gwenhywfar  4.99.8beta
ohbci.c
Go to the documentation of this file.
1 /***************************************************************************
2  begin : Mon Mar 01 2004
3  copyright : (C) 2004-2010 by Martin Preuss
4  email : martin@libchipcard.de
5 
6  ***************************************************************************
7  * Please see toplevel file COPYING for license details *
8  ***************************************************************************/
9 
10 
11 #ifdef HAVE_CONFIG_H
12 # include <config.h>
13 #endif
14 
15 /*#define DEBUG_OHBCI_MODULE*/
16 
17 
18 
19 #include "ohbci_p.h"
20 #include "i18n_l.h"
21 #include <gwenhywfar/debug.h>
22 #include <gwenhywfar/misc.h>
23 #include <gwenhywfar/padd.h>
24 #include <gwenhywfar/gui.h>
25 #include <gwenhywfar/ctfile_be.h>
26 #include <gwenhywfar/ctplugin_be.h>
27 #include <gwenhywfar/ctf_context_be.h>
28 #include <gwenhywfar/text.h> /* DEBUG */
29 #include <gwenhywfar/cryptkeysym.h>
30 #include <gwenhywfar/cryptkeyrsa.h>
31 #include <gwenhywfar/smalltresor.h>
32 
33 #include <stdlib.h>
34 #include <assert.h>
35 #include <string.h>
36 
37 #include <sys/types.h>
38 #include <sys/stat.h>
39 #include <fcntl.h>
40 #include <unistd.h>
41 #include <errno.h>
42 
43 #ifdef OS_WIN32
44 # define ftruncate chsize
45 #endif
46 
47 
48 
49 
50 GWEN_INHERIT(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI)
51 
52 
53 GWEN_PLUGIN *ct_ohbci_factory(GWEN_PLUGIN_MANAGER *pm,
54  const char *modName,
55  const char *fileName) {
56  GWEN_PLUGIN *pl;
57 
58  pl=GWEN_Crypt_TokenOHBCI_Plugin_new(pm, modName, fileName);
59  assert(pl);
60 
61  return pl;
62 }
63 
64 
65 
66 GWEN_PLUGIN *GWEN_Crypt_TokenOHBCI_Plugin_new(GWEN_PLUGIN_MANAGER *pm,
67  const char *modName,
68  const char *fileName) {
69  GWEN_PLUGIN *pl;
70 
71  pl=GWEN_Crypt_Token_Plugin_new(pm,
72  GWEN_Crypt_Token_Device_File,
73  modName,
74  fileName);
75 
76  /* set virtual functions */
77  GWEN_Crypt_Token_Plugin_SetCreateTokenFn(pl,
78  GWEN_Crypt_TokenOHBCI_Plugin_CreateToken);
79  GWEN_Crypt_Token_Plugin_SetCheckTokenFn(pl,
80  GWEN_Crypt_TokenOHBCI_Plugin_CheckToken);
81 
82  return pl;
83 }
84 
85 
86 
87 GWEN_CRYPT_TOKEN* GWENHYWFAR_CB
88 GWEN_Crypt_TokenOHBCI_Plugin_CreateToken(GWEN_PLUGIN *pl,
89  const char *name) {
90  GWEN_PLUGIN_MANAGER *pm;
91  GWEN_CRYPT_TOKEN *ct;
92 
93  assert(pl);
94 
95  pm=GWEN_Plugin_GetManager(pl);
96  assert(pm);
97 
98  ct=GWEN_Crypt_TokenOHBCI_new(pm, name);
99  assert(ct);
100 
101  return ct;
102 }
103 
104 
105 
106 int GWENHYWFAR_CB
107 GWEN_Crypt_TokenOHBCI_Plugin_CheckToken(GWEN_PLUGIN *pl,
108  GWEN_BUFFER *name) {
109  FILE *f;
110  const char *p;
111  char buffer[16];
112  int rv;
113 
114  if (GWEN_Buffer_GetUsedBytes(name)==0) {
115  DBG_ERROR(GWEN_LOGDOMAIN, "Empty name");
116  return GWEN_ERROR_BAD_NAME;
117  }
118 
119  p=GWEN_Buffer_GetStart(name);
120  if (access(p, F_OK)) {
121  DBG_ERROR(GWEN_LOGDOMAIN, "File [%s] does not exist", p);
122  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Info, "File does not exist");
123  return GWEN_ERROR_BAD_NAME;
124  }
125 
126  if (access(p, R_OK | W_OK)) {
127  DBG_ERROR(GWEN_LOGDOMAIN, "File exists but I have no writes on it");
128  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Info,
129  "File exists but I have no writes on it");
130  return GWEN_ERROR_IO;
131  }
132 
133  f=fopen(p, "rb");
134  if (!f) {
135  DBG_ERROR(GWEN_LOGDOMAIN,
136  "File exists, I have all rights but still can't open it");
137  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Notice,
138  "File exists, I have all rights but "
139  "still can't open it");
140  return GWEN_ERROR_IO;
141  }
142 
143  rv=fread(buffer, sizeof(buffer), 1, f);
144  fclose(f);
145  if (rv!=1) {
146  DBG_INFO(GWEN_LOGDOMAIN, "This seems not to be an OpenHBCI keyfile");
147  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Info,
148  "This seems not to be an OpenHBCI keyfile");
149  return GWEN_ERROR_NOT_SUPPORTED;
150  }
151 
152  if (rv!=1) {
153  DBG_INFO(GWEN_LOGDOMAIN, "This seems not to be an OpenHBCI keyfile (bad size)");
154  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Notice,
155  "This seems not to be an OpenHBCI keyfile "
156  "(bad size)");
157  return GWEN_ERROR_NOT_SUPPORTED;
158  }
159 
160  if ((unsigned char)(buffer[0])==GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM1) {
161  DBG_INFO(GWEN_LOGDOMAIN,
162  "Old OpenHBCI file detected");
163  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Notice,
164  "Old OpenHBCI file detected");
165  return 0;
166  }
167  else if ((unsigned char)(buffer[0])==GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM2) {
168  DBG_INFO(GWEN_LOGDOMAIN,
169  "OpenHBCI file (<1.6) detected");
170  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Notice,
171  "OpenHBCI file (<1.6) detected");
172  return 0;
173  }
174  else if ((unsigned char)(buffer[0])==GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM3) {
175  if ((unsigned char)(buffer[3])==GWEN_CRYPT_TOKEN_OHBCI_TAG_HEADER &&
176  strncmp(buffer+6,
177  GWEN_CRYPT_TOKEN_OHBCI_NAME,
178  strlen(GWEN_CRYPT_TOKEN_OHBCI_NAME))==0) {
179  DBG_INFO(GWEN_LOGDOMAIN,
180  "New OpenHBCI file (>=1.6) detected");
181  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Notice,
182  "New OpenHBCI file (>=1.6) detected");
183  return 0;
184  }
185  }
186 
187  DBG_INFO(GWEN_LOGDOMAIN,
188  "This seems not to be an OpenHBCI keyfile");
189  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Notice,
190  "This seems not to be an OpenHBCI keyfile");
191  return GWEN_ERROR_NOT_SUPPORTED;
192 }
193 
194 
195 
196 
197 
198 GWEN_CRYPT_TOKEN *GWEN_Crypt_TokenOHBCI_new(GWEN_PLUGIN_MANAGER *pm,
199  const char *name){
200  GWEN_CRYPT_TOKEN *ct;
201  GWEN_CRYPT_TOKEN_OHBCI *lct;
202 
203  ct=GWEN_Crypt_TokenFile_new("ohbci", name);
204 
205  GWEN_NEW_OBJECT(GWEN_CRYPT_TOKEN_OHBCI, lct);
206  GWEN_INHERIT_SETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI,
207  ct, lct,
208  GWEN_Crypt_TokenOHBCI_FreeData);
209  lct->mediumTag=GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM3;
210  lct->vminor=GWEN_CRYPT_TOKEN_OHBCI_VMINOR;
211  lct->cryptoTag=GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_BF;
212 
213  /* set virtual functions */
214  lct->openFn=GWEN_Crypt_Token_SetOpenFn(ct, GWEN_Crypt_TokenOHBCI_Open);
215  lct->closeFn=GWEN_Crypt_Token_SetCloseFn(ct, GWEN_Crypt_TokenOHBCI_Close);
216  lct->createFn=GWEN_Crypt_Token_SetCreateFn(ct, GWEN_Crypt_TokenOHBCI_Create);
217  GWEN_Crypt_Token_SetChangePinFn(ct, GWEN_Crypt_TokenOHBCI_ChangePin);
218 
219  GWEN_Crypt_TokenFile_SetReadFn(ct, GWEN_Crypt_TokenOHBCI_Read);
220  GWEN_Crypt_TokenFile_SetWriteFn(ct, GWEN_Crypt_TokenOHBCI_Write);
221 
222  return ct;
223 }
224 
225 
226 
227 void GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_FreeData(void *bp, void *p) {
228  GWEN_CRYPT_TOKEN_OHBCI *lct;
229 
230  lct=(GWEN_CRYPT_TOKEN_OHBCI*) p;
231  memset(lct->password, 0, sizeof(lct->password));
232  GWEN_FREE_OBJECT(lct);
233 }
234 
235 
236 
237 
238 int GWEN_Crypt_TokenOHBCI__EnsurePassword(GWEN_CRYPT_TOKEN *ct,
239  int trynum,
240  int confirm,
241  uint32_t gid){
242  GWEN_CRYPT_TOKEN_OHBCI *lct;
243 
244  assert(ct);
245  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
246  assert(lct);
247 
248  if (lct->passWordIsSet==0) {
249  char password[64];
250  int rv;
251  unsigned int pinLength=0;
252  uint32_t flags;
253 
254  /* create key from password */
255  memset(lct->password, 0, sizeof(lct->password));
256 
257  flags=0;
258  if (trynum)
259  flags|=GWEN_GUI_INPUT_FLAGS_RETRY;
260  if (confirm)
261  flags|=GWEN_GUI_INPUT_FLAGS_CONFIRM;
262  rv=GWEN_Crypt_Token_GetPin(ct,
263  GWEN_Crypt_PinType_Access,
264  GWEN_Crypt_PinEncoding_Ascii,
265  flags,
266  (unsigned char*)password,
267  GWEN_CRYPT_TOKEN_OHBCI_PINMINLENGTH,
268  sizeof(password)-1,
269  &pinLength,
270  gid);
271  if (rv) {
272  DBG_ERROR(GWEN_LOGDOMAIN, "Error asking for PIN, aborting (%d)", rv);
273  return rv;
274  }
275 
276  if (strlen(password)<GWEN_CRYPT_TOKEN_OHBCI_PINMINLENGTH) {
277  DBG_ERROR(GWEN_LOGDOMAIN,
278  "Your program returned a shorter PIN than instructed!");
279  return GWEN_ERROR_GENERIC;
280  }
281 
282  DBG_NOTICE(GWEN_LOGDOMAIN, "Checking...");
283  if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT) {
284  DBG_NOTICE(GWEN_LOGDOMAIN, "New OpenHBCI file detected");
285 
286  rv=GWEN_Crypt_KeyDataFromText(password,
287  (unsigned char*)lct->password,
288  24);
289  if (rv) {
290  DBG_ERROR(GWEN_LOGDOMAIN,
291  "Could not create key data from password (%d)", rv);
292  return GWEN_ERROR_GENERIC;
293  }
294  }
295  else if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_OLD) {
296  DBG_NOTICE(GWEN_LOGDOMAIN, "Old OpenHBCI file detected");
297 
298  rv=GWEN_Gui_KeyDataFromText_OpenSSL(password,
299  (unsigned char*)lct->password,
300  16);
301  if (rv) {
302  if (rv==GWEN_ERROR_NOT_IMPLEMENTED) {
303  DBG_ERROR(GWEN_LOGDOMAIN,
304  "OpenSSL-style password creation not supported with Libgcrypt!");
305  }
306  else {
307  DBG_ERROR(GWEN_LOGDOMAIN, "Could not create key data from password (%d)", rv);
308  }
309  return GWEN_ERROR_GENERIC;
310  }
311  }
312  else if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_BF) {
313  DBG_NOTICE(GWEN_LOGDOMAIN, "New OpenHBCI (1.6+) file detected");
314  /* same as above but for different key type */
315  rv=GWEN_Crypt_KeyDataFromText(password,
316  (unsigned char*)lct->password,
317  16);
318  if (rv) {
319  DBG_ERROR(GWEN_LOGDOMAIN,
320  "Could not create key data from password (%d)", rv);
321  return GWEN_ERROR_GENERIC;
322  }
323  }
324  else if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_TRESOR) {
325  DBG_NOTICE(GWEN_LOGDOMAIN, "New OpenHBCI (1.8+) file detected");
326  strncpy(lct->password, password, sizeof(lct->password)-1);
327  lct->password[sizeof(lct->password)-1]=0;
328  }
329  else {
330  DBG_ERROR(GWEN_LOGDOMAIN, "Unexpected crypto tag %d",
331  lct->cryptoTag);
332  abort();
333  }
334 
335  lct->passWordIsSet=1;
336  }
337 
338  return 0;
339 }
340 
341 
342 
343 int GWEN_Crypt_TokenOHBCI__DecryptFile(GWEN_CRYPT_TOKEN *ct,
344  GWEN_BUFFER *fbuf,
345  int trynum,
346  uint32_t gid){
347  GWEN_CRYPT_TOKEN_OHBCI *lct;
348  GWEN_CRYPT_KEY *key;
349  int err;
350  char password[64];
351  GWEN_BUFFER *rawbuf;
352  uint32_t size;
353  int rv;
354  unsigned int pinLength=0;
355 
356  assert(ct);
357  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
358  assert(lct);
359 
360  rv=GWEN_Crypt_TokenOHBCI__EnsurePassword(ct, trynum, 0, gid);
361  if (rv) {
362  DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
363  return rv;
364  }
365 
366  if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT) {
367  key=GWEN_Crypt_KeyDes3K_fromData(GWEN_Crypt_CryptMode_Cbc, 24,
368  (const uint8_t*)lct->password, 24);
369  }
370  else if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_OLD) {
371  key=GWEN_Crypt_KeyDes3K_fromData(GWEN_Crypt_CryptMode_Cbc, 16,
372  (const uint8_t*)lct->password, 16);
373  }
374  else if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_BF) {
375  key=GWEN_Crypt_KeyBlowFish_fromData(GWEN_Crypt_CryptMode_Cbc, 16,
376  (const uint8_t*)lct->password, 16);
377  }
378  else {
379  DBG_ERROR(GWEN_LOGDOMAIN, "Unknown crypt tag, should not occur");
380  abort();
381  }
382 
383  /* decrypt file */
384  DBG_INFO(GWEN_LOGDOMAIN, "Decrypting file");
385  size=GWEN_Buffer_GetUsedBytes(fbuf);
386  rawbuf=GWEN_Buffer_new(0, size, 0, 1);
387  GWEN_Buffer_Rewind(fbuf);
388  err=GWEN_Crypt_Key_Decipher(key,
389  (const uint8_t*)GWEN_Buffer_GetStart(fbuf),
390  size,
391  (uint8_t*)GWEN_Buffer_GetStart(rawbuf),
392  &size);
393  if (err) {
394  DBG_INFO_ERR(GWEN_LOGDOMAIN, err);
395  GWEN_Buffer_free(rawbuf);
396  GWEN_Crypt_Key_free(key);
397  if (pinLength)
398  GWEN_Crypt_Token_SetPinStatus(ct,
399  GWEN_Crypt_PinType_Access,
400  GWEN_Crypt_PinEncoding_Ascii,
401  (trynum
402  ?GWEN_GUI_INPUT_FLAGS_RETRY:0),
403  (unsigned char*)password,
404  pinLength,
405  0,
406  gid);
407  memset(password, 0, sizeof(password));
408  lct->passWordIsSet=0;
409  return GWEN_ERROR_BAD_PIN;
410  }
411 
412  /* advance buffer pointers since we wrote directly to the buffer */
413  GWEN_Buffer_IncrementPos(rawbuf, size);
414  GWEN_Buffer_AdjustUsedBytes(rawbuf);
415 
416  /* unpadd raw data */
417  DBG_INFO(GWEN_LOGDOMAIN, "Unpadding file");
418  if (GWEN_Padd_UnpaddWithAnsiX9_23(rawbuf)) {
419  DBG_ERROR(GWEN_LOGDOMAIN, "Could not unpadd keyfile, i.e. wrong PIN");
420  GWEN_Buffer_free(rawbuf);
421  GWEN_Crypt_Key_free(key);
422  /* TODO: Set Pin status */
423  lct->passWordIsSet=0;
424  if (pinLength)
425  GWEN_Crypt_Token_SetPinStatus(ct,
426  GWEN_Crypt_PinType_Access,
427  GWEN_Crypt_PinEncoding_Ascii,
428  (trynum?GWEN_GUI_INPUT_FLAGS_RETRY:0),
429  (unsigned char*)password,
430  pinLength,
431  0,
432  gid);
433  memset(password, 0, sizeof(password));
434  return GWEN_ERROR_BAD_PIN;
435  }
436  GWEN_Crypt_Key_free(key);
437 
438  /* parse raw data */
439  DBG_INFO(GWEN_LOGDOMAIN, "Parsing file");
440  GWEN_Buffer_Rewind(rawbuf);
441 
442  rv=GWEN_Crypt_TokenOHBCI__Decode(ct, rawbuf);
443  if (rv) {
444  DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
445  GWEN_Buffer_free(rawbuf);
446  /* Set Pin status */
447  if (pinLength)
448  GWEN_Crypt_Token_SetPinStatus(ct,
449  GWEN_Crypt_PinType_Access,
450  GWEN_Crypt_PinEncoding_Ascii,
451  (trynum
452  ?GWEN_GUI_INPUT_FLAGS_RETRY:0),
453  (unsigned char*)password,
454  pinLength,
455  0,
456  gid);
457  memset(password, 0, sizeof(password));
458  lct->passWordIsSet=0;
459  return GWEN_ERROR_BAD_PIN;
460  }
461  GWEN_Buffer_free(rawbuf);
462  /* Set Pin status */
463  if (pinLength)
464  GWEN_Crypt_Token_SetPinStatus(ct,
465  GWEN_Crypt_PinType_Access,
466  GWEN_Crypt_PinEncoding_Ascii,
467  (trynum?GWEN_GUI_INPUT_FLAGS_RETRY:0),
468  (unsigned char*)password,
469  pinLength,
470  1,
471  gid);
472  memset(password, 0, sizeof(password));
473  return 0;
474 }
475 
476 
477 
478 int GWEN_Crypt_TokenOHBCI__DecryptTresor(GWEN_CRYPT_TOKEN *ct,
479  GWEN_BUFFER *fbuf,
480  int trynum,
481  uint32_t gid){
482  GWEN_CRYPT_TOKEN_OHBCI *lct;
483  GWEN_BUFFER *rawbuf;
