From 7b2d92ac9a35a820fc36116c70131a2f262a639f Mon Sep 17 00:00:00 2001 From: jostang Date: Fri, 22 Dec 2017 20:29:47 +0100 Subject: [PATCH 01/11] fixed the encoding of post_data txt has to be converted into a buffer using the ISO-8859-1 encoding, otherwise there are problems with e. g. usernames or passwords containing non-ASCII characters --- lib/FinTSClient.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/FinTSClient.js b/lib/FinTSClient.js index 0599d14..d45f95c 100644 --- a/lib/FinTSClient.js +++ b/lib/FinTSClient.js @@ -1300,7 +1300,7 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger) } var txt = msg.transformForSend() me.debugLogMsg(txt, true) - var post_data = new Buffer(txt).toString('base64') + var post_data = encoding.convert(txt, 'ISO-8859-1').toString('base64') var u = url.parse(me.bpd.url) var options = { hostname: u.hostname, From acbf810e43c6a946d9f9800fcf3580c843b8cd6d Mon Sep 17 00:00:00 2001 From: jostang Date: Thu, 11 Jan 2018 17:06:48 +0100 Subject: [PATCH 02/11] Bugfix concerning "name_kontrahent" If the actual value for "name_kontrahent" was "John Doe", the library returned "undefinedJohn Doe" because the value wasn't initialized with an empty string. --- lib/MTParser.js | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/MTParser.js b/lib/MTParser.js index 57dbed0..235e90f 100644 --- a/lib/MTParser.js +++ b/lib/MTParser.js @@ -203,6 +203,7 @@ module.exports = function () { if (satz.is_verwendungszweck_object) { satz.verwendungszweck = {} satz.verwendungszweck.text = '' + satz.verwendungszweck.name_kontrahent = '' var p = new Parser(raw_verwen_zweck) p.gotoNextValidChar('?') while (p.hasNext()) { From 30d5ce8c6473cf2477a7bf5692c945baceb37918 Mon Sep 17 00:00:00 2001 From: jostang Date: Thu, 15 Mar 2018 00:18:17 +0100 Subject: [PATCH 03/11] Fixed a problem with minus signs When there is a minus sign (-) at the beginning of a line inside the "Mehrfach" field in the raw data, this was mistaken for the end of the "Mehrfach" field which resulted in the properties of "verwendungszweck" ("verwendungszweck.text", "verwendungszweck.name_kontrahent", ...) being truncated or sometimes even missing. To fix this, we now recognize only the sequence "\r\n-\r\n" as the end of the message. Simplified example input data: :86:166?00GUTSCHRIFT...Hans -Peter Meier ...resulted in "-Peter Meier" not being parsed anymore for the reference line. --- lib/MTParser.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/MTParser.js b/lib/MTParser.js index 235e90f..0c4bf39 100644 --- a/lib/MTParser.js +++ b/lib/MTParser.js @@ -66,7 +66,7 @@ module.exports = function () { parser.nextPos() parser.nextPos() // Für Feld Mehrfach - while (parser.hasNext() && !(parser.getCurrentChar() == ':' || parser.getCurrentChar() == '-' || parser.getCurrentChar() == '@')) { + while (parser.hasNext() && !(parser.getCurrentChar() == ':' || (parser.getCurrentChar() == '-' && parser.data[parser.cur_pos + 1] == '\r' && parser.data[parser.cur_pos + 2] == '\n') || parser.getCurrentChar() == '@')) { parser.setMarkerWithCurrentPos('start') parser.gotoNextValidString(['\r\n', '@@']) val += parser.getTextFromMarkerToCurrentPos('start') From e3719da0c81990b0c90b4465687248b4165e8c6c Mon Sep 17 00:00:00 2001 From: jostang Date: Sun, 22 Sep 2019 21:18:41 +0200 Subject: [PATCH 04/11] Made client_name, client_version and available_tan_verfahren configurable Sticked to the existing naming conventions, even though German and English are mixed --- lib/FinTSClient.