def reach_resolution(self, amount): self.logger.debug('STEP 7: {} Timeout occurred!'.format(self.sid)) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((self.config['payment_gateway_address'], self.config['payment_gateway_port'])) message = '{},{},{},{}'.format(self.sid, amount, self.nonce, self.rsa_pub_encoded.hex()) message_signature = sign(message.encode('UTF-8'), self.rsa_pub_encoded) encrypted_message = \ encrypt_rsa_aes( '{},{}'.format(message, message_signature.hex()), self.password, self.config['payment_gateway_public_key']) serialized_encrypted_message = pickle.dumps(encrypted_message) s.send(serialized_encrypted_message) self.logger.debug('STEP 7: {} Sent message to PG!'.format(self.sid)) response = s.recv(4096) self.logger.debug('STEP 8: {} Received message from PG!'.format( self.sid)) message, key = pickle.loads(response) decrypted_message = decrypt_rsa_aes(message, key, self.rsa_pub_encoded) code, sid, response_signature = tuple(decrypted_message.split(',')) validation = \ verify_signature( '{},{}'.format(code, sid).encode('UTF-8'), bytes.fromhex(response_signature), self.config['payment_gateway_public_key']) self.logger.debug( 'STEP 8: {} Response code and sid are valid {}'.format( sid, validation)) self.logger.debug('STEP 8: {} {}'.format( sid, self.config['payment_gateway_response_code'][str(code)]))
def make_transaction(self, connection): payment_info = '{},{},{},{},{},{},{}'.format( self.transaction_data['card_number'], self.transaction_data['card_expiration_date'], self.transaction_data['code'], self.sid, self.transaction_data['amount'], self.rsa_pub_encoded.decode("UTF-8"), self.nonce) payment_info_signature = sign(payment_info.encode("UTF-8"), self.rsa_private_encoded) payment_message, key = \ encrypt_rsa_aes( '{},{}'.format(payment_info, payment_info_signature.hex()), self.password, self.config['payment_gateway_public_key']) payment_order_info = '{},{},{}'.format(self.transaction_data['order'], self.sid, self.transaction_data['amount']) payment_order_signature = sign(payment_order_info.encode("UTF-8"), self.rsa_private_encoded) packet = '{},{},{}'.format( payment_message.hex(), key.hex(), '{},{}'.format(payment_order_info, payment_order_signature.hex())) encrypted_packet = encrypt_rsa_aes(packet, self.password, self.config['merchant_public_key']) serialized_encrypted_packet = pickle.dumps(encrypted_packet) connection.send(serialized_encrypted_packet) self.logger.debug('STEP 3: {} Sent data to merchant!'.format(self.sid)) try: connection.settimeout(5) response = connection.recv(4096) self.logger.debug('STEP 6: {} Received data from merchant!'.format( self.sid)) connection.settimeout(None) except Exception as e: self.logger.exception(e) self.reach_resolution(self.transaction_data['amount']) return deserialized_response, aes_key = pickle.loads(response) decrypted_response = decrypt_rsa_aes(deserialized_response, aes_key, self.rsa.exportKey()) code, sid, amount, nonce, signature = tuple( decrypted_response.split(',')) message = '{},{},{},{}'.format(code, sid, amount, nonce) are_valid = verify_signature(message.encode('UTF-8'), bytes.fromhex(signature), self.config['payment_gateway_public_key']) self.logger.debug( 'STEP 6: {} Response code, sid, amount and nonce are valid {}'. format(sid, are_valid)) self.logger.debug('STEP 6: {} Sid and nonce are correct {}'.format( str(self.sid), str(self.sid) == sid and str(self.nonce) == nonce)) self.logger.debug('STEP 6: {} {}'.format( sid, self.config['payment_gateway_response_code'][str(code)]))
def exchange_sub_protocol(self, connection, decrypted_message): payment_message, password, amount_signature = tuple( decrypted_message.split(',')) decrypted_payment_message = decrypt_rsa_aes( bytes.fromhex(payment_message), bytes.fromhex(password), self.private_key) card_number, expiration_date, code, sid, amount, client_pubkey, nonce, client_signature = \ tuple(decrypted_payment_message.split(",")) self.logger.debug( 'STEP 4: {} received data from merchant!'.format(sid)) amount_validation = verify_signature( '{},{},{}'.format(sid, client_pubkey, amount).encode('UTF-8'), bytes.fromhex(amount_signature), self.config['merchant_public_key']) self.logger.debug( 'STEP 4: {} Sid and clientPubK and amount are valid {}'.format( sid, amount_validation)) client_data = '{},{},{},{},{},{},{}'.format(card_number, expiration_date, code, sid, amount, client_pubkey, nonce) client_data_validation = verify_signature( client_data.encode('UTF-8'), bytes.fromhex(client_signature), client_pubkey) self.logger.debug('STEP 4: {} client personal data is valid {}'.format( sid, client_data_validation)) if (card_number, expiration_date, code) != (self.pg_data['card_number'], self.pg_data['card_expiration_date'], self.pg_data['code']) or int(amount) < 0: response_code = 1 elif int(amount) > int(self.pg_data['amount']): response_code = 2 else: response_code = 3 self.logger.debug('STEP 4: {} {}'.format( sid, self.config['payment_gateway_response_code'][str(response_code)])) response_signature = sign( '{},{},{},{}'.format(response_code, sid, amount, nonce).encode('UTF-8'), self.private_key) encrypted_message = encrypt_rsa_aes( '{},{},{},{},{}'.format(response_code, sid, amount, nonce, response_signature.hex()), self.password, self.config['merchant_public_key']) serialized_encrypted_message = pickle.dumps(encrypted_message) connection.send(serialized_encrypted_message) self.logger.debug('STEP 5: {} sent data to merchant!'.format(sid)) return response_code, sid, amount, nonce