484  uint32_t size;
485  int rv;
486 
487  assert(ct);
488  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
489  assert(lct);
490 
491  rv=GWEN_Crypt_TokenOHBCI__EnsurePassword(ct, trynum, 0, gid);
492  if (rv) {
493  DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
494  return rv;
495  }
496 
497  size=GWEN_Buffer_GetUsedBytes(fbuf);
498  rawbuf=GWEN_Buffer_new(0, size, 0, 1);
499  GWEN_Buffer_Rewind(fbuf);
500  rv=GWEN_SmallTresor_Decrypt((const uint8_t*) GWEN_Buffer_GetStart(fbuf), size,
501  lct->password,
502  rawbuf,
503  GWEN_CRYPT_TOKEN_OHBCI_TRESOR_PWD_ITERATIONS,
504  GWEN_CRYPT_TOKEN_OHBCI_TRESOR_CRYPT_ITERATIONS);
505  if (rv<0) {
506  DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
507  GWEN_Buffer_free(rawbuf);
508  if (lct->password[0])
509  GWEN_Crypt_Token_SetPinStatus(ct,
510  GWEN_Crypt_PinType_Access,
511  GWEN_Crypt_PinEncoding_Ascii,
512  (trynum?GWEN_GUI_INPUT_FLAGS_RETRY:0),
513  (unsigned char*)lct->password,
514  strlen(lct->password),
515  0,
516  gid);
517  memset(lct->password, 0, sizeof(lct->password));
518  lct->passWordIsSet=0;
519  return GWEN_ERROR_BAD_PIN;
520  }
521 
522  /* parse raw data */
523  DBG_INFO(GWEN_LOGDOMAIN, "Parsing file");
524  GWEN_Buffer_Rewind(rawbuf);
525 
526  rv=GWEN_Crypt_TokenOHBCI__Decode(ct, rawbuf);
527  if (rv) {
528  DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
529  GWEN_Buffer_free(rawbuf);
530  /* Set Pin status */
531  if (lct->password[0])
532  GWEN_Crypt_Token_SetPinStatus(ct,
533  GWEN_Crypt_PinType_Access,
534  GWEN_Crypt_PinEncoding_Ascii,
535  (trynum?GWEN_GUI_INPUT_FLAGS_RETRY:0),
536  (unsigned char*)lct->password,
537  strlen(lct->password),
538  0,
539  gid);
540  memset(lct->password, 0, sizeof(lct->password));
541  lct->passWordIsSet=0;
542  return GWEN_ERROR_BAD_PIN;
543  }
544  GWEN_Buffer_free(rawbuf);
545  /* Set Pin status */
546  if (lct->password[0])
547  GWEN_Crypt_Token_SetPinStatus(ct,
548  GWEN_Crypt_PinType_Access,
549  GWEN_Crypt_PinEncoding_Ascii,
550  (trynum?GWEN_GUI_INPUT_FLAGS_RETRY:0),
551  (unsigned char*)lct->password,
552  strlen(lct->password),
553  1,
554  gid);
555  return 0;
556 }
557 
558 
559 
560 int GWENHYWFAR_CB
561 GWEN_Crypt_TokenOHBCI_Read(GWEN_CRYPT_TOKEN *ct, int fd, uint32_t gid){
562  GWEN_CRYPT_TOKEN_OHBCI *lct;
563  GWEN_BUFFER *rbuf;
564  GWEN_BUFFER *fbuf;
565  unsigned char c;
566  GWEN_TAG16 *tlv;
567  int i;
568 
569  assert(ct);
570  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
571  assert(lct);
572 
573  rbuf=GWEN_Buffer_new(0, 1024, 0, 1);
574  /* read file into rbuf */
575  while(1) {
576  char buffer[256];
577  int rv;
578 
579  rv=read(fd, buffer, sizeof(buffer));
580  if (rv==-1) {
581  DBG_ERROR(GWEN_LOGDOMAIN, "read: %s", strerror(errno));
582  return -1;
583  }
584  if (rv==0)
585  break;
586  GWEN_Buffer_AppendBytes(rbuf, buffer, rv);
587  }
588 
589  if (GWEN_Buffer_GetUsedBytes(rbuf)<3) {
590  DBG_ERROR(GWEN_LOGDOMAIN, "This seems not to be an OpenHBCI key file");
591  GWEN_Buffer_free(rbuf);
592  return -1;
593  }
594 
595  /* check whether this is a known OpenHBCI(2) keyfile */
596  GWEN_Buffer_Rewind(rbuf);
597  c=*GWEN_Buffer_GetStart(rbuf);
598  if (c!=GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM1 &&
599  c!=GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM2 &&
600  c!=GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM3) {
601  DBG_ERROR(GWEN_LOGDOMAIN, "This seems not to be an OpenHBCI key file");
602  GWEN_Buffer_free(rbuf);
603  return -1;
604  }
605  lct->mediumTag=c;
606  lct->cryptoTag=0;
607 
608  tlv=GWEN_Tag16_fromBuffer(rbuf, 0);
609  if (!tlv) {
610  DBG_ERROR(GWEN_LOGDOMAIN, "Bad file data");
611  GWEN_Buffer_free(rbuf);
612  return -1;
613  }
614 
615  fbuf=GWEN_Buffer_new(0, GWEN_Tag16_GetTagLength(tlv), 0, 1);
616  GWEN_Buffer_AppendBytes(fbuf,
617  GWEN_Tag16_GetTagData(tlv),
618  GWEN_Tag16_GetTagLength(tlv));
619  GWEN_Buffer_Rewind(fbuf);
620  GWEN_Buffer_free(rbuf);
621  GWEN_Tag16_free(tlv);
622  /* now fbuf contains the data from the crypt TLV */
623 
624 
625  for (i=0;;i++) {
626  int rv;
627 
628  if (i>GWEN_CRYPT_TOKEN_OHBCI_MAX_PIN_TRY) {
629  DBG_ERROR(GWEN_LOGDOMAIN,
630  "No valid PIN within %d tries, giving up", i);
631  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Critical,
632  I18N("No valid PIN (tried too often), "
633  "aborting."));
634  GWEN_Buffer_free(fbuf);
635  return GWEN_ERROR_ABORTED;
636  }
637 
638  switch(lct->mediumTag) {
639  case GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM1:
640  lct->cryptoTag=GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_OLD;
641  rv=GWEN_Crypt_TokenOHBCI__DecryptFile(ct, fbuf, i, gid);
642  break;
643  case GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM2:
644  lct->cryptoTag=GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT;
645  rv=GWEN_Crypt_TokenOHBCI__DecryptFile(ct, fbuf, i, gid);
646  break;
647  case GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM3:
648  lct->cryptoTag=0;
649  rv=GWEN_Crypt_TokenOHBCI__DecryptFile16(ct, fbuf, i, gid);
650  break;
651  default:
652  rv = GWEN_ERROR_NOT_SUPPORTED;
653  /* otherwise 'rv' might be uninitialized */
654  }
655  if (rv==0)
656  break;
657  else {
658  switch(rv) {
659  case GWEN_ERROR_USER_ABORTED:
660  DBG_INFO(GWEN_LOGDOMAIN, "Aborted by user");
661  GWEN_Buffer_free(fbuf);
662  return rv;
663  case GWEN_ERROR_BAD_PIN:
664  DBG_ERROR(GWEN_LOGDOMAIN, "Bad pin.");
665  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Critical,
666  I18N("Bad PIN, will try again"));
667  break;
668 
669  default:
670  DBG_INFO(GWEN_LOGDOMAIN, "Other error, giving up");
671  GWEN_Buffer_free(fbuf);
672  return rv;
673  }
674  }
675 
676  } /* for */
677  GWEN_Buffer_free(fbuf);
678 
679  lct->justCreated=0;
680 
681  return 0;
682 }
683 
684 
685 
686 void GWEN_Crypt_TokenOHBCI__DecodeKey(GWEN_CRYPT_TOKEN *ct,
687  GWEN_TAG16 *keyTlv,
688  GWEN_DB_NODE *dbKeys,
689  const char *keyName) {
690  GWEN_BUFFER *dbuf;
691  const char *p;
692  int size;
693  GWEN_DB_NODE *node;
694  uint32_t flags;
695  const char defaultExpo[3]={0x01, 0x00, 0x01};
696 
697  p=GWEN_Tag16_GetTagData(keyTlv);
698  size=GWEN_Tag16_GetTagLength(keyTlv);
699  if (size<2) {
700  DBG_ERROR(GWEN_LOGDOMAIN, "Tag too small to contain any subtag");
701  return;
702  }
703  /* create static buffer */
704  dbuf=GWEN_Buffer_new((char*)p, size, size, 0);
705  GWEN_Buffer_SubMode(dbuf, GWEN_BUFFER_MODE_DYNAMIC);
706 
707  node=GWEN_DB_GetGroup(dbKeys, GWEN_DB_FLAGS_DEFAULT, keyName);
708  assert(node);
709 
710  /* preset */
711  GWEN_DB_SetCharValue(node,
712  GWEN_DB_FLAGS_OVERWRITE_VARS,
713  "cryptAlgoId",
714  "rsa");
715  GWEN_DB_SetIntValue(node,
716  GWEN_DB_FLAGS_OVERWRITE_VARS,
717  "keySize",
718  96);
719  GWEN_DB_SetBinValue(node,
720  GWEN_DB_FLAGS_OVERWRITE_VARS,
721  "rsa/e",
722  defaultExpo,
723  sizeof(defaultExpo));
724  flags=0;
725  GWEN_DB_SetIntValue(node,
726  GWEN_DB_FLAGS_OVERWRITE_VARS,
727  "flags",
728  flags);
729 
730  while(GWEN_Buffer_GetBytesLeft(dbuf)) {
731  const char *pp;
732  char *p;
733  GWEN_TAG16 *tlv;
734  unsigned int l;
735 
736  tlv=GWEN_Tag16_fromBuffer(dbuf, 0);
737  if (!tlv) {
738  DBG_ERROR(GWEN_LOGDOMAIN, "Bad file (no TLV)");
739  return;
740  }
741  p=0;
742  pp=(const char*)GWEN_Tag16_GetTagData(tlv);
743  l=GWEN_Tag16_GetTagLength(tlv);
744  if (pp && l) {
745  p=(char*)malloc(l+1);
746  assert(p);
747  memmove(p, pp, l);
748  p[l]=0;
749  }
750 
751  switch(GWEN_Tag16_GetTagType(tlv)) {
752  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_ISPUBLIC:
753  /* ignore this tag, since it is buggy in OpenHBCI(2) */
754  break;
755 
756  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_ISCRYPT:
757  /* no longer supported since 1.8*/
758  break;
759 
760  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_OWNER:
761  GWEN_DB_SetCharValue(node,
762  GWEN_DB_FLAGS_OVERWRITE_VARS,
763  "keyOwner",
764  p);
765  break;
766 
767  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_VERSION:
768  assert(p);
769  GWEN_DB_SetIntValue(node,
770  GWEN_DB_FLAGS_OVERWRITE_VARS,
771  "keyVersion",
772  atoi(p));
773  break;
774 
775  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_NUMBER:
776  assert(p);
777  GWEN_DB_SetIntValue(node,
778  GWEN_DB_FLAGS_OVERWRITE_VARS,
779  "keyNumber",
780  atoi(p));
781  break;
782 
783  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_MODULUS:
784  if (p && l)
785  GWEN_DB_SetBinValue(node,
786  GWEN_DB_FLAGS_OVERWRITE_VARS,
787  "rsa/n",
788  p, l);
789  break;
790 
791  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_EXP_OLD:
792  DBG_INFO(GWEN_LOGDOMAIN,
793  "Ignoring old exponent (%d), keeping default", l);
794  break;
795 
796  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_EXP:
797  if (p && l)
798  GWEN_DB_SetBinValue(node,
799  GWEN_DB_FLAGS_OVERWRITE_VARS,
800  "rsa/e",
801  p, l);
802  break;
803 
804  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_N:
805  if (p && l)
806  GWEN_DB_SetBinValue(node,
807  GWEN_DB_FLAGS_OVERWRITE_VARS,
808  "rsa/n",
809  p, l);
810  break;
811 
812  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_P:
813  if (p && l)
814  GWEN_DB_SetBinValue(node,
815  GWEN_DB_FLAGS_OVERWRITE_VARS,
816  "rsa/p",
817  p, l);
818  break;
819 
820  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_Q:
821  if (p && l)
822  GWEN_DB_SetBinValue(node,
823  GWEN_DB_FLAGS_OVERWRITE_VARS,
824  "rsa/q",
825  p, l);
826  break;
827 
828  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_D:
829  if (p && l)
830  GWEN_DB_SetBinValue(node,
831  GWEN_DB_FLAGS_OVERWRITE_VARS,
832  "rsa/d",
833  p, l);
834  break;
835 
836  case GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_LEN:
837  if (p && l) {
838  int i;
839 
840  /* fix for some versions which stored keysize*8 */
841  i=atoi(p);
842  if (i>512)
843  i/=8;
844  GWEN_DB_SetIntValue(node,
845  GWEN_DB_FLAGS_OVERWRITE_VARS,
846  "keySize",
847  i);
848  }
849  break;
850 
851  default:
852  DBG_WARN(GWEN_LOGDOMAIN, "Unknown tag %02x", GWEN_Tag16_GetTagType(tlv));
853  break;
854  } /* switch */
855 
856  GWEN_Tag16_free(tlv);
857  free(p);
858  } /* while */
859  GWEN_Buffer_free(dbuf);
860 }
861 
862 
863 
864 int GWEN_Crypt_TokenOHBCI__Decode(GWEN_CRYPT_TOKEN *ct, GWEN_BUFFER *dbuf) {
865  GWEN_CRYPT_TOKEN_OHBCI *lct;
866  GWEN_TAG16 *tlv;
867  int rv;
868  GWEN_DB_NODE *dbKeys;
869  GWEN_DB_NODE *dbKey;
870  GWEN_CRYPT_TOKEN_CONTEXT *fct;
871  const char *peerId=0;
872  uint32_t localSignSeq=0;
873  uint32_t remoteSignSeq=0;
874 
875  assert(ct);
876  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
877  assert(lct);
878 
879  tlv=GWEN_Tag16_fromBuffer(dbuf, 0);
880  GWEN_Buffer_Rewind(dbuf);
881  if (!tlv) {
882  DBG_ERROR(GWEN_LOGDOMAIN,
883  "File doesn't contain a TLV: Either bad pin or bad file");
884  return -1;
885  }
886 
887  if (GWEN_Tag16_GetTagType(tlv)!=GWEN_CRYPT_TOKEN_OHBCI_TAG_HEADER &&
888  GWEN_Tag16_GetTagType(tlv)!=GWEN_CRYPT_TOKEN_OHBCI_TAG_VERSION_MAJOR) {
889  DBG_ERROR(GWEN_LOGDOMAIN,
890  "File doesn't start with version info or header.");
891  GWEN_Tag16_free(tlv);
892  return -1;
893  }
894  GWEN_Tag16_free(tlv);
895 
896  fct=GWEN_CTF_Context_new();
897 
898  /* now parse it */
899  dbKeys=GWEN_DB_Group_new("keys");
900  while(GWEN_Buffer_GetBytesLeft(dbuf)) {
901  int i;
902  const char *pp;
903  char *p;
904  unsigned int l;
905 
906  tlv=GWEN_Tag16_fromBuffer(dbuf, 0);
907  if (!tlv) {
908  DBG_ERROR(GWEN_LOGDOMAIN,
909  "File doesn't contain a TLV: Either bad pin or bad file");
910  GWEN_Crypt_Token_Context_free(fct);
911  return GWEN_ERROR_BAD_PIN;
912  }
913  p=0;
914  pp=(const char*)GWEN_Tag16_GetTagData(tlv);
915  l=GWEN_Tag16_GetTagLength(tlv);
916  if (pp && l) {
917  p=(char*)malloc(l+1);
918  assert(p);
919  memmove(p, pp, l);
920  p[l]=0;
921  }
922 
923  switch(GWEN_Tag16_GetTagType(tlv)) {
924  case GWEN_CRYPT_TOKEN_OHBCI_TAG_VERSION_MAJOR:
925  assert(p);
926  i=atoi(p);
927  DBG_INFO(GWEN_LOGDOMAIN, "OHBCI: Major version: %d", i);
928  if (i!=GWEN_CRYPT_TOKEN_OHBCI_VMAJOR) {
929  DBG_ERROR(GWEN_LOGDOMAIN, "Unsupported keyfile version (%d)", i);
930  GWEN_Gui_ProgressLog(0,
931  GWEN_LoggerLevel_Warning,
932  "Basically this file type is supported.\n"
933  "However, the major versions do not match,\n"
934  "so this particular version is not supported");
935  free(p);
936  GWEN_Tag16_free(tlv);
937  GWEN_Crypt_Token_Context_free(fct);
938  return -1;
939  }
940  break;
941 
942  case GWEN_CRYPT_TOKEN_OHBCI_TAG_VERSION_MINOR:
943  assert(p);
944  i=atoi(p);
945  DBG_INFO(GWEN_LOGDOMAIN, "OHBCI: Minor version: %d", i);
946  if (i>GWEN_CRYPT_TOKEN_OHBCI_VMINOR) {
947  DBG_ERROR(GWEN_LOGDOMAIN,
948  "Keyfile version is higher than mine (%d).\n",
949  i);
950  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Warning,
951  "This key file file has been created with a "
952  "newer library version.\n");
953  free(p);
954  GWEN_Tag16_free(tlv);
955  GWEN_Crypt_Token_Context_free(fct);
956  return GWEN_ERROR_NOT_SUPPORTED;
957  }
958  else if (i<GWEN_CRYPT_TOKEN_OHBCI_VMINOR) {
959  DBG_INFO(GWEN_LOGDOMAIN, "Will update this file upon unmount");
960  }
961  lct->vminor=i;
962  break;
963 
964  case GWEN_CRYPT_TOKEN_OHBCI_TAG_SEQ:
965  assert(p);
966  localSignSeq=atoi(p);
967  if (localSignSeq==0)
968  localSignSeq=1;
969  break;
970 
971  case GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_ID:
972  GWEN_Crypt_Token_Context_SetUserId(fct, p);
973  break;
974 
975  case GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_COUNTRY:
976  /* ignore */
977  break;
978 
979  case GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_CODE:
980  GWEN_Crypt_Token_Context_SetServiceId(fct, p);
981  break;
982 
983  case GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_SYSTEMID:
984  GWEN_Crypt_Token_Context_SetSystemId(fct, p);
985  break;
986 
987  case GWEN_CRYPT_TOKEN_OHBCI_TAG_SERVER_ADDR:
988  /* new in 1.4 */
989  GWEN_Crypt_Token_Context_SetAddress(fct, p);
990  break;
991 
992  case GWEN_CRYPT_TOKEN_OHBCI_TAG_SERVER_PORT:
993  /* new in 1.4 */
994  GWEN_Crypt_Token_Context_SetPort(fct, atoi(p));
995  break;
996 
997  case GWEN_CRYPT_TOKEN_OHBCI_TAG_REMOTE_SEQ:
