1 /***************************************************************************
2 begin : Mon Mar 01 2004
3 copyright : (C) 2019 by Martin Preuss
4 email : martin@libchipcard.de
5
6 ***************************************************************************
7 * Please see toplevel file COPYING for license details *
8 ***************************************************************************/
9
10 #ifdef HAVE_CONFIG_H
11 # include <config.h>
12 #endif
13
14
15 #include "r_hia_l.h"
16
17 #include "aqebics/aqebics_l.h"
18 #include "aqebics/msg/msg.h"
19 #include "aqebics/msg/keys.h"
20 #include "aqebics/msg/zip.h"
21 #include "aqebics/msg/xml.h"
22 #include "aqebics/client/user_l.h"
23
24 #include <gwenhywfar/base64.h>
25 #include <gwenhywfar/gui.h>
26 #include <gwenhywfar/httpsession.h>
27
28
29
EBC_Provider_XchgHiaRequest_H004(AB_PROVIDER * pro,GWEN_HTTP_SESSION * sess,AB_USER * u)30 int EBC_Provider_XchgHiaRequest_H004(AB_PROVIDER *pro, GWEN_HTTP_SESSION *sess, AB_USER *u)
31 {
32 int rv;
33 GWEN_CRYPT_TOKEN *ct;
34 const GWEN_CRYPT_TOKEN_CONTEXT *ctx;
35 uint32_t kid;
36 const GWEN_CRYPT_TOKEN_KEYINFO *cryptKeyInfo=NULL;
37 const GWEN_CRYPT_TOKEN_KEYINFO *authKeyInfo=NULL;
38 xmlNsPtr ns;
39 EB_MSG *msg;
40 const char *userId;
41 const char *partnerId;
42 EB_MSG *mRsp;
43 EB_RC rc;
44 xmlDocPtr doc;
45 xmlNodePtr root_node = NULL;
46 xmlNodePtr node = NULL;
47 /*xmlNodePtr nodeX = NULL;*/
48 GWEN_BUFFER *mbuf;
49 GWEN_BUFFER *tbuf;
50 const char *s;
51
52 userId=AB_User_GetUserId(u);
53 partnerId=AB_User_GetCustomerId(u);
54
55 /* get crypt token and context */
56 rv=EBC_Provider_MountToken(pro, u, &ct, &ctx);
57 if (rv<0) {
58 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
59 return rv;
60 }
61
62 /* get crypt key info */
63 kid=GWEN_Crypt_Token_Context_GetDecipherKeyId(ctx);
64 if (kid) {
65 cryptKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
66 GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
67 GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
68 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
69 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
70 0);
71 if (cryptKeyInfo==NULL) {
72 DBG_ERROR(AQEBICS_LOGDOMAIN, "Crypt key info not found on crypt token");
73 GWEN_Gui_ProgressLog(0,
74 GWEN_LoggerLevel_Error,
75 I18N("Crypt key info not found on crypt token"));
76 return GWEN_ERROR_NOT_FOUND;
77 }
78 }
79
80 /* get auth sign key info */
81 kid=GWEN_Crypt_Token_Context_GetAuthSignKeyId(ctx);
82 if (kid) {
83 authKeyInfo=GWEN_Crypt_Token_GetKeyInfo(ct, kid,
84 GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
85 GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
86 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
87 GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER,
88 0);
89 if (authKeyInfo==NULL) {
90 DBG_ERROR(AQEBICS_LOGDOMAIN, "Auth key info not found on crypt token");
