf); return rv; } GWEN_Buffer_IncrementPos(bbuf, l); GWEN_Buffer_AdjustUsedBytes(bbuf); /* base 64 encode signature */ GWEN_Buffer_Reset(hbuf); rv=GWEN_Base64_Encode((const uint8_t*)GWEN_Buffer_GetStart(bbuf), GWEN_Buffer_GetUsedBytes(bbuf), hbuf, 0); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Buffer_free(bbuf); return rv; } GWEN_Buffer_free(bbuf); /* store signature */ xmlNewTextChild(node, ns, BAD_CAST "SignatureValue", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); } return 0; }
int EBC_Provider_FillDataEncryptionInfoNode(AB_PROVIDER *pro, AB_USER *u, const GWEN_CRYPT_KEY *skey, xmlNodePtr node) { EBC_PROVIDER *dp; int rv; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; const GWEN_CRYPT_TOKEN_KEYINFO *ki; uint32_t keyId; GWEN_BUFFER *hbuf; xmlNodePtr nodeX = NULL; const char *s; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get key id for server crypt key */ keyId=GWEN_Crypt_Token_Context_GetEncipherKeyId(ctx); ki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0xffffffff, 0); if (ki==NULL) { DBG_INFO(AQEBICS_LOGDOMAIN, "Keyinfo %04x not found on crypt token [%s:%s]", keyId, GWEN_Crypt_Token_GetTypeName(ct), GWEN_Crypt_Token_GetTokenName(ct)); GWEN_Crypt_Token_Close(ct, 0, 0); return GWEN_ERROR_NOT_FOUND; } hbuf=GWEN_Buffer_new(0, 256, 0, 1); s=EBC_User_GetCryptVersion(u); if (!(s && *s)) s="E001"; if (strcasecmp(s, "E001")==0) { rv=EB_Key_Info_BuildHashSha1(ki, hbuf, 1); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Crypt_Token_Close(ct, 0, 0); return rv; } nodeX=xmlNewTextChild(node, NULL, BAD_CAST "EncryptionPubKeyDigest", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); assert(nodeX); xmlNewProp(nodeX, BAD_CAST "Version", BAD_CAST "E001"); xmlNewProp(nodeX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/2000/09/xmldsig#sha1"); } else if (strcasecmp(s, "E002")==0) { rv=EB_Key_Info_BuildHashSha256(ki, hbuf, 1); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Crypt_Token_Close(ct, 0, 0); return rv; } nodeX=xmlNewTextChild(node, NULL, BAD_CAST "EncryptionPubKeyDigest", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); assert(nodeX); xmlNewProp(nodeX, BAD_CAST "Version", BAD_CAST "E002"); xmlNewProp(nodeX, BAD_CAST "Algorithm", BAD_CAST "http://www.w3.org/2001/04/xmlenc#sha256"); } /* add encrypted transactio key */ hbuf=GWEN_Buffer_new(0, 256, 0, 1); rv=EBC_Provider_EncryptKey(pro, u, skey, hbuf); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); GWEN_Crypt_Token_Close(ct, 0, 0); return rv; } nodeX=xmlNewTextChild(node, NULL, BAD_CAST "TransactionKey", BAD_CAST GWEN_Buffer_GetStart(hbuf)); GWEN_Buffer_free(hbuf); assert(nodeX); return 0; }
int activateKey(GWEN_DB_NODE *dbArgs, int argc, char **argv) { GWEN_DB_NODE *db; const char *ttype; const char *tname; GWEN_CRYPT_TOKEN *ct; unsigned int keyId; int rv; const char *s; const GWEN_ARGS args[]={ { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Int, /* type */ "keyId", /* name */ 1, /* minnum */ 1, /* maxnum */ "k", /* short option */ "key", /* long option */ "Key id", /* short description */ "Key id" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenType", /* name */ 1, /* minnum */ 1, /* maxnum */ "t", /* short option */ "ttype", /* long option */ "Specify the crypt token type", /* short description */ "Specify the crypt token type" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenName", /* name */ 0, /* minnum */ 1, /* maxnum */ "n", /* short option */ "tname", /* long option */ "Specify the crypt token name", /* short description */ "Specify the crypt token name" /* long description */ }, { GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */ GWEN_ArgsType_Int, /* type */ "help", /* name */ 0, /* minnum */ 0, /* maxnum */ "h", /* short option */ "help", /* long option */ "Show this help screen", /* short description */ "Show this help screen" /* long description */ } }; db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local"); rv=GWEN_Args_Check(argc, argv, 1, GWEN_ARGS_MODE_ALLOW_FREEPARAM, args, db); if (rv==GWEN_ARGS_RESULT_ERROR) { fprintf(stderr, "ERROR: Could not parse arguments\n"); return 1; } else if (rv==GWEN_ARGS_RESULT_HELP) { GWEN_BUFFER *ubuf; ubuf=GWEN_Buffer_new(0, 1024, 0, 