998  /* new in 1.4 */
999  remoteSignSeq=atoi(p);
1000  break;
1001 
1002  case GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PUBSIGNKEY:
1003  case GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PRIVSIGNKEY:
1004  GWEN_Crypt_TokenOHBCI__DecodeKey(ct, tlv, dbKeys, "localSignKey");
1005  break;
1006 
1007  case GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PUBCRYPTKEY:
1008  case GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PRIVCRYPTKEY:
1009  GWEN_Crypt_TokenOHBCI__DecodeKey(ct, tlv, dbKeys, "localCryptKey");
1010  break;
1011 
1012  case GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_PUBSIGNKEY:
1013  GWEN_Crypt_TokenOHBCI__DecodeKey(ct, tlv, dbKeys, "remoteSignKey");
1014  break;
1015 
1016  case GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_PUBCRYPTKEY:
1017  GWEN_Crypt_TokenOHBCI__DecodeKey(ct, tlv, dbKeys, "remoteCryptKey");
1018  break;
1019 
1020  /* handled again since 1.8 */
1021  case GWEN_CRYPT_TOKEN_OHBCI_TAG_TEMP_PUBSIGNKEY:
1022  case GWEN_CRYPT_TOKEN_OHBCI_TAG_TEMP_PRIVSIGNKEY:
1023  GWEN_Crypt_TokenOHBCI__DecodeKey(ct, tlv, dbKeys, "tempLocalSignKey");
1024  break;
1025 
1026  case GWEN_CRYPT_TOKEN_OHBCI_TAG_TEMP_PUBCRYPTKEY:
1027  case GWEN_CRYPT_TOKEN_OHBCI_TAG_TEMP_PRIVCRYPTKEY:
1028  DBG_INFO(GWEN_LOGDOMAIN,
1029  "Ignoring temporary crypt keys");
1030  break;
1031 
1032  case GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PRIVAUTHKEY:
1033  GWEN_Crypt_TokenOHBCI__DecodeKey(ct, tlv, dbKeys, "localAuthKey");
1034  break;
1035 
1036  case GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_PUBAUTHKEY:
1037  GWEN_Crypt_TokenOHBCI__DecodeKey(ct, tlv, dbKeys, "remoteAuthKey");
1038  break;
1039 
1040  case GWEN_CRYPT_TOKEN_OHBCI_TAG_HEADER:
1041  /* ignore header here */
1042  break;
1043  default:
1044  DBG_WARN(GWEN_LOGDOMAIN, "Unknown tag %02x",
1045  GWEN_Tag16_GetTagType(tlv));
1046  break;
1047  } /* switch */
1048 
1049  GWEN_Tag16_free(tlv);
1050  free(p);
1051  } /* while */
1052 
1053 
1054  /* now check for keys */
1055  rv=0;
1056 
1057  /* local sign key */
1058  dbKey=GWEN_DB_GetGroup(dbKeys, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
1059  "localSignKey");
1060  if (dbKey) {
1061  GWEN_CRYPT_KEY *key;
1062 
1063  GWEN_DB_SetIntValue(dbKey, GWEN_DB_FLAGS_OVERWRITE_VARS,
1064  "rsa/isPublic", 0);
1065  key=GWEN_Crypt_KeyRsa_fromDb(dbKey);
1066  if (!key) {
1067  rv=-1;
1068  DBG_ERROR(GWEN_LOGDOMAIN, "Bad key format");
1069  }
1070  else {
1071  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1072  uint8_t kbuf[GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH];
1073  uint32_t klen;
1074 
1075  /* create key info */
1076  ki=GWEN_Crypt_Token_KeyInfo_new(0x0001, /* local sign key */
1077  GWEN_Crypt_Key_GetCryptAlgoId(key),
1078  GWEN_Crypt_Key_GetKeySize(key));
1079  assert(ki);
1080 
1081  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Local Sign Key"));
1082 
1083  /* get modulus */
1084  klen=sizeof(kbuf);
1085  rv=GWEN_Crypt_KeyRsa_GetModulus(key, kbuf, &klen);
1086  if (rv) {
1087  DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
1088  GWEN_Crypt_Token_KeyInfo_free(ki);
1089  GWEN_Crypt_Key_free(key);
1090  return rv;
1091  }
1092  GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);
1093 
1094  /* get exponent */
1095  klen=sizeof(kbuf);
1096  rv=GWEN_Crypt_KeyRsa_GetExponent(key, kbuf, &klen);
1097  if (rv) {
1098  DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
1099  GWEN_Crypt_Token_KeyInfo_free(ki);
1100  GWEN_Crypt_Key_free(key);
1101  return rv;
1102  }
1103  GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
1104 
1105  GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, localSignSeq);
1106  GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(key));
1107  GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(key));
1108 
1109  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1110  GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
1111  GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
1112  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1113  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1114  GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
1115  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1116  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
1117  GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
1118  GWEN_CTF_Context_SetLocalSignKeyInfo(fct, ki);
1119 
1120  /* set key */
1121  if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN){
1122  DBG_INFO(GWEN_LOGDOMAIN, "Adding mode \"direct sign\" to key");
1123  GWEN_Crypt_KeyRsa_AddFlags(key, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
1124  }
1125  GWEN_CTF_Context_SetLocalSignKey(fct, key);
1126  }
1127  }
1128  else {
1129  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1130 
1131  /* create key info */
1132  ki=GWEN_Crypt_Token_KeyInfo_new(0x0001, /* local sign key */
1133  GWEN_Crypt_CryptAlgoId_Rsa, 96);
1134  assert(ki);
1135 
1136  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Local Sign Key"));
1137  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1138  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1139  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1140  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1141  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
1142  GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
1143  GWEN_CTF_Context_SetLocalSignKeyInfo(fct, ki);
1144  }
1145 
1146  /* local crypt key */
1147  dbKey=GWEN_DB_GetGroup(dbKeys, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
1148  "localCryptKey");
1149  if (dbKey) {
1150  GWEN_CRYPT_KEY *key;
1151 
1152  GWEN_DB_SetIntValue(dbKey, GWEN_DB_FLAGS_OVERWRITE_VARS,
1153  "rsa/isPublic", 0);
1154  key=GWEN_Crypt_KeyRsa_fromDb(dbKey);
1155  if (!key) {
1156  rv=-1;
1157  DBG_ERROR(GWEN_LOGDOMAIN, "Bad key format");
1158  }
1159  else {
1160  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1161  uint8_t kbuf[GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH];
1162  uint32_t klen;
1163 
1164  /* create key info */
1165  ki=GWEN_Crypt_Token_KeyInfo_new(0x0002, /* local crypt key */
1166  GWEN_Crypt_Key_GetCryptAlgoId(key),
1167  GWEN_Crypt_Key_GetKeySize(key));
1168  assert(ki);
1169  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Local Crypt Key"));
1170 
1171  /* get modulus */
1172  klen=sizeof(kbuf);
1173  rv=GWEN_Crypt_KeyRsa_GetModulus(key, kbuf, &klen);
1174  if (rv) {
1175  DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
1176  GWEN_Crypt_Token_KeyInfo_free(ki);
1177  GWEN_Crypt_Key_free(key);
1178  return rv;
1179  }
1180  GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);
1181 
1182  /* get exponent */
1183  klen=sizeof(kbuf);
1184  rv=GWEN_Crypt_KeyRsa_GetExponent(key, kbuf, &klen);
1185  if (rv) {
1186  DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
1187  GWEN_Crypt_Token_KeyInfo_free(ki);
1188  GWEN_Crypt_Key_free(key);
1189  return rv;
1190  }
1191  GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
1192  GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(key));
1193  GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(key));
1194 
1195  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1196  GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
1197  GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
1198  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1199  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1200  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1201  GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER |
1202  GWEN_CRYPT_TOKEN_KEYFLAGS_CANDECIPHER);
1203  GWEN_CTF_Context_SetLocalCryptKeyInfo(fct, ki);
1204  /* set key */
1205  GWEN_CTF_Context_SetLocalCryptKey(fct, key);
1206  }
1207  }
1208  else {
1209  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1210 
1211  /* create key info */
1212  ki=GWEN_Crypt_Token_KeyInfo_new(0x0002, /* local crypt key */
1213  GWEN_Crypt_CryptAlgoId_Rsa, 96);
1214  assert(ki);
1215  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Local Crypt Key"));
1216  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1217  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1218  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1219  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1220  GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER |
1221  GWEN_CRYPT_TOKEN_KEYFLAGS_CANDECIPHER);
1222  GWEN_CTF_Context_SetLocalCryptKeyInfo(fct, ki);
1223  }
1224 
1225  /* remote sign key */
1226  dbKey=GWEN_DB_GetGroup(dbKeys, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
1227  "remoteSignKey");
1228  if (dbKey) {
1229  GWEN_CRYPT_KEY *key;
1230 
1231  GWEN_DB_SetIntValue(dbKey, GWEN_DB_FLAGS_OVERWRITE_VARS,
1232  "rsa/isPublic", 1);
1233  key=GWEN_Crypt_KeyRsa_fromDb(dbKey);
1234  if (!key) {
1235  rv=-1;
1236  DBG_ERROR(GWEN_LOGDOMAIN, "Bad key format");
1237  }
1238  else {
1239  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1240  uint8_t kbuf[GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH];
1241  uint32_t klen;
1242 
1243  /* create key info */
1244  ki=GWEN_Crypt_Token_KeyInfo_new(0x0003, /* remote sign key */
1245  GWEN_Crypt_Key_GetCryptAlgoId(key),
1246  GWEN_Crypt_Key_GetKeySize(key));
1247  assert(ki);
1248  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Remote Sign Key"));
1249 
1250  /* get modulus */
1251  klen=sizeof(kbuf);
1252  rv=GWEN_Crypt_KeyRsa_GetModulus(key, kbuf, &klen);
1253  if (rv) {
1254  DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
1255  GWEN_Crypt_Token_KeyInfo_free(ki);
1256  GWEN_Crypt_Key_free(key);
1257  return rv;
1258  }
1259  GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);
1260 
1261  /* get exponent */
1262  klen=sizeof(kbuf);
1263  rv=GWEN_Crypt_KeyRsa_GetExponent(key, kbuf, &klen);
1264  if (rv) {
1265  DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
1266  GWEN_Crypt_Token_KeyInfo_free(ki);
1267  GWEN_Crypt_Key_free(key);
1268  return rv;
1269  }
1270  GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
1271 
1272  GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, remoteSignSeq);
1273  GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(key));
1274  GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(key));
1275 
1276  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1277  GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
1278  GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
1279  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1280  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1281  GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
1282  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1283  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY);
1284  GWEN_CTF_Context_SetRemoteSignKeyInfo(fct, ki);
1285 
1286  /* set key */
1287  if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN)
1288  GWEN_Crypt_KeyRsa_AddFlags(key, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
1289  GWEN_CTF_Context_SetRemoteSignKey(fct, key);
1290  }
1291  }
1292  else {
1293  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1294 
1295  /* create key info */
1296  ki=GWEN_Crypt_Token_KeyInfo_new(0x0003, /* remote sign key */
1297  GWEN_Crypt_CryptAlgoId_Rsa, 96);
1298  assert(ki);
1299  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Remote Sign Key"));
1300  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1301  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1302  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1303  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1304  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY);
1305  GWEN_CTF_Context_SetRemoteSignKeyInfo(fct, ki);
1306  }
1307 
1308  /* remote crypt key */
1309  dbKey=GWEN_DB_GetGroup(dbKeys, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
1310  "remoteCryptKey");
1311  if (dbKey) {
1312  GWEN_CRYPT_KEY *key;
1313 
1314  peerId=GWEN_DB_GetCharValue(dbKey, "keyOwner", 0, NULL);
1315  if (peerId) {
1316  DBG_INFO(0, "Got Peer Id [%s]", peerId);
1317  }
1318  GWEN_DB_SetIntValue(dbKey, GWEN_DB_FLAGS_OVERWRITE_VARS,
1319  "rsa/isPublic", 1);
1320  key=GWEN_Crypt_KeyRsa_fromDb(dbKey);
1321  if (!key) {
1322  rv=-1;
1323  DBG_ERROR(GWEN_LOGDOMAIN, "Bad key format");
1324  }
1325  else {
1326  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1327  uint8_t kbuf[GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH];
1328  uint32_t klen;
1329 
1330  /* create key info */
1331  ki=GWEN_Crypt_Token_KeyInfo_new(0x0004, /* remote crypt key */
1332  GWEN_Crypt_Key_GetCryptAlgoId(key),
1333  GWEN_Crypt_Key_GetKeySize(key));
1334  assert(ki);
1335  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Remote Crypt Key"));
1336 
1337  /* get modulus */
1338  klen=sizeof(kbuf);
1339  rv=GWEN_Crypt_KeyRsa_GetModulus(key, kbuf, &klen);
1340  if (rv) {
1341  DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
1342  GWEN_Crypt_Token_KeyInfo_free(ki);
1343  GWEN_Crypt_Key_free(key);
1344  return rv;
1345  }
1346  GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);
1347 
1348  /* get exponent */
1349  klen=sizeof(kbuf);
1350  rv=GWEN_Crypt_KeyRsa_GetExponent(key, kbuf, &klen);
1351  if (rv) {
1352  DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
1353  GWEN_Crypt_Token_KeyInfo_free(ki);
1354  GWEN_Crypt_Key_free(key);
1355  return rv;
1356  }
1357  GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
1358  GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(key));
1359  GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(key));
1360  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1361  GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
1362  GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
1363  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1364  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1365  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1366  GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER);
1367  GWEN_CTF_Context_SetRemoteCryptKeyInfo(fct, ki);
1368 
1369  /* set key */
1370  GWEN_CTF_Context_SetRemoteCryptKey(fct, key);
1371  }
1372  }
1373  else {
