/**
   * Sign the provided payment request.
   *
   * @param paymentRequest Payment request to sign, in its builder form.
   * @param certificateChain Certificate chain to send with the payment request, ordered from client
   *     certificate to root certificate. The root certificate itself may be omitted.
   * @param privateKey The key to sign with. Must match the public key from the first certificate of
   *     the certificate chain.
   */
  public static void signPaymentRequest(
      Protos.PaymentRequest.Builder paymentRequest,
      X509Certificate[] certificateChain,
      PrivateKey privateKey) {
    try {
      final Protos.X509Certificates.Builder certificates = Protos.X509Certificates.newBuilder();
      for (final Certificate certificate : certificateChain)
        certificates.addCertificate(ByteString.copyFrom(certificate.getEncoded()));

      paymentRequest.setPkiType("x509+sha256");
      paymentRequest.setPkiData(certificates.build().toByteString());
      paymentRequest.setSignature(ByteString.EMPTY);
      final Protos.PaymentRequest paymentRequestToSign = paymentRequest.build();

      final String algorithm;
      if ("RSA".equalsIgnoreCase(privateKey.getAlgorithm())) algorithm = "SHA256withRSA";
      else throw new IllegalStateException(privateKey.getAlgorithm());

      final Signature signature = Signature.getInstance(algorithm);
      signature.initSign(privateKey);
      signature.update(paymentRequestToSign.toByteArray());