1); if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) { fprintf(stderr, "ERROR: Could not create help string\n"); return 1; } fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf)); GWEN_Buffer_free(ubuf); return 0; } keyId=GWEN_DB_GetIntValue(db, "keyId", 0, 0); if (keyId==0) { DBG_ERROR(0, "Key Id must not be zero"); return 1; } s=GWEN_DB_GetCharValue(db, "algo", 0, "rsa"); if (!s) { DBG_ERROR(0, "Algo id missing"); return 1; } ttype=GWEN_DB_GetCharValue(db, "tokenType", 0, 0); assert(ttype); tname=GWEN_DB_GetCharValue(db, "tokenName", 0, 0); /* get crypt token */ ct=getCryptToken(ttype, tname); if (ct==0) return 3; if (GWEN_DB_GetIntValue(dbArgs, "forcePin", 0, 0)) GWEN_Crypt_Token_AddModes(ct, GWEN_CRYPT_TOKEN_MODE_FORCE_PIN_ENTRY); /* open crypt token for use */ rv=GWEN_Crypt_Token_Open(ct, 1, 0); if (rv) { DBG_ERROR(0, "Could not open token"); return 3; } else { /* activate key */ rv=GWEN_Crypt_Token_ActivateKey(ct, keyId, 0); if (rv) { DBG_ERROR(GWEN_LOGDOMAIN, "Error activating key (%d)", rv); return 3; } } /* close crypt token */ rv=GWEN_Crypt_Token_Close(ct, 0, 0); if (rv) { DBG_ERROR(0, "Could not close token"); return 3; } fprintf(stderr, "Key %d successfully activated.\n", keyId); return 0; }
int EBC_Provider_EuSign_A004(AB_PROVIDER *pro, AB_USER *u, const char *requestType, const uint8_t *pMsg, uint32_t lMsg, GWEN_BUFFER *sbuf) { EBC_PROVIDER *dp; GWEN_MDIGEST *md; GWEN_BUFFER *hbuf; GWEN_BUFFER *ebuf; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; const GWEN_CRYPT_TOKEN_KEYINFO *ki; uint32_t keyId; int ksize; uint32_t l; GWEN_CRYPT_PADDALGO *algo; EB_EU *eu; GWEN_TIME *ti; int rv; const char *userId; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); userId=AB_User_GetUserId(u); md=GWEN_MDigest_Rmd160_new(); assert(md); rv=GWEN_MDigest_Begin(md); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_MDigest_free(md); return rv; } rv=GWEN_MDigest_Update(md, pMsg, lMsg); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_MDigest_free(md); return rv; } rv=GWEN_MDigest_End(md); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_MDigest_free(md); return rv; } hbuf=GWEN_Buffer_new(0, GWEN_MDigest_GetDigestSize(md), 0, 1); GWEN_Buffer_AppendBytes(hbuf, (const char*)GWEN_MDigest_GetDigestPtr(md), GWEN_MDigest_GetDigestSize(md)); GWEN_MDigest_free(md); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get key id */ keyId=GWEN_Crypt_Token_Context_GetSignKeyId(ctx); ki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0xffffffff, 0); if (ki==NULL) { DBG_INFO(AQEBICS_LOGDOMAIN, "Keyinfo %04x not found on crypt token [%s:%s]", keyId, GWEN_Crypt_Token_GetTypeName(ct), GWEN_Crypt_Token_GetTokenName(ct)); GWEN_Crypt_Token_Close(ct, 0, 0); GWEN_Buffer_free(hbuf); return GWEN_ERROR_NOT_FOUND; } ksize=GWEN_Crypt_Token_KeyInfo_GetKeySize(ki); /* select padd algo */ algo=GWEN_Crypt_PaddAlgo_new(GWEN_Crypt_PaddAlgoId_Iso9796_2); GWEN_Crypt_PaddAlgo_SetPaddSize(algo, ksize); /* actually sign */ ebuf=GWEN_Buffer_new(0, ksize+16, 0, 1); l=GWEN_Buffer_GetMaxUnsegmentedWrite(ebuf); rv=GWEN_Crypt_Token_Sign(ct, keyId, algo, (const uint8_t*)GWEN_Buffer_GetStart(hbuf), GWEN_Buffer_GetUsedBytes(hbuf), (uint8_t*)GWEN_Buffer_GetPosPointer(ebuf), &l, NULL, /* ignore seq counter */ 0); GWEN_Crypt_PaddAlgo_free(algo); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(ebuf); GWEN_Buffer_free(hbuf); return rv; } GWEN_Buffer_IncrementPos(ebuf, l); GWEN_Buffer_AdjustUsedBytes(ebuf); GWEN_Buffer_free(hbuf); /* assemble EU */ eu=EB_Eu_new(); EB_Eu_SetVersion(eu, "A004"); EB_Eu_SetModLen(eu, ksize*8); EB_Eu_SetJobType(eu, requestType); EB_Eu_SetSignature(eu, (const uint8_t*) GWEN_Buffer_GetStart(ebuf), GWEN_Buffer_GetUsedBytes(ebuf)); GWEN_Buffer_free(ebuf); ti=GWEN_CurrentTime(); EB_Eu_SetCreationTime(eu, ti); EB_Eu_SetSignatureTime(eu, ti); GWEN_Time_free(ti); EB_Eu_SetUserId(eu, userId); /* store EU in given buffer */ EB_Eu_toBuffer(eu, sbuf); EB_Eu_free(eu); return 0; }