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/FinTSClient.js b/lib/FinTSClient.js index d45f95c..05f1f19 100644 --- a/lib/FinTSClient.js +++ b/lib/FinTSClient.js @@ -246,7 +246,7 @@ var encoding = require('encoding') closeSecure () - Stellt sicher, dass keine Sensiblen Informationen wie die PIN noch im RAM sind, sollte am Ende immer gerufen werden */ -var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger) { +var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, in_client_name, in_client_version, in_available_tan_verfahren) { var me = this me.Exceptions = Exceptions // Logger @@ -276,8 +276,8 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger) // Technical me.dialog_id = 0 me.next_msg_nr = 1 - me.client_name = 'Open-FinTS-JS-Client' - me.client_version = 4 + me.client_name = in_client_name || 'Open-FinTS-JS-Client' + me.client_version = in_client_version || 4 me.proto_version = 300 // 300=FinTS;220=HBCI 2.2 me.in_connection = false @@ -348,7 +348,7 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger) me.upd = { 'vers_upd': '0', 'geschaefts_vorg_gesp': true, - 'availible_tan_verfahren': ['999'], + 'availible_tan_verfahren': in_available_tan_verfahren || ['999'], 'clone': function () { return JSON.parse(JSON.stringify(this)) } From f12f3c79364ad7b4028a3df30175df2e538c1458 Mon Sep 17 00:00:00 2001 From: jostang Date: Sun, 22 Sep 2019 21:21:22 +0200 Subject: [PATCH 05/11] Support HKTAN v6 in the init dialog This is necessary for PSD2 compatibility --- lib/FinTSClient.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/FinTSClient.js b/lib/FinTSClient.js index 05f1f19..45031f7 100644 --- a/lib/FinTSClient.js +++ b/lib/FinTSClient.js @@ -397,6 +397,11 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, // BPD Vers = 0; UPD Vers = 0; Dialogspr. = 0 var HKVVB = Helper.newSegFromArray('HKVVB', 3, [me.bpd.vers_bpd, me.upd.vers_upd, 0, me.client_name, me.client_version]) msg.addSeg(HKVVB) + + msg.addSeg( + Helper.newSegFromArray('HKTAN', 6, ['4', 'HKIDN', '', '', '', '', 'N', '', '', '', '']) + ); + if (me.kunden_id != 9999999999 && me.sys_id == 0) var syn = msg.addSeg(Helper.newSegFromArray('HKSYN', me.proto_version == 220 ? 2 : 3, [0])) // Synchronisierung starten me.log.gv.debug({ gv: 'HKVVB' From 4fbb632cd10664dfb1b7cf5eee9e2b53b82293a3 Mon Sep 17 00:00:00 2001 From: jostang Date: Sun, 22 Sep 2019 21:24:05 +0200 Subject: [PATCH 06/11] Support HKTAN v6 for getting transactions This is necessary for PSD2 compatibility --- lib/Classes.js | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/lib/Classes.js b/lib/Classes.js index ba91245..5ec3dca 100644 --- a/lib/Classes.js +++ b/lib/Classes.js @@ -889,6 +889,19 @@ var Order = function (client) { collected_segments: [], collected_messages: [] }) + + if (in_data.type === 'HKKAZ') { + int_send_msg.push({ + version: act_vers, + segment: Helper.newSegFromArray('HKTAN', 6, ['4', 'HKIDN', '', '', '', '', 'N', '', '', '', '']), + action: act, + aufsetzpunkt: null, + aufsetzpunkt_loc: (in_data.aufsetzpunkt_loc ? in_data.aufsetzpunkt_loc : []), + finished: false, + collected_segments: [], + collected_messages: [] + }) + } } me_order.done = function (cb) { From f93bce05714d110dd621b0f5229e46767f9338d7 Mon Sep 17 00:00:00 2001 From: jostang Date: Thu, 26 Sep 2019 16:27:40 +0200 Subject: [PATCH 07/11] Output all error messages, not just the first one --- lib/FinTSClient.