[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [libfints] 01/01: Key filenames go into a struct.
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [libfints] 01/01: Key filenames go into a struct. |
|
Date: |
Mon, 15 Oct 2018 18:25:07 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository libfints.
commit ed3e6e38110947e263f998790d7b654fa9ccaceb
Author: Marcello Stanisci <address@hidden>
AuthorDate: Mon Oct 15 18:20:49 2018 +0200
Key filenames go into a struct.
This way the user is prevented from passing key X
in the wrong position in the key filenames array. Rather
the user must associate every filename to the corresponding
field into the appropriate structure (before init the library).
---
src/libebics.c | 38 +++---
src/libebics.h | 41 ++++--
src/test_keys/{testAuthKey.pem => testEsKey.pem} | 0
src/tests.c | 31 +++--
src/xmlmessages.c | 154 +++++++++++++++--------
src/xmlmessages.h | 23 ++--
6 files changed, 196 insertions(+), 91 deletions(-)
diff --git a/src/libebics.c b/src/libebics.c
index fdae8dc..b502898 100644
--- a/src/libebics.c
+++ b/src/libebics.c
@@ -291,7 +291,7 @@ init_keymaterial (struct EBICS_Key keyList[],
keyList[0].type = EBICS_KEY_NONE;
for (int i = 0;
- i < EBICS_KEY_MAX_ENTRIES && keyFiles[i] != NULL;
+ i < EBICS_USER_KEYS_NUMBER;
i++)
{
gnutls_x509_privkey_t privkey;
@@ -623,9 +623,10 @@ free_genex_documents (struct EBICS_genex_document
genexList[])
**/
int
EBICS_init_library (const char *key_dir,
- const char *key_files[])
+ const struct EBICS_UserKeyFiles *key_files)
{
int retv;
+ const char *keyFiles[EBICS_USER_KEYS_NUMBER];
/**
* Directory where XML templates are stored.
@@ -639,13 +640,6 @@ EBICS_init_library (const char *key_dir,
"ebicsUnsecuredRequest.xml",
"ebicsNoPubKeyDigestsRequest.xml",
NULL};
- const char *keyFilenames[EBICS_KEY_MAX_ENTRIES] = {
- "userAuthKey",
- "userEncKey",
- "userSigKey",
- "bankAuthKey",
- "bankEncKey",
- "bankSigKey"};
xmlInitParser ();
@@ -681,10 +675,14 @@ EBICS_init_library (const char *key_dir,
return EBICS_ERROR;
}
+ keyFiles[EBICS_USER_ES_KEY] = key_files->es_key;
+ keyFiles[EBICS_USER_ENC_KEY] = key_files->enc_key;
+ keyFiles[EBICS_USER_SIG_KEY] = key_files->sig_key;
+
if (EBICS_SUCCESS != init_keymaterial
(keyList,
key_dir,
- key_files))
+ keyFiles))
{
GNUNET_break (0);
return EBICS_ERROR;
@@ -797,19 +795,22 @@ EBICS_generate_message_ini
/**
* Generator of HIA messages.
*
- * @param header_args TODO
- * @param hia_args TODO
- * @return pointer to a freshly allocated document, NULL upon errors.
+ * @param header_args values for the HIA header
+ * (typically ebicsUnsecuredRequest).
+ * @param hia_args values for the HIA payload.
+ * @return pointer to a freshly allocated document,
+ * NULL upon errors.
*/
struct EBICS_genex_document *
-EBICS_generate_message_hia (struct EBICS_ARGS_build_header *header_args,
- struct EBICS_ARGS_build_content_hia *hia_args)
+EBICS_generate_message_hia
+ (struct EBICS_ARGS_build_header *header_args,
+ struct EBICS_ARGS_build_content_hia *hia_args)
{
struct EBICS_genex_document *instance;
if (NULL == (instance = get_genex_instance
- (0))) // FIXME
+ (EBICS_HIA_WRAPPER_TEMPLATE)))
{
LOG (EBICS_ERROR,
"Could not allocate genex instance\n");
@@ -819,8 +820,9 @@ EBICS_generate_message_hia (struct EBICS_ARGS_build_header
*header_args,
struct EBICS_MSG_Spec spec[] = {
- EBICS_MSG_op_subcommand (EBICS_build_header_ebicsUnsecuredRequest,
- header_args),
+ EBICS_MSG_op_subcommand
+ (EBICS_build_header_ebicsUnsecuredRequest,
+ header_args),
EBICS_MSG_op_subcommand (EBICS_build_content_hia,
hia_args),
EBICS_MSG_op_clean (),
diff --git a/src/libebics.h b/src/libebics.h
index d24b831..cfdf4ba 100644
--- a/src/libebics.h
+++ b/src/libebics.h
@@ -32,22 +32,47 @@
#define EBICS_GENEX_MAX_ENTRIES 64
+#define EBICS_USER_KEYS_NUMBER 3
#define EBICS_KEY_MAX_ENTRIES 6
#define EBICS_KEY_MAX_NAME 128
+/**
+ * INI & HIA share the same schema.