91 GWEN_Gui_ProgressLog(0,
92 GWEN_LoggerLevel_Error,
93 I18N("Auth key info not found on crypt token"));
94 return GWEN_ERROR_NOT_FOUND;
95 }
96 }
97
98 /* create HIARequestOrderData */
99 doc=xmlNewDoc(BAD_CAST "1.0");
100 doc->encoding=xmlCharStrdup("UTF-8");
101 root_node=xmlNewNode(NULL, BAD_CAST "HIARequestOrderData");
102 xmlDocSetRootElement(doc, root_node);
103 ns=xmlNewNs(root_node,
104 BAD_CAST "http://www.ebics.org/H004",
105 NULL);
106 assert(ns);
107 ns=xmlNewNs(root_node,
108 BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
109 BAD_CAST "ds");
110 assert(ns);
111 ns=xmlNewNs(root_node,
112 BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
113 BAD_CAST "xsi");
114 xmlNewNsProp(root_node,
115 ns,
116 BAD_CAST "schemaLocation", /* xsi:schemaLocation */
117 BAD_CAST "http://www.ebics.org/H004 "
118 "http://www.ebics.org/H004/ebics_orders.xsd");
119
120 /* create auth key tree */
121 node=xmlNewChild(root_node, NULL,
122 BAD_CAST "AuthenticationPubKeyInfo", NULL);
123 rv=EB_Key_Info_toXml(authKeyInfo, node);
124 if (rv<0) {
125 DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv);
126 xmlFreeDoc(doc);
127 return GWEN_ERROR_INVALID;
128 }
129 xmlNewChild(node, NULL,
130 BAD_CAST "AuthenticationVersion",
131 BAD_CAST "X002");
132
133 /* create crypt key tree */
134 node=xmlNewChild(root_node, NULL,
135 BAD_CAST "EncryptionPubKeyInfo", NULL);
136 rv=EB_Key_Info_toXml(cryptKeyInfo, node);
137 if (rv<0) {
138 DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%d)", rv);
139 xmlFreeDoc(doc);
140 return rv;
141 }
142 xmlNewChild(node, NULL,
143 BAD_CAST "EncryptionVersion",
144 BAD_CAST "E002");
145
146 /* store partner id and user id */
147 node=xmlNewChild(root_node, NULL,
148 BAD_CAST "PartnerID",
149 BAD_CAST partnerId);
150
151 node=xmlNewChild(root_node, NULL,
152 BAD_CAST "UserID",
153 BAD_CAST userId);
154
155 /* compress and base64 doc */
156 mbuf=GWEN_Buffer_new(0, 512, 0, 1);
157 rv=EB_Xml_Compress64Doc(doc, mbuf);
158 if (rv<0) {
159 DBG_ERROR(AQEBICS_LOGDOMAIN, "Error compressing/encoding doc (%d)", rv);
160 xmlFreeDoc(doc);
161 return rv;
162 }
163 xmlFreeDoc(doc);
164
165 /* create request */
166 msg=EB_Msg_new();
167 doc=EB_Msg_GetDoc(msg);
168 root_node=xmlNewNode(NULL, BAD_CAST "ebicsUnsecuredRequest");
169 xmlDocSetRootElement(doc, root_node);
170 ns=xmlNewNs(root_node,
171 BAD_CAST "http://www.ebics.org/H004",
172 NULL);
173 assert(ns);
174 ns=xmlNewNs(root_node,
175 BAD_CAST "http://www.w3.org/2000/09/xmldsig#",
176 BAD_CAST "ds");
177 assert(ns);
178 ns=xmlNewNs(root_node,
179 BAD_CAST "http://www.w3.org/2001/XMLSchema-instance",
180 BAD_CAST "xsi");
181 xmlNewNsProp(root_node,
182 ns,
183 BAD_CAST "schemaLocation", /* xsi:schemaLocation */
184 BAD_CAST "http://www.ebics.org/H004 "
185 "http://www.ebics.org/H004/ebics_keymgmt_request.xsd");
186 xmlNewProp(root_node, BAD_CAST "Version", BAD_CAST "H004");