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/FinTSClient.js b/lib/FinTSClient.js index 45031f7..9f52bfd 100644 --- a/lib/FinTSClient.js +++ b/lib/FinTSClient.js @@ -687,7 +687,7 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, hirmsg: HIRMG }, 'Error while analyse HKVVB Response Wrong HIRMG response code') try { - cb('Fehlerhafter Rückmeldungscode: ' + (HIRMG === null ? 'keiner' : HIRMG.getEl(1).getEl(3)), recvMsg, false) + cb('Fehlerhafter Rückmeldungscode: ' + (HIRMG === null ? 'keiner' : HIRMG.store.data.filter(data => data.data[0].charAt(0) === '9').map(data => data.data[0] + ': ' + data.data[2]).join(', ')), recvMsg, false) } catch (cb_error) { me.log.gv.error(cb_error, { gv: 'HKVVB' From f0bf9bef924f94c5dd2fd666cc2affa7441091a4 Mon Sep 17 00:00:00 2001 From: jostang Date: Thu, 26 Sep 2019 16:30:18 +0200 Subject: [PATCH 08/11] Bugfix: in some cases, msg is no object of type "Nachricht" which caused an exception --- lib/Classes.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Classes.js b/lib/Classes.js index 5ec3dca..f8d798f 100644 --- a/lib/Classes.js +++ b/lib/Classes.js @@ -763,7 +763,7 @@ util.inherits(Exceptions.MalformedMessageFormat, Exceptions.OpenFinTSClientExcep Exceptions.OrderFailedException = function (msg) { Exceptions.OpenFinTSClientException.call(this) this.msg_detail = msg - this.message = 'Failed to perform Order, got error Message from Server.:' + msg.getEl(3) + this.message = 'Failed to perform Order, got error Message from Server.:' + msg.getEl ? msg.getEl(3) : msg[2] } util.inherits(Exceptions.OrderFailedException, Exceptions.OpenFinTSClientException) From fbaefacd876ce44364851faf1150b0be286086e4 Mon Sep 17 00:00:00 2001 From: jostang Date: Thu, 26 Sep 2019 16:33:27 +0200 Subject: [PATCH 09/11] Add the HKTAN segment in the addSeg function --- lib/Classes.js | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/lib/Classes.js b/lib/Classes.js index f8d798f..037c08d 100644 --- a/lib/Classes.js +++ b/lib/Classes.js @@ -645,6 +645,13 @@ var Nachricht = function (proto_version) { seg.nr = me_msg.segments_ctr + 1 me_msg.segments[me_msg.segments_ctr] = seg me_msg.segments_ctr++ + + if (seg.name === 'HKKAZ') { + me_msg.addSeg( + Helper.newSegFromArray('HKTAN', 6, ['4', 'HKIDN', '', '', '', '', 'N', '', '', '', '']) + ) + } + return seg.nr } @@ -889,19 +896,6 @@ var Order = function (client) { collected_segments: [], collected_messages: [] }) - - if (in_data.type === 'HKKAZ') { - int_send_msg.push({ - version: act_vers, - segment: Helper.newSegFromArray('HKTAN', 6, ['4', 'HKIDN', '', '', '', '', 'N', '', '', '', '']), - action: act, - aufsetzpunkt: null, - aufsetzpunkt_loc: (in_data.aufsetzpunkt_loc ? in_data.aufsetzpunkt_loc : []), - finished: false, - collected_segments: [], - collected_messages: [] - }) - } } me_order.done = function (cb) { From 2abd294c95da90a24725703c3cae42ffd9ba8f4a Mon Sep 17 00:00:00 2001 From: Philipp Riedmann Date: Wed, 28 Jun 2023 18:30:11 +0200 Subject: [PATCH 10/11] include HIRMS (segment specific responses) in error messages --- lib/FinTSClient.js | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/lib/FinTSClient.js b/lib/FinTSClient.js index 9f52bfd..c0dd96f 100644 --- a/lib/FinTSClient.js +++ b/lib/FinTSClient.js @@ -687,7 +687,29 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, hirmsg: HIRMG }, 'Error while analyse HKVVB Response Wrong HIRMG response code') try { - cb('Fehlerhafter Rückmeldungscode: ' + (HIRMG === null ? 