int addUser(AB_BANKING *ab, GWEN_DB_NODE *dbArgs, int argc, char **argv) { GWEN_DB_NODE *db; AB_PROVIDER *pro; int rv; GWEN_BUFFER *nameBuffer=NULL; const char *tokenName; const char *tokenType; const char *bankId; const char *userId; const char *customerId; const char *server; const char *userName; int hbciVersion; int rdhType; uint32_t cid; const GWEN_ARGS args[]={ { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "userName", /* name */ 1, /* minnum */ 1, /* maxnum */ "N", /* short option */ "username", /* long option */ "Specify the user name", /* short description */ "Specify the user name (not the userid!)" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "bankId", /* name */ 0, /* minnum */ 1, /* maxnum */ "b", /* short option */ "bank", /* long option */ "Specify the bank code", /* short description */ "Specify the bank code" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "userId", /* name */ 0, /* minnum */ 1, /* maxnum */ "u", /* short option */ "user", /* long option */ "Specify the user id (Benutzerkennung)", /* short description */ "Specify the user id (Benutzerkennung)" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "customerId", /* name */ 0, /* minnum */ 1, /* maxnum */ "c", /* short option */ "customer", /* long option */ "Specify the customer id (Kundennummer)", /* short description */ "Specify the customer id (Kundennummer)" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenType", /* name */ 1, /* minnum */ 1, /* maxnum */ "t", /* short option */ "tokentype", /* long option */ "Specify the crypt token type", /* short description */ "Specify the crypt token type" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenName", /* name */ 0, /* minnum */ 1, /* maxnum */ "n", /* short option */ "tokenname", /* long option */ "Specify the crypt token name", /* short description */ "Specify the crypt token name" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "serverAddr", /* name */ 0, /* minnum */ 1, /* maxnum */ "s", /* short option */ "server", /* long option */ "Specify the server URL", /* short description */ "Specify the server URL" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Int, /* type */ "context", /* name */ 0, /* minnum */ 1, /* maxnum */ 0, /* short option */ "context", /* long option */ "Select a context on the medium", /* short description */ "Select a context on the medium" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, GWEN_ArgsType_Int, "hbciversion", 0, 1, 0, "hbciversion", "Select the HBCI version", "Select the HBCI protocol version" }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, GWEN_ArgsType_Int, "rdhType", 0, 1, 0, "rdhtype", "Select the RDH profile type (1, 2, 3, 5, 10)", "Select the RDH profile type (1, 2, 3, 5, 10)" }, { GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */ GWEN_ArgsType_Int, /* type */ "help", /* name */ 0, /* minnum */ 0, /* maxnum */ "h", /* short option */ "help", /* long option */ "Show this help screen", /* short description */ "Show this help screen" /* long description */ } }; db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local"); rv=GWEN_Args_Check(argc, argv, 1, 0 /*GWEN_ARGS_MODE_ALLOW_FREEPARAM*/, args, db); if (rv==GWEN_ARGS_RESULT_ERROR) { fprintf(stderr, "ERROR: Could not parse arguments\n"); return 1; } else if (rv==GWEN_ARGS_RESULT_HELP) { GWEN_BUFFER *ubuf; ubuf=GWEN_Buffer_new(0, 1024, 0, 1); if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) { fprintf(stderr, "ERROR: Could not create help string\n"); return 1; } fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf)); GWEN_Buffer_free(ubuf); return 0; } rv=AB_Banking_Init(ab); if (rv) { DBG_ERROR(0, "Error on init (%d)", rv); return 2; } rv=AB_Banking_OnlineInit(ab); if (rv) { DBG_ERROR(0, "Error on init (%d)", rv); return 2; } pro=AB_Banking_GetProvider(ab, "aqhbci"); assert(pro); tokenType=GWEN_DB_GetCharValue(db, "tokenType", 0, 0); tokenName=GWEN_DB_GetCharValue(db, "tokenName", 0, 0); bankId=GWEN_DB_GetCharValue(db, "bankId", 0, 0); userId=GWEN_DB_GetCharValue(db, "userId", 0, 0); customerId=GWEN_DB_GetCharValue(db, "customerId", 0, 0); server=GWEN_DB_GetCharValue(db, "serverAddr", 0, 0); cid=GWEN_DB_GetIntValue(db, "context", 0, 1); hbciVersion=GWEN_DB_GetIntValue(db, "hbciVersion", 0, 0); rdhType=GWEN_DB_GetIntValue(db, "rdhType", 0, 1); userName=GWEN_DB_GetCharValue(db, "userName", 0, 0); assert(userName); /* generic check for some arguments */ if (hbciVersion>0 && rdhType>1) { if (hbciVersion<300 && rdhType>1) { DBG_ERROR(0, "RDH