1374  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1375 
1376  /* create key info */
1377  ki=GWEN_Crypt_Token_KeyInfo_new(0x0004, /* remote crypt key */
1378  GWEN_Crypt_CryptAlgoId_Rsa, 96);
1379  assert(ki);
1380  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Remote Crypt Key"));
1381  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1382  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1383  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1384  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1385  GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER);
1386  GWEN_CTF_Context_SetRemoteCryptKeyInfo(fct, ki);
1387  }
1388 
1389  /* local auth key */
1390  dbKey=GWEN_DB_GetGroup(dbKeys, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
1391  "localAuthKey");
1392  if (dbKey) {
1393  GWEN_CRYPT_KEY *key;
1394 
1395  GWEN_DB_SetIntValue(dbKey, GWEN_DB_FLAGS_OVERWRITE_VARS,
1396  "rsa/isPublic", 0);
1397  key=GWEN_Crypt_KeyRsa_fromDb(dbKey);
1398  if (!key) {
1399  rv=-1;
1400  DBG_ERROR(GWEN_LOGDOMAIN, "Bad key format");
1401  }
1402  else {
1403  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1404  uint8_t kbuf[GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH];
1405  uint32_t klen;
1406 
1407  /* create key info */
1408  ki=GWEN_Crypt_Token_KeyInfo_new(0x0005, /* local auth key */
1409  GWEN_Crypt_Key_GetCryptAlgoId(key),
1410  GWEN_Crypt_Key_GetKeySize(key));
1411  assert(ki);
1412  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Local Auth Key"));
1413 
1414  /* get modulus */
1415  klen=sizeof(kbuf);
1416  rv=GWEN_Crypt_KeyRsa_GetModulus(key, kbuf, &klen);
1417  if (rv) {
1418  DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
1419  GWEN_Crypt_Token_KeyInfo_free(ki);
1420  GWEN_Crypt_Key_free(key);
1421  return rv;
1422  }
1423  GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);
1424 
1425  /* get exponent */
1426  klen=sizeof(kbuf);
1427  rv=GWEN_Crypt_KeyRsa_GetExponent(key, kbuf, &klen);
1428  if (rv) {
1429  DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
1430  GWEN_Crypt_Token_KeyInfo_free(ki);
1431  GWEN_Crypt_Key_free(key);
1432  return rv;
1433  }
1434  GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
1435  GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(key));
1436  GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(key));
1437  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1438  GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
1439  GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
1440  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1441  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1442  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1443  GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN |
1444  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY);
1445  GWEN_CTF_Context_SetLocalAuthKeyInfo(fct, ki);
1446  /* set key */
1447  if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN){
1448  DBG_INFO(GWEN_LOGDOMAIN, "Adding mode \"direct sign\" to key");
1449  GWEN_Crypt_KeyRsa_AddFlags(key, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
1450  }
1451  GWEN_CTF_Context_SetLocalAuthKey(fct, key);
1452  }
1453  }
1454  else {
1455  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1456 
1457  /* create key info */
1458  ki=GWEN_Crypt_Token_KeyInfo_new(0x0005, /* local auth key */
1459  GWEN_Crypt_CryptAlgoId_Rsa, 96);
1460  assert(ki);
1461  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Local Auth Key"));
1462  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1463  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1464  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1465  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1466  GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN |
1467  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY);
1468  GWEN_CTF_Context_SetLocalAuthKeyInfo(fct, ki);
1469  }
1470 
1471  /* remote auth key */
1472  dbKey=GWEN_DB_GetGroup(dbKeys, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
1473  "remoteAuthKey");
1474  if (dbKey) {
1475  GWEN_CRYPT_KEY *key;
1476 
1477  GWEN_DB_SetIntValue(dbKey, GWEN_DB_FLAGS_OVERWRITE_VARS,
1478  "rsa/isPublic", 1);
1479  key=GWEN_Crypt_KeyRsa_fromDb(dbKey);
1480  if (!key) {
1481  rv=-1;
1482  DBG_ERROR(GWEN_LOGDOMAIN, "Bad key format");
1483  }
1484  else {
1485  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1486  uint8_t kbuf[GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH];
1487  uint32_t klen;
1488 
1489  /* create key info */
1490  ki=GWEN_Crypt_Token_KeyInfo_new(0x0006, /* remote auth key */
1491  GWEN_Crypt_Key_GetCryptAlgoId(key),
1492  GWEN_Crypt_Key_GetKeySize(key));
1493  assert(ki);
1494  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Remote Auth Key"));
1495 
1496  /* get modulus */
1497  klen=sizeof(kbuf);
1498  rv=GWEN_Crypt_KeyRsa_GetModulus(key, kbuf, &klen);
1499  if (rv) {
1500  DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
1501  GWEN_Crypt_Token_KeyInfo_free(ki);
1502  GWEN_Crypt_Key_free(key);
1503  return rv;
1504  }
1505  GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);
1506 
1507  /* get exponent */
1508  klen=sizeof(kbuf);
1509  rv=GWEN_Crypt_KeyRsa_GetExponent(key, kbuf, &klen);
1510  if (rv) {
1511  DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
1512  GWEN_Crypt_Token_KeyInfo_free(ki);
1513  GWEN_Crypt_Key_free(key);
1514  return rv;
1515  }
1516  GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
1517  GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(key));
1518  GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(key));
1519  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1520  GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
1521  GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
1522  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1523  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1524  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1525  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY);
1526  GWEN_CTF_Context_SetRemoteAuthKeyInfo(fct, ki);
1527  /* set key */
1528  if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN){
1529  DBG_INFO(GWEN_LOGDOMAIN, "Adding mode \"direct sign\" to key");
1530  GWEN_Crypt_KeyRsa_AddFlags(key, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
1531  }
1532  GWEN_CTF_Context_SetRemoteAuthKey(fct, key);
1533  }
1534  }
1535  else {
1536  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1537 
1538  /* create key info */
1539  ki=GWEN_Crypt_Token_KeyInfo_new(0x0006, /* remote auth key */
1540  GWEN_Crypt_CryptAlgoId_Rsa, 96);
1541  assert(ki);
1542  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Remote Auth Key"));
1543  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1544  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1545  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1546  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1547  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY);
1548  GWEN_CTF_Context_SetRemoteAuthKeyInfo(fct, ki);
1549  }
1550 
1551 
1552  /* temp local sign key */
1553  dbKey=GWEN_DB_GetGroup(dbKeys, GWEN_PATH_FLAGS_NAMEMUSTEXIST,
1554  "tempLocalSignKey");
1555  if (dbKey) {
1556  GWEN_CRYPT_KEY *key;
1557 
1558  GWEN_DB_SetIntValue(dbKey, GWEN_DB_FLAGS_OVERWRITE_VARS,
1559  "rsa/isPublic", 0);
1560  key=GWEN_Crypt_KeyRsa_fromDb(dbKey);
1561  if (!key) {
1562  rv=-1;
1563  DBG_ERROR(GWEN_LOGDOMAIN, "Bad key format");
1564  }
1565  else {
1566  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1567  uint8_t kbuf[GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH];
1568  uint32_t klen;
1569 
1570  /* create key info */
1571  ki=GWEN_Crypt_Token_KeyInfo_new(0x0007, /* temp local sign key */
1572  GWEN_Crypt_Key_GetCryptAlgoId(key),
1573  GWEN_Crypt_Key_GetKeySize(key));
1574  assert(ki);
1575 
1576  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Temporary Local Sign Key"));
1577 
1578  /* get modulus */
1579  klen=sizeof(kbuf);
1580  rv=GWEN_Crypt_KeyRsa_GetModulus(key, kbuf, &klen);
1581  if (rv) {
1582  DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
1583  GWEN_Crypt_Token_KeyInfo_free(ki);
1584  GWEN_Crypt_Key_free(key);
1585  return rv;
1586  }
1587  GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);
1588 
1589  /* get exponent */
1590  klen=sizeof(kbuf);
1591  rv=GWEN_Crypt_KeyRsa_GetExponent(key, kbuf, &klen);
1592  if (rv) {
1593  DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
1594  GWEN_Crypt_Token_KeyInfo_free(ki);
1595  GWEN_Crypt_Key_free(key);
1596  return rv;
1597  }
1598  GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
1599 
1600  GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(key));
1601  GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(key));
1602 
1603  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1604  GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
1605  GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
1606  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1607  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1608  GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
1609  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1610  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
1611  GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
1612  GWEN_CTF_Context_SetTempLocalSignKeyInfo(fct, ki);
1613 
1614  /* set key */
1615  if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN){
1616  DBG_INFO(GWEN_LOGDOMAIN, "Adding mode \"direct sign\" to key");
1617  GWEN_Crypt_KeyRsa_AddFlags(key, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
1618  }
1619  GWEN_CTF_Context_SetTempLocalSignKey(fct, key);
1620  }
1621  }
1622  else {
1623  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1624 
1625  /* create key info */
1626  ki=GWEN_Crypt_Token_KeyInfo_new(0x0007, /* temp local sign key */
1627  GWEN_Crypt_CryptAlgoId_Rsa, 96);
1628  assert(ki);
1629 
1630  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Temporary Local Sign Key"));
1631  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1632  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
1633  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
1634  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
1635  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
1636  GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
1637  GWEN_CTF_Context_SetTempLocalSignKeyInfo(fct, ki);
1638  }
1639 
1640 
1641  /* finalize user and file context */
1642  GWEN_Crypt_Token_Context_SetId(fct, 1); /* only one user */
1643  GWEN_Crypt_Token_Context_SetPeerId(fct, peerId); /* only one user */
1644 
1645  GWEN_Crypt_Token_Context_SetSignKeyId(fct, 0x01);
1646  GWEN_Crypt_Token_Context_SetDecipherKeyId(fct, 0x02);
1647  GWEN_Crypt_Token_Context_SetVerifyKeyId(fct, 0x03);
1648  GWEN_Crypt_Token_Context_SetEncipherKeyId(fct, 0x04);
1649  GWEN_Crypt_Token_Context_SetAuthSignKeyId(fct, 0x05);
1650  GWEN_Crypt_Token_Context_SetAuthVerifyKeyId(fct, 0x06);
1651  GWEN_Crypt_Token_Context_SetTempSignKeyId(fct, 0x07);
1652 
1653  /* clear context list, add new context */
1654  GWEN_Crypt_TokenFile_AddContext(ct, fct);
1655 
1656  GWEN_DB_Group_free(dbKeys);
1657  return rv;
1658 }
1659 
1660 
1661 
1662 int GWEN_Crypt_TokenOHBCI__DecryptFile16(GWEN_CRYPT_TOKEN *ct,
1663  GWEN_BUFFER *dbuf,
1664  int tryNum,
1665  uint32_t gid) {
1666  GWEN_CRYPT_TOKEN_OHBCI *lct;
1667  GWEN_TAG16 *tlv;
1668  int rv;
1669 
1670  assert(ct);
1671  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
1672  assert(lct);
1673 
1674  tlv=GWEN_Tag16_fromBuffer(dbuf, 0);
1675  GWEN_Buffer_Rewind(dbuf);
1676  if (!tlv) {
1677  DBG_ERROR(GWEN_LOGDOMAIN,
1678  "File doesn't contain a TLV: Either bad pin or bad file");
1679  return GWEN_ERROR_BAD_PIN;
1680  }
1681 
1682  if (GWEN_Tag16_GetTagType(tlv)!=GWEN_CRYPT_TOKEN_OHBCI_TAG_HEADER) {
1683  DBG_ERROR(GWEN_LOGDOMAIN, "File doesn't start with header tag.");
1684  GWEN_Tag16_free(tlv);
1685  return GWEN_ERROR_GENERIC;
1686  }
1687  GWEN_Tag16_free(tlv);
1688 
1689  /* now parse it */
1690  while(GWEN_Buffer_GetBytesLeft(dbuf)) {
1691  int i;
1692  const char *pp;
1693  char *p;
1694  unsigned int l;
1695 
1696  tlv=GWEN_Tag16_fromBuffer(dbuf, 0);
1697  if (!tlv) {
1698  DBG_ERROR(GWEN_LOGDOMAIN,
1699  "File doesn't contain a TLV: Either bad pin or bad file");
1700  return GWEN_ERROR_BAD_PIN;
1701  }
1702  p=0;
1703  pp=(const char*)GWEN_Tag16_GetTagData(tlv);
1704  l=GWEN_Tag16_GetTagLength(tlv);
1705  if (pp && l) {
1706  p=(char*)malloc(l+1);
1707  assert(p);
1708  memmove(p, pp, l);
1709  p[l]=0;
1710  }
1711 
1712  switch(GWEN_Tag16_GetTagType(tlv)) {
1713  case GWEN_CRYPT_TOKEN_OHBCI_TAG_HEADER:
1714  if (strcasecmp(p, GWEN_CRYPT_TOKEN_OHBCI_NAME)!=0) {
1715  DBG_ERROR(GWEN_LOGDOMAIN, "Bad header (%s)", p);
1716  free(p);
1717  GWEN_Tag16_free(tlv);
1718  return -1;
1719  }
1720  break;
1721 
1722  case GWEN_CRYPT_TOKEN_OHBCI_TAG_VERSION_MAJOR:
1723  i=atoi(p);
1724  if (i!=GWEN_CRYPT_TOKEN_OHBCI_VMAJOR) {
1725  DBG_ERROR(GWEN_LOGDOMAIN, "Unsupported keyfile version (%d)", i);
1726  GWEN_Gui_ProgressLog(0,
1727  GWEN_LoggerLevel_Warning,
1728  "Basically this file type is supported.\n"
1729  "However, the major versions do not match,\n"
1730  "so this particular version is not supported");
1731  free(p);
1732  GWEN_Tag16_free(tlv);
1733  return -1;
1734  }
1735  break;
1736 
1737  case GWEN_CRYPT_TOKEN_OHBCI_TAG_VERSION_MINOR:
1738  i=atoi(p);
1739  if (i>GWEN_CRYPT_TOKEN_OHBCI_VMINOR) {
1740  DBG_WARN(GWEN_LOGDOMAIN,
1741  "Keyfile version is higher than mine (%d).\n",
1742  i);
1743  GWEN_Gui_ProgressLog(0, GWEN_LoggerLevel_Warning,
1744  "This key file file has been created with a "
1745  "newer library version.\n");
1746  free(p);
1747  GWEN_Tag16_free(tlv);
1748  return -1;
1749  }
1750  else if (i<GWEN_CRYPT_TOKEN_OHBCI_VMINOR) {
1751  DBG_INFO(GWEN_LOGDOMAIN,
1752  "Will update this file upon unmount (%d)", i);
1753  }
1754  lct->vminor=i;
1755  break;
1756 
1757  case GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_OLD:
1758  case GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT:
