[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [libfints] branch master updated: Polishing.
From: |
gnunet |
Subject: |
[GNUnet-SVN] [libfints] branch master updated: Polishing. |
Date: |
Fri, 12 Oct 2018 12:12:21 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository libfints.
The following commit(s) were added to refs/heads/master by this push:
new 041e6a6 Polishing.
041e6a6 is described below
commit 041e6a60d2437c934aeba7ebd540dca6bf4f9155
Author: Marcello Stanisci <address@hidden>
AuthorDate: Fri Oct 12 12:12:10 2018 +0200
Polishing.
---
src/xmlmessages.c | 258 ++++++++++++++++++++++++++++++++++++------------------
1 file changed, 175 insertions(+), 83 deletions(-)
diff --git a/src/xmlmessages.c b/src/xmlmessages.c
index 02c5a65..208b8cc 100644
--- a/src/xmlmessages.c
+++ b/src/xmlmessages.c
@@ -95,33 +95,61 @@ tools_get_timestamp(char *date)
return date;
}
+
+/**
+ * Todo
+ */
static int
-util_extract_public_RSAKeyValue(gnutls_pubkey_t pubkey, char **mData, char
**eData)
+util_extract_public_RSAKeyValue (gnutls_pubkey_t pubkey,
+ char **mData,
+ char **eData)
{
- LOG (EBICS_LOGLEVEL_DEBUG,"Extracting modulus and exponent from key");
+
+ int retv;
+ size_t eSize;
+ size_t mSize;
gnutls_datum_t mod;
gnutls_datum_t exp;
- int retv = gnutls_pubkey_export_rsa_raw (pubkey, &mod, &exp);
+ LOG (EBICS_LOGLEVEL_DEBUG,
+ "Extracting modulus and exponent from key");
+
+ retv = gnutls_pubkey_export_rsa_raw (pubkey,
+ &mod,
+ &exp);
if (GNUTLS_E_SUCCESS != retv)
{
- LOG (EBICS_LOGLEVEL_ERROR, "Barf! %s", gnutls_strerror (retv));
+ LOG (EBICS_LOGLEVEL_ERROR,
+ "Barf! %s",
+ gnutls_strerror (retv));
return EBICS_ERROR;
}
- size_t eSize = EBICS_UTIL_base64_encode ((char*) exp.data, exp.size, eData);
- size_t mSize = EBICS_UTIL_base64_encode ((char*) mod.data, mod.size, mData);
- gnutls_free(mod.data);
- gnutls_free(exp.data);
-
- *eData = realloc(*eData, eSize+1);
- *mData = realloc(*mData, mSize+1);
- assert (eData != NULL);
- assert (mData != NULL);
+ eSize = EBICS_UTIL_base64_encode ((char*) exp.data,
+ exp.size,
+ eData);
+ mSize = EBICS_UTIL_base64_encode ((char*) mod.data,
+ mod.size,
+ mData);
+ gnutls_free (mod.data);
+ gnutls_free (exp.data);
+
+ *eData = realloc (*eData, eSize+1);
+ *mData = realloc (*mData, mSize+1);
+ GNUNET_assert (eData != NULL);
+ GNUNET_assert (mData != NULL);
(*eData)[eSize] = 0;
(*mData)[mSize] = 0;
- LOG(EBICS_LOGLEVEL_DEBUG,"EXPONENT: Size: %u, base64: %s", eSize, *eData);
- LOG(EBICS_LOGLEVEL_DEBUG,"MODULUS: Size: %u, base64: %s", mSize, *mData);
+ LOG (EBICS_LOGLEVEL_DEBUG,
+ "EXPONENT: Size: %u, base64: %s",
+ eSize,
+ *eData);
+
+ LOG (EBICS_LOGLEVEL_DEBUG,
+ "MODULUS: Size: %u, base64: %s",
+ mSize,
+ *mData);
+
return EBICS_SUCCESS;
}