'keiner' : HIRMG.store.data.filter(data => data.data[0].charAt(0) === '9').map(data => data.data[0] + ': ' + data.data[2]).join(', ')), recvMsg, false) + const segMsgs = recvMsg.selectSegByName("HIRMS"); + const segMsgStr = segMsgs.map(rseg => { + const belongs_to = rseg.bez; + const segFor = msg.segments[belongs_to - 1]; + const segForStr = !!segFor ? segFor.name : "[Segment " + belongs_to + "]"; + const msgStr = rseg.store.data.map(data => { + const msgCode = data.data[0]; + const msgText = data.data[2]; + return msgCode + ": " + msgText; + }).join(", "); + return "Antworten auf "+segForStr+": ("+msgStr+")"; + }).join(", "); + const globMsgStr = !!HIRMG + ? HIRMG.store.data.map(data => { + const msgCode = data.data[0]; + const msgText = data.data[2]; + return msgCode + ": " + msgText; + }).join(", ") + : '(HIRMG nicht gefunden)'; + const errMsg = "Antwort des Bankservers: "+ globMsgStr + + (segMsgStr.length > 0 ? ", "+segMsgStr : ""); + + cb(errMsg, recvMsg, false); } catch (cb_error) { me.log.gv.error(cb_error, { gv: 'HKVVB' From f7fd4605d337d12ca02640bc76c9c0bd6301697a Mon Sep 17 00:00:00 2001 From: Philipp Riedmann <114987215+pr-schulmanager@users.noreply.github.com> Date: Thu, 30 Nov 2023 17:45:26 +0100 Subject: [PATCH 11/11] add support for HITANS v7, which is required for users with pushTAN 2.0 (#2) --- lib/Classes.js | 25 ++++++-- lib/FinTSClient.js | 150 +++++++++++++++++++++++++++++++++++---------- 2 files changed, 135 insertions(+), 40 deletions(-) diff --git a/lib/Classes.js b/lib/Classes.js index 037c08d..e3ffc3e 100644 --- a/lib/Classes.js +++ b/lib/Classes.js @@ -646,12 +646,6 @@ var Nachricht = function (proto_version) { me_msg.segments[me_msg.segments_ctr] = seg me_msg.segments_ctr++ - if (seg.name === 'HKKAZ') { - me_msg.addSeg( - Helper.newSegFromArray('HKTAN', 6, ['4', 'HKIDN', '', '', '', '', 'N', '', '', '', '']) - ) - } - return seg.nr } @@ -955,6 +949,25 @@ var Order = function (client) { } // 2. Add Segment msg.addSeg(int_send_msg[j].segment) + + // Kontoumsätze abrufen requires HKTAN + if (int_send_msg[j].segment.name === 'HKKAZ') { + let HKTAN_vers; + var tan_verfahren = me_order.client.bpd.tan.tan_verfahren[me_order.client.upd.availible_tan_verfahren[0]]; + try { + HKTAN_vers = tan_verfahren.HITAN_vers; + client.log.con.info({ + gv: 'HKKAZ' + }, `TAN-Verfahren: '${tan_verfahren.desc}', v${HKTAN_vers}`); + } catch (e) { + client.log.con.error(e, { + gv: 'HKKAZ' + }, `Error reading TAN-Verfahren data. Using HKTAN v6.`); + } + msg.addSeg( + Helper.newSegFromArray('HKTAN', HKTAN_vers ?? 6, ['4', 'HKIDN', '', '', '', '', 'N', '', '', '', '']) + ); + } } } // Send Segments to Destination diff --git a/lib/FinTSClient.js b/lib/FinTSClient.js index c0dd96f..7491141 100644 --- a/lib/FinTSClient.js +++ b/lib/FinTSClient.js @@ -398,8 +398,13 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, var HKVVB = Helper.newSegFromArray('HKVVB', 3, [me.bpd.vers_bpd, me.upd.vers_upd, 0, me.client_name, me.client_version]) msg.addSeg(HKVVB) + // in step 1 me.upd.availible_tan_verfahren[0] is always '999' and we use HKTAN_vers 6 + // in