1759  case GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_BF:
1760  {
1761  GWEN_BUFFER *fbuf;
1762 
1763  lct->cryptoTag=GWEN_Tag16_GetTagType(tlv);
1764  fbuf=GWEN_Buffer_new(0, GWEN_Tag16_GetTagLength(tlv), 0, 1);
1765  GWEN_Buffer_AppendBytes(fbuf,
1766  GWEN_Tag16_GetTagData(tlv),
1767  GWEN_Tag16_GetTagLength(tlv));
1768  GWEN_Buffer_Rewind(fbuf);
1769  rv=GWEN_Crypt_TokenOHBCI__DecryptFile(ct, fbuf, tryNum, gid);
1770  GWEN_Buffer_free(fbuf);
1771  if (rv) {
1772  free(p);
1773  GWEN_Tag16_free(tlv);
1774  return rv;
1775  }
1776  break;
1777  }
1778 
1779  case GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_TRESOR:
1780  {
1781  GWEN_BUFFER *fbuf;
1782 
1783  lct->cryptoTag=GWEN_Tag16_GetTagType(tlv);
1784  fbuf=GWEN_Buffer_new(0, GWEN_Tag16_GetTagLength(tlv), 0, 1);
1785  GWEN_Buffer_AppendBytes(fbuf,
1786  GWEN_Tag16_GetTagData(tlv),
1787  GWEN_Tag16_GetTagLength(tlv));
1788  GWEN_Buffer_Rewind(fbuf);
1789  rv=GWEN_Crypt_TokenOHBCI__DecryptTresor(ct, fbuf, tryNum, gid);
1790  GWEN_Buffer_free(fbuf);
1791  if (rv) {
1792  free(p);
1793  GWEN_Tag16_free(tlv);
1794  return rv;
1795  }
1796  break;
1797  }
1798 
1799  default:
1800  DBG_WARN(GWEN_LOGDOMAIN, "Unknown tag %02x",
1801  GWEN_Tag16_GetTagType(tlv));
1802  break;
1803  } /* switch */
1804 
1805  GWEN_Tag16_free(tlv);
1806  free(p);
1807  } /* while */
1808 
1809  return 0;
1810 }
1811 
1812 
1813 
1814 int GWEN_Crypt_TokenOHBCI__EncodeKey(const GWEN_CRYPT_KEY *key,
1815  GWEN_CRYPT_TOKEN_CONTEXT *fct,
1816  unsigned int tagType,
1817  int wantPublic,
1818  int isCrypt,
1819  GWEN_BUFFER *dbuf) {
1820  GWEN_DB_NODE *dbKey;
1821  int err;
1822  const void *p;
1823  unsigned int bs;
1824  char *pp;
1825  uint32_t pos;
1826  char numbuf[16];
1827 
1828  if (!key) {
1829  DBG_INFO(GWEN_LOGDOMAIN, "No key");
1830  return 0;
1831  }
1832  dbKey=GWEN_DB_Group_new("key");
1833  err=GWEN_Crypt_KeyRsa_toDb(key, dbKey, wantPublic);
1834  if (err) {
1835  DBG_ERROR_ERR(GWEN_LOGDOMAIN, err);
1836  GWEN_DB_Group_free(dbKey);
1837  return err;
1838  }
1839 
1840  GWEN_Buffer_AppendByte(dbuf, tagType & 0xff);
1841  /* remember pos to insert size later */
1842  pos=GWEN_Buffer_GetPos(dbuf);
1843  GWEN_Buffer_AppendBytes(dbuf, "00", 2);
1844 
1845  /* always write "NO" for "isPublic", since OpenHBCI always writes "NO"
1846  * due to a bug */
1847  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_ISPUBLIC,
1848  "NO",
1849  -1,
1850  dbuf);
1851  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_ISCRYPT,
1852  isCrypt?"YES":"NO",
1853  -1,
1854  dbuf);
1855 
1856  snprintf(numbuf, sizeof(numbuf), "%d", GWEN_Crypt_Key_GetKeyNumber(key));
1857  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_NUMBER,
1858  numbuf,
1859  -1,
1860  dbuf);
1861  snprintf(numbuf, sizeof(numbuf), "%d", GWEN_Crypt_Key_GetKeyVersion(key));
1862  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_VERSION,
1863  numbuf,
1864  -1,
1865  dbuf);
1866  snprintf(numbuf, sizeof(numbuf), "%d", GWEN_Crypt_Key_GetKeySize(key));
1867  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_LEN,
1868  numbuf,
1869  -1,
1870  dbuf);
1871 
1872  /* write key owner again */
1873  if (tagType==GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_PUBCRYPTKEY) {
1874  const char *s;
1875 
1876  s=GWEN_Crypt_Token_Context_GetPeerId(fct);
1877  if (s)
1878  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_OWNER,
1879  s, -1, dbuf);
1880  }
1881 
1882  p=GWEN_DB_GetBinValue(dbKey, "rsa/e", 0, 0, 0, &bs);
1883  if (p && bs)
1884  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_EXP, p, bs, dbuf);
1885 
1886  p=GWEN_DB_GetBinValue(dbKey, "rsa/n", 0, 0, 0, &bs);
1887  if (p && bs) {
1888  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_MODULUS, p, bs, dbuf);
1889  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_N, p, bs, dbuf);
1890  }
1891  else {
1892  DBG_WARN(GWEN_LOGDOMAIN, "No modulus !");
1893  }
1894 
1895  p=GWEN_DB_GetBinValue(dbKey, "rsa/p", 0, 0, 0, &bs);
1896  if (p && bs)
1897  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_P, p, bs, dbuf);
1898 
1899  p=GWEN_DB_GetBinValue(dbKey, "rsa/q", 0, 0, 0, &bs);
1900  if (p && bs)
1901  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_Q, p, bs, dbuf);
1902 
1903  p=GWEN_DB_GetBinValue(dbKey, "rsa/d", 0, 0, 0, &bs);
1904  if (p && bs)
1905  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_KEY_D, p, bs, dbuf);
1906 
1907  GWEN_DB_Group_free(dbKey);
1908  bs=(GWEN_Buffer_GetPos(dbuf)-pos)-2;
1909  pp=GWEN_Buffer_GetStart(dbuf)+pos;
1910  pp[0]=bs & 0xff;
1911  pp[1]=(bs>>8) & 0xff;
1912 
1913  return 0;
1914 }
1915 
1916 
1917 
1918 int GWEN_Crypt_TokenOHBCI_Encode(GWEN_CRYPT_TOKEN *ct, GWEN_BUFFER *dbuf) {
1919  GWEN_CRYPT_TOKEN_OHBCI *lct;
1920  char numbuf[16];
1921  const char *p;
1922  GWEN_CRYPT_TOKEN_CONTEXT *fct;
1923  GWEN_CRYPT_KEY *key;
1924  GWEN_CRYPT_TOKEN_KEYINFO *ki;
1925 
1926  assert(ct);
1927  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
1928  assert(lct);
1929 
1930  /* get the only context */
1931  fct=GWEN_Crypt_TokenFile_GetContext(ct, 0);
1932  if (!fct) {
1933  DBG_ERROR(GWEN_LOGDOMAIN,
1934  "Crypt token does not contain a file context");
1935  return GWEN_ERROR_INVALID;
1936  }
1937 
1938  /* write header again */
1939  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_HEADER,
1940  GWEN_CRYPT_TOKEN_OHBCI_NAME,
1941  -1, dbuf);
1942 
1943  if (lct->mediumTag!=GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM3) {
1944  /* do not include version info here for ohbci files after 1.5 */
1945  snprintf(numbuf, sizeof(numbuf), "%d", GWEN_CRYPT_TOKEN_OHBCI_VMAJOR);
1946  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_VERSION_MAJOR,
1947  numbuf, -1, dbuf);
1948 
1949  snprintf(numbuf, sizeof(numbuf), "%d", GWEN_CRYPT_TOKEN_OHBCI_VMINOR);
1950  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_VERSION_MINOR,
1951  numbuf, -1, dbuf);
1952  }
1953 
1954  ki=GWEN_CTF_Context_GetLocalSignKeyInfo(fct);
1955  if (ki) {
1956  snprintf(numbuf, sizeof(numbuf), "%d", GWEN_Crypt_Token_KeyInfo_GetSignCounter(ki));
1957  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_SEQ, numbuf, -1, dbuf);
1958  }
1959  key=GWEN_CTF_Context_GetLocalSignKey(fct);
1960  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
1961  GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PUBSIGNKEY,
1962  1, 0, dbuf)) {
1963  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
1964  return -1;
1965  }
1966 
1967  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
1968  GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PRIVSIGNKEY,
1969  0, 0, dbuf)) {
1970  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
1971  return -1;
1972  }
1973 
1974  key=GWEN_CTF_Context_GetLocalCryptKey(fct);
1975  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
1976  GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PUBCRYPTKEY,
1977  1, 1, dbuf)) {
1978  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
1979  return -1;
1980  }
1981 
1982  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
1983  GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PRIVCRYPTKEY,
1984  0, 1, dbuf)) {
1985  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
1986  return -1;
1987  }
1988 
1989  p=GWEN_Crypt_Token_Context_GetUserId(fct);
1990  if (p && *p)
1991  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_ID,
1992  p, -1, dbuf);
1993 
1994  key=GWEN_CTF_Context_GetRemoteSignKey(fct);
1995  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
1996  GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_PUBSIGNKEY,
1997  1, 0, dbuf)) {
1998  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
1999  return -1;
2000  }
2001 
2002  key=GWEN_CTF_Context_GetRemoteCryptKey(fct);
2003  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
2004  GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_PUBCRYPTKEY,
2005  1, 1, dbuf)) {
2006  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
2007  return -1;
2008  }
2009 
2010  snprintf(numbuf, sizeof(numbuf), "%d", 280);
2011  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_COUNTRY,
2012  numbuf, -1, dbuf);
2013 
2014  p=GWEN_Crypt_Token_Context_GetServiceId(fct);
2015  if (p && *p)
2016  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_CODE,
2017  p, -1, dbuf);
2018 
2019  p=GWEN_Crypt_Token_Context_GetSystemId(fct);
2020  if (p && *p)
2021  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_SYSTEMID,
2022  p, -1, dbuf);
2023 
2024  /* new in 1.4 */
2025  p=GWEN_Crypt_Token_Context_GetAddress(fct);
2026  if (p && *p) {
2027  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_SERVER_ADDR,
2028  p, -1, dbuf);
2029  snprintf(numbuf, sizeof(numbuf), "%d",
2030  GWEN_Crypt_Token_Context_GetPort(fct));
2031  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_SERVER_PORT,
2032  numbuf, -1, dbuf);
2033  }
2034 
2035  /* new in 1.4 */
2036  ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(fct);
2037  if (ki) {
2038  snprintf(numbuf, sizeof(numbuf), "%d", GWEN_Crypt_Token_KeyInfo_GetSignCounter(ki));
2039  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_REMOTE_SEQ,
2040  numbuf, -1, dbuf);
2041  }
2042 
2043  /* new in 1.7 */
2044  key=GWEN_CTF_Context_GetLocalAuthKey(fct);
2045  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
2046  GWEN_CRYPT_TOKEN_OHBCI_TAG_USER_PRIVAUTHKEY,
2047  0, 0, dbuf)) {
2048  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
2049  return -1;
2050  }
2051 
2052  key=GWEN_CTF_Context_GetRemoteAuthKey(fct);
2053  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
2054  GWEN_CRYPT_TOKEN_OHBCI_TAG_INST_PUBAUTHKEY,
2055  1, 0, dbuf)) {
2056  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
2057  return -1;
2058  }
2059 
2060  /* new in 1.8 */
2061  ki=GWEN_CTF_Context_GetTempLocalSignKeyInfo(fct);
2062  key=GWEN_CTF_Context_GetTempLocalSignKey(fct);
2063  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
2064  GWEN_CRYPT_TOKEN_OHBCI_TAG_TEMP_PUBSIGNKEY,
2065  1, 0, dbuf)) {
2066  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
2067  return -1;
2068  }
2069 
2070  if (GWEN_Crypt_TokenOHBCI__EncodeKey(key, fct,
2071  GWEN_CRYPT_TOKEN_OHBCI_TAG_TEMP_PRIVSIGNKEY,
2072  0, 0, dbuf)) {
2073  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key");
2074  return -1;
2075  }
2076 
2077  return 0;
2078 }
2079 
2080 
2081 
2082 int GWENHYWFAR_CB
2083 GWEN_Crypt_TokenOHBCI_Write(GWEN_CRYPT_TOKEN *ct, int fd, int cre, uint32_t gid){
2084  GWEN_CRYPT_TOKEN_OHBCI *lct;
2085  int rv;
2086  GWEN_BUFFER *fbuf;
2087  GWEN_BUFFER *rawbuf;
2088  char *p;
2089  unsigned int bs;
2090 
2091  assert(ct);
2092  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
2093  assert(lct);
2094 
2095  if (!GWEN_Crypt_Token_GetTokenName(ct)) {
2096  DBG_ERROR(GWEN_LOGDOMAIN, "No medium name given");
2097  return -1;
2098  }
2099 
2100  /* maybe update key file */
2101  if ((GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_ALLOW_UPDATE) &&
2102  ((lct->mediumTag!=GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM3) ||
2103  (lct->cryptoTag!=GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_TRESOR))) {
2104  DBG_WARN(GWEN_LOGDOMAIN,
2105  "Updating ancient key file to new one");
2106  GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Warning,
2107  I18N("Updating ancient key file to new one"));
2108  lct->passWordIsSet=0;
2109  lct->mediumTag=GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM3;
2110  lct->cryptoTag=GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_TRESOR;
2111  }
2112 
2113  /* create raw data */
2114  rawbuf=GWEN_Buffer_new(0, 1024, 0, 1);
2115  rv=GWEN_Crypt_TokenOHBCI_Encode(ct, rawbuf);
2116  if (rv) {
2117  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode key file (%d)", rv);
2118  return -1;
2119  }
2120 
2121 #ifdef DEBUG_OHBCI_MODULE
2122  if (1) {
2123  FILE *f;
2124 
2125  f=fopen("encoded.medium", "w+b");
2126  if (f) {
2127  if (1!=fwrite(GWEN_Buffer_GetStart(rawbuf),
2128  GWEN_Buffer_GetUsedBytes(rawbuf),
2129  1, f)) {
2130  DBG_ERROR(GWEN_LOGDOMAIN, "Could not save encoded file.");
2131  }
2132  if (fclose(f)) {
2133  DBG_ERROR(GWEN_LOGDOMAIN, "Could not close encoded file.");
2134  }
2135  }
2136  else {
2137  DBG_ERROR(GWEN_LOGDOMAIN, "Could not open encoded file.");
2138  }
2139  }
2140 #endif
2141 
2142  /* create key from password */
2143  rv=GWEN_Crypt_TokenOHBCI__EnsurePassword(ct, 0, 1 /* always let user confirm new password on write */, gid);
2144  if (rv) {
2145  DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
2146  GWEN_Buffer_free(rawbuf);
2147  return rv;
2148  }
2149 
2150  if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_TRESOR) {
2151  /* encrypt file */
2152  bs=GWEN_Buffer_GetUsedBytes(rawbuf);
2153  GWEN_Buffer_Rewind(rawbuf);
2154  fbuf=GWEN_Buffer_new(0, bs+128, 0, 1);
2155  GWEN_Buffer_ReserveBytes(fbuf, 4);
2156  rv=GWEN_SmallTresor_Encrypt((const uint8_t*)GWEN_Buffer_GetStart(rawbuf), bs,
2157  lct->password,
2158  fbuf,
2159  GWEN_CRYPT_TOKEN_OHBCI_TRESOR_PWD_ITERATIONS,
2160  GWEN_CRYPT_TOKEN_OHBCI_TRESOR_CRYPT_ITERATIONS);
2161  if (rv<0) {
2162  DBG_ERROR(GWEN_LOGDOMAIN, "Could not encode keyfile");
2163  GWEN_Buffer_free(fbuf);
2164  GWEN_Buffer_free(rawbuf);
2165  return GWEN_ERROR_GENERIC;
2166  }
2167 
2168  GWEN_Buffer_free(rawbuf);
2169  }
2170  else {
2171  GWEN_CRYPT_KEY *key;
2172 
2173  if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT) {
2174  key=GWEN_Crypt_KeyDes3K_fromData(GWEN_Crypt_CryptMode_Cbc, 24,
2175  (const uint8_t*)lct->password, 24);
2176  }
2177  else if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_OLD) {
2178  key=GWEN_Crypt_KeyDes3K_fromData(GWEN_Crypt_CryptMode_Cbc, 16,
2179  (const uint8_t*)lct->password, 16);
2180  }
2181  else if (lct->cryptoTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_CRYPT_BF) {
2182  key=GWEN_Crypt_KeyBlowFish_fromData(GWEN_Crypt_CryptMode_Cbc, 16,
2183  (const uint8_t*)lct->password, 16);
2184  }
2185  else {
2186  DBG_ERROR(GWEN_LOGDOMAIN, "Unknown crypt tag, should not occur");
2187  abort();
2188  }
2189 
2190  if (!key) {
2191  DBG_ERROR(GWEN_LOGDOMAIN, "Could not create key");
2192  GWEN_Buffer_free(rawbuf);