Types 2 and above only work with HBCI version 300 or later"); return 1; } } if (hbciVersion>0) { switch(hbciVersion) { case 201: case 210: case 220: case 300: /* supported */ break; default: DBG_ERROR(0, "HBCI/FinTS version %d not supported", hbciVersion); return 1; } } if (rdhType>0) { switch(rdhType) { case 1: case 2: case 10: /* supported */ break; case 3: case 4: case 5: case 6: case 7: case 8: case 9: default: DBG_ERROR(0, "RDH type %d not supported", rdhType); return 1; } } if (1) { const char *lbankId; const char *luserId; const char *lcustomerId; const char *lserverAddr; AH_CRYPT_MODE cm; GWEN_URL *url; GWEN_CRYPT_TOKEN_CONTEXT *ctx=NULL; AB_USER *user; if (strcasecmp(tokenType, "pintan")==0) { lbankId=bankId; luserId=userId; lcustomerId=customerId?customerId:luserId; lserverAddr=server; cm=AH_CryptMode_Pintan; } else { GWEN_PLUGIN_MANAGER *pm; GWEN_PLUGIN *pl; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *cctx; const GWEN_CRYPT_TOKEN_KEYINFO *ki; uint32_t keyId; GWEN_CRYPT_CRYPTALGOID algo; if (cid==0) { DBG_ERROR(0, "No context given."); return 1; } /* get crypt token */ pm=GWEN_PluginManager_FindPluginManager("ct"); if (pm==0) { DBG_ERROR(0, "Plugin manager not found"); return 3; } pl=GWEN_PluginManager_GetPlugin(pm, tokenType); if (pl==0) { DBG_ERROR(0, "Plugin not found"); return 3; } DBG_INFO(0, "Plugin found"); ct=GWEN_Crypt_Token_Plugin_CreateToken(pl, tokenName); if (ct==0) { DBG_ERROR(0, "Could not create crypt token"); return 3; } /* open crypt token */ rv=GWEN_Crypt_Token_Open(ct, 0, 0); if (rv) { DBG_ERROR(0, "Could not open token (%d)", rv); GWEN_Crypt_Token_free(ct); return 3; } /* get real token name */ nameBuffer=GWEN_Buffer_new(0, 64, 0, 1); GWEN_Buffer_AppendString(nameBuffer, GWEN_Crypt_Token_GetTokenName(ct)); tokenName=GWEN_Buffer_GetStart(nameBuffer); cctx=GWEN_Crypt_Token_GetContext(ct, cid, 0); if (cctx==NULL) { DBG_ERROR(0, "Context %02x not found", cid); GWEN_Buffer_free(nameBuffer); GWEN_Crypt_Token_Close(ct, 1, 0); GWEN_Crypt_Token_free(ct); return 3; } ctx=GWEN_Crypt_Token_Context_dup(cctx); lbankId=bankId?bankId:GWEN_Crypt_Token_Context_GetServiceId(ctx); luserId=userId?userId:GWEN_Crypt_Token_Context_GetUserId(ctx); lcustomerId=customerId?customerId:luserId; lserverAddr=server?server:GWEN_Crypt_Token_Context_GetAddress(ctx); /* determine crypt mode */ keyId=GWEN_Crypt_Token_Context_GetSignKeyId(ctx); if (keyId==0) keyId=GWEN_Crypt_Token_Context_GetVerifyKeyId(ctx); if (keyId==0) keyId=GWEN_Crypt_Token_Context_GetEncipherKeyId(ctx); if (keyId==0) keyId=GWEN_Crypt_Token_Context_GetDecipherKeyId(ctx); GWEN_Crypt_Token_Context_free(ctx); if (keyId==0) { DBG_ERROR(0, "No keys, unable to determine crypt mode"); GWEN_Buffer_free(nameBuffer); GWEN_Crypt_Token_Close(ct, 1, 0); GWEN_Crypt_Token_free(ct); return 3; } ki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0xffffffff, 0); if (ki==NULL) { DBG_ERROR(0, "Could not get keyinfo for key %d, " "unable to determine crypt mode", keyId); GWEN_Buffer_free(nameBuffer); GWEN_Crypt_Token_Close(ct, 1, 0); GWEN_Crypt_Token_free(ct); return 3; } algo=GWEN_Crypt_Token_KeyInfo_GetCryptAlgoId(ki); if (algo==GWEN_Crypt_CryptAlgoId_Des3K) cm=AH_CryptMode_Ddv; else if (algo==GWEN_Crypt_CryptAlgoId_Rsa) cm=AH_CryptMode_Rdh; else { DBG_ERROR(0, "Unexpected crypt algorithm \"%s\", " "unable to determine crypt mode", GWEN_Crypt_CryptAlgoId_toString(algo)); GWEN_Buffer_free(nameBuffer); GWEN_Crypt_Token_Close(ct, 1, 0); GWEN_Crypt_Token_free(ct); return 3; } rv=GWEN_Crypt_Token_Close(ct, 0, 0); GWEN_Crypt_Token_free(ct); if (rv) { DBG_ERROR(0, "Could not close token (%d)", rv); GWEN_Buffer_free(nameBuffer); return 3; } } if (!lbankId || !*lbankId) { DBG_ERROR(0, "No bank id stored and none given"); GWEN_Buffer_free(nameBuffer); return 3; } if (!luserId || !