      paymentRequest.setSignature(ByteString.copyFrom(signature.sign()));
    } catch (final GeneralSecurityException x) {
      // Should never happen so don't make users have to think about it.
      throw new RuntimeException(x);
    }
  }
Example #2
0
 private void parsePaymentRequest(Protos.PaymentRequest request) throws PaymentRequestException {
   try {
     if (request == null) throw new PaymentRequestException("request cannot be null");
     if (request.getPaymentDetailsVersion() != 1)
       throw new PaymentRequestException.InvalidVersion(
           "Version 1 required. Received version " + request.getPaymentDetailsVersion());
     paymentRequest = request;
     if (!request.hasSerializedPaymentDetails())
       throw new PaymentRequestException("No PaymentDetails");
     paymentDetails =
         Protos.PaymentDetails.newBuilder()
             .mergeFrom(request.getSerializedPaymentDetails())
             .build();
     if (paymentDetails == null) throw new PaymentRequestException("Invalid PaymentDetails");
     if (!paymentDetails.hasNetwork()) params = MainNetParams.get();
     else params = NetworkParameters.fromPmtProtocolID(paymentDetails.getNetwork());
     if (params == null)
       throw new PaymentRequestException.InvalidNetwork(
           "Invalid network " + paymentDetails.getNetwork());
     if (paymentDetails.getOutputsCount() < 1)
       throw new PaymentRequestException.InvalidOutputs("No outputs");
     for (Protos.Output output : paymentDetails.getOutputsList()) {
       if (output.hasAmount()) totalValue = totalValue.add(BigInteger.valueOf(output.getAmount()));
     }
     // This won't ever happen in practice. It would only happen if the user provided outputs
     // that are obviously invalid. Still, we don't want to silently overflow.
     if (totalValue.compareTo(NetworkParameters.MAX_MONEY) > 0)
       throw new PaymentRequestException.InvalidOutputs("The outputs are way too big.");
   } catch (InvalidProtocolBufferException e) {
     throw new PaymentRequestException(e);
   }
 }
 private Protos.PaymentRequest minimalPaymentRequest() {
   Protos.PaymentDetails.Builder paymentDetails = Protos.PaymentDetails.newBuilder();
   paymentDetails.setTime(System.currentTimeMillis());
   Protos.PaymentRequest.Builder paymentRequest = Protos.PaymentRequest.newBuilder();
   paymentRequest.setSerializedPaymentDetails(paymentDetails.build().toByteString());
   return paymentRequest.build();
 }
Example #4
0
 private static void sendPaymentRequest(String location, boolean verifyPki) {
   if (location.startsWith("http") || location.startsWith("defcoin")) {
     try {
       ListenableFuture<PaymentSession> future;
       if (location.startsWith("http")) {
         future = PaymentSession.createFromUrl(location, verifyPki);
       } else {
         BitcoinURI paymentRequestURI = new BitcoinURI(location);
         future = PaymentSession.createFromBitcoinUri(paymentRequestURI, verifyPki);
       }
       PaymentSession session = future.get();
       if (session != null) {
         send(session);
       } else {
         System.err.println("Server returned null session");
         System.exit(1);
       }
     } catch (PaymentRequestException e) {
       System.err.println("Error creating payment session " + e.getMessage());
       System.exit(1);
     } catch (BitcoinURIParseException e) {
       System.err.println("Invalid defcoin uri: " + e.getMessage());
       System.exit(1);
     } catch (InterruptedException e) {
       // Ignore.
     } catch (ExecutionException e) {
       throw new RuntimeException(e);
     }
   } else {
     // Try to open the payment request as a file.
     FileInputStream stream = null;
     try {
       File paymentRequestFile = new File(location);
       stream = new FileInputStream(paymentRequestFile);
     } catch (Exception e) {
       System.err.println("Failed to open file: " + e.getMessage());
       System.exit(1);
     }
     try {
       paymentRequest =
           org.bitcoin.protocols.payments.Protos.PaymentRequest.newBuilder()
               .mergeFrom(stream)
               .build();
     } catch (IOException e) {
       System.err.println("Failed to parse payment request from file " + e.getMessage());
       System.exit(1);
     }
     PaymentSession session = null;
     try {
       session = new PaymentSession(paymentRequest, verifyPki);
     } catch (PaymentRequestException e) {
       System.err.println("Error creating payment session " + e.getMessage());
       System.exit(1);
     }
     send(session);
   }
 }
 @Test
 public void testPkiVerification() throws Exception {
   InputStream in = getClass().getResourceAsStream("pki_test.bitcoinpaymentrequest");
   Protos.PaymentRequest paymentRequest = Protos.PaymentRequest.newBuilder().mergeFrom(in).build();
   MockPaymentSession paymentSession = new MockPaymentSession(paymentRequest);
   PaymentSession.PkiVerificationData pkiData = paymentSession.verifyPki();
   assertEquals("www.bitcoincore.org", pkiData.name);
   assertEquals("The USERTRUST Network, Salt Lake City, US", pkiData.rootAuthorityName);
 }
 @Test
 public void testDefaults() throws Exception {
   Protos.Output.Builder outputBuilder =
       Protos.Output.newBuilder().setScript(ByteString.copyFrom(outputToMe.getScriptBytes()));
   Protos.PaymentDetails paymentDetails =
       Protos.PaymentDetails.newBuilder().setTime(time).addOutputs(outputBuilder).build();
   Protos.PaymentRequest paymentRequest =
       Protos.PaymentRequest.newBuilder()
           .setSerializedPaymentDetails(paymentDetails.toByteString())
           .build();
   MockPaymentSession paymentSession = new MockPaymentSession(paymentRequest);
   assertEquals(BigInteger.ZERO, paymentSession.getValue());
   assertNull(paymentSession.getPaymentUrl());
   assertNull(paymentSession.getMemo());
 }
  /**
   * Create a payment request. You may want to sign the request using {@link #signPaymentRequest}.
   * Use {@link Protos.PaymentRequest.Builder#build} to get the actual payment request.
   *
   * @param params network parameters
   * @param outputs list of outputs to request coins to
   * @param memo arbitrary, user readable memo, or null if none
   * @param paymentUrl URL to send payment message to, or null if none
   * @param merchantData arbitrary merchant data, or null if none
   * @return created payment request, in its builder form
   */
  public static Protos.PaymentRequest.Builder createPaymentRequest(
      NetworkParameters params,
      List<Protos.Output> outputs,
      @Nullable String memo,
      @Nullable String paymentUrl,
      @Nullable byte[] merchantData) {
    final Protos.PaymentDetails.Builder paymentDetails = Protos.PaymentDetails.newBuilder();
    paymentDetails.setNetwork(params.getPaymentProtocolId());
    for (Protos.Output output : outputs) paymentDetails.addOutputs(output);
    if (memo != null) paymentDetails.setMemo(memo);
    if (paymentUrl != null) paymentDetails.setPaymentUrl(paymentUrl);
    if (merchantData != null) paymentDetails.setMerchantData(ByteString.copyFrom(merchantData));
    paymentDetails.setTime(Utils.currentTimeSeconds());