2193  return GWEN_ERROR_GENERIC;
2194  }
2195 
2196  /* padd raw data */
2197  if (GWEN_Padd_PaddWithAnsiX9_23(rawbuf)) {
2198  DBG_ERROR(GWEN_LOGDOMAIN, "Could not padd keyfile");
2199  GWEN_Crypt_Key_free(key);
2200  GWEN_Buffer_free(rawbuf);
2201  return GWEN_ERROR_GENERIC;
2202  }
2203 
2204  /* encrypt file */
2205  bs=GWEN_Buffer_GetUsedBytes(rawbuf);
2206  GWEN_Buffer_Rewind(rawbuf);
2207  fbuf=GWEN_Buffer_new(0, bs+128, 0, 1);
2208  GWEN_Buffer_ReserveBytes(fbuf, 4);
2209  rv=GWEN_Crypt_Key_Encipher(key,
2210  (const uint8_t*)GWEN_Buffer_GetStart(rawbuf),
2211  bs,
2212  (uint8_t*)GWEN_Buffer_GetStart(fbuf),
2213  &bs);
2214  GWEN_Buffer_free(rawbuf);
2215  GWEN_Crypt_Key_free(key);
2216  if (rv) {
2217  DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
2218  GWEN_Buffer_free(fbuf);
2219  return rv;
2220  }
2221  GWEN_Buffer_IncrementPos(fbuf, bs);
2222  GWEN_Buffer_AdjustUsedBytes(fbuf);
2223  }
2224 
2225  /* insert crypto tag and make it own the content of fbuf */
2226  GWEN_Buffer_Rewind(fbuf);
2227  bs=GWEN_Buffer_GetUsedBytes(fbuf);
2228  GWEN_Buffer_InsertBytes(fbuf, "000", 3);
2229  p=GWEN_Buffer_GetStart(fbuf);
2230  p[0]=(unsigned char)(lct->cryptoTag);
2231  p[1]=(unsigned char)(bs & 0xff);
2232  p[2]=(unsigned char)((bs>>8) & 0xff);
2233 
2234  /* for new-typ media create envelope */
2235  if (lct->mediumTag==GWEN_CRYPT_TOKEN_OHBCI_TAG_MEDIUM3) {
2236  char numbuf[16];
2237  GWEN_BUFFER *dbuf;
2238 
2239  /* this is a new medium type, create envelope */
2240  dbuf=GWEN_Buffer_new(0, 2048, 0, 1);
2241  /* prepare container tag */
2242  GWEN_Buffer_AppendBytes(dbuf, "000", 3);
2243 
2244  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_HEADER,
2245  GWEN_CRYPT_TOKEN_OHBCI_NAME, -1, dbuf);
2246  snprintf(numbuf, sizeof(numbuf), "%d", GWEN_CRYPT_TOKEN_OHBCI_VMAJOR);
2247  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_VERSION_MAJOR,
2248  numbuf, -1, dbuf);
2249 
2250  snprintf(numbuf, sizeof(numbuf), "%d", GWEN_CRYPT_TOKEN_OHBCI_VMINOR);
2251  GWEN_Tag16_DirectlyToBuffer(GWEN_CRYPT_TOKEN_OHBCI_TAG_VERSION_MINOR,
2252  numbuf, -1, dbuf);
2253  /* write complete medium into new tag */
2254  GWEN_Buffer_AppendBytes(dbuf,
2255  GWEN_Buffer_GetStart(fbuf),
2256  GWEN_Buffer_GetUsedBytes(fbuf));
2257  p=GWEN_Buffer_GetStart(dbuf);
2258  bs=GWEN_Buffer_GetUsedBytes(dbuf)-3; /* subtract medium tag bytes */
2259  p[0]=(unsigned char)(lct->mediumTag);
2260  p[1]=(unsigned char)(bs & 0xff);
2261  p[2]=(unsigned char)((bs>>8) & 0xff);
2262  /* swap buffers */
2263  GWEN_Buffer_free(fbuf);
2264  fbuf=dbuf;
2265  GWEN_Buffer_Rewind(fbuf);
2266  }
2267 
2268  if (ftruncate(fd, 0)==-1) {
2269  DBG_ERROR(GWEN_LOGDOMAIN,
2270  "ftruncate(%s): %s",
2271  GWEN_Crypt_Token_GetTokenName(ct),
2272  strerror(errno));
2273  GWEN_Buffer_free(fbuf);
2274  return GWEN_ERROR_GENERIC;
2275  }
2276 
2277  p=GWEN_Buffer_GetStart(fbuf);
2278  bs=GWEN_Buffer_GetUsedBytes(fbuf);
2279  while(bs) {
2280  ssize_t rv;
2281 
2282  rv=write(fd, p, bs);
2283  if (rv==-1) {
2284  if (errno!=EINTR) {
2285  DBG_ERROR(GWEN_LOGDOMAIN,
2286  "write(%s): %s",
2287  GWEN_Crypt_Token_GetTokenName(ct),
2288  strerror(errno));
2289  GWEN_Buffer_free(fbuf);
2290  return GWEN_ERROR_GENERIC;
2291  }
2292  }
2293  else if (rv==0)
2294  break;
2295  else {
2296  p+=rv;
2297  bs-=rv;
2298  }
2299  } /* while */
2300 
2301  GWEN_Buffer_free(fbuf);
2302 
2303  lct->justCreated=0;
2304 
2305  return 0;
2306 }
2307 
2308 
2309 
2310 int GWENHYWFAR_CB
2311 GWEN_Crypt_TokenOHBCI_ChangePin(GWEN_CRYPT_TOKEN *ct,
2312  int admin,
2313  uint32_t gid) {
2314  GWEN_CRYPT_TOKEN_OHBCI *lct;
2315 
2316  assert(ct);
2317  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
2318  assert(lct);
2319 
2320  /* just reset the password so it will be asked for upon write */
2321  lct->passWordIsSet=0;
2322  memset(lct->password, 0, sizeof(lct->password));
2323 
2324  return 0;
2325 }
2326 
2327 
2328 
2329 int GWENHYWFAR_CB
2330 GWEN_Crypt_TokenOHBCI_Create(GWEN_CRYPT_TOKEN *ct, uint32_t gid){
2331  GWEN_CRYPT_TOKEN_OHBCI *lct;
2332  GWEN_CRYPT_TOKEN_CONTEXT *fct;
2333  GWEN_CRYPT_TOKEN_KEYINFO *ki;
2334  int rv;
2335 
2336  assert(ct);
2337  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
2338  assert(lct);
2339 
2340  lct->justCreated=1;
2341 
2342  fct=GWEN_CTF_Context_new();
2343 
2344  /* create user and file context */
2345  GWEN_Crypt_Token_Context_SetId(fct, 1); /* only one user */
2346  GWEN_Crypt_Token_Context_SetSignKeyId(fct, 0x01);
2347  GWEN_Crypt_Token_Context_SetDecipherKeyId(fct, 0x02);
2348  GWEN_Crypt_Token_Context_SetVerifyKeyId(fct, 0x03);
2349  GWEN_Crypt_Token_Context_SetEncipherKeyId(fct, 0x04);
2350  GWEN_Crypt_Token_Context_SetAuthSignKeyId(fct, 0x05);
2351  GWEN_Crypt_Token_Context_SetAuthVerifyKeyId(fct, 0x06);
2352 
2353  /* create key info */
2354  ki=GWEN_Crypt_Token_KeyInfo_new(0x0001, /* local sign key */
2355  GWEN_Crypt_CryptAlgoId_Rsa,
2356  96);
2357  assert(ki);
2358  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Local Sign Key"));
2359 
2360  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
2361  GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
2362  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
2363  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
2364  GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN |
2365  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
2366  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER);
2367  GWEN_CTF_Context_SetLocalSignKeyInfo(fct, ki);
2368 
2369  /* create key info */
2370  ki=GWEN_Crypt_Token_KeyInfo_new(0x0002, /* local crypt key */
2371  GWEN_Crypt_CryptAlgoId_Rsa,
2372  96);
2373  assert(ki);
2374  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Local Crypt Key"));
2375  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
2376  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
2377  GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER |
2378  GWEN_CRYPT_TOKEN_KEYFLAGS_CANDECIPHER |
2379  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
2380  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER);
2381  GWEN_CTF_Context_SetLocalCryptKeyInfo(fct, ki);
2382 
2383  /* create key info */
2384  ki=GWEN_Crypt_Token_KeyInfo_new(0x0003, /* remote sign key */
2385  GWEN_Crypt_CryptAlgoId_Rsa,
2386  96);
2387  assert(ki);
2388  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Remote Sign Key"));
2389 
2390  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
2391  GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
2392  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
2393  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
2394  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
2395  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER);
2396  GWEN_CTF_Context_SetRemoteSignKeyInfo(fct, ki);
2397 
2398  /* create key info */
2399  ki=GWEN_Crypt_Token_KeyInfo_new(0x0004, /* remote crypt key */
2400  GWEN_Crypt_CryptAlgoId_Rsa,
2401  96);
2402  assert(ki);
2403  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Remote Crypt Key"));
2404 
2405  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
2406  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
2407  GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER |
2408  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
2409  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER);
2410  GWEN_CTF_Context_SetRemoteCryptKeyInfo(fct, ki);
2411 
2412  /* create key info */
2413  ki=GWEN_Crypt_Token_KeyInfo_new(0x0005, /* local auth key */
2414  GWEN_Crypt_CryptAlgoId_Rsa,
2415  96);
2416  assert(ki);
2417  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
2418  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
2419  GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN |
2420  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
2421  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
2422  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER);
2423  GWEN_CTF_Context_SetLocalAuthKeyInfo(fct, ki);
2424  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Local Auth Key"));
2425 
2426  /* create key info */
2427  ki=GWEN_Crypt_Token_KeyInfo_new(0x0006, /* remote auth key */
2428  GWEN_Crypt_CryptAlgoId_Rsa,
2429  96);
2430  assert(ki);
2431  GWEN_Crypt_Token_KeyInfo_SetKeyDescr(ki, I18N("Remote Auth Key"));
2432 
2433  GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
2434  GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
2435  GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
2436  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
2437  GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER);
2438  GWEN_CTF_Context_SetRemoteAuthKeyInfo(fct, ki);
2439 
2440  /* add context */
2441  GWEN_Crypt_TokenFile_AddContext(ct, fct);
2442 
2443  assert(lct->createFn);
2444  rv=lct->createFn(ct, gid);
2445  if (rv) {
2446  DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
2447  return rv;
2448  }
2449 
2450  return 0;
2451 }
2452 
2453 
2454 
2455 int GWENHYWFAR_CB
2456 GWEN_Crypt_TokenOHBCI_Open(GWEN_CRYPT_TOKEN *ct, int manage, uint32_t gid){
2457  GWEN_CRYPT_TOKEN_OHBCI *lct;
2458  int rv;
2459 
2460  assert(ct);
2461  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
2462  assert(lct);
2463 
2464  assert(lct->openFn);
2465  rv=lct->openFn(ct, manage, gid);
2466  if (rv) {
2467  DBG_INFO(GWEN_LOGDOMAIN, "here");
2468  return rv;
2469  }
2470 
2471  return 0;
2472 }
2473 
2474 
2475 
2476 int GWENHYWFAR_CB
2477 GWEN_Crypt_TokenOHBCI_Close(GWEN_CRYPT_TOKEN *ct, int abandon, uint32_t gid){
2478  GWEN_CRYPT_TOKEN_OHBCI *lct;
2479  int rv;
2480 
2481  assert(ct);
2482  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_OHBCI, ct);
2483  assert(lct);
2484 
2485  assert(lct->closeFn);
2486  rv=lct->closeFn(ct, abandon, gid);
2487  if (rv) {
2488  DBG_INFO(GWEN_LOGDOMAIN, "here");
2489  return rv;
2490  }
2491 
2492  memset(lct->password, 0, sizeof(lct->password));
2493  lct->passWordIsSet=0;
2494 
2495  return 0;
2496 }
2497 
2498 
2499 
GWEN_Crypt_Token_Context_SetVerifyKeyId
void GWEN_Crypt_Token_Context_SetVerifyKeyId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, uint32_t p_src)
Definition: ct_context.c:569
GWEN_CTF_Context_GetRemoteSignKey
GWEN_CRYPT_KEY * GWEN_CTF_Context_GetRemoteSignKey(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:177
GWEN_CTF_Context_GetLocalSignKeyInfo
GWEN_CRYPT_TOKEN_KEYINFO * GWEN_CTF_Context_GetLocalSignKeyInfo(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:102
GWEN_Crypt_Token_Context_GetServiceId
const char * GWEN_Crypt_Token_Context_GetServiceId(const GWEN_CRYPT_TOKEN_CONTEXT *p_struct)
Definition: ct_context.c:503
GWEN_Buffer_GetBytesLeft
uint32_t GWEN_Buffer_GetBytesLeft(GWEN_BUFFER *bf)
Definition: buffer.c:577
GWEN_Tag16_fromBuffer
GWEN_TAG16 * GWEN_Tag16_fromBuffer(GWEN_BUFFER *mbuf, int isBerTlv)
Definition: tag16.c:82
GWEN_Crypt_TokenFile_AddContext
void GWEN_Crypt_TokenFile_AddContext(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctfile.c:370
GWEN_Crypt_Token_Context_SetServiceId
void GWEN_Crypt_Token_Context_SetServiceId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, const char *p_src)
Definition: ct_context.c:649
GWEN_CTF_Context_SetLocalSignKeyInfo
void GWEN_CTF_Context_SetLocalSignKeyInfo(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_TOKEN_KEYINFO *ki)
Definition: ctf_context.c:114
i18n_l.h
GWEN_Gui_ProgressLog
int GWEN_Gui_ProgressLog(uint32_t id, GWEN_LOGGER_LEVEL level, const char *text)
Definition: gui.c:940
GWEN_PLUGIN_MANAGER
struct GWEN_PLUGIN_MANAGER GWEN_PLUGIN_MANAGER
Definition: plugin.h:40
GWEN_Buffer_GetStart
char * GWEN_Buffer_GetStart(const GWEN_BUFFER *bf)
Definition: buffer.c:223
I18N
#define I18N(m)
Definition: error.c:42
GWEN_Crypt_TokenFile_new
GWEN_CRYPT_TOKEN * GWEN_Crypt_TokenFile_new(const char *typeName, const char *tokenName)
Definition: ctfile.c:2198
GWEN_DB_FLAGS_OVERWRITE_VARS
#define GWEN_DB_FLAGS_OVERWRITE_VARS
Definition: db.h:121
GWEN_CTF_Context_GetLocalSignKey
GWEN_CRYPT_KEY * GWEN_CTF_Context_GetLocalSignKey(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:77
GWEN_DB_NODE
struct GWEN_DB_NODE GWEN_DB_NODE
Definition: db.h:228
GWEN_PLUGIN
struct GWEN_PLUGIN GWEN_PLUGIN
Definition: plugin.h:39
GWEN_Crypt_Token_Plugin_SetCheckTokenFn
GWEN_CRYPT_TOKEN_PLUGIN_CHECKTOKEN_FN GWEN_Crypt_Token_Plugin_SetCheckTokenFn(GWEN_PLUGIN *pl, GWEN_CRYPT_TOKEN_PLUGIN_CHECKTOKEN_FN fn)
Definition: ctplugin.c:201
GWEN_DB_Group_free
void GWEN_DB_Group_free(GWEN_DB_NODE *n)
Definition: db.c:369
GWEN_Crypt_Token_KeyInfo_free
void GWEN_Crypt_Token_KeyInfo_free(GWEN_CRYPT_TOKEN_KEYINFO *p_struct)
Definition: ct_keyinfo.c:77
GWEN_ERROR_INVALID
#define GWEN_ERROR_INVALID
Definition: error.h:67
GWEN_CTF_Context_SetLocalCryptKey
void GWEN_CTF_Context_SetLocalCryptKey(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_KEY *k)
Definition: ctf_context.c:139
GWEN_CTF_Context_GetLocalAuthKey
GWEN_CRYPT_KEY * GWEN_CTF_Context_GetLocalAuthKey(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:277
GWEN_Crypt_Token_GetModes
uint32_t GWEN_Crypt_Token_GetModes(const GWEN_CRYPT_TOKEN *ct)
Definition: ct.c:170
GWEN_Buffer_GetUsedBytes
uint32_t GWEN_Buffer_GetUsedBytes(const GWEN_BUFFER *bf)
Definition: buffer.c:266
GWEN_Crypt_Key_GetKeySize
int GWEN_Crypt_Key_GetKeySize(const GWEN_CRYPT_KEY *k)
Definition: cryptkey.c:171
GWEN_CTF_Context_SetLocalAuthKey
void GWEN_CTF_Context_SetLocalAuthKey(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_KEY *k)
Definition: ctf_context.c:289
GWEN_GUI_INPUT_FLAGS_CONFIRM
#define GWEN_GUI_INPUT_FLAGS_CONFIRM
Definition: gui.h:211
GWEN_CTF_Context_SetRemoteSignKey
void GWEN_CTF_Context_SetRemoteSignKey(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_KEY *k)
Definition: ctf_context.c:189
GWEN_Crypt_TokenOHBCI__EncodeKey
int GWEN_Crypt_TokenOHBCI__EncodeKey(const GWEN_CRYPT_KEY *key, GWEN_CRYPT_TOKEN_CONTEXT *fct, unsigned int tagType, int wantPublic, int isCrypt, GWEN_BUFFER *dbuf)
Definition: ohbci.c:1814
GWEN_Crypt_Token_Context_GetUserId
const char * GWEN_Crypt_Token_Context_GetUserId(const GWEN_CRYPT_TOKEN_CONTEXT *p_struct)
Definition: ct_context.c:509
DBG_NOTICE
#define DBG_NOTICE(dbg_logger, format, args...)
