Feature #43 » aqbanking-create-keys.patch
| src/libs/plugins/backends/aqhbci/banking/provider_keys.c | ||
|---|---|---|
|
return GWEN_ERROR_INVALID;
|
||
|
}
|
||
|
// XXX RAH?
|
||
|
if ((AH_User_GetCryptMode(u)==AH_CryptMode_Rdh) && (rdhType==10)) {
|
||
|
/* the specs say that for RDH-10 we must not create keys longer than the server's
|
||
|
if (((AH_User_GetCryptMode(u)==AH_CryptMode_Rdh) || (AH_User_GetCryptMode(u)==AH_CryptMode_Rah)) && (rdhType==10)) {
|
||
|
/* the specs say that for RDH/RAH-10 we must not create keys longer than the server's
|
||
|
* sign key (or, if absent, the server's encipher key) */
|
||
|
uint32_t skeyId;
|
||
|
const GWEN_CRYPT_TOKEN_KEYINFO *ski;
|
||
| ... | ... | |
|
GWEN_Crypt_CryptAlgo_SetKeySizeInBits(algo, 2048);
|
||
|
break;
|
||
|
case 10:
|
||
|
GWEN_Crypt_CryptAlgo_SetChunkSize(algo, 256);
|
||
|
GWEN_Crypt_CryptAlgo_SetKeySizeInBits(algo, 2048);
|
||
|
{
|
||
|
int ks = 2048;
|
||
|
if(maxServerKeySizeInBits)
|
||
|
ks = maxServerKeySizeInBits;
|
||
|
DBG_NOTICE(AQHBCI_LOGDOMAIN, "Creating RAH-10 keys of size: %d bytes, %d bits.", ks / 8, ks);
|
||
|
GWEN_Crypt_CryptAlgo_SetChunkSize(algo, ks / 8);
|
||
|
GWEN_Crypt_CryptAlgo_SetKeySizeInBits(algo, ks);
|
||
|
}
|
||
|
break;
|
||
|
default:
|
||
|
DBG_ERROR(AQHBCI_LOGDOMAIN, "RAH %d not supported", AH_User_GetRdhType(u));
|
||