+ */
#define EBICS_INI_WRAPPER_TEMPLATE 3
#define EBICS_INI_PAYLOAD_TEMPLATE 1
+#define EBICS_HIA_WRAPPER_TEMPLATE 3
+#define EBICS_HIA_PAYLOAD_TEMPLATE 2
+
/**
- * Those indexes point inside the keyList global object.
+ * This struct forces the system to assign the
+ * indices (in the global array of keys) to the
+ * filename used to import such key.
*/
-#define EBICS_USER_AUTH_KEY 0
-#define EBICS_USER_ENC_KEY 1
-#define EBICS_USER_SIG_KEY 2
-#define EBICS_BANK_AUTH_KEY 3
-#define EBICS_BANK_ENC_KEY 4
-#define EBICS_BANK_SIG_KEY 5
+struct EBICS_UserKeyFiles {
+
+ /**
+ * Points to the (as per EBICS terminology) "bank-technical
+ * public key". This is the key used to produce "ES", namely
+ * Electronic Signatures of payloads.
+ */
+ #define EBICS_USER_ES_KEY 0
+ char *es_key;
+
+ /**
+ * Key with which the customer will encrypt their messages.
+ */
+ #define EBICS_USER_ENC_KEY 1
+ char *enc_key;
+
+ /**
+ * Key used by the customer to identify and authenticate.
+ */
+ #define EBICS_USER_SIG_KEY 2
+ char *sig_key;
+};
/**
* Initializes Libebics. Init all the dependencies,
@@ -62,7 +87,7 @@
*/
int
EBICS_init_library (const char *key_dir,
- const char *key_files[]);
+ const struct EBICS_UserKeyFiles *key_files);
/**
diff --git a/src/test_keys/testAuthKey.pem b/src/test_keys/testEsKey.pem
similarity index 100%
rename from src/test_keys/testAuthKey.pem
rename to src/test_keys/testEsKey.pem
diff --git a/src/tests.c b/src/tests.c
index 66dea59..d21bd3b 100644
--- a/src/tests.c
+++ b/src/tests.c
@@ -41,9 +41,12 @@ struct EBICS_ARGS_build_header header_args = {
struct EBICS_ARGS_build_content_ini ini_args = {
.partnerID = "PARTNER1",
.userID = "USER0001"
- // had userAuthKey as a field.
