Project

General

Profile

aqbanking-create-keys.patch

thbe, 09/11/2019 06:57 PM

Download (1.58 KB)

View differences:

src/libs/plugins/backends/aqhbci/banking/provider_keys.c
109 109
    return GWEN_ERROR_INVALID;
110 110
  }
111 111

  
112
  // XXX RAH?
113
  if ((AH_User_GetCryptMode(u)==AH_CryptMode_Rdh) && (rdhType==10)) {
114
    /* the specs say that for RDH-10 we must not create keys longer than the server's
112
  if (((AH_User_GetCryptMode(u)==AH_CryptMode_Rdh) || (AH_User_GetCryptMode(u)==AH_CryptMode_Rah)) && (rdhType==10)) {
113
    /* the specs say that for RDH/RAH-10 we must not create keys longer than the server's
115 114
     * sign key (or, if absent, the server's encipher key) */
116 115
    uint32_t skeyId;
117 116
    const GWEN_CRYPT_TOKEN_KEYINFO *ski;
......
242 241
      GWEN_Crypt_CryptAlgo_SetKeySizeInBits(algo, 2048);
243 242
      break;
244 243
    case 10:
245
      GWEN_Crypt_CryptAlgo_SetChunkSize(algo, 256);
246
      GWEN_Crypt_CryptAlgo_SetKeySizeInBits(algo, 2048);
244
      {
245
        int ks = 2048;
246
        if(maxServerKeySizeInBits)
247
          ks = maxServerKeySizeInBits;
248
        DBG_NOTICE(AQHBCI_LOGDOMAIN, "Creating RAH-10 keys of size: %d bytes, %d bits.", ks / 8, ks);
249
        GWEN_Crypt_CryptAlgo_SetChunkSize(algo, ks / 8);
250
        GWEN_Crypt_CryptAlgo_SetKeySizeInBits(algo, ks);
251
      }
247 252
      break;
248 253
    default:
249 254
      DBG_ERROR(AQHBCI_LOGDOMAIN, "RAH %d not supported", AH_User_GetRdhType(u));