@@ -319,27 +347,37 @@ void
EBICS_build_content_hia (void *cls,
struct EBICS_genex_document *document)
{
- struct EBICS_ARGS_build_content_hia *data = (struct
EBICS_ARGS_build_content_hia*) cls;
+
int retv;
+ char *encMod;
+ char *encExp;
+ char *sigMod;
+ char *sigExp;
+ char date[DATE_STR_SIZE];
- /* RSAKeyValue content */
- char *encMod, *encExp;
- char *sigMod, *sigExp;
- util_extract_public_RSAKeyValue (data->userEncKey->publickey, &encExp,
&encMod);
- util_extract_public_RSAKeyValue (data->userSigKey->publickey, &sigExp,
&sigMod);
+ struct EBICS_ARGS_build_content_hia *data = (
+ struct EBICS_ARGS_build_content_hia*) cls;
+
+ util_extract_public_RSAKeyValue (data->userEncKey->publickey,
+ &encExp,
+ &encMod);
+
+ util_extract_public_RSAKeyValue (data->userSigKey->publickey,
+ &sigExp,
+ &sigMod);
- /* SignaturePubKeyOrderData content*/
- char date[DATE_STR_SIZE];
struct EBICS_MSG_Spec content[] = {
EBICS_MSG_op_unique_choice ("//ebics:AuthenticationPubKeyInfo"),
EBICS_MSG_op_del_node ("//ds:X509Data"),
EBICS_MSG_op_set_string ("//ebics:AuthenticationVersion", "X002"),
EBICS_MSG_op_set_string ("//ebics:AuthenticationPubKeyInfo//ds:Modulus",
sigMod),
- EBICS_MSG_op_set_string
("//ebics:AuthenticationPubKeyInfo//ds:Exponent",sigExp),
- EBICS_MSG_op_set_string
("//ebics:AuthenticationPubKeyInfo//ebics:TimeStamp",
tools_get_timestamp(date)),
+ EBICS_MSG_op_set_string ("//ebics:AuthenticationPubKeyInfo//ds:Exponent",
sigExp),
+ EBICS_MSG_op_set_string
+ ("//ebics:AuthenticationPubKeyInfo//ebics:TimeStamp",
+ tools_get_timestamp (date)),
EBICS_MSG_op_set_string ("//ebics:EncryptionVersion", "E002"),
EBICS_MSG_op_set_string ("//ebics:EncryptionPubKeyInfo//ds:Modulus",
encMod),
- EBICS_MSG_op_set_string
("//ebics:EncryptionPubKeyInfo//ds:Exponent",encExp),
+ EBICS_MSG_op_set_string ("//ebics:EncryptionPubKeyInfo//ds:Exponent",
encExp),
EBICS_MSG_op_set_string ("//ebics:EncryptionPubKeyInfo//ebics:TimeStamp",
tools_get_timestamp(date)),
EBICS_MSG_op_set_string ("//ebics:PartnerID", data->partnerID),
EBICS_MSG_op_set_string ("//ebics:UserID", data->userID),
@@ -489,100 +527,154 @@ EBICS_build_auth_signature (void *cls,
document);
}
-/* Sign a ebics message
- *
+/**
+ * Sign a ebics message
*/
void
-EBICS_sign_message(const struct EBICS_Key *bankAuthentication,
- const struct EBICS_Key *bankEncryption,
- const struct EBICS_Key *userAuthentication,
- struct EBICS_genex_document *document)
+EBICS_sign_message (const struct EBICS_Key *bankAuthentication,
+ const struct EBICS_Key *bankEncryption,
+ const struct EBICS_Key *userAuthentication,
+ struct EBICS_genex_document *document)
{
- /* Rename ebics:AuthSignature so xmlsec will not cry and break ... */
+ int res;
+ int retv;
+ xmlNodePtr node;
+ xmlSecDSigCtxPtr dsigCtx;