Definition: debug.h:140
GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS
#define GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS
Definition: ct_keyinfo.h:94
GWEN_Crypt_Key_free
void GWEN_Crypt_Key_free(GWEN_CRYPT_KEY *k)
Definition: cryptkey.c:148
GWEN_CTF_Context_SetLocalSignKey
void GWEN_CTF_Context_SetLocalSignKey(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_KEY *k)
Definition: ctf_context.c:89
GWEN_FREE_OBJECT
#define GWEN_FREE_OBJECT(varname)
Definition: memory.h:92
NULL
#define NULL
Definition: binreloc.c:290
GWEN_Crypt_Token_Context_GetAddress
const char * GWEN_Crypt_Token_Context_GetAddress(const GWEN_CRYPT_TOKEN_CONTEXT *p_struct)
Definition: ct_context.c:539
GWEN_Crypt_Token_Context_SetEncipherKeyId
void GWEN_Crypt_Token_Context_SetEncipherKeyId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, uint32_t p_src)
Definition: ct_context.c:575
GWEN_Crypt_Token_Context_SetSystemId
void GWEN_Crypt_Token_Context_SetSystemId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, const char *p_src)
Definition: ct_context.c:753
GWEN_CTF_Context_new
GWEN_CRYPT_TOKEN_CONTEXT * GWEN_CTF_Context_new()
Definition: ctf_context.c:30
GWEN_Crypt_Token_KeyInfo_SetModulus
void GWEN_Crypt_Token_KeyInfo_SetModulus(GWEN_CRYPT_TOKEN_KEYINFO *st, const uint8_t *p, uint32_t len)
Definition: ct_keyinfo.c:777
GWEN_Crypt_TokenOHBCI_Close
int GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_Close(GWEN_CRYPT_TOKEN *ct, int abandon, uint32_t gid)
Definition: ohbci.c:2477
GWEN_Crypt_Token_Context_GetPort
int GWEN_Crypt_Token_Context_GetPort(const GWEN_CRYPT_TOKEN_CONTEXT *p_struct)
Definition: ct_context.c:545
GWEN_CTF_Context_GetLocalCryptKey
GWEN_CRYPT_KEY * GWEN_CTF_Context_GetLocalCryptKey(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:127
GWEN_Crypt_TokenOHBCI_Create
int GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_Create(GWEN_CRYPT_TOKEN *ct, uint32_t gid)
Definition: ohbci.c:2330
GWEN_ERROR_BAD_PIN
#define GWEN_ERROR_BAD_PIN
Definition: error.h:111
GWEN_CTF_Context_SetRemoteCryptKeyInfo
void GWEN_CTF_Context_SetRemoteCryptKeyInfo(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_TOKEN_KEYINFO *ki)
Definition: ctf_context.c:264
GWEN_SmallTresor_Decrypt
int GWEN_SmallTresor_Decrypt(const uint8_t *p, uint32_t len, const char *password, GWEN_BUFFER *dst, int passwordIterations, int cryptIterations)
Definition: smalltresor.c:340
GWEN_Crypt_TokenOHBCI__Decode
int GWEN_Crypt_TokenOHBCI__Decode(GWEN_CRYPT_TOKEN *ct, GWEN_BUFFER *dbuf)
Definition: ohbci.c:864
GWEN_Crypt_Token_Context_SetAuthSignKeyId
void GWEN_Crypt_Token_Context_SetAuthSignKeyId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, uint32_t p_src)
Definition: ct_context.c:587
GWEN_Buffer_AdjustUsedBytes
int GWEN_Buffer_AdjustUsedBytes(GWEN_BUFFER *bf)
Definition: buffer.c:513
DBG_WARN
#define DBG_WARN(dbg_logger, format, args...)
Definition: debug.h:118
GWEN_Crypt_KeyDes3K_fromData
GWEN_CRYPT_KEY * GWEN_Crypt_KeyDes3K_fromData(GWEN_CRYPT_CRYPTMODE mode, int keySize, const uint8_t *kd, uint32_t kl)
Definition: cryptkeysym.c:559
GWEN_Crypt_Token_Context_GetSystemId
const char * GWEN_Crypt_Token_Context_GetSystemId(const GWEN_CRYPT_TOKEN_CONTEXT *p_struct)
Definition: ct_context.c:551
GWEN_Crypt_TokenOHBCI_ChangePin
int GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_ChangePin(GWEN_CRYPT_TOKEN *ct, int admin, uint32_t gid)
Definition: ohbci.c:2311
DBG_ERROR_ERR
#define DBG_ERROR_ERR(dbg_logger, dbg_err)
Definition: debug.h:108
GWEN_Crypt_Key_Encipher
int GWEN_Crypt_Key_Encipher(GWEN_CRYPT_KEY *k, const uint8_t *pInData, uint32_t inLen, uint8_t *pOutData, uint32_t *pOutLen)
Definition: cryptkey.c:284
GWEN_LOGDOMAIN
#define GWEN_LOGDOMAIN
Definition: logger.h:35
GWEN_Crypt_Key_GetCryptAlgoId
GWEN_CRYPT_CRYPTALGOID GWEN_Crypt_Key_GetCryptAlgoId(const GWEN_CRYPT_KEY *k)
Definition: cryptkey.c:164
GWEN_Buffer_GetPos
uint32_t GWEN_Buffer_GetPos(const GWEN_BUFFER *bf)
Definition: buffer.c:239
GWEN_TAG16
struct GWEN_TAG16 GWEN_TAG16
Definition: tag16.h:21
GWEN_Crypt_Key_GetKeyNumber
int GWEN_Crypt_Key_GetKeyNumber(const GWEN_CRYPT_KEY *k)
Definition: cryptkey.c:178
GWEN_Crypt_Token_Context_free
void GWEN_Crypt_Token_Context_free(GWEN_CRYPT_TOKEN_CONTEXT *p_struct)
Definition: ct_context.c:64
GWEN_Crypt_Token_KeyInfo_GetSignCounter
uint32_t GWEN_Crypt_Token_KeyInfo_GetSignCounter(const GWEN_CRYPT_TOKEN_KEYINFO *p_struct)
Definition: ct_keyinfo.c:287
GWEN_Crypt_TokenFile_GetContext
GWEN_CRYPT_TOKEN_CONTEXT * GWEN_Crypt_TokenFile_GetContext(GWEN_CRYPT_TOKEN *ct, int idx)
Definition: ctfile.c:384
GWEN_CTF_Context_SetRemoteCryptKey
void GWEN_CTF_Context_SetRemoteCryptKey(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_KEY *k)
Definition: ctf_context.c:239
GWEN_CTF_Context_SetRemoteAuthKeyInfo
void GWEN_CTF_Context_SetRemoteAuthKeyInfo(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_TOKEN_KEYINFO *ki)
Definition: ctf_context.c:364
GWEN_Buffer_ReserveBytes
int GWEN_Buffer_ReserveBytes(GWEN_BUFFER *bf, uint32_t res)
Definition: buffer.c:152
GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN
#define GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN
Definition: ct_keyinfo.h:102
GWEN_Crypt_TokenOHBCI__DecryptFile16
int GWEN_Crypt_TokenOHBCI__DecryptFile16(GWEN_CRYPT_TOKEN *ct, GWEN_BUFFER *dbuf, int tryNum, uint32_t gid)
Definition: ohbci.c:1662
GWEN_Buffer_new
GWEN_BUFFER * GWEN_Buffer_new(char *buffer, uint32_t size, uint32_t used, int take)
Definition: buffer.c:38
GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER
#define GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER
Definition: ct_keyinfo.h:98
GWEN_CTF_Context_GetRemoteCryptKey
GWEN_CRYPT_KEY * GWEN_CTF_Context_GetRemoteCryptKey(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:227
GWEN_Tag16_DirectlyToBuffer
void GWEN_Tag16_DirectlyToBuffer(unsigned int tagType, const char *p, int size, GWEN_BUFFER *buf)
Definition: tag16.c:205
GWEN_ERROR_IO
#define GWEN_ERROR_IO
Definition: error.h:123
GWEN_Crypt_Token_SetChangePinFn
GWEN_CRYPT_TOKEN_CHANGEPIN_FN GWEN_Crypt_Token_SetChangePinFn(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_CHANGEPIN_FN f)
Definition: ct.c:739
GWEN_Crypt_TokenOHBCI_Open
int GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_Open(GWEN_CRYPT_TOKEN *ct, int manage, uint32_t gid)
Definition: ohbci.c:2456
GWEN_Buffer_IncrementPos
int GWEN_Buffer_IncrementPos(GWEN_BUFFER *bf, uint32_t i)
Definition: buffer.c:495
GWEN_Crypt_KeyRsa_AddFlags
void GWEN_Crypt_KeyRsa_AddFlags(GWEN_CRYPT_KEY *k, uint32_t fl)
Definition: cryptkeyrsa.c:982
GWEN_Crypt_TokenOHBCI_Plugin_CreateToken
GWEN_CRYPT_TOKEN *GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_Plugin_CreateToken(GWEN_PLUGIN *pl, const char *name)
Definition: ohbci.c:88
GWEN_Crypt_TokenOHBCI_new
GWEN_CRYPT_TOKEN * GWEN_Crypt_TokenOHBCI_new(GWEN_PLUGIN_MANAGER *pm, const char *name)
Definition: ohbci.c:198
GWEN_CTF_Context_GetTempLocalSignKeyInfo
GWEN_CRYPT_TOKEN_KEYINFO * GWEN_CTF_Context_GetTempLocalSignKeyInfo(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:402
GWEN_Crypt_Token_Context_SetSignKeyId
void GWEN_Crypt_Token_Context_SetSignKeyId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, uint32_t p_src)
Definition: ct_context.c:563
GWEN_Crypt_TokenOHBCI__DecodeKey
void GWEN_Crypt_TokenOHBCI__DecodeKey(GWEN_CRYPT_TOKEN *ct, GWEN_TAG16 *keyTlv, GWEN_DB_NODE *dbKeys, const char *keyName)
Definition: ohbci.c:686
GWEN_Tag16_GetTagData
const void * GWEN_Tag16_GetTagData(const GWEN_TAG16 *tlv)
Definition: tag16.c:75
GWEN_DB_SetBinValue
int GWEN_DB_SetBinValue(GWEN_DB_NODE *n, uint32_t flags, const char *path, const void *val, unsigned int valSize)
Definition: db.c:1151
GWEN_CRYPT_TOKEN_KEYFLAGS_CANDECIPHER
#define GWEN_CRYPT_TOKEN_KEYFLAGS_CANDECIPHER
Definition: ct_keyinfo.h:105
GWEN_NEW_OBJECT
#define GWEN_NEW_OBJECT(typ, varname)
Definition: memory.h:86
GWEN_Crypt_KeyRsa_fromDb
GWEN_CRYPT_KEY * GWEN_Crypt_KeyRsa_fromDb(GWEN_DB_NODE *db)
Definition: cryptkeyrsa.c:622
GWEN_Buffer_SubMode
void GWEN_Buffer_SubMode(GWEN_BUFFER *bf, uint32_t mode)
Definition: buffer.c:201
GWENHYWFAR_CB
#define GWENHYWFAR_CB
Definition: gwenhywfarapi.h:89
GWEN_ERROR_ABORTED
#define GWEN_ERROR_ABORTED
Definition: error.h:63
GWEN_Crypt_Token_Plugin_new
GWEN_PLUGIN * GWEN_Crypt_Token_Plugin_new(GWEN_PLUGIN_MANAGER *mgr, GWEN_CRYPT_TOKEN_DEVICE devType, const char *typeName, const char *fileName)
Definition: ctplugin.c:110
GWEN_Crypt_Token_SetPinStatus
int GWEN_Crypt_Token_SetPinStatus(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_PINTYPE pt, GWEN_CRYPT_PINENCODING pe, GWEN_UNUSED uint32_t flags, const unsigned char *buffer, unsigned int pinLength, int isOk, uint32_t gid)
Definition: ct.c:900
GWEN_Crypt_Token_KeyInfo_SetKeyVersion
void GWEN_Crypt_Token_KeyInfo_SetKeyVersion(GWEN_CRYPT_TOKEN_KEYINFO *p_struct, uint32_t p_src)
Definition: ct_keyinfo.c:349
GWEN_DB_GetBinValue
const void * GWEN_DB_GetBinValue(GWEN_DB_NODE *n, const char *path, int idx, const void *defVal, unsigned int defValSize, unsigned int *returnValueSize)
Definition: db.c:1120
GWEN_Padd_PaddWithAnsiX9_23
int GWEN_Padd_PaddWithAnsiX9_23(GWEN_BUFFER *src)
Definition: padd.c:265
GWEN_ERROR_GENERIC
#define GWEN_ERROR_GENERIC
Definition: error.h:62
GWEN_CTF_Context_SetRemoteSignKeyInfo
void GWEN_CTF_Context_SetRemoteSignKeyInfo(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_TOKEN_KEYINFO *ki)
Definition: ctf_context.c:214
GWEN_Crypt_TokenOHBCI_Encode
int GWEN_Crypt_TokenOHBCI_Encode(GWEN_CRYPT_TOKEN *ct, GWEN_BUFFER *dbuf)
Definition: ohbci.c:1918
GWEN_BUFFER_MODE_DYNAMIC
#define GWEN_BUFFER_MODE_DYNAMIC
Definition: buffer.h:69
GWEN_Crypt_TokenOHBCI__DecryptTresor
int GWEN_Crypt_TokenOHBCI__DecryptTresor(GWEN_CRYPT_TOKEN *ct, GWEN_BUFFER *fbuf, int trynum, uint32_t gid)
Definition: ohbci.c:478
GWEN_CTF_Context_SetRemoteAuthKey
void GWEN_CTF_Context_SetRemoteAuthKey(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_KEY *k)
Definition: ctf_context.c:339
GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY
#define GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY
Definition: ct_keyinfo.h:103
GWEN_Buffer_AppendByte
int GWEN_Buffer_AppendByte(GWEN_BUFFER *bf, char c)
Definition: buffer.c:380
GWEN_DB_GetCharValue
const char * GWEN_DB_GetCharValue(GWEN_DB_NODE *n, const char *path, int idx, const char *defVal)
Definition: db.c:897
GWEN_Crypt_TokenFile_SetWriteFn
GWEN_CRYPT_TOKEN_FILE_WRITE_FN GWEN_Crypt_TokenFile_SetWriteFn(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_FILE_WRITE_FN f)
Definition: ctfile.c:422
GWEN_CRYPT_KEY
struct GWEN_CRYPT_KEY GWEN_CRYPT_KEY
Definition: cryptkey.h:26
GWEN_Crypt_TokenOHBCI_FreeData
void GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_FreeData(void *bp, void *p)
Definition: ohbci.c:227
GWEN_DB_GetGroup
GWEN_DB_NODE * GWEN_DB_GetGroup(GWEN_DB_NODE *n, uint32_t flags, const char *path)
Definition: db.c:1260
GWEN_ERROR_BAD_NAME
#define GWEN_ERROR_BAD_NAME
Definition: error.h:110
GWEN_Buffer_free
void GWEN_Buffer_free(GWEN_BUFFER *bf)
Definition: buffer.c:83
GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT
#define GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT
Definition: ct_keyinfo.h:95
GWEN_BUFFER
struct GWEN_BUFFER GWEN_BUFFER
A dynamically resizeable text buffer.
