summaryrefslogtreecommitdiff
path: root/util
diff options
context:
space:
mode:
authorFlorian Dold <florian.dold@gmail.com>2020-02-03 15:11:29 +0100
committerFlorian Dold <florian.dold@gmail.com>2020-02-03 15:11:29 +0100
commit15977a23724d993e6dc01d55b0947e5f20a91085 (patch)
treeb572e833bc984da1190fb072ce830da0b4903d20 /util
parent472da7425e8ce6bdb55d54af4bdbcfb5a2732b99 (diff)
downloadlibeufin-15977a23724d993e6dc01d55b0947e5f20a91085.tar.gz
libeufin-15977a23724d993e6dc01d55b0947e5f20a91085.tar.bz2
libeufin-15977a23724d993e6dc01d55b0947e5f20a91085.zip
test case, fix JAXB problem, key confusion
Diffstat (limited to 'util')
-rw-r--r--util/src/main/kotlin/CryptoUtil.kt33
-rw-r--r--util/src/main/kotlin/EbicsOrderUtil.kt1
-rw-r--r--util/src/main/kotlin/ebics_h004/EbicsTypes.kt4
-rw-r--r--util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt1
-rw-r--r--util/src/test/kotlin/EbicsOrderUtilTest.kt274
5 files changed, 305 insertions, 8 deletions
diff --git a/util/src/main/kotlin/CryptoUtil.kt b/util/src/main/kotlin/CryptoUtil.kt
index 65798cf9..752c0e90 100644
--- a/util/src/main/kotlin/CryptoUtil.kt
+++ b/util/src/main/kotlin/CryptoUtil.kt
@@ -43,6 +43,7 @@ object CryptoUtil {
* RSA key pair.
*/
data class RsaCrtKeyPair(val private: RSAPrivateCrtKey, val public: RSAPublicKey)
+
class EncryptionResult(
val encryptedTransactionKey: ByteArray,
val pubKeyDigest: ByteArray,
@@ -52,7 +53,9 @@ object CryptoUtil {
*/
val plainTransactionKey: SecretKey? = null
)
+
private val bouncyCastleProvider = BouncyCastleProvider()
+
/**
* Load an RSA private key from its binary PKCS#8 encoding.
*/
@@ -63,6 +66,7 @@ object CryptoUtil {
throw Exception("wrong encoding")
return priv
}
+
/**
* Load an RSA public key from its binary X509 encoding.
*/
@@ -73,6 +77,7 @@ object CryptoUtil {
throw Exception("wrong encoding")
return pub
}
+
/**
* Load an RSA public key from its binary X509 encoding.
*/
@@ -83,6 +88,7 @@ object CryptoUtil {
throw Exception("wrong encoding")
return pub
}
+
/**
* Generate a fresh RSA key pair.
*
@@ -100,6 +106,7 @@ object CryptoUtil {
throw Exception("key generation failed")
return RsaCrtKeyPair(priv, pub)
}
+
/**
* Load an RSA public key from its components.
*
@@ -139,6 +146,7 @@ object CryptoUtil {
transactionKey
)
}
+
/**
* Encrypt data according to the EBICS E002 encryption process.