step 2 we use the tan_verfahren requested by the bank server and send the corresponding HITANS version + const tan_verfahren = me.bpd.tan.tan_verfahren[me.upd.availible_tan_verfahren[0]]; + const HKTAN_vers = tan_verfahren.HITAN_vers || 6; + msg.addSeg( - Helper.newSegFromArray('HKTAN', 6, ['4', 'HKIDN', '', '', '', '', 'N', '', '', '', '']) + Helper.newSegFromArray('HKTAN', HKTAN_vers, ['4', 'HKIDN', '', '', '', '', 'N', '', '', '', '']) ); if (me.kunden_id != 9999999999 && me.sys_id == 0) var syn = msg.addSeg(Helper.newSegFromArray('HKSYN', me.proto_version == 220 ? 2 : 3, [0])) // Synchronisierung starten @@ -539,46 +544,121 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, } try { // 5.4 Tan - var HITANS = recvMsg.selectSegByName('HITANS')[0] - if (HITANS.vers == 5) { + var HITANSs = recvMsg.selectSegByName('HITANS'); + + me.bpd.tan.tan_verfahren = {}; + for (var HITANS of HITANSs) { + me.log.gv.info({ + gv: 'HITANS' + }, 'Analyse HITANS v' + HITANS.vers); + var tan_data = HITANS.getEl(4) me.bpd.tan.one_step_availible = tan_data.getEl(1).toUpperCase() == 'J' me.bpd.tan.multiple_tan = tan_data.getEl(2).toUpperCase() == 'J' me.bpd.tan.hash_type = tan_data.getEl(3) - me.bpd.tan.tan_verfahren = {} - for (var i = 3; i < tan_data.data.length; i++) { - var sicherheitsfunktion = {} - sicherheitsfunktion.code = tan_data.data[i] - sicherheitsfunktion.one_two_step_vers = tan_data.data[i + 1] // "1": Einschrittverfahren, "2": Zweischritt - sicherheitsfunktion.tech_id = tan_data.data[i + 2] - sicherheitsfunktion.zka_tan_verfahren = tan_data.data[i + 3] - sicherheitsfunktion.vers_zka_tan_verf = tan_data.data[i + 4] - sicherheitsfunktion.desc = tan_data.data[i + 5] - sicherheitsfunktion.max_len_tan = tan_data.data[i + 6] - sicherheitsfunktion.tan_alphanum = tan_data.data[i + 7] == '2' - sicherheitsfunktion.txt_rueckwert = tan_data.data[i + 8] - sicherheitsfunktion.max_len_rueckwert = tan_data.data[i + 9] - sicherheitsfunktion.anz_tanlist = tan_data.data[i + 10] - sicherheitsfunktion.multi_tan = tan_data.data[i + 11].toUpperCase() == 'J' - sicherheitsfunktion.tan_zeit_diabez = tan_data.data[i + 12] - sicherheitsfunktion.tan_list_nr_req = tan_data.data[i + 13] - sicherheitsfunktion.auftragsstorno = tan_data.data[i + 14].toUpperCase() == 'J' - sicherheitsfunktion.sms_abu_konto_req = tan_data.data[i + 15] - sicherheitsfunktion.auftrag_konto = tan_data.data[i + 16] - sicherheitsfunktion.challange_class_req = tan_data.data[i + 17].toUpperCase() == 'J' - sicherheitsfunktion.challange_structured = tan_data.data[i + 18].toUpperCase() == 'J' - sicherheitsfunktion.initialisierungs_mod = tan_data.data[i + 19] - sicherheitsfunktion.bez_tan_med_req = tan_data.data[i + 20] - sicherheitsfunktion.anz_supported_tan_vers = tan_data.data[i + 21] - // sicherheitsfunktion.challange_value_req = tan_data.data[i+14].toUpperCase()=="J"; - me.bpd.tan.tan_verfahren[sicherheitsfunktion.code] = sicherheitsfunktion - i += 21 + + if (HITANS.vers == 5) { + for (var i = 3; i < tan_data.data.length; i+= 22) { + var sicherheitsfunktion = {} + sicherheitsfunktion.code = tan_data.data[i] + sicherheitsfunktion.one_two_step_vers = tan_data.data[i + 1] // "1": Einschrittverfahren, "2": Zweischritt + sicherheitsfunktion.tech_id = tan_data.data[i + 2] + sicherheitsfunktion.zka_tan_verfahren = tan_data.data[i + 3] + sicherheitsfunktion.vers_zka_tan_verf = tan_data.data[i + 4] + sicherheitsfunktion.desc = tan_data.data[i + 5] + sicherheitsfunktion.max_len_tan = tan_data.data[i + 6] + sicherheitsfunktion.tan_alphanum = tan_data.data[i + 7] == '2' + sicherheitsfunktion.txt_rueckwert = tan_data.data[i + 8] + sicherheitsfunktion.max_len_rueckwert = tan_data.data[i + 9] + sicherheitsfunktion.anz_tanlist = tan_data.data[i + 10] + sicherheitsfunktion.multi_tan = tan_data.data[i + 11]?.toUpperCase() == 'J' + sicherheitsfunktion.tan_zeit_diabez = tan_data.data[i + 12] + sicherheitsfunktion.tan_list_nr_req = tan_data.data[i + 13] + sicherheitsfunktion.auftragsstorno = tan_data.data[i + 14]?.toUpperCase() == 'J' + sicherheitsfunktion.sms_abu_konto_req = tan_data.data[i + 15] + sicherheitsfunktion.auftrag_konto = tan_data.data[i + 16] + sicherheitsfunktion.challange_class_req = tan_data.data[i + 17]?.toUpperCase() == 'J' + sicherheitsfunktion.challange_structured = tan_data.data[i + 18]?.toUpperCase() == 'J' + sicherheitsfunktion.initialisierungs_mod = tan_data.data[i + 19] + sicherheitsfunktion.bez_tan_med_req = tan_data.data[i + 20] + sicherheitsfunktion.anz_supported_tan_vers = tan_data.data[i + 21] + // sicherheitsfunktion.challange_value_req = tan_data.data[i+14].toUpperCase()=="J"; + + sicherheitsfunktion.HITAN_vers = HITANS.vers; + me.bpd.tan.tan_verfahren[sicherheitsfunktion.code] = sicherheitsfunktion + } + } else if (HITANS.vers == 6) { + for (var i = 3; i < tan_data.data.length; i+=21) { + var sicherheitsfunktion = {}; + sicherheitsfunktion.code = tan_data.data[i]; + sicherheitsfunktion.one_two_step_vers = tan_data.data[i + 1]; // "1": Einschrittverfahren, "2": Zweischritt + sicherheitsfunktion.tech_id = tan_data.data[i + 2]; + sicherheitsfunktion.zka_tan_verfahren = tan_data.data[i + 3]; + sicherheitsfunktion.vers_zka_tan_verf = tan_data.data[i + 4]; + sicherheitsfunktion.desc = tan_data.data[i + 5]; + sicherheitsfunktion.max_len_tan = tan_data.data[i + 6]; + sicherheitsfunktion.tan_alphanum = tan_data.data[i + 7] === '2'; + sicherheitsfunktion.txt_rueckwert = tan_data.data[i + 8]; + sicherheitsfunktion.max_len_rueckwert = tan_data.data[i + 9]; + sicherheitsfunktion.multi_tan = tan_data.data[i + 10]?.toUpperCase() === 'J'; + sicherheitsfunktion.tan_zeit_diabez = tan_data.data[i + 11]; + sicherheitsfunktion.auftragsstorno = tan_data.data[i + 12]?.toUpperCase() === 'J'; + sicherheitsfunktion.sms_abu_konto_req = tan_data.data[i + 13]; + sicherheitsfunktion.auftrag_konto = tan_data.data[i + 14]; + sicherheitsfunktion.challange_class_req = tan_data.data[i + 15]?.toUpperCase() === 'J'; + sicherheitsfunktion.challange_structured = tan_data.data[i + 16]?.toUpperCase() === 'J'; + sicherheitsfunktion.initialisierungs_mod = tan_data.data[i + 17]; + sicherheitsfunktion.bez_tan_med_req = tan_data.data[i + 18]; + sicherheitsfunktion.antwort_HHD_UC_req = tan_data.data[i + 19]?.toUpperCase() === 'J'; + sicherheitsfunktion.anz_supported_tan_vers = tan_data.data[i + 20]; + + sicherheitsfunktion.HITAN_vers = HITANS.vers; + me.bpd.tan.tan_verfahren[sicherheitsfunktion.code] = sicherheitsfunktion + } + } else if (HITANS.vers == 7) { + for (var i = 3; i < tan_data.data.length; i+=26) { + var sicherheitsfunktion = {}; + sicherheitsfunktion.code = tan_data.data[i]; + sicherheitsfunktion.one_two_step_vers = tan_data.data[i + 1]; // "1": Einschrittverfahren, "2": Zweischritt + sicherheitsfunktion.tech_id = tan_data.data[i + 2]; + sicherheitsfunktion.zka_tan_verfahren = tan_data.data[i + 3]; + sicherheitsfunktion.vers_zka_tan_verf = tan_data.data[i + 4]; + sicherheitsfunktion.desc = tan_data.data[i + 5]; + sicherheitsfunktion.max_len_tan = tan_data.data[i + 6]; + sicherheitsfunktion.tan_alphanum = tan_data.data[i + 7] === '2'; + sicherheitsfunktion.txt_rueckwert = tan_data.data[i + 8]; + sicherheitsfunktion.max_len_rueckwert = tan_data.data[i + 9]; + sicherheitsfunktion.multi_tan = tan_data.data[i + 10]?.toUpperCase() === 'J'; + sicherheitsfunktion.tan_zeit_diabez = tan_data.data[i + 11]; + sicherheitsfunktion.auftragsstorno = tan_data.data[i + 12]?.toUpperCase() === 'J'; + sicherheitsfunktion.sms_abu_konto_req = tan_data.data[i + 13]; + sicherheitsfunktion.auftrag_konto = tan_data.data[i + 14]; + sicherheitsfunktion.challange_class_req = tan_data.data[i + 15]?.toUpperCase() === 'J'; + sicherheitsfunktion.challange_structured = tan_data.data[i + 16]?.toUpperCase() === 'J'; + sicherheitsfunktion.initialisierungs_mod = tan_data.data[i + 17]; + sicherheitsfunktion.bez_tan_med_req = tan_data.data[i + 18]; + sicherheitsfunktion.antwort_HHD_UC_req = tan_data.data[i + 19]?.toUpperCase() === 'J'; + sicherheitsfunktion.anz_supported_tan_vers = tan_data.data[i + 20]; + sicherheitsfunktion.max_anz_statusabfr = tan_data.data[i + 21]; + sicherheitsfunktion.wait_first_statusabfr = tan_data.data[i + 22]; + sicherheitsfunktion.wait_next_statusabfr = tan_data.data[i + 23]; + sicherheitsfunktion.manual_confirm = tan_data.data[i + 24]; + sicherheitsfunktion.auto_statusabfr_erlaubt = tan_data.data[i + 25]?.toUpperCase() === 'J'; + + sicherheitsfunktion.HITAN_vers = HITANS.vers; + me.bpd.tan.tan_verfahren[sicherheitsfunktion.code] = sicherheitsfunktion + } } } + for (const [code, sicherheitsfunktion] of Object.entries(me.bpd.tan.tan_verfahren)){ + me.log.gv.info({ + gv: 'HITANS' + }, `HITANS entry ${code}: '${sicherheitsfunktion.desc}', v${sicherheitsfunktion.HITAN_vers}`); + } } catch (ee) { me.log.gv.error(ee, { gv: 'HITANS' - }, 'Error while analyse HITANS') + }, `Error while analyse HITANS: ${ee.toString()}`); } // 6. Analysiere UPD try { @@ -588,7 +668,7 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, } catch (ee) { me.log.gv.error(ee, { gv: 'HIUPA' - }, 'Error while analyse UPD') + }, `Error while analyse UPD: ${ee.toString()}`) } // 7. Analysiere Verfügbare Tan Verfahren try { @@ -626,7 +706,7 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, } catch (ee) { me.log.gv.error(ee, { gv: 'HKVVB' - }, 'Error while analyse HKVVB result Tan Verfahren') + }, 'Error while analyse HKVVB gv params') } try { cb(error, recvMsg, has_neu_url) @@ -1174,6 +1254,7 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, // Im Step 1 und 2 bleiben keine Verbindungen erhalten // Diese Verbindung auf jeden Fall beenden var neu_url = me.bpd.url + var neu_tan_verfahren = me.bpd.tan.tan_verfahren var neu_sig_method = me.upd.availible_tan_verfahren[0] me.bpd = original_bpd.clone() me.upd = original_upd.clone() @@ -1193,6 +1274,7 @@ var FinTSClient = function (in_blz, in_kunden_id, in_pin, in_bankenlist, logger, }) me.clear() me.bpd.url = neu_url + me.bpd.tan.tan_verfahren = neu_tan_verfahren me.upd.availible_tan_verfahren[0] = neu_sig_method me.sys_id = orig_sys_id me.last_signatur_id = orig_last_sig