*luserId) { DBG_ERROR(0, "No user id (Benutzerkennung) stored and none given"); GWEN_Buffer_free(nameBuffer); return 3; } user=AB_Banking_FindUser(ab, AH_PROVIDER_NAME, "de", lbankId, luserId, lcustomerId); if (user) { DBG_ERROR(0, "User %s already exists", luserId); return 3; } user=AB_Banking_CreateUser(ab, AH_PROVIDER_NAME); assert(user); AB_User_SetUserName(user, userName); AB_User_SetCountry(user, "de"); AB_User_SetBankCode(user, lbankId); AB_User_SetUserId(user, luserId); AB_User_SetCustomerId(user, lcustomerId); AH_User_SetTokenType(user, tokenType); AH_User_SetTokenName(user, tokenName); AH_User_SetTokenContextId(user, cid); AH_User_SetCryptMode(user, cm); if (rdhType>0) AH_User_SetRdhType(user, rdhType); GWEN_Buffer_free(nameBuffer); if (hbciVersion==0) { if (cm==AH_CryptMode_Pintan) AH_User_SetHbciVersion(user, 220); else { if (rdhType>1) AH_User_SetHbciVersion(user, 300); else AH_User_SetHbciVersion(user, 210); } } else { AH_User_SetHbciVersion(user, hbciVersion); } /* try to get server address from database if still unknown */ if (!lserverAddr || *lserverAddr==0) { GWEN_BUFFER *tbuf; tbuf=GWEN_Buffer_new(0, 256, 0, 1); if (getBankUrl(ab, cm, lbankId, tbuf)) { DBG_INFO(0, "Could not find server address for \"%s\"", lbankId); } if (GWEN_Buffer_GetUsedBytes(tbuf)==0) { DBG_ERROR(0, "No address given and none available in internal db"); return 3; } url=GWEN_Url_fromString(GWEN_Buffer_GetStart(tbuf)); if (url==NULL) { DBG_ERROR(0, "Bad URL \"%s\" in internal db", GWEN_Buffer_GetStart(tbuf)); return 3; } GWEN_Buffer_free(tbuf); } else { /* set address */ url=GWEN_Url_fromString(lserverAddr); if (url==NULL) { DBG_ERROR(0, "Bad URL \"%s\"", lserverAddr); return 3; } } if (cm==AH_CryptMode_Pintan) { GWEN_Url_SetProtocol(url, "https"); if (GWEN_Url_GetPort(url)==0) GWEN_Url_SetPort(url, 443); } else { GWEN_Url_SetProtocol(url, "hbci"); if (GWEN_Url_GetPort(url)==0) GWEN_Url_SetPort(url, 3000); } AH_User_SetServerUrl(user, url); GWEN_Url_free(url); if (cm==AH_CryptMode_Ddv) AH_User_SetStatus(user, AH_UserStatusEnabled); AB_Banking_AddUser(ab, user); } rv=AB_Banking_OnlineFini(ab); if (rv) { fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv); return 5; } rv=AB_Banking_Fini(ab); if (rv) { fprintf(stderr, "ERROR: Error on deinit (%d)\n", rv); return 5; } return 0; }
int EBC_Provider_EuSign_A005(AB_PROVIDER *pro, AB_USER *u, const char *requestType, const uint8_t *pMsg, uint32_t lMsg, GWEN_BUFFER *sbuf) { EBC_PROVIDER *dp; GWEN_BUFFER *xbuf; GWEN_BUFFER *hbuf; GWEN_CRYPT_TOKEN *ct; const GWEN_CRYPT_TOKEN_CONTEXT *ctx; const GWEN_CRYPT_TOKEN_KEYINFO *ki; uint32_t keyId; int ksize; uint32_t l; GWEN_CRYPT_PADDALGO *algo; int rv; int numPaddBytes=0; const uint8_t digestInfo[]= { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 }; assert(pro); dp=GWEN_INHERIT_GETDATA(AB_PROVIDER, EBC_PROVIDER, pro); assert(dp); /* get crypt token and context */ rv=EBC_Provider_MountToken(pro, u, &ct, &ctx); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); return rv; } /* get key id */ keyId=GWEN_Crypt_Token_Context_GetSignKeyId(ctx); ki=GWEN_Crypt_Token_GetKeyInfo(ct, keyId, 0xffffffff, 0); if (ki==NULL) { DBG_INFO(AQEBICS_LOGDOMAIN, "Keyinfo %04x not found on crypt token [%s:%s]", keyId, GWEN_Crypt_Token_GetTypeName(ct), GWEN_Crypt_Token_GetTokenName(ct)); GWEN_Crypt_Token_Close(ct, 0, 0); return GWEN_ERROR_NOT_FOUND; } xbuf=GWEN_Buffer_new(0, 40, 0, 1); EBC_Provider_Sha256(pMsg, lMsg, xbuf); /* add digestInfo to hash of SignedInfo */ hbuf=GWEN_Buffer_new(0, 256, 0, 1); ksize=GWEN_Crypt_Token_KeyInfo_GetKeySize(ki); GWEN_Buffer_AppendByte(hbuf, 0x01); /* block type */ numPaddBytes=ksize-3-sizeof(digestInfo)-GWEN_Buffer_GetUsedBytes(xbuf); if (numPaddBytes<1) { DBG_ERROR(AQEBICS_LOGDOMAIN, "Invalid number of padd bytes, key too small (%d)", numPaddBytes); GWEN_Buffer_free(xbuf); GWEN_Buffer_free(hbuf); return GWEN_ERROR_INTERNAL; } GWEN_Buffer_FillWithBytes(hbuf, 0xff, numPaddBytes); GWEN_Buffer_AppendByte(hbuf, 0x01); /* separator */ GWEN_Buffer_AppendBytes(hbuf, (const char *)digestInfo, sizeof(digestInfo)); /* digest info */ GWEN_Buffer_AppendBytes(hbuf, GWEN_Buffer_GetStart(xbuf), GWEN_Buffer_GetUsedBytes(xbuf)); /* hash */ GWEN_Buffer_free(xbuf); /* select padd algo */ algo=GWEN_Crypt_PaddAlgo_new(GWEN_Crypt_PaddAlgoId_None); GWEN_Crypt_PaddAlgo_SetPaddSize(algo, ksize); /* actually sign */ GWEN_Buffer_AllocRoom(sbuf, ksize+16); l=GWEN_Buffer_GetMaxUnsegmentedWrite(sbuf); rv=GWEN_Crypt_Token_Sign(ct, keyId, algo, (const uint8_t *)GWEN_Buffer_GetStart(hbuf), GWEN_Buffer_GetUsedBytes(hbuf), (uint8_t *)GWEN_Buffer_GetPosPointer(sbuf), &l, NULL, /* ignore seq counter */ 0); GWEN_Crypt_PaddAlgo_free(algo); if (rv<0) { DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv); GWEN_Buffer_free(hbuf); return rv; } GWEN_Buffer_IncrementPos(sbuf, l); GWEN_Buffer_AdjustUsedBytes(sbuf); GWEN_Buffer_free(hbuf); return 0; }