    final Protos.PaymentRequest.Builder paymentRequest = Protos.PaymentRequest.newBuilder();
    paymentRequest.setSerializedPaymentDetails(paymentDetails.build().toByteString());
    return paymentRequest;
  }
 private Protos.PaymentRequest newSimplePaymentRequest() {
   Protos.Output.Builder outputBuilder =
       Protos.Output.newBuilder()
           .setAmount(nanoCoins.longValue())
           .setScript(ByteString.copyFrom(outputToMe.getScriptBytes()));
   Protos.PaymentDetails paymentDetails =
       Protos.PaymentDetails.newBuilder()
           .setNetwork("test")
           .setTime(time)
           .setPaymentUrl(simplePaymentUrl)
           .addOutputs(outputBuilder)
           .setMemo(paymentRequestMemo)
           .setMerchantData(merchantData)
           .build();
   Protos.PaymentRequest paymentRequest =
       Protos.PaymentRequest.newBuilder()
           .setPaymentDetailsVersion(1)
           .setPkiType("none")
           .setSerializedPaymentDetails(paymentDetails.toByteString())
           .build();
   return paymentRequest;
 }
  /**
   * Uses the provided PKI method to find the corresponding public key and verify the provided
   * signature.
   *
   * @param paymentRequest Payment request to verify.
   * @param trustStore KeyStore of trusted root certificate authorities.
   * @return verification data, or null if no PKI method was specified in the {@link
   *     Protos.PaymentRequest}.
   * @throws PaymentProtocolException if payment request could not be verified.
   */
  @Nullable
  public static PkiVerificationData verifyPaymentRequestPki(
      Protos.PaymentRequest paymentRequest, KeyStore trustStore) throws PaymentProtocolException {
    List<X509Certificate> certs = null;
    try {
      final String pkiType = paymentRequest.getPkiType();
      if ("none".equals(pkiType))
        // Nothing to verify. Everything is fine. Move along.
        return null;

      String algorithm;
      if ("x509+sha256".equals(pkiType)) algorithm = "SHA256withRSA";
      else if ("x509+sha1".equals(pkiType)) algorithm = "SHA1withRSA";
      else throw new PaymentProtocolException.InvalidPkiType("Unsupported PKI type: " + pkiType);

      Protos.X509Certificates protoCerts =
          Protos.X509Certificates.parseFrom(paymentRequest.getPkiData());
      if (protoCerts.getCertificateCount() == 0)
        throw new PaymentProtocolException.InvalidPkiData(
            "No certificates provided in message: server config error");

      // Parse the certs and turn into a certificate chain object. Cert factories can parse both DER
      // and base64.
      // The ordering of certificates is defined by the payment protocol spec to be the same as what
      // the Java
      // crypto API requires - convenient!
      CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
      certs = Lists.newArrayList();
      for (ByteString bytes : protoCerts.getCertificateList())
        certs.add((X509Certificate) certificateFactory.generateCertificate(bytes.newInput()));
      CertPath path = certificateFactory.generateCertPath(certs);

      // Retrieves the most-trusted CAs from keystore.
      PKIXParameters params = new PKIXParameters(trustStore);
      // Revocation not supported in the current version.
      params.setRevocationEnabled(false);

      // Now verify the certificate chain is correct and trusted. This let's us get an identity
      // linked pubkey.
      CertPathValidator validator = CertPathValidator.getInstance("PKIX");
      PKIXCertPathValidatorResult result =
          (PKIXCertPathValidatorResult) validator.validate(path, params);
      PublicKey publicKey = result.getPublicKey();
      // OK, we got an identity, now check it was used to sign this message.
      Signature signature = Signature.getInstance(algorithm);
      // Note that we don't use signature.initVerify(certs.get(0)) here despite it being the most
      // obvious
      // way to set it up, because we don't care about the constraints specified on the
      // certificates: any
      // cert that links a key to a domain name or other identity will do for us.
      signature.initVerify(publicKey);
      Protos.PaymentRequest.Builder reqToCheck = paymentRequest.toBuilder();
      reqToCheck.setSignature(ByteString.EMPTY);
      signature.update(reqToCheck.build().toByteArray());
      if (!signature.verify(paymentRequest.getSignature().toByteArray()))
        throw new PaymentProtocolException.PkiVerificationException(
            "Invalid signature, this payment request is not valid.");