+ gnutls_datum_t out;
+
+ /* Rename ebics:AuthSignature so
+ * xmlsec will not cry and break ... */
{
- xmlXPathObjectPtr xpathObjPtr = xmlXPathEvalExpression(BAD_CAST
"//ebics:AuthSignature", document->xpath);
- assert(NULL != xpathObjPtr);
- assert(NULL != xpathObjPtr->nodesetval);
- xmlNodeSetPtr nodeset = xpathObjPtr->nodesetval;
- xmlNodePtr node = nodeset->nodeTab[0];
- xmlXPathFreeObject(xpathObjPtr);
- xmlNsPtr ns = xmlSearchNsByHref(document->document, node, BAD_CAST
"http://www.w3.org/2000/09/xmldsig#");
- xmlNodeSetName(node, BAD_CAST "Signature");
+ xmlXPathObjectPtr xpathObjPtr;
+ xmlNodeSetPtr nodeset;
+ xmlNodePtr node;
+ xmlNsPtr ns;
+
+ xpathObjPtr = xmlXPathEvalExpression
+ (BAD_CAST "//ebics:AuthSignature",
+ document->xpath);
+
+ GNUNET_assert (NULL != xpathObjPtr);
+ GNUNET_assert (NULL != xpathObjPtr->nodesetval);
+
+ nodeset = xpathObjPtr->nodesetval;
+ node = nodeset->nodeTab[0];
+ xmlXPathFreeObject (xpathObjPtr);
+ ns = xmlSearchNsByHref (document->document,
+ node,
+ BAD_CAST "http://www.w3.org/2000/09/xmldsig#");
+ xmlNodeSetName (node,
+ BAD_CAST "Signature");
node->ns = ns;
}
- xmlNodePtr node = NULL;
- xmlSecDSigCtxPtr dsigCtx = NULL;
- int res = -1;
- int retv;
-
+ node = NULL;
+ dsigCtx = NULL;
+ res = -1;
+
+ node = xmlSecFindNode (xmlDocGetRootElement (document->document),
+ xmlSecNodeSignature,
+ BAD_CAST "http://www.w3.org/2000/09/xmldsig#");
+ if (node == NULL)
+ {
- node = xmlSecFindNode(xmlDocGetRootElement(document->document),
xmlSecNodeSignature, BAD_CAST "http://www.w3.org/2000/09/xmldsig#");
- if(node == NULL) {
- LOG(EBICS_LOGLEVEL_ERROR, "Error: start node not found.");
- assert(0);
+ LOG (EBICS_LOGLEVEL_ERROR, "Error: start node not found.");
+ GNUNET_assert(0);
}
- dsigCtx = xmlSecDSigCtxCreate(NULL);
- xmlSecDSigCtxInitialize(dsigCtx, NULL);
- if(dsigCtx == NULL) {
- LOG(EBICS_LOGLEVEL_ERROR,"Error: failed to create signature context.");
- assert(0);
+ dsigCtx = xmlSecDSigCtxCreate (NULL);
+ xmlSecDSigCtxInitialize (dsigCtx, NULL);
+
+ if(dsigCtx == NULL)
+ {
+ LOG (EBICS_LOGLEVEL_ERROR,
+ "Error: failed to create signature context.");
+ GNUNET_assert (0);
}
- gnutls_datum_t out;
- retv = gnutls_x509_privkey_export2 (userAuthentication->privatekey,
GNUTLS_X509_FMT_DER, &out);
+ retv = gnutls_x509_privkey_export2 (userAuthentication->privatekey,
+ GNUTLS_X509_FMT_DER,
+ &out);
if (GNUTLS_E_SUCCESS != retv)
{
- LOG (EBICS_LOGLEVEL_ERROR, "Could not export key for reimport with xmlsec:
%s", gnutls_strerror (retv));
+ LOG (EBICS_LOGLEVEL_ERROR,
+ "Could not export key for reimport with xmlsec: %s",
+ gnutls_strerror (retv));
}
+
dsigCtx->signKey = xmlSecCryptoAppKeyLoadMemory (out.data,
out.size,
xmlSecKeyDataFormatDer,
NULL,
NULL,
NULL);