int cryptWithNew2(GWEN_DB_NODE *dbArgs, int argc, char **argv) { GWEN_DB_NODE *db; const char *ttype; const char *tname; GWEN_PLUGIN_MANAGER *pm; GWEN_PLUGIN *pl; GWEN_CRYPT_TOKEN *ct; unsigned int cid; int rv; const GWEN_ARGS args[]={ { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Int, /* type */ "contextId", /* name */ 0, /* minnum */ 1, /* maxnum */ "i", /* short option */ "id", /* long option */ "Context id (0 for any)", /* short description */ "Context id (0 for any)" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenType", /* name */ 1, /* minnum */ 1, /* maxnum */ "t", /* short option */ "ttype", /* long option */ "Specify the crypt token type", /* short description */ "Specify the crypt token type" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenName", /* name */ 0, /* minnum */ 1, /* maxnum */ "n", /* short option */ "tname", /* long option */ "Specify the crypt token name", /* short description */ "Specify the crypt token name" /* long description */ }, { GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */ GWEN_ArgsType_Int, /* type */ "help", /* name */ 0, /* minnum */ 0, /* maxnum */ "h", /* short option */ "help", /* long option */ "Show this help screen", /* short description */ "Show this help screen" /* long description */ } }; db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local"); rv=GWEN_Args_Check(argc, argv, 1, GWEN_ARGS_MODE_ALLOW_FREEPARAM, args, db); if (rv==GWEN_ARGS_RESULT_ERROR) { fprintf(stderr, "ERROR: Could not parse arguments\n"); return 1; } else if (rv==GWEN_ARGS_RESULT_HELP) { GWEN_BUFFER *ubuf; ubuf=GWEN_Buffer_new(0, 1024, 0, 1); if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) { fprintf(stderr, "ERROR: Could not create help string\n"); return 1; } fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf)); GWEN_Buffer_free(ubuf); return 0; } cid=GWEN_DB_GetIntValue(db, "contextId", 0, 0); ttype=GWEN_DB_GetCharValue(db, "tokenType", 0, 0); assert(ttype); tname=GWEN_DB_GetCharValue(db, "tokenName", 0, 0); /* get crypt token */ pm=GWEN_PluginManager_FindPluginManager("ct"); if (pm==0) { DBG_ERROR(0, "Plugin manager not found"); return 3; } pl=GWEN_PluginManager_GetPlugin(pm, ttype); if (pl==0) { DBG_ERROR(0, "Plugin not found"); return 3; } DBG_INFO(0, "Plugin found"); ct=GWEN_Crypt_Token_Plugin_CreateToken(pl, tname); if (ct==0) { DBG_ERROR(0, "Could not create crypt token"); return 3; } if (GWEN_DB_GetIntValue(dbArgs, "forcePin", 0, 0)) GWEN_Crypt_Token_AddModes(ct, GWEN_CRYPT_TOKEN_MODE_FORCE_PIN_ENTRY); /* open crypt token for use */ rv=GWEN_Crypt_Token_Open(ct, 0, 0); if (rv) { DBG_ERROR(0, "Could not open token"); return 3; } else { uint8_t clearText[96]={ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, 0x60 }; uint8_t encrypted[128]; uint32_t elen; uint8_t decrypted[128]; uint32_t dlen; GWEN_CRYPT_PADDALGO *algo; algo=GWEN_Crypt_PaddAlgo_new(GWEN_Crypt_PaddAlgoId_None); elen=sizeof(encrypted); rv=GWEN_Crypt_Token_Encipher(ct, 0x02, algo, clearText, 96, encrypted, &elen, 0); if (rv) { DBG_ERROR(0, "Could not encipher data (%d)", rv); return 3; } fprintf(stderr, "Encrypted data is:\n"); GWEN_Text_DumpString((const char*) encrypted, elen, stderr, 2); dlen=sizeof(decrypted); rv=GWEN_Crypt_Token_Decipher(ct, 0x02, algo, encrypted, elen, decrypted, &dlen, 0); if (rv) { DBG_ERROR(0, "Could not decipher data (%d)", rv); return 3; } if (memcmp(clearText, decrypted, dlen)) { DBG_ERROR(0, "Deciphered data does not equal clear text(%d)", rv); return 3; } fprintf(stderr, "Deciphered data is ok.\n"); } /* close crypt token */ rv=GWEN_Crypt_Token_Close(ct, 0, 0); if (rv) { DBG_ERROR(0, "Could not close token"); return 3; } return 0; }
int genKey(GWEN_DB_NODE *dbArgs, int argc, char **argv) { GWEN_DB_NODE *db; const char *ttype; const char *tname; GWEN_CRYPT_TOKEN *ct; unsigned int keyId; unsigned int keySize; GWEN_CRYPT_CRYPTALGOID algoId; int rv; const char *s; const GWEN_ARGS args[]={ { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Int, /* type */ "keyId", /* name */ 1, /* minnum */ 1, /* maxnum */ "k", /* short option */ "key", /* long option */ "Key id", /* short description */ "Key id" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenType", /* name */ 1, /* minnum */ 1, /* maxnum */ "t", /* short option */ "ttype", /* long option */ "Specify the crypt token type", /* short description */ "Specify the crypt token type" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenName", /* name */ 0, /* minnum */ 1, /* maxnum */ "n", /* short option */ "tname", /* long option */ "Specify the crypt token name", /* short description */ "Specify the crypt token name" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "algo", /* name */ 0, /* minnum */ 1, /* maxnum */ "a", /* short option */ "algo", /* long option */ "Specify the algorithm", /* short description */ "Specify the algorithm" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Int, /* type */ "keysize", /* name */ 0, /* minnum */ 1, /* maxnum */ "s", /* short option */ "keysize", /* long option */ "Key size in bytes", /* short description */ "Key size in bytes" /* long description */ }, { 0, /* flags */ GWEN_ArgsType_Int, /* type */ "exp65537", /* name */ 0, /* minnum */ 1, /* maxnum */ "e", /* short option */ "exp65537", /* long option */ "Use default exponent of 65537", /* short description */ "Use default exponent of 65537" /* long description */ }, { GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */ GWEN_ArgsType_Int, /* type */ "help", /* name */ 0, /* minnum */ 0, /* maxnum */ "h", /* short option */ "help", /* long option */ "Show this help screen", /* short description */ "Show this help screen" /* long description */ } }; db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local"); rv=GWEN_Args_Check(argc, argv, 1, GWEN_ARGS_MODE_ALLOW_FREEPARAM, args, db); if (rv==GWEN_ARGS_RESULT_ERROR) { fprintf(stderr, "ERROR: Could not parse arguments\n"); return 1; } else if (rv==GWEN_ARGS_RESULT_HELP) { GWEN_BUFFER *ubuf; ubuf=GWEN_Buffer_new(0, 1024, 0, 1); if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) { fprintf(stderr, "ERROR: Could not create help string\n"); return 1; } fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf)); GWEN_Buffer_free(ubuf); return 0; } keyId=GWEN_DB_GetIntValue(db, "keyId", 0, 0); if (keyId==0) { DBG_ERROR(0, "Key Id must not be zero"); return 1; } s=GWEN_DB_GetCharValue(db, "algo", 0, "rsa"); if (!s) { DBG_ERROR(0, "Algo id missing"); return 1; } algoId=GWEN_Crypt_CryptAlgoId_fromString(s); if (algoId==GWEN_Crypt_CryptAlgoId_Unknown) { DBG_ERROR(0, "Bad algo id [%s]", s); return 1; } keySize=GWEN_DB_GetIntValue(db, "keySize", 0, 96); if (keySize==0) { DBG_ERROR(0, "Invalid key size %d", keySize); return 1; } ttype=GWEN_DB_GetCharValue(db, "tokenType", 0, 0); assert(ttype); tname=GWEN_DB_GetCharValue(db, "tokenName", 0, 0); /* get crypt token */ ct=getCryptToken(ttype, tname); if (ct==0) return 3; if (GWEN_DB_GetIntValue(dbArgs, "forcePin", 0, 0)) GWEN_Crypt_Token_AddModes(ct, GWEN_CRYPT_TOKEN_MODE_FORCE_PIN_ENTRY); if (GWEN_DB_GetIntValue(db, "exp65537", 0, 0)) GWEN_Crypt_Token_AddModes(ct, GWEN_CRYPT_TOKEN_MODE_EXP_65537); /* open crypt token for use */ rv=GWEN_Crypt_Token_Open(ct, 1, 0); if (rv) { DBG_ERROR(0, "Could not open token"); return 3; } else { GWEN_CRYPT_CRYPTALGO *algo; algo=GWEN_Crypt_CryptAlgo_new(algoId, GWEN_Crypt_CryptMode_None); GWEN_Crypt_CryptAlgo_SetChunkSize(algo, keySize); /* generate key */ rv=GWEN_Crypt_Token_GenerateKey(ct, keyId, algo, 0); if (rv) { DBG_ERROR(GWEN_LOGDOMAIN, "Error generating key (%d)", rv); GWEN_Crypt_CryptAlgo_free(algo); return 3; } } /* close crypt token */ rv=GWEN_Crypt_Token_Close(ct, 0, 0); if (rv) { DBG_ERROR(0, "Could not close token"); return 3; } fprintf(stderr, "Key %d (%s, %d bytes) successfully generated.\n", keyId, GWEN_Crypt_CryptAlgoId_toString(algoId), keySize); return 0; }