};
+struct EBICS_ARGS_build_content_hia hia_args = {
+ .partnerID = "PARTNER1",
+ .userID = "USER0001"
+};
/**
* This test merely instantiates documents
@@ -62,15 +65,14 @@ main (int argc,
unsetenv ("XDG_DATA_HOME");
unsetenv ("XDG_CONFIG_HOME");
- const char *key_filenames[] = {
- "testAuthKey",
- "testEncKey",
- "testSigKey",
- NULL
+ struct EBICS_UserKeyFiles key_filenames = {
+ .es_key = "testEsKey",
+ .enc_key = "testEncKey",
+ .sig_key = "testSigKey",
};
if (EBICS_SUCCESS != EBICS_init_library (KEYS_DIR,
- key_filenames))
+ &key_filenames))
{
LOG (EBICS_LOGLEVEL_ERROR,
"Lib not init\n");
@@ -89,6 +91,21 @@ main (int argc,
"Failed to instantiate INI message\n");
return EBICS_ERROR;
}
+ GNUNET_free (msg);
+
+ /**
+ * HIA
+ */
+ if (NULL == (msg = EBICS_generate_message_hia
+ (&header_args,
+ &hia_args)))
+ {
+ LOG (EBICS_LOGLEVEL_ERROR,
+ "Failed to instantiate HIA message\n");
+ return EBICS_ERROR;
+ }
+
+
EBICS_close_library ();
return EBICS_SUCCESS;
diff --git a/src/xmlmessages.c b/src/xmlmessages.c
index 9e375a2..dc227b9 100644
--- a/src/xmlmessages.c
+++ b/src/xmlmessages.c
@@ -50,14 +50,21 @@ get_genex_instance (unsigned int type_index);
*
*/
static void
-dump_message ( struct EBICS_genex_document *document)
+dump_message (struct EBICS_genex_document *document)
{
int buffersize;
xmlChar* xmlbuf;
- xmlDocDumpFormatMemoryEnc(document->document, &xmlbuf, &buffersize, "UTF-8",
1);
- LOG (EBICS_LOGLEVEL_FATAL, "Dumping Document: %s\n%s", document->name,
xmlbuf);
- xmlFree(xmlbuf);
+ xmlDocDumpFormatMemoryEnc (document->document,
+ &xmlbuf,
+ &buffersize,
+ "UTF-8", 1);
+ LOG (EBICS_LOGLEVEL_DEBUG,
+ "Dumping Document: %s\n%s\n",
+ document->name,
+ xmlbuf);
+
+ xmlFree (xmlbuf);
}
/**
@@ -107,7 +114,7 @@ tools_get_timestamp(char *date)
* Todo
*/
static int
-util_extract_public_RSAKeyValue (gnutls_pubkey_t pubkey,
+util_extract_public_RSAKeyValue (struct EBICS_Key *key,
char **mData,
char **eData)
{
@@ -117,10 +124,14 @@ util_extract_public_RSAKeyValue (gnutls_pubkey_t pubkey,
size_t mSize;
gnutls_datum_t mod;
gnutls_datum_t exp;
+
+
+ GNUNET_assert
+ (0 != (EBICS_KEY_RSA_PUBLIC & key->type));
LOG (EBICS_LOGLEVEL_DEBUG,
"Extracting modulus and exponent from key");
- retv = gnutls_pubkey_export_rsa_raw (pubkey,
+ retv = gnutls_pubkey_export_rsa_raw (key->publickey,
&mod,
&exp);
if (GNUTLS_E_SUCCESS != retv)
@@ -179,24 +190,24 @@ EBICS_build_header_generic (void *cls,
struct EBICS_MSG_Spec header[] = {
EBICS_MSG_op_unique_choice ("//ebics:static"),
EBICS_MSG_op_set_string ("//ebics:static//ebics:HostID",
- data->hostID),
+ data->hostID),
EBICS_MSG_op_set_string ("//ebics:static//ebics:PartnerID",
- data->partnerID),
+ data->partnerID),
EBICS_MSG_op_set_string ("//ebics:static//ebics:UserID",
- data->userID),
+ data->userID),
EBICS_MSG_op_set_string ("//ebics:static//ebics:Product",
data->productName),
EBICS_MSG_op_set_string ("//ebics:static//ebics:SecurityMedium",
- "0000"),
+ "0000"),
EBICS_MSG_op_set_attribute ("//ebics:static//ebics:Product/@Language",
- data->languageCode),
+ data->languageCode),
EBICS_MSG_op_unique_choice ("//ebics:OrderDetails"),
EBICS_MSG_op_set_string ("//ebics:OrderDetails/ebics:OrderAttribute",
- sigAttribute[data->requestBankSignature]),
+ sigAttribute[data->requestBankSignature]),
EBICS_MSG_op_end ()
};
EBICS_MSG_parse_spec (header,
- document);
+ document);
}
@@ -227,7 +238,7 @@ EBICS_build_header_ebicsRequest (void *cls,
};
EBICS_MSG_parse_spec (header,
- document);
+ document);
}
@@ -246,7 +257,7 @@ EBICS_build_header_ebicsUnsecuredRequest (void *cls,
};
EBICS_MSG_parse_spec (header,
- document);
+ document);
}
void
@@ -287,12 +298,8 @@ EBICS_build_content_ini (void *cls,
data = (struct EBICS_ARGS_build_content_ini*) cls;
- GNUNET_assert
- (0 != (EBICS_KEY_RSA_PUBLIC
- & keyList[EBICS_USER_AUTH_KEY].type));
-
util_extract_public_RSAKeyValue
- (keyList[EBICS_USER_AUTH_KEY].publickey,
+ (&keyList[EBICS_USER_ES_KEY],
&exponent,
&modulus);
@@ -380,6 +387,14 @@ EBICS_build_content_ini (void *cls,
GNUNET_free (zData);
}
+
+/**
+ * Make the payload for HIA messages.
+ *
+ * @param cls closure, contains the values that
+ * make the message.
+ * @param document the final document.
+ */
void
EBICS_build_content_hia (void *cls,
struct EBICS_genex_document *document)
@@ -391,39 +406,65 @@ EBICS_build_content_hia (void *cls,
char *sigMod;
char *sigExp;
char date[DATE_STR_SIZE];
+ struct EBICS_genex_document *payload;
struct EBICS_ARGS_build_content_hia *data = (
struct EBICS_ARGS_build_content_hia*) cls;
- util_extract_public_RSAKeyValue (data->userEncKey->publickey,
- &encExp,
- &encMod);
+ util_extract_public_RSAKeyValue
+ (&keyList[EBICS_USER_ENC_KEY],
+ &encExp,
+ &encMod);
- util_extract_public_RSAKeyValue (data->userSigKey->publickey,
- &sigExp,
- &sigMod);
+ util_extract_public_RSAKeyValue
+ (&keyList[EBICS_USER_SIG_KEY],
+ &sigExp,
+ &sigMod);
- struct EBICS_MSG_Spec content[] = {
- EBICS_MSG_op_unique_choice ("//ebics:AuthenticationPubKeyInfo"),
+ struct EBICS_MSG_Spec payload_spec[] = {
+ EBICS_MSG_op_unique_choice
+ ("//ebics:AuthenticationPubKeyInfo"),
EBICS_MSG_op_del_node ("//ds:X509Data"),
- EBICS_MSG_op_set_string ("//ebics:AuthenticationVersion", "X002"),
- EBICS_MSG_op_set_string ("//ebics:AuthenticationPubKeyInfo//ds:Modulus",
sigMod),
- EBICS_MSG_op_set_string ("//ebics:AuthenticationPubKeyInfo//ds:Exponent",
sigExp),
+ EBICS_MSG_op_set_string
+ ("//ebics:AuthenticationVersion",
+ "X002"),
+ EBICS_MSG_op_set_string
+ ("//ebics:AuthenticationPubKeyInfo//ds:Modulus",
+ sigMod),
+ EBICS_MSG_op_set_string
+ ("//ebics:AuthenticationPubKeyInfo//ds:Exponent",
+ sigExp),
EBICS_MSG_op_set_string
("//ebics:AuthenticationPubKeyInfo//ebics:TimeStamp",
tools_get_timestamp (date)),
- EBICS_MSG_op_set_string ("//ebics:EncryptionVersion", "E002"),
- EBICS_MSG_op_set_string ("//ebics:EncryptionPubKeyInfo//ds:Modulus",
encMod),
- EBICS_MSG_op_set_string ("//ebics:EncryptionPubKeyInfo//ds:Exponent",
encExp),
- EBICS_MSG_op_set_string ("//ebics:EncryptionPubKeyInfo//ebics:TimeStamp",
tools_get_timestamp(date)),
- EBICS_MSG_op_set_string ("//ebics:PartnerID", data->partnerID),
- EBICS_MSG_op_set_string ("//ebics:UserID", data->userID),
+ EBICS_MSG_op_set_string
+ ("//ebics:EncryptionVersion",
+ "E002"),
+ EBICS_MSG_op_set_string
+ ("//ebics:EncryptionPubKeyInfo//ds:Modulus",
+ encMod),
+ EBICS_MSG_op_set_string
+ ("//ebics:EncryptionPubKeyInfo//ds:Exponent",
+ encExp),
+ EBICS_MSG_op_set_string
+ ("//ebics:EncryptionPubKeyInfo//ebics:TimeStamp",
+ tools_get_timestamp (date)),
+ EBICS_MSG_op_set_string
+ ("//ebics:PartnerID",
+ data->partnerID),
+ EBICS_MSG_op_set_string
+ ("//ebics:UserID",
+ data->userID),
EBICS_MSG_op_del_node ("//schema:ANY"),
EBICS_MSG_op_end ()
};
- EBICS_MSG_parse_spec (content, data->document);
- LOG (EBICS_LOGLEVEL_DEBUG, "Leaving critical");
+ payload = get_genex_instance (EBICS_HIA_PAYLOAD_TEMPLATE);
+ EBICS_MSG_parse_spec (payload_spec,
+ payload);
+
+ LOG (EBICS_LOGLEVEL_DEBUG,
+ "Leaving critical");
free (encMod);
free (encExp);
@@ -435,15 +476,24 @@ EBICS_build_content_hia (void *cls,
char *base64Content;
size_t zLen, b64Len;
int xLen;
- LOG (EBICS_LOGLEVEL_DEBUG, "DUMPING CONTENT!");
- dump_message (data->document);
- xmlDocDumpMemoryEnc (data->document->document, &iniContent, &xLen, "utf-8");
- zLen = compressBound ((size_t)xLen);
+ LOG (EBICS_LOGLEVEL_DEBUG,
+ "DUMPING CONTENT!\n");
+ dump_message (payload);
+ xmlDocDumpMemoryEnc (payload->document,
+ &iniContent,
+ &xLen,
+ "utf-8");
+
+ zLen = compressBound ((size_t) xLen);
char *zData = malloc (zLen);
- retv = compress ((unsigned char*) zData, &zLen, iniContent, xLen);
+ retv = compress ((unsigned char*) zData,
+ &zLen,
+ iniContent,
+ xLen);
+
LOG (EBICS_LOGLEVEL_INFO,
- "Size: %lu, FinalSize: %lu",
+ "Size: %lu, FinalSize: %lu\n",
(size_t) xLen,
zLen);
@@ -457,20 +507,26 @@ EBICS_build_content_hia (void *cls,
base64Content = b64Data;
LOG (EBICS_LOGLEVEL_INFO,
- "Compressed and base64ed. len: %lu, Content:\n%s",
+ "Compressed and base64ed. len: %lu, Content:\n%s\n",
b64Len,
base64Content);
struct EBICS_MSG_Spec body[] = {
- EBICS_MSG_op_set_string ("//ebics:OrderDetails/ebics:OrderType", "HIA"),
- EBICS_MSG_op_set_string
("//ebics:body//ebics:DataTransfer/ebics:OrderData", base64Content),
- EBICS_MSG_op_end()
+ EBICS_MSG_op_set_string
+ ("//ebics:OrderDetails/ebics:OrderType",
+ "HIA"),
+ EBICS_MSG_op_set_string
+ ("//ebics:body//ebics:DataTransfer/ebics:OrderData",
+ base64Content),
+
+ EBICS_MSG_op_end ()
};
EBICS_MSG_parse_spec (body,
document);
xmlFree (iniContent);
free (base64Content);
free (zData);
+ free (payload);
}
void
diff --git a/src/xmlmessages.h b/src/xmlmessages.h
index 8464442..50a9dae 100644
--- a/src/xmlmessages.h
+++ b/src/xmlmessages.h
@@ -27,19 +27,24 @@
#include <gcrypt.h>
#include <zlib.h>
-/* Struct for build_content_hia subcommand.
+/**
+ * Struct for build_content_hia subcommand. This
+ * object could be unified with its INI counterpart;
+ * just keeping around for a while.
*/
struct EBICS_ARGS_build_content_hia
{
- /* Document containing the "HIARequestOrderData" definition. */
- struct EBICS_genex_document *document;
- /* Key containing the encryption key of the user. */
- const struct EBICS_Key *userEncKey;
- /* Key containing the signature key of the user. */
- const struct EBICS_Key *userSigKey;
- /* partner id. See your banks ebics login information (probably recieved via
(snail) mail. */
+
+ /**
+ * Partner id. See your banks ebics login information
+ * (probably recieved via (snail) mail.
+ */
const char *partnerID;
- /* user id. See your banks ebics login information (probably recieved via
(snail) mail. */
+
+ /**
+ * User id. See your banks ebics login information
+ * (probably recieved via (snail) mail.
+ */
const char *userID;
};
--
To stop receiving notification emails like this one, please contact
address@hidden