      // Signature verifies, get the names from the identity we just verified for presentation to
      // the user.
      final X509Certificate cert = certs.get(0);
      String displayName = X509Utils.getDisplayNameFromCertificate(cert, true);
      if (displayName == null)
        throw new PaymentProtocolException.PkiVerificationException(
            "Could not extract name from certificate");
      // Everything is peachy. Return some useful data to the caller.
      return new PkiVerificationData(displayName, publicKey, result.getTrustAnchor());
    } catch (InvalidProtocolBufferException e) {
      // Data structures are malformed.
      throw new PaymentProtocolException.InvalidPkiData(e);
    } catch (CertificateException e) {
      // The X.509 certificate data didn't parse correctly.
      throw new PaymentProtocolException.PkiVerificationException(e);
    } catch (NoSuchAlgorithmException e) {
      // Should never happen so don't make users have to think about it. PKIX is always present.
      throw new RuntimeException(e);
    } catch (InvalidAlgorithmParameterException e) {
      throw new RuntimeException(e);
    } catch (CertPathValidatorException e) {
      // The certificate chain isn't known or trusted, probably, the server is using an SSL root we
      // don't
      // know about and the user needs to upgrade to a new version of the software (or import a root
      // cert).
      throw new PaymentProtocolException.PkiVerificationException(e, certs);
    } catch (InvalidKeyException e) {
      // Shouldn't happen if the certs verified correctly.
      throw new PaymentProtocolException.PkiVerificationException(e);
    } catch (SignatureException e) {
      // Something went wrong during hashing (yes, despite the name, this does not mean the sig was
      // invalid).
      throw new PaymentProtocolException.PkiVerificationException(e);
    } catch (KeyStoreException e) {
      throw new RuntimeException(e);
    }
  }
Example #10
0
  /**
   * Uses the provided PKI method to find the corresponding public key and verify the provided
   * signature. Returns null if no PKI method was specified in the {@link Protos.PaymentRequest}.
   */
  public @Nullable PkiVerificationData verifyPki() throws PaymentRequestException {
    try {
      if (pkiVerificationData != null) return pkiVerificationData;
      if (paymentRequest.getPkiType().equals("none"))
        // Nothing to verify. Everything is fine. Move along.
        return null;

      String algorithm;
      if (paymentRequest.getPkiType().equals("x509+sha256")) algorithm = "SHA256withRSA";
      else if (paymentRequest.getPkiType().equals("x509+sha1")) algorithm = "SHA1withRSA";
      else
        throw new PaymentRequestException.InvalidPkiType(
            "Unsupported PKI type: " + paymentRequest.getPkiType());

      Protos.X509Certificates protoCerts =
          Protos.X509Certificates.parseFrom(paymentRequest.getPkiData());
      if (protoCerts.getCertificateCount() == 0)
        throw new PaymentRequestException.InvalidPkiData(
            "No certificates provided in message: server config error");

      // Parse the certs and turn into a certificate chain object. Cert factories can parse both DER
      // and base64.
      // The ordering of certificates is defined by the payment protocol spec to be the same as what
      // the Java
      // crypto API requires - convenient!
      CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
      List<X509Certificate> certs = Lists.newArrayList();
      for (ByteString bytes : protoCerts.getCertificateList())
        certs.add((X509Certificate) certificateFactory.generateCertificate(bytes.newInput()));
      CertPath path = certificateFactory.generateCertPath(certs);

      // Retrieves the most-trusted CAs from keystore.
      PKIXParameters params = new PKIXParameters(createKeyStore(trustStorePath));
      // Revocation not supported in the current version.
      params.setRevocationEnabled(false);

      // Now verify the certificate chain is correct and trusted. This let's us get an identity
      // linked pubkey.
      CertPathValidator validator = CertPathValidator.getInstance("PKIX");
      PKIXCertPathValidatorResult result =
          (PKIXCertPathValidatorResult) validator.validate(path, params);
      PublicKey publicKey = result.getPublicKey();
      // OK, we got an identity, now check it was used to sign this message.
      Signature signature = Signature.getInstance(algorithm);
      // Note that we don't use signature.initVerify(certs.get(0)) here despite it being the most
      // obvious
      // way to set it up, because we don't care about the constraints specified on the
      // certificates: any
      // cert that links a key to a domain name or other identity will do for us.
      signature.initVerify(publicKey);
      Protos.PaymentRequest.Builder reqToCheck = paymentRequest.toBuilder();
      reqToCheck.setSignature(ByteString.EMPTY);
      signature.update(reqToCheck.build().toByteArray());
      if (!signature.verify(paymentRequest.getSignature().toByteArray()))
        throw new PaymentRequestException.PkiVerificationException(
            "Invalid signature, this payment request is not valid.");

      // Signature verifies, get the names from the identity we just verified for presentation to
      // the user.
      X500Principal principal = certs.get(0).getSubjectX500Principal();
      // At this point the Java crypto API falls flat on its face and dies - there's no clean way to
      // get the
      // different parts of the certificate name except for parsing the string. That's hard because
      // of various
      // custom escaping rules and the usual crap. So, use Bