Bug #41 » aqbanking-sign.patch
src/libs/plugins/backends/aqhbci/msglayer/msgcrypt_rxh_common.c | ||
---|---|---|
AH_OPMODE opMode;
|
||
uint8_t *digestPtr;
|
||
unsigned int digestSize;
|
||
uint8_t doSHA256SHA256Hash2nd = 0;
|
||
if (secProfile > 2) {
|
||
hashAlg = rxh_parameter->hashAlgD;
|
||
... | ... | |
opMode= rxh_parameter->opmodSignS;
|
||
}
|
||
//uint8_t hash1[32];
|
||
// https://www.aquamaniac.de/rdm/issues/41
|
||
// workaround (or fix?) when ha sha256sha256 and keyfile is used
|
||
// at now, for RDH/RAH-10
|
||
// not clarified why e.g. RDH-7 (or all card-tokens?) is working without fix
|
||
if(AH_User_GetRdhType(su) == 10)
|
||
doSHA256SHA256Hash2nd = 1;
|
||
/* hash sighead + data */
|
||
switch (hashAlg) {
|
||
... | ... | |
GWEN_Buffer_free(hbuf);
|
||
return rv;
|
||
}
|
||
else {
|
||
digestPtr=GWEN_MDigest_GetDigestPtr(md);
|
||
digestSize=GWEN_MDigest_GetDigestSize(md);
|
||
if((hashAlg == AH_HashAlg_Sha256Sha256) && doSHA256SHA256Hash2nd)
|
||
{
|
||
DBG_NOTICE(AQHBCI_LOGDOMAIN, "Workaround: doing second hash round.");
|
||
rv = GWEN_MDigest_Begin(md);
|
||
if(rv == 0)
|
||
{
|
||
uint8_t h[32];
|
||
memcpy(h, GWEN_MDigest_GetDigestPtr(md), GWEN_MDigest_GetDigestSize(md));
|
||
rv = GWEN_MDigest_Update(md, h, 32);
|
||
if(rv == 0)
|
||
rv = GWEN_MDigest_End(md);
|
||
if(rv < 0)
|
||
{
|
||
DBG_ERROR(AQHBCI_LOGDOMAIN, "Hash error round 2 (%d)", rv);
|
||
GWEN_MDigest_free(md);
|
||
GWEN_Buffer_free(sigbuf);
|
||
GWEN_Buffer_free(hbuf);
|
||
return rv;
|
||
}
|
||
}
|
||
}
|
||
digestPtr=GWEN_MDigest_GetDigestPtr(md);
|
||
digestSize=GWEN_MDigest_GetDigestSize(md);
|
||
}
|
||
else {
|
||
digestPtr=(uint8_t *)GWEN_Buffer_GetStart(hbuf);
|