*/
@@ -147,13 +155,15 @@ object CryptoUtil {
encryptionPublicKey: RSAPublicKey,
transactionKey: SecretKey
): EncryptionResult {
- val symmetricCipher = Cipher.getInstance("AES/CBC/X9.23Padding",
+ val symmetricCipher = Cipher.getInstance(
+ "AES/CBC/X9.23Padding",
bouncyCastleProvider
)
val ivParameterSpec = IvParameterSpec(ByteArray(16))
symmetricCipher.init(Cipher.ENCRYPT_MODE, transactionKey, ivParameterSpec)
val encryptedData = symmetricCipher.doFinal(data)
- val asymmetricCipher = Cipher.getInstance("RSA/None/PKCS1Padding",
+ val asymmetricCipher = Cipher.getInstance(
+ "RSA/None/PKCS1Padding",
bouncyCastleProvider
)
asymmetricCipher.init(Cipher.ENCRYPT_MODE, encryptionPublicKey)
@@ -166,6 +176,7 @@ object CryptoUtil {
transactionKey
)
}
+
fun decryptEbicsE002(enc: EncryptionResult, privateKey: RSAPrivateCrtKey): ByteArray {
return decryptEbicsE002(
enc.encryptedTransactionKey,
@@ -173,14 +184,21 @@ object CryptoUtil {
privateKey
)
}
- fun decryptEbicsE002(encryptedTransactionKey: ByteArray, encryptedData: ByteArray, privateKey: RSAPrivateCrtKey): ByteArray {
- val asymmetricCipher = Cipher.getInstance("RSA/None/PKCS1Padding",
+
+ fun decryptEbicsE002(
+ encryptedTransactionKey: ByteArray,
+ encryptedData: ByteArray,
+ privateKey: RSAPrivateCrtKey
+ ): ByteArray {
+ val asymmetricCipher = Cipher.getInstance(
+ "RSA/None/PKCS1Padding",
bouncyCastleProvider
)
asymmetricCipher.init(Cipher.DECRYPT_MODE, privateKey)
val transactionKeyBytes = asymmetricCipher.doFinal(encryptedTransactionKey)
val secretKeySpec = SecretKeySpec(transactionKeyBytes, "AES")
- val symmetricCipher = Cipher.getInstance("AES/CBC/X9.23Padding",
+ val symmetricCipher = Cipher.getInstance(
+ "AES/CBC/X9.23Padding",
bouncyCastleProvider
)
val ivParameterSpec = IvParameterSpec(ByteArray(16))
@@ -189,6 +207,7 @@ object CryptoUtil {
val data = symmetricCipher.doFinal(encryptedData)
return data
}
+
/**
* Signing algorithm corresponding to the EBICS A006 signing process.
*
@@ -203,6 +222,7 @@ object CryptoUtil {
signature.update(data)
return signature.sign()
}
+
fun verifyEbicsA006(sig: ByteArray, data: ByteArray, publicKey: RSAPublicKey): Boolean {
val signature = Signature.getInstance("SHA256withRSA/PSS", bouncyCastleProvider)
signature.setParameter(PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, 32, 1))
@@ -210,6 +230,7 @@ object CryptoUtil {
signature.update(data)
return signature.verify(sig)
}
+
fun digestEbicsOrderA006(orderData: ByteArray): ByteArray {
val digest = MessageDigest.getInstance("SHA-256")
for (b in orderData) {
@@ -220,6 +241,7 @@ object CryptoUtil {
}
return digest.digest()
}
+
fun decryptKey(data: EncryptedPrivateKeyInfo, passphrase: String): RSAPrivateCrtKey {
/* make key out of passphrase */
val pbeKeySpec = PBEKeySpec(passphrase.toCharArray())
@@ -239,6 +261,7 @@ object CryptoUtil {
throw Exception("wrong encoding")
return priv
}
+
fun encryptKey(data: ByteArray, passphrase: String): ByteArray {
/* Cipher parameters: salt and hash count */
val hashIterations = 30
diff --git a/util/src/main/kotlin/EbicsOrderUtil.kt b/util/src/main/kotlin/EbicsOrderUtil.kt
index b9c2d20f..bcdc836f 100644
--- a/util/src/main/kotlin/EbicsOrderUtil.kt
+++ b/util/src/main/kotlin/EbicsOrderUtil.kt
@@ -39,6 +39,7 @@ object EbicsOrderUtil {
inline fun <reified T> decodeOrderDataXml(encodedOrderData: ByteArray): T {
return InflaterInputStream(encodedOrderData.inputStream()).use {
val bytes = it.readAllBytes()
+ println("decoded order data bytes ${bytes.toString(Charsets.UTF_8)}")
XMLUtil.convertStringToJaxb<T>(bytes.toString(Charsets.UTF_8)).value
}
}
diff --git a/util/src/main/kotlin/ebics_h004/EbicsTypes.kt b/util/src/main/kotlin/ebics_h004/EbicsTypes.kt
index c1012439..d3621002 100644
--- a/util/src/main/kotlin/ebics_h004/EbicsTypes.kt
+++ b/util/src/main/kotlin/ebics_h004/EbicsTypes.kt
@@ -345,13 +345,13 @@ object EbicsTypes {
XmlElement(name = "AccountNumber", type = GeneralAccountNumber::class),
XmlElement(name = "NationalAccountNumber", type = NationalAccountNumber::class)
)
- var accountNumberList: List<AbstractAccountNumber>? = null
+ var accountNumberList: List<AbstractAccountNumber>? = LinkedList<AbstractAccountNumber>()
@get:XmlElements(
XmlElement(name = "BankCode", type = GeneralBankCode::class),
XmlElement(name = "NationalBankCode", type = NationalBankCode::class)
)
- var bankCodeList: List<AbstractBankCode>? = null
+ var bankCodeList: List<AbstractBankCode>? = LinkedList<AbstractBankCode>()
@get:XmlElement(name = "AccountHolder")
var accountHolder: String? = null
diff --git a/util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt b/util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt
index ac4c8d87..4162379b 100644
--- a/util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt
+++ b/util/src/main/kotlin/ebics_h004/HTDResponseOrderData.kt
@@ -1,6 +1,5 @@
package tech.libeufin.util.ebics_h004
-import java.security.Permission
import javax.xml.bind.annotation.*
@XmlAccessorType(XmlAccessType.NONE)
diff --git a/util/src/test/kotlin/EbicsOrderUtilTest.kt b/util/src/test/kotlin/EbicsOrderUtilTest.kt
index 2186f2fc..3e0899f6 100644
--- a/util/src/test/kotlin/EbicsOrderUtilTest.kt
+++ b/util/src/test/kotlin/EbicsOrderUtilTest.kt
@@ -1,5 +1,7 @@
import org.junit.Test
import tech.libeufin.util.EbicsOrderUtil
+import tech.libeufin.util.XMLUtil
+import tech.libeufin.util.ebics_h004.HTDResponseOrderData
import kotlin.test.assertEquals
@@ -12,4 +14,276 @@ class EbicsOrderUtilTest {
assertEquals("OR10", EbicsOrderUtil.computeOrderIDFromNumber(36))
assertEquals("OR11", EbicsOrderUtil.computeOrderIDFromNumber(37))
}
+
+ @Test
+ fun testDecodeOrderData() {
+ val orderDataXml = """
+ <?xml version="1.0" encoding="UTF-8"?>
+ <HTDResponseOrderData xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:org:ebics:H004 ebics_orders_H004.xsd">
+ <PartnerInfo>
+ <AddressInfo>
+ <Name>Mr Anybody</Name>
+ <Street>CENSORED</Street>
+ <PostCode>12345</PostCode>
+ <City>Footown</City>
+ </AddressInfo>
+ <BankInfo>
+ <HostID>BLABLUBLA</HostID>
+ </BankInfo>
+ <AccountInfo ID="accid000000001" Currency="EUR">
+ <AccountNumber international="false">12345667</AccountNumber>
+ <AccountNumber international="true">DE54430609999999999999</AccountNumber>
+ <BankCode international="false">43060967</BankCode>
+ <BankCode international="true">GENODEM1GLS</BankCode>
+ <AccountHolder>Mr Anybody</AccountHolder>
+ </AccountInfo>
+ <OrderInfo>
+ <OrderType>C52</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>CAMT052</OrderFormat>
+ <Description>Abholen Vormerkposten</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>C53</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>CAMT053</OrderFormat>
+ <Description>Abholen Kontoauszuege</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>C54</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>CAMT054</OrderFormat>
+ <Description>Abholen Nachricht Sammelbuchungsdatei, Soll-, Haben-Avis</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>CDZ</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>XMLBIN</OrderFormat>
+ <Description>Abholen Payment Status Report for Direct Debit</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>CRZ</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>XMLBIN</OrderFormat>
+ <Description>Abholen Payment Status Report for Credit Transfer</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HAA</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Abrufbare Auftragsarten abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HAC</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>HAC</OrderFormat>
+ <Description>Kundenprotokoll (XML-Format) abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HKD</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Kunden- und Teilnehmerdaten abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HPB</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Public Keys der Bank abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HPD</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Bankparameter abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HTD</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Kunden- und Teilnehmerdaten abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HVD</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>VEU-Status abrufen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HVT</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>VEU-Transaktionsdetails abrufen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HVU</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>VEU-Uebersicht abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HVZ</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>VEU-Uebersicht mit Zusatzinformationen abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>PTK</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>PTK</OrderFormat>