int showUser(GWEN_DB_NODE *dbArgs, int argc, char **argv) { GWEN_DB_NODE *db; const char *ttype; const char *tname; GWEN_CRYPT_TOKEN *ct; unsigned int cid; int shown=0; int rv; const GWEN_ARGS args[]= { { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Int, /* type */ "contextId", /* name */ 0, /* minnum */ 1, /* maxnum */ "i", /* short option */ "id", /* long option */ "Context id (0 for any)", /* short description */ "Context id (0 for any)" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenType", /* name */ 1, /* minnum */ 1, /* maxnum */ "t", /* short option */ "ttype", /* long option */ "Specify the crypt token type", /* short description */ "Specify the crypt token type" /* long description */ }, { GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */ GWEN_ArgsType_Char, /* type */ "tokenName", /* name */ 0, /* minnum */ 1, /* maxnum */ "n", /* short option */ "tname", /* long option */ "Specify the crypt token name", /* short description */ "Specify the crypt token name" /* long description */ }, { GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */ GWEN_ArgsType_Int, /* type */ "help", /* name */ 0, /* minnum */ 0, /* maxnum */ "h", /* short option */ "help", /* long option */ "Show this help screen", /* short description */ "Show this help screen" /* long description */ } }; db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local"); rv=GWEN_Args_Check(argc, argv, 1, GWEN_ARGS_MODE_ALLOW_FREEPARAM, args, db); if (rv==GWEN_ARGS_RESULT_ERROR) { fprintf(stderr, "ERROR: Could not parse arguments\n"); return 1; } else if (rv==GWEN_ARGS_RESULT_HELP) { GWEN_BUFFER *ubuf; ubuf=GWEN_Buffer_new(0, 1024, 0, 1); if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) { fprintf(stderr, "ERROR: Could not create help string\n"); return 1; } fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf)); GWEN_Buffer_free(ubuf); return 0; } cid=GWEN_DB_GetIntValue(db, "contextId", 0, 0); ttype=GWEN_DB_GetCharValue(db, "tokenType", 0, 0); assert(ttype); tname=GWEN_DB_GetCharValue(db, "tokenName", 0, 0); /* get crypt token */ ct=getCryptToken(ttype, tname); if (ct==0) return 3; if (GWEN_DB_GetIntValue(dbArgs, "forcePin", 0, 0)) GWEN_Crypt_Token_AddModes(ct, GWEN_CRYPT_TOKEN_MODE_FORCE_PIN_ENTRY); /* open crypt token for use */ rv=GWEN_Crypt_Token_Open(ct, 0, 0); if (rv) { DBG_ERROR(0, "Could not open token"); return 3; } else { uint32_t ctxIds[32]; uint32_t ctxCount; uint32_t i; ctxCount=32; rv=GWEN_Crypt_Token_GetContextIdList(ct, ctxIds, &ctxCount, 0); if (rv<0) { DBG_ERROR(0, "Error filling context list"); GWEN_Crypt_Token_Close(ct, 0, 0); return 3; } for (i=0; i<ctxCount; i++) { if (cid==0 || cid==ctxIds[i]) { const GWEN_CRYPT_TOKEN_CONTEXT *ctx; const char *s; uint32_t kid; ctx=GWEN_Crypt_Token_GetContext(ct, ctxIds[i], 0); if (ctx) { fprintf(stdout, "-------------------------------------------------\n"); fprintf(stdout, "Context %u\n", (unsigned int)GWEN_Crypt_Token_Context_GetId(ctx)); s=GWEN_Crypt_Token_Context_GetServiceId(ctx); if (s) fprintf(stdout, "Service : %s\n", s); s=GWEN_Crypt_Token_Context_GetUserId(ctx); if (s) fprintf(stdout, "User Id : %s\n", s); s=GWEN_Crypt_Token_Context_GetCustomerId(ctx); if (s) fprintf(stdout, "Customer Id : %s\n", s); s=GWEN_Crypt_Token_Context_GetUserName(ctx); if (s) fprintf(stdout, "User Name : %s\n", s); s=GWEN_Crypt_Token_Context_GetPeerId(ctx); if (s) fprintf(stdout, "Peer Id : %s\n", s); s=GWEN_Crypt_Token_Context_GetPeerName(ctx); if (s) fprintf(stdout, "Peer Name : %s\n", s); s=GWEN_Crypt_Token_Context_GetAddress(ctx); if (s) fprintf(stdout, "Address : %s\n", s); fprintf(stdout, "Port : %d\n", GWEN_Crypt_Token_Context_GetPort(ctx)); s=GWEN_Crypt_Token_Context_GetSystemId(ctx); if (s) fprintf(stdout, "System Id : %s\n", s); kid=GWEN_Crypt_Token_Context_GetSignKeyId(ctx); if (kid!=0) fprintf(stdout, "Sign Key Id : %d\n", kid); kid=GWEN_Crypt_Token_Context_GetVerifyKeyId(ctx); if (kid!=0) fprintf(stdout, "Verify Key Id : %d\n", kid); kid=GWEN_Crypt_Token_Context_GetEncipherKeyId(ctx); if (kid!=0) fprintf(stdout, "Encipher Key Id: %d\n", kid); kid=GWEN_Crypt_Token_Context_GetDecipherKeyId(ctx); if (kid!=0) fprintf(stdout, "Decipher Key Id: %d\n", kid); shown++; } else { fprintf(stderr, "Context %d not found (%d)\n", i, ctxIds[i]); } } } } /* close crypt token */ rv=GWEN_Crypt_Token_Close(ct, 0, 0); if (rv) { DBG_ERROR(0, "Could not close token"); return 3; } if (!shown) { if (cid==0) { DBG_ERROR(0, "No context found"); } else { DBG_ERROR(0, "Context %u not found", cid); } return 1; } return 0; }