Definition: buffer.h:41
GWEN_Crypt_Token_Context_GetPeerId
const char * GWEN_Crypt_Token_Context_GetPeerId(const GWEN_CRYPT_TOKEN_CONTEXT *p_struct)
Definition: ct_context.c:527
GWEN_CRYPT_TOKEN
struct GWEN_CRYPT_TOKEN GWEN_CRYPT_TOKEN
Definition: ct.h:19
GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS
#define GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS
Definition: ct_keyinfo.h:96
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION
#define GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION
Definition: ct_keyinfo.h:97
GWEN_CRYPT_TOKEN_KEYINFO
struct GWEN_CRYPT_TOKEN_KEYINFO GWEN_CRYPT_TOKEN_KEYINFO
Definition: ct_keyinfo.h:121
GWEN_Gui_KeyDataFromText_OpenSSL
int GWEN_Gui_KeyDataFromText_OpenSSL(const char *text, unsigned char *buffer, unsigned int bufLength)
Definition: gui.c:1402
GWEN_CTF_Context_GetTempLocalSignKey
GWEN_CRYPT_KEY * GWEN_CTF_Context_GetTempLocalSignKey(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:377
GWEN_CTF_Context_SetTempLocalSignKey
void GWEN_CTF_Context_SetTempLocalSignKey(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_KEY *k)
Definition: ctf_context.c:389
GWEN_Crypt_Token_SetOpenFn
GWEN_CRYPT_TOKEN_OPEN_FN GWEN_Crypt_Token_SetOpenFn(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_OPEN_FN f)
Definition: ct.c:536
GWEN_Crypt_KeyDataFromText
int GWEN_Crypt_KeyDataFromText(const char *text, unsigned char *buffer, unsigned int bufLength)
Definition: cryptdefs.c:520
GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN
#define GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN
Definition: cryptkeyrsa.h:22
GWEN_Tag16_GetTagLength
unsigned int GWEN_Tag16_GetTagLength(const GWEN_TAG16 *tlv)
Definition: tag16.c:61
GWEN_CRYPT_TOKEN_CONTEXT
struct GWEN_CRYPT_TOKEN_CONTEXT GWEN_CRYPT_TOKEN_CONTEXT
Definition: ct_context.h:185
GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER
#define GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER
Definition: ct_keyinfo.h:104
GWEN_CTF_Context_SetLocalCryptKeyInfo
void GWEN_CTF_Context_SetLocalCryptKeyInfo(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_TOKEN_KEYINFO *ki)
Definition: ctf_context.c:164
GWEN_Tag16_GetTagType
unsigned int GWEN_Tag16_GetTagType(const GWEN_TAG16 *tlv)
Definition: tag16.c:54
GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER
#define GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER
Definition: ct_keyinfo.h:99
DBG_ERROR
#define DBG_ERROR(dbg_logger, format, args...)
Definition: debug.h:97
GWEN_Crypt_Token_SetCreateFn
GWEN_CRYPT_TOKEN_CREATE_FN GWEN_Crypt_Token_SetCreateFn(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_CREATE_FN f)
Definition: ct.c:550
DBG_INFO_ERR
#define DBG_INFO_ERR(dbg_logger, dbg_err)
Definition: debug.h:176
GWEN_Crypt_Token_Context_SetAddress
void GWEN_Crypt_Token_Context_SetAddress(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, const char *p_src)
Definition: ct_context.c:733
GWEN_ERROR_NOT_SUPPORTED
#define GWEN_ERROR_NOT_SUPPORTED
Definition: error.h:109
GWEN_DB_SetCharValue
int GWEN_DB_SetCharValue(GWEN_DB_NODE *n, uint32_t flags, const char *path, const char *val)
Definition: db.c:922
GWEN_Crypt_Token_GetTokenName
const char * GWEN_Crypt_Token_GetTokenName(const GWEN_CRYPT_TOKEN *ct)
Definition: ct.c:92
GWEN_GUI_INPUT_FLAGS_RETRY
#define GWEN_GUI_INPUT_FLAGS_RETRY
Definition: gui.h:217
GWEN_Crypt_Token_KeyInfo_SetExponent
void GWEN_Crypt_Token_KeyInfo_SetExponent(GWEN_CRYPT_TOKEN_KEYINFO *st, const uint8_t *p, uint32_t len)
Definition: ct_keyinfo.c:798
ct_ohbci_factory
GWEN_PLUGIN * ct_ohbci_factory(GWEN_PLUGIN_MANAGER *pm, const char *modName, const char *fileName)
Definition: ohbci.c:53
GWEN_Crypt_Token_GetPin
int GWEN_Crypt_Token_GetPin(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_PINTYPE pt, GWEN_CRYPT_PINENCODING pe, uint32_t flags, unsigned char *pwbuffer, unsigned int minLength, unsigned int maxLength, unsigned int *pinLength, uint32_t gid)
Definition: ct.c:795
GWEN_Crypt_Token_Context_SetUserId
void GWEN_Crypt_Token_Context_SetUserId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, const char *p_src)
Definition: ct_context.c:663
GWEN_Crypt_Token_Context_SetTempSignKeyId
void GWEN_Crypt_Token_Context_SetTempSignKeyId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, uint32_t p_src)
Definition: ct_context.c:599
GWEN_CTF_Context_SetTempLocalSignKeyInfo
void GWEN_CTF_Context_SetTempLocalSignKeyInfo(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_TOKEN_KEYINFO *ki)
Definition: ctf_context.c:414
DBG_INFO
#define DBG_INFO(dbg_logger, format, args...)
Definition: debug.h:164
GWEN_Crypt_KeyBlowFish_fromData
GWEN_CRYPT_KEY * GWEN_Crypt_KeyBlowFish_fromData(GWEN_CRYPT_CRYPTMODE mode, int keySize, const uint8_t *kd, uint32_t kl)
Definition: cryptkeysym.c:665
GWEN_CTF_Context_GetRemoteSignKeyInfo
GWEN_CRYPT_TOKEN_KEYINFO * GWEN_CTF_Context_GetRemoteSignKeyInfo(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:202
GWEN_Crypt_Key_GetKeyVersion
int GWEN_Crypt_Key_GetKeyVersion(const GWEN_CRYPT_KEY *k)
Definition: cryptkey.c:192
GWEN_Crypt_TokenOHBCI__DecryptFile
int GWEN_Crypt_TokenOHBCI__DecryptFile(GWEN_CRYPT_TOKEN *ct, GWEN_BUFFER *fbuf, int trynum, uint32_t gid)
Definition: ohbci.c:343
GWEN_CTF_Context_GetRemoteAuthKey
GWEN_CRYPT_KEY * GWEN_CTF_Context_GetRemoteAuthKey(const GWEN_CRYPT_TOKEN_CONTEXT *ctx)
Definition: ctf_context.c:327
GWEN_Crypt_Token_KeyInfo_SetKeyNumber
void GWEN_Crypt_Token_KeyInfo_SetKeyNumber(GWEN_CRYPT_TOKEN_KEYINFO *p_struct, uint32_t p_src)
Definition: ct_keyinfo.c:343
GWEN_Crypt_TokenOHBCI__EnsurePassword
int GWEN_Crypt_TokenOHBCI__EnsurePassword(GWEN_CRYPT_TOKEN *ct, int trynum, int confirm, uint32_t gid)
Definition: ohbci.c:238
GWEN_Crypt_Token_KeyInfo_new
GWEN_CRYPT_TOKEN_KEYINFO * GWEN_Crypt_Token_KeyInfo_new(uint32_t kid, GWEN_CRYPT_CRYPTALGOID a, int keySize)
Definition: ct_keyinfo.c:768
GWEN_Crypt_Key_Decipher
int GWEN_Crypt_Key_Decipher(GWEN_CRYPT_KEY *k, const uint8_t *pInData, uint32_t inLen, uint8_t *pOutData, uint32_t *pOutLen)
Definition: cryptkey.c:298
GWEN_Crypt_TokenOHBCI_Plugin_CheckToken
int GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_Plugin_CheckToken(GWEN_PLUGIN *pl, GWEN_BUFFER *name)
Definition: ohbci.c:107
GWEN_Crypt_Token_KeyInfo_SetSignCounter
void GWEN_Crypt_Token_KeyInfo_SetSignCounter(GWEN_CRYPT_TOKEN_KEYINFO *p_struct, uint32_t p_src)
Definition: ct_keyinfo.c:355
GWEN_Buffer_AppendBytes
int GWEN_Buffer_AppendBytes(GWEN_BUFFER *bf, const char *buffer, uint32_t size)
Definition: buffer.c:348
GWEN_Crypt_Token_SetCloseFn
GWEN_CRYPT_TOKEN_CLOSE_FN GWEN_Crypt_Token_SetCloseFn(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_CLOSE_FN f)
Definition: ct.c:565
GWEN_Crypt_TokenOHBCI_Plugin_new
GWEN_PLUGIN * GWEN_Crypt_TokenOHBCI_Plugin_new(GWEN_PLUGIN_MANAGER *pm, const char *modName, const char *fileName)
Definition: ohbci.c:66
GWEN_DB_Group_new
GWEN_DB_NODE * GWEN_DB_Group_new(const char *name)
Definition: db.c:131
GWEN_Crypt_Token_Context_SetDecipherKeyId
void GWEN_Crypt_Token_Context_SetDecipherKeyId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, uint32_t p_src)
Definition: ct_context.c:581
GWEN_Buffer_Rewind
void GWEN_Buffer_Rewind(GWEN_BUFFER *bf)
Definition: buffer.c:693
GWEN_SmallTresor_Encrypt
int GWEN_SmallTresor_Encrypt(const uint8_t *src, uint32_t slen, const char *password, GWEN_BUFFER *dst, int passwordIterations, int cryptIterations)
Definition: smalltresor.c:234
GWEN_INHERIT
#define GWEN_INHERIT(bt, t)
Definition: inherit.h:264
GWEN_Plugin_GetManager
GWEN_PLUGIN_MANAGER * GWEN_Plugin_GetManager(const GWEN_PLUGIN *p)
Definition: plugin.c:130
GWEN_DB_SetIntValue
int GWEN_DB_SetIntValue(GWEN_DB_NODE *n, uint32_t flags, const char *path, int val)
Definition: db.c:1086
GWEN_Crypt_TokenOHBCI_Read
int GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_Read(GWEN_CRYPT_TOKEN *ct, int fd, uint32_t gid)
Definition: ohbci.c:561
GWEN_Crypt_Token_Plugin_SetCreateTokenFn
GWEN_CRYPT_TOKEN_PLUGIN_CREATETOKEN_FN GWEN_Crypt_Token_Plugin_SetCreateTokenFn(GWEN_PLUGIN *pl, GWEN_CRYPT_TOKEN_PLUGIN_CREATETOKEN_FN fn)
Definition: ctplugin.c:184
GWEN_ERROR_USER_ABORTED
#define GWEN_ERROR_USER_ABORTED
Definition: error.h:65
GWEN_Buffer_InsertBytes
int GWEN_Buffer_InsertBytes(GWEN_BUFFER *bf, const char *buffer, uint32_t size)
Definition: buffer.c:912
GWEN_Crypt_Token_Context_SetId
void GWEN_Crypt_Token_Context_SetId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, uint32_t p_src)
Definition: ct_context.c:557
GWEN_INHERIT_SETDATA
#define GWEN_INHERIT_SETDATA(bt, t, element, data, fn)
Definition: inherit.h:292
GWEN_CRYPT_TOKEN_MODE_ALLOW_UPDATE
#define GWEN_CRYPT_TOKEN_MODE_ALLOW_UPDATE
Definition: ct.h:61
GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH
#define GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH
Definition: cryptkeyrsa.h:25
GWEN_Crypt_Token_KeyInfo_SetKeyDescr
void GWEN_Crypt_Token_KeyInfo_SetKeyDescr(GWEN_CRYPT_TOKEN_KEYINFO *p_struct, const char *p_src)
Definition: ct_keyinfo.c:299
GWEN_Crypt_Token_Context_SetPeerId
void GWEN_Crypt_Token_Context_SetPeerId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, const char *p_src)
Definition: ct_context.c:705
GWEN_Crypt_KeyRsa_GetExponent
int GWEN_Crypt_KeyRsa_GetExponent(const GWEN_CRYPT_KEY *k, uint8_t *buffer, uint32_t *pBufLen)
Definition: cryptkeyrsa.c:774
GWEN_Tag16_free
void GWEN_Tag16_free(GWEN_TAG16 *tlv)
Definition: tag16.c:43
GWEN_PATH_FLAGS_NAMEMUSTEXIST
#define GWEN_PATH_FLAGS_NAMEMUSTEXIST
Definition: path.h:84
GWEN_Crypt_KeyRsa_toDb
int GWEN_Crypt_KeyRsa_toDb(const GWEN_CRYPT_KEY *k, GWEN_DB_NODE *db, int pub)
Definition: cryptkeyrsa.c:689
GWEN_Crypt_TokenFile_SetReadFn
GWEN_CRYPT_TOKEN_FILE_READ_FN GWEN_Crypt_TokenFile_SetReadFn(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_FILE_READ_FN f)
Definition: ctfile.c:405
GWEN_Crypt_Token_KeyInfo_AddFlags
void GWEN_Crypt_Token_KeyInfo_AddFlags(GWEN_CRYPT_TOKEN_KEYINFO *p_struct, uint32_t p_src)
Definition: ct_keyinfo.c:319
GWEN_Crypt_KeyRsa_GetModulus
int GWEN_Crypt_KeyRsa_GetModulus(const GWEN_CRYPT_KEY *k, uint8_t *buffer, uint32_t *pBufLen)
Definition: cryptkeyrsa.c:752
GWEN_DB_FLAGS_DEFAULT
#define GWEN_DB_FLAGS_DEFAULT
Definition: db.h:168
GWEN_Padd_UnpaddWithAnsiX9_23
int GWEN_Padd_UnpaddWithAnsiX9_23(GWEN_BUFFER *src)
Definition: padd.c:271
GWEN_INHERIT_GETDATA
#define GWEN_INHERIT_GETDATA(bt, t, element)
Definition: inherit.h:271
GWEN_CTF_Context_SetLocalAuthKeyInfo
void GWEN_CTF_Context_SetLocalAuthKeyInfo(GWEN_CRYPT_TOKEN_CONTEXT *ctx, GWEN_CRYPT_TOKEN_KEYINFO *ki)
Definition: ctf_context.c:314
GWEN_Crypt_Token_Context_SetAuthVerifyKeyId
void GWEN_Crypt_Token_Context_SetAuthVerifyKeyId(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, uint32_t p_src)
Definition: ct_context.c:593
GWEN_Crypt_TokenOHBCI_Write
int GWENHYWFAR_CB GWEN_Crypt_TokenOHBCI_Write(GWEN_CRYPT_TOKEN *ct, int fd, int cre, uint32_t gid)
Definition: ohbci.c:2083
GWEN_Crypt_Token_Context_SetPort
void GWEN_Crypt_Token_Context_SetPort(GWEN_CRYPT_TOKEN_CONTEXT *p_struct, int p_src)
Definition: ct_context.c:747
GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN
#define GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN
Definition: ct.h:63
GWEN_ERROR_NOT_IMPLEMENTED
#define GWEN_ERROR_NOT_IMPLEMENTED
Definition: error.h:108
Generated by   doxygen 1.8.6