+ <Description>Protokolldatei abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>STA</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MT940</OrderFormat>
+ <Description>Swift-Tagesauszuege abholen</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>VMK</OrderType>
+ <TransferType>Download</TransferType>
+ <OrderFormat>MT942</OrderFormat>
+ <Description>Abholen kurzfristige Vormerkposten</Description>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>AZV</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>DTAZVJS</OrderFormat>
+ <Description>AZV im Diskettenformat senden</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>C1C</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>P8CCOR1</OrderFormat>
+ <Description>Einreichen von Lastschriften D-1-Option in einem Container</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>C2C</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>PN8CONCS</OrderFormat>
+ <Description>Einreichen von Firmenlastschriften in einem Container</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>CCC</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>PN1CONCS</OrderFormat>
+ <Description>Ueberweisungen im SEPA-Container</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>CCT</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>PN1GOCS</OrderFormat>
+ <Description>Überweisungen im ZKA-Format</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>CCU</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>P1URGCS</OrderFormat>
+ <Description>Einreichen von Eilueberweisungen</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>CDB</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>PAIN8CS</OrderFormat>
+ <Description>Einreichen von Firmenlastschriften</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>CDC</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>PN8CONCS</OrderFormat>
+ <Description>Einreichen von Lastschriften in einem Container</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>CDD</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>PN8GOCS</OrderFormat>
+ <Description>Einreichen von Lastschriften</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HCA</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Public Key senden</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HCS</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Teilnehmerschluessel EU und EBICS aendern</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HIA</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Initiales Senden Public Keys</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HVE</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>VEU-Unterschrift hinzufuegen</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>HVS</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>VEU-Storno</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>INI</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Passwort-Initialisierung</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>PUB</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Public-Key senden</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ <OrderInfo>
+ <OrderType>SPR</OrderType>
+ <TransferType>Upload</TransferType>
+ <OrderFormat>MISC</OrderFormat>
+ <Description>Sperrung der Zugangsberechtigung</Description>
+ <NumSigRequired>0</NumSigRequired>
+ </OrderInfo>
+ </PartnerInfo>
+ <UserInfo>
+ <UserID Status="1">ANYBOMR</UserID>
+ <Name>Mr Anybody</Name>
+ <Permission>
+ <OrderTypes>C52 C53 C54 CDZ CRZ HAA HAC HKD HPB HPD HTD HVD HVT HVU HVZ PTK</OrderTypes>
+ </Permission>
+ <Permission>
+ <OrderTypes></OrderTypes>
+ <AccountID>accid000000001</AccountID>
+ </Permission>
+ <Permission AuthorisationLevel="E">
+ <OrderTypes>AZV CCC CCT CCU</OrderTypes>
+ </Permission>
+ <Permission AuthorisationLevel="T">
+ <OrderTypes>HCA HCS HIA HVE HVS INI PUB SPR</OrderTypes>
+ </Permission>
+ </UserInfo>
+ </HTDResponseOrderData>
+ """.trimIndent()
+ XMLUtil.convertStringToJaxb<HTDResponseOrderData>(orderDataXml);
+ }
} \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-09 18:27:59 +0000