Feature #43 » aqbanking-create-keys.patch
src/libs/plugins/backends/aqhbci/banking/provider_keys.c | ||
---|---|---|
return GWEN_ERROR_INVALID;
|
||
}
|
||
// XXX RAH?
|
||
if ((AH_User_GetCryptMode(u)==AH_CryptMode_Rdh) && (rdhType==10)) {
|
||
/* the specs say that for RDH-10 we must not create keys longer than the server's
|
||
if (((AH_User_GetCryptMode(u)==AH_CryptMode_Rdh) || (AH_User_GetCryptMode(u)==AH_CryptMode_Rah)) && (rdhType==10)) {
|
||
/* the specs say that for RDH/RAH-10 we must not create keys longer than the server's
|
||
* sign key (or, if absent, the server's encipher key) */
|
||
uint32_t skeyId;
|
||
const GWEN_CRYPT_TOKEN_KEYINFO *ski;
|
||
... | ... | |
GWEN_Crypt_CryptAlgo_SetKeySizeInBits(algo, 2048);
|
||
break;
|
||
case 10:
|
||
GWEN_Crypt_CryptAlgo_SetChunkSize(algo, 256);
|
||
GWEN_Crypt_CryptAlgo_SetKeySizeInBits(algo, 2048);
|
||
{
|
||
int ks = 2048;
|
||
if(maxServerKeySizeInBits)
|
||
ks = maxServerKeySizeInBits;
|
||
DBG_NOTICE(AQHBCI_LOGDOMAIN, "Creating RAH-10 keys of size: %d bytes, %d bits.", ks / 8, ks);
|
||
GWEN_Crypt_CryptAlgo_SetChunkSize(algo, ks / 8);
|
||
GWEN_Crypt_CryptAlgo_SetKeySizeInBits(algo, ks);
|
||
}
|
||
break;
|
||
default:
|
||
DBG_ERROR(AQHBCI_LOGDOMAIN, "RAH %d not supported", AH_User_GetRdhType(u));
|