187 xmlNewProp(root_node, BAD_CAST "Revision", BAD_CAST "1");
188
189 /* header */
190 node=xmlNewChild(root_node, NULL, BAD_CAST "header", NULL);
191 xmlNewProp(node, BAD_CAST "authenticate", BAD_CAST "true");
192 xmlNewChild(node, NULL, BAD_CAST "static", NULL);
193 xmlNewChild(node, NULL, BAD_CAST "mutable", NULL);
194
195 /* body */
196 node=xmlNewChild(root_node, NULL, BAD_CAST "body", NULL);
197
198 /* fill */
199 s=EBC_User_GetPeerId(u);
200 if (s)
201 EB_Msg_SetCharValue(msg, "header/static/HostID", s);
202 s=AB_User_GetCustomerId(u);
203 if (s)
204 EB_Msg_SetCharValue(msg, "header/static/PartnerID", s);
205 EB_Msg_SetCharValue(msg, "header/static/UserID",
206 AB_User_GetUserId(u));
207 EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderType", "HIA");
208 tbuf=GWEN_Buffer_new(0, 16, 0, 1);
209 rv=EBC_Provider_Generate_OrderId(pro, tbuf);
210 if (rv<0) {
211 DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
212 GWEN_Buffer_free(tbuf);
213 GWEN_Buffer_free(mbuf);
214 EB_Msg_free(msg);
215 return rv;
216 }
217 EB_Msg_SetCharValue(msg, "header/static/OrderDetails/OrderID",
218 GWEN_Buffer_GetStart(tbuf));
219 GWEN_Buffer_free(tbuf);
220 EB_Msg_SetCharValue(msg,
221 "header/static/OrderDetails/OrderAttribute",
222 "DZNNN");
223 EB_Msg_SetCharValue(msg, "header/static/SecurityMedium", "0200");
224 EB_Msg_SetCharValue(msg, "body/DataTransfer/OrderData",
225 GWEN_Buffer_GetStart(mbuf));
226 GWEN_Buffer_free(mbuf);
227
228 /* exchange requests */
229 rv=EBC_Dialog_ExchangeMessages(sess, msg, &mRsp);
230 if (rv<0 || rv>=300) {
231 DBG_ERROR(AQEBICS_LOGDOMAIN, "Error exchanging messages (%d)", rv);
232 EB_Msg_free(msg);
233 return rv;
234 }
235 EB_Msg_free(msg);
236
237 /* check response */
238 assert(mRsp);
239
240 /* log results */
241 EBC_Provider_LogRequestResults(pro, mRsp, NULL);
242
243 rc=EB_Msg_GetResultCode(mRsp);
244 if ((rc & 0xff0000)==0x090000 ||
245 (rc & 0xff0000)==0x060000) {
246 DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
247 EB_Msg_free(mRsp);
248 return AB_ERROR_SECURITY;
249 }
250 rc=EB_Msg_GetBodyResultCode(mRsp);
251 if (rc) {
252 if ((rc & 0xff0000)==0x090000 ||
253 (rc & 0xff0000)==0x060000) {
254 DBG_ERROR(AQEBICS_LOGDOMAIN, "Error response: (%06x)", rc);
255 EB_Msg_free(mRsp);
256 if ((rc & 0xfff00)==0x091300 ||
257 (rc & 0xfff00)==0x091200)
258 return AB_ERROR_SECURITY;
259 else
260 return GWEN_ERROR_GENERIC;
261 }
262 }
263
264 EB_Msg_free(mRsp);
265
266 /* adjust user status and flags */
267 DBG_NOTICE(AQEBICS_LOGDOMAIN, "Adjusting user flags");
268 EBC_User_AddFlags(u, EBC_USER_FLAGS_HIA);
269 if ((EBC_User_GetFlags(u) & (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
270 ==
271 (EBC_USER_FLAGS_INI | EBC_USER_FLAGS_HIA))
272 EBC_User_SetStatus(u, EBC_UserStatus_Init2);
273 else
274 EBC_User_SetStatus(u, EBC_UserStatus_Init1);
275
276 return 0;
277 }
278
279
280
281
282
283
284
285