def confirm_identity(self, connection): message = connection.recv(4096) self.logger.debug("STEP 1: Received data from client!") key, password = pickle.loads(message) decrypted_key = decrypt_rsa_aes(key, password, self.config['merchant_private_key']) sid = self.get_sid() sid_signature = sign( str(sid).encode('UTF-8'), self.config['merchant_private_key']) message = '{},{}'.format(sid, sid_signature.hex()) sid_message = encrypt_rsa_aes(message, self.config['merchant_aes_password'], decrypted_key) serialized_sid_message = pickle.dumps(sid_message) connection.send(serialized_sid_message) self.logger.debug("STEP 2: Sending data to client!") return sid, decrypted_key
def confirm_identity(self, connection): data = encrypt_rsa_aes(self.rsa_pub_encoded.decode('UTF-8'), self.password, self.config['merchant_public_key']) serialized_data = pickle.dumps(data) connection.send(serialized_data) self.logger.debug('STEP 1: Sent data to merchant!') serialized_sid_packet = connection.recv(4096) self.logger.debug('STEP 2: Received data from merchant!') message, key = pickle.loads(serialized_sid_packet) self.sid, sid_signature = decrypt_rsa_aes( message, key, self.rsa_private_encoded).split(",", 1) verification = verify_signature(self.sid.encode('UTF-8'), bytes.fromhex(sid_signature), self.config['merchant_public_key']) self.logger.debug('STEP 2: {} is valid: {}'.format( self.sid, verification))
def keep_making_transactions(self): s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.bind((self.address, self.port)) s.listen(1) code = '' sid = '' amount = '' nonce = '' while True: connection, _ = s.accept() data = connection.recv(4096) message, password = pickle.loads(data) decrypted_message = decrypt_rsa_aes(message, password, self.private_key) if len(decrypted_message.split(',')) == 3: # merchant code, sid, amount, nonce = self.exchange_sub_protocol( connection, decrypted_message) else: # client self.resolution_sub_protocol(connection, decrypted_message, code, sid, amount, nonce) connection.close()
def sell(self, client_connection, client_pubkey, sid): message = client_connection.recv(4096) self.logger.debug("STEP 3: Received data from client!") payment, password = pickle.loads(message) decrypted_packet = decrypt_rsa_aes(payment, password, self.config['merchant_private_key']) payment_message, decrypted_password, order_desc, from_sid, amount, signature = decrypted_packet.split( ",") validation = verify_signature( '{},{},{}'.format(order_desc, sid, amount).encode('UTF-8'), bytes.fromhex(signature), client_pubkey) self.logger.debug( 'STEP 3: Payment order is valid: {}'.format(validation)) self.logger.debug( 'STEP 3: Sid is valid: {}'.format(sid == int(from_sid))) if self.config['resolutions']['error_step_4']: self.logger.debug('STEP 4: {} Error occurred!'.format(sid)) return connection_gp = socket.socket(socket.AF_INET, socket.SOCK_STREAM) connection_gp.connect((self.config['payment_gateway_address'], self.config['payment_gateway_port'])) signature = sign( '{},{},{}'.format(from_sid, client_pubkey, amount).encode("UTF-8"), self.config['merchant_private_key']) message_gp = '{},{},{}'.format(payment_message, decrypted_password, signature.hex()) encrypted_message_gp = encrypt_rsa_aes( message_gp, self.password, self.config['payment_gateway_public_key']) serialized_encrypted_message_gp = pickle.dumps(encrypted_message_gp) connection_gp.send(serialized_encrypted_message_gp) self.logger.debug('STEP 4: {} sent data to PG!'.format(sid)) response = connection_gp.recv(4096) self.logger.debug('STEP 5: {} received data to PG!'.format(sid)) response_message, password = pickle.loads(response) decrypted_response_message = decrypt_rsa_aes(response_message, password, self.private_key) pg_code, pg_sid, pg_amount, pg_nonce, pg_signature = tuple( decrypted_response_message.split(',')) validation = verify_signature( '{},{},{}'.format(pg_code, pg_sid, pg_amount, pg_nonce).encode('UTF-8'), bytes.fromhex(pg_signature), self.config['payment_gateway_public_key']) self.logger.debug( 'STEP 5: {} Response code, sid, amount and nonce are valid: {}'. format(sid, validation)) self.logger.debug('STEP 8: {} {}'.format( sid, self.config['payment_gateway_response_code'][str(pg_code)])) if self.config['resolutions']['error_step_6']: self.logger.debug('STEP 6: {} Error occurred!'.format(sid)) return encrypted_client_response = encrypt_rsa_aes(decrypted_response_message, self.password, client_pubkey) serialized_client_response = pickle.dumps(encrypted_client_response) client_connection.send(serialized_client_response) self.logger.debug('STEP 6: Sid {} sent data to client!'.format(sid))