- gnutls_free(out.data);
+ gnutls_free (out.data);
- if(dsigCtx->signKey == NULL) {
- LOG(EBICS_LOGLEVEL_ERROR,"Error: failed to load private pem key from
buffer.");
- assert(0);
+ if (dsigCtx->signKey == NULL)
+ {
+ LOG (EBICS_LOGLEVEL_ERROR,
+ "Error: failed to load private pem key from buffer.");
+ GNUNET_assert (0);
}
- if(xmlSecKeySetName(dsigCtx->signKey, BAD_CAST "userAuthKey") < 0) {
- LOG(EBICS_LOGLEVEL_FATAL,"Error: failed to set key name for key.");
- assert(0);
+ if (xmlSecKeySetName (dsigCtx->signKey,
+ BAD_CAST "userAuthKey") < 0)
+ {
+ LOG (EBICS_LOGLEVEL_FATAL,
+ "Error: failed to set key name for key.");
+ GNUNET_assert (0);
}
- if(xmlSecDSigCtxSign(dsigCtx, node) < 0) {
- LOG(EBICS_LOGLEVEL_FATAL,"Error: signature failed.");
- //xmlSecDSigCtxDebugXmlDump(dsigCtx, stdout);
- assert(0);
+ if (xmlSecDSigCtxSign (dsigCtx, node) < 0)
+ {
+ LOG (EBICS_LOGLEVEL_FATAL,"Error: signature failed.");
+ // xmlSecDSigCtxDebugXmlDump (dsigCtx, stdout);
+ GNUNET_assert (0);
}
- LOG (EBICS_LOGLEVEL_DEBUG, "Error is beloow me!");
+
+ LOG (EBICS_LOGLEVEL_DEBUG,
+ "Error is below me!");
if(dsigCtx != NULL) {
- /* TODO: Calling *Finalize generates some assert() errors inside xmlsec....
- * Disabled for now.
+ /**
+ * TODO: Calling Finalize generates some
+ * assert errors inside xmlsec..Disabled for now.
*
* xmlSecDSigCtxFinalize(dsigCtx);
- */
+ **/
xmlSecDSigCtxDestroy(dsigCtx);
}
- LOG (EBICS_LOGLEVEL_DEBUG, "Error is Above me!");
+
+ LOG (EBICS_LOGLEVEL_DEBUG,
+ "Error is Above me!");
- /* Rename ds:Signature so the message validates with ebics schema */
+ /**
+ * Rename ds:Signature so the
+ * message validates with ebics schema
+ **/
{
- xmlXPathObjectPtr xpathObjPtr = xmlXPathEvalExpression(BAD_CAST
"//ds:Signature", document->xpath);
- assert(NULL != xpathObjPtr);
- assert(NULL != xpathObjPtr->nodesetval);
- xmlNodeSetPtr nodeset = xpathObjPtr->nodesetval;
- xmlNodePtr node = nodeset->nodeTab[0];
- xmlXPathFreeObject(xpathObjPtr);
- xmlNsPtr ns = xmlSearchNsByHref(document->document, node, BAD_CAST
"urn:org:ebics:H004");
- xmlNodeSetName(node, BAD_CAST "AuthSignature");
+ xmlXPathObjectPtr xpathObjPtr;
+ xmlNodeSetPtr nodeset;
+ xmlNodePtr node;
+ xmlNsPtr ns;
+
+ xpathObjPtr = xmlXPathEvalExpression
+ (BAD_CAST "//ds:Signature",
+ document->xpath);
+
+ GNUNET_assert (NULL != xpathObjPtr);
+ GNUNET_assert (NULL != xpathObjPtr->nodesetval);
+ nodeset = xpathObjPtr->nodesetval;
+ node = nodeset->nodeTab[0];
+ xmlXPathFreeObject (xpathObjPtr);
+ ns = xmlSearchNsByHref (document->document,
+ node,
+ BAD_CAST "urn:org:ebics:H004");
+
+ xmlNodeSetName (node,
+ BAD_CAST "AuthSignature");
node->ns = ns;
}
}
--
To stop receiving notification emails like this one, please contact
address@hidden