Bug #41 » aqbanking-sign.patch
| src/libs/plugins/backends/aqhbci/msglayer/msgcrypt_rxh_common.c | ||
|---|---|---|
|
AH_OPMODE opMode;
|
||
|
uint8_t *digestPtr;
|
||
|
unsigned int digestSize;
|
||
|
uint8_t doSHA256SHA256Hash2nd = 0;
|
||
|
if (secProfile > 2) {
|
||
|
hashAlg = rxh_parameter->hashAlgD;
|
||
| ... | ... | |
|
opMode= rxh_parameter->opmodSignS;
|
||
|
}
|
||
|
//uint8_t hash1[32];
|
||
|
// https://www.aquamaniac.de/rdm/issues/41
|
||
|
// workaround (or fix?) when ha sha256sha256 and keyfile is used
|
||
|
// at now, for RDH/RAH-10
|
||
|
// not clarified why e.g. RDH-7 (or all card-tokens?) is working without fix
|
||
|
if(AH_User_GetRdhType(su) == 10)
|
||
|
doSHA256SHA256Hash2nd = 1;
|
||
|
/* hash sighead + data */
|
||
|
switch (hashAlg) {
|
||
| ... | ... | |
|
GWEN_Buffer_free(hbuf);
|
||
|
return rv;
|
||
|
}
|
||
|
else {
|
||
|
digestPtr=GWEN_MDigest_GetDigestPtr(md);
|
||
|
digestSize=GWEN_MDigest_GetDigestSize(md);
|
||
|
if((hashAlg == AH_HashAlg_Sha256Sha256) && doSHA256SHA256Hash2nd)
|
||
|
{
|
||
|
DBG_NOTICE(AQHBCI_LOGDOMAIN, "Workaround: doing second hash round.");
|
||
|
rv = GWEN_MDigest_Begin(md);
|
||
|
if(rv == 0)
|
||
|
{
|
||
|
uint8_t h[32];
|
||
|
memcpy(h, GWEN_MDigest_GetDigestPtr(md), GWEN_MDigest_GetDigestSize(md));
|
||
|
rv = GWEN_MDigest_Update(md, h, 32);
|
||
|
if(rv == 0)
|
||
|
rv = GWEN_MDigest_End(md);
|
||
|
if(rv < 0)
|
||
|
{
|
||
|
DBG_ERROR(AQHBCI_LOGDOMAIN, "Hash error round 2 (%d)", rv);
|
||
|
GWEN_MDigest_free(md);
|
||
|
GWEN_Buffer_free(sigbuf);
|
||
|
GWEN_Buffer_free(hbuf);
|
||
|
return rv;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
digestPtr=GWEN_MDigest_GetDigestPtr(md);
|
||
|
digestSize=GWEN_MDigest_GetDigestSize(md);
|
||
|
}
|
||
|
else {
|
||
|
digestPtr=(uint8_t *)GWEN_Buffer_GetStart(hbuf);
|
||