diff options
author | Florian Dold <florian.dold@gmail.com> | 2020-02-03 15:11:29 +0100 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2020-02-03 15:11:29 +0100 |
commit | 15977a23724d993e6dc01d55b0947e5f20a91085 (patch) | |
tree | b572e833bc984da1190fb072ce830da0b4903d20 /util | |
parent | 472da7425e8ce6bdb55d54af4bdbcfb5a2732b99 (diff) | |
download | libeufin-15977a23724d993e6dc01d55b0947e5f20a91085.tar.gz libeufin-15977a23724d993e6dc01d55b0947e5f20a91085.tar.bz2 libeufin-15977a23724d993e6dc01d55b0947e5f20a91085.zip |
test case, fix JAXB problem, key confusion
Diffstat (limited to 'util')
-rw-r--r-- | util/src/main/kotlin/CryptoUtil.kt | 33 | ||||
-rw-r--r-- | util/src/main/kotlin/EbicsOrderUtil.kt | 1 | ||||
-rw-r--r-- | util/src/main/kotlin/ebics_h004/EbicsTypes.kt | 4 | ||||
-rw-r--r-- | util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt | 1 | ||||
-rw-r--r-- | util/src/test/kotlin/EbicsOrderUtilTest.kt | 274 |
5 files changed, 305 insertions, 8 deletions
diff --git a/util/src/main/kotlin/CryptoUtil.kt b/util/src/main/kotlin/CryptoUtil.kt index 65798cf9..752c0e90 100644 --- a/util/src/main/kotlin/CryptoUtil.kt +++ b/util/src/main/kotlin/CryptoUtil.kt @@ -43,6 +43,7 @@ object CryptoUtil { * RSA key pair. */ data class RsaCrtKeyPair(val private: RSAPrivateCrtKey, val public: RSAPublicKey) + class EncryptionResult( val encryptedTransactionKey: ByteArray, val pubKeyDigest: ByteArray, @@ -52,7 +53,9 @@ object CryptoUtil { */ val plainTransactionKey: SecretKey? = null ) + private val bouncyCastleProvider = BouncyCastleProvider() + /** * Load an RSA private key from its binary PKCS#8 encoding. */ @@ -63,6 +66,7 @@ object CryptoUtil { throw Exception("wrong encoding") return priv } + /** * Load an RSA public key from its binary X509 encoding. */ @@ -73,6 +77,7 @@ object CryptoUtil { throw Exception("wrong encoding") return pub } + /** * Load an RSA public key from its binary X509 encoding. */ @@ -83,6 +88,7 @@ object CryptoUtil { throw Exception("wrong encoding") return pub } + /** * Generate a fresh RSA key pair. * @@ -100,6 +106,7 @@ object CryptoUtil { throw Exception("key generation failed") return RsaCrtKeyPair(priv, pub) } + /** * Load an RSA public key from its components. * @@ -139,6 +146,7 @@ object CryptoUtil { transactionKey ) } + /** * Encrypt data according to the EBICS E002 encryption process. */ @@ -147,13 +155,15 @@ object CryptoUtil { encryptionPublicKey: RSAPublicKey, transactionKey: SecretKey ): EncryptionResult { - val symmetricCipher = Cipher.getInstance("AES/CBC/X9.23Padding", + val symmetricCipher = Cipher.getInstance( + "AES/CBC/X9.23Padding", bouncyCastleProvider ) val ivParameterSpec = IvParameterSpec(ByteArray(16)) symmetricCipher.init(Cipher.ENCRYPT_MODE, transactionKey, ivParameterSpec) val encryptedData = symmetricCipher.doFinal(data) - val asymmetricCipher = Cipher.getInstance("RSA/None/PKCS1Padding", + val asymmetricCipher = Cipher.getInstance( + "RSA/None/PKCS1Padding", bouncyCastleProvider ) asymmetricCipher.init(Cipher.ENCRYPT_MODE, encryptionPublicKey) @@ -166,6 +176,7 @@ object CryptoUtil { transactionKey ) } + fun decryptEbicsE002(enc: EncryptionResult, privateKey: RSAPrivateCrtKey): ByteArray { return decryptEbicsE002( enc.encryptedTransactionKey, @@ -173,14 +184,21 @@ object CryptoUtil { privateKey ) } - fun decryptEbicsE002(encryptedTransactionKey: ByteArray, encryptedData: ByteArray, privateKey: RSAPrivateCrtKey): ByteArray { - val asymmetricCipher = Cipher.getInstance("RSA/None/PKCS1Padding", + + fun decryptEbicsE002( + encryptedTransactionKey: ByteArray, + encryptedData: ByteArray, + privateKey: RSAPrivateCrtKey + ): ByteArray { + val asymmetricCipher = Cipher.getInstance( + "RSA/None/PKCS1Padding", bouncyCastleProvider ) asymmetricCipher.init(Cipher.DECRYPT_MODE, privateKey) val transactionKeyBytes = asymmetricCipher.doFinal(encryptedTransactionKey) val secretKeySpec = SecretKeySpec(transactionKeyBytes, "AES") - val symmetricCipher = Cipher.getInstance("AES/CBC/X9.23Padding", + val symmetricCipher = Cipher.getInstance( + "AES/CBC/X9.23Padding", bouncyCastleProvider ) val ivParameterSpec = IvParameterSpec(ByteArray(16)) @@ -189,6 +207,7 @@ object CryptoUtil { val data = symmetricCipher.doFinal(encryptedData) return data } + /** * Signing algorithm corresponding to the EBICS A006 signing process. * @@ -203,6 +222,7 @@ object CryptoUtil { signature.update(data) return signature.sign() } + fun verifyEbicsA006(sig: ByteArray, data: ByteArray, publicKey: RSAPublicKey): Boolean { val signature = Signature.getInstance("SHA256withRSA/PSS", bouncyCastleProvider) signature.setParameter(PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, 32, 1)) @@ -210,6 +230,7 @@ object CryptoUtil { signature.update(data) return signature.verify(sig) } + fun digestEbicsOrderA006(orderData: ByteArray): ByteArray { val digest = MessageDigest.getInstance("SHA-256") for (b in orderData) { @@ -220,6 +241,7 @@ object CryptoUtil { } return digest.digest() } + fun decryptKey(data: EncryptedPrivateKeyInfo, passphrase: String): RSAPrivateCrtKey { /* make key out of passphrase */ val pbeKeySpec = PBEKeySpec(passphrase.toCharArray()) @@ -239,6 +261,7 @@ object CryptoUtil { throw Exception("wrong encoding") return priv } + fun encryptKey(data: ByteArray, passphrase: String): ByteArray { /* Cipher parameters: salt and hash count */ val hashIterations = 30 diff --git a/util/src/main/kotlin/EbicsOrderUtil.kt b/util/src/main/kotlin/EbicsOrderUtil.kt index b9c2d20f..bcdc836f 100644 --- a/util/src/main/kotlin/EbicsOrderUtil.kt +++ b/util/src/main/kotlin/EbicsOrderUtil.kt @@ -39,6 +39,7 @@ object EbicsOrderUtil { inline fun <reified T> decodeOrderDataXml(encodedOrderData: ByteArray): T { return InflaterInputStream(encodedOrderData.inputStream()).use { val bytes = it.readAllBytes() + println("decoded order data bytes ${bytes.toString(Charsets.UTF_8)}") XMLUtil.convertStringToJaxb<T>(bytes.toString(Charsets.UTF_8)).value } } diff --git a/util/src/main/kotlin/ebics_h004/EbicsTypes.kt b/util/src/main/kotlin/ebics_h004/EbicsTypes.kt index c1012439..d3621002 100644 --- a/util/src/main/kotlin/ebics_h004/EbicsTypes.kt +++ b/util/src/main/kotlin/ebics_h004/EbicsTypes.kt @@ -345,13 +345,13 @@ object EbicsTypes { XmlElement(name = "AccountNumber", type = GeneralAccountNumber::class), XmlElement(name = "NationalAccountNumber", type = NationalAccountNumber::class) ) - var accountNumberList: List<AbstractAccountNumber>? = null + var accountNumberList: List<AbstractAccountNumber>? = LinkedList<AbstractAccountNumber>() @get:XmlElements( XmlElement(name = "BankCode", type = GeneralBankCode::class), XmlElement(name = "NationalBankCode", type = NationalBankCode::class) ) - var bankCodeList: List<AbstractBankCode>? = null + var bankCodeList: List<AbstractBankCode>? = LinkedList<AbstractBankCode>() @get:XmlElement(name = "AccountHolder") var accountHolder: String? = null diff --git a/util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt b/util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt index ac4c8d87..4162379b 100644 --- a/util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt +++ b/util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt @@ -1,6 +1,5 @@ package tech.libeufin.util.ebics_h004 -import java.security.Permission import javax.xml.bind.annotation.* @XmlAccessorType(XmlAccessType.NONE) diff --git a/util/src/test/kotlin/EbicsOrderUtilTest.kt b/util/src/test/kotlin/EbicsOrderUtilTest.kt index 2186f2fc..3e0899f6 100644 --- a/util/src/test/kotlin/EbicsOrderUtilTest.kt +++ b/util/src/test/kotlin/EbicsOrderUtilTest.kt @@ -1,5 +1,7 @@ import org.junit.Test import tech.libeufin.util.EbicsOrderUtil +import tech.libeufin.util.XMLUtil +import tech.libeufin.util.ebics_h004.HTDResponseOrderData import kotlin.test.assertEquals @@ -12,4 +14,276 @@ class EbicsOrderUtilTest { assertEquals("OR10", EbicsOrderUtil.computeOrderIDFromNumber(36)) assertEquals("OR11", EbicsOrderUtil.computeOrderIDFromNumber(37)) } + + @Test + fun testDecodeOrderData() { + val orderDataXml = """ + <?xml version="1.0" encoding="UTF-8"?> + <HTDResponseOrderData xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:org:ebics:H004 ebics_orders_H004.xsd"> + <PartnerInfo> + <AddressInfo> + <Name>Mr Anybody</Name> + <Street>CENSORED</Street> + <PostCode>12345</PostCode> + <City>Footown</City> + </AddressInfo> + <BankInfo> + <HostID>BLABLUBLA</HostID> + </BankInfo> + <AccountInfo ID="accid000000001" Currency="EUR"> + <AccountNumber international="false">12345667</AccountNumber> + <AccountNumber international="true">DE54430609999999999999</AccountNumber> + <BankCode international="false">43060967</BankCode> + <BankCode international="true">GENODEM1GLS</BankCode> + <AccountHolder>Mr Anybody</AccountHolder> + </AccountInfo> + <OrderInfo> + <OrderType>C52</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>CAMT052</OrderFormat> + <Description>Abholen Vormerkposten</Description> + </OrderInfo> + <OrderInfo> + <OrderType>C53</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>CAMT053</OrderFormat> + <Description>Abholen Kontoauszuege</Description> + </OrderInfo> + <OrderInfo> + <OrderType>C54</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>CAMT054</OrderFormat> + <Description>Abholen Nachricht Sammelbuchungsdatei, Soll-, Haben-Avis</Description> + </OrderInfo> + <OrderInfo> + <OrderType>CDZ</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>XMLBIN</OrderFormat> + <Description>Abholen Payment Status Report for Direct Debit</Description> + </OrderInfo> + <OrderInfo> + <OrderType>CRZ</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>XMLBIN</OrderFormat> + <Description>Abholen Payment Status Report for Credit Transfer</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HAA</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Abrufbare Auftragsarten abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HAC</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>HAC</OrderFormat> + <Description>Kundenprotokoll (XML-Format) abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HKD</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Kunden- und Teilnehmerdaten abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HPB</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Public Keys der Bank abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HPD</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Bankparameter abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HTD</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Kunden- und Teilnehmerdaten abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HVD</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>VEU-Status abrufen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HVT</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>VEU-Transaktionsdetails abrufen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HVU</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>VEU-Uebersicht abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>HVZ</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>VEU-Uebersicht mit Zusatzinformationen abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>PTK</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>PTK</OrderFormat> + <Description>Protokolldatei abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>STA</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MT940</OrderFormat> + <Description>Swift-Tagesauszuege abholen</Description> + </OrderInfo> + <OrderInfo> + <OrderType>VMK</OrderType> + <TransferType>Download</TransferType> + <OrderFormat>MT942</OrderFormat> + <Description>Abholen kurzfristige Vormerkposten</Description> + </OrderInfo> + <OrderInfo> + <OrderType>AZV</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>DTAZVJS</OrderFormat> + <Description>AZV im Diskettenformat senden</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>C1C</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>P8CCOR1</OrderFormat> + <Description>Einreichen von Lastschriften D-1-Option in einem Container</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>C2C</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>PN8CONCS</OrderFormat> + <Description>Einreichen von Firmenlastschriften in einem Container</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>CCC</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>PN1CONCS</OrderFormat> + <Description>Ueberweisungen im SEPA-Container</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>CCT</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>PN1GOCS</OrderFormat> + <Description>Überweisungen im ZKA-Format</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>CCU</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>P1URGCS</OrderFormat> + <Description>Einreichen von Eilueberweisungen</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>CDB</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>PAIN8CS</OrderFormat> + <Description>Einreichen von Firmenlastschriften</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>CDC</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>PN8CONCS</OrderFormat> + <Description>Einreichen von Lastschriften in einem Container</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>CDD</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>PN8GOCS</OrderFormat> + <Description>Einreichen von Lastschriften</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>HCA</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Public Key senden</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>HCS</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Teilnehmerschluessel EU und EBICS aendern</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>HIA</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Initiales Senden Public Keys</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>HVE</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>VEU-Unterschrift hinzufuegen</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>HVS</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>VEU-Storno</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>INI</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Passwort-Initialisierung</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>PUB</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Public-Key senden</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + <OrderInfo> + <OrderType>SPR</OrderType> + <TransferType>Upload</TransferType> + <OrderFormat>MISC</OrderFormat> + <Description>Sperrung der Zugangsberechtigung</Description> + <NumSigRequired>0</NumSigRequired> + </OrderInfo> + </PartnerInfo> + <UserInfo> + <UserID Status="1">ANYBOMR</UserID> + <Name>Mr Anybody</Name> + <Permission> + <OrderTypes>C52 C53 C54 CDZ CRZ HAA HAC HKD HPB HPD HTD HVD HVT HVU HVZ PTK</OrderTypes> + </Permission> + <Permission> + <OrderTypes></OrderTypes> + <AccountID>accid000000001</AccountID> + </Permission> + <Permission AuthorisationLevel="E"> + <OrderTypes>AZV CCC CCT CCU</OrderTypes> + </Permission> + <Permission AuthorisationLevel="T"> + <OrderTypes>HCA HCS HIA HVE HVS INI PUB SPR</OrderTypes> + </Permission> + </UserInfo> + </HTDResponseOrderData> + """.trimIndent() + XMLUtil.convertStringToJaxb<HTDResponseOrderData>(orderDataXml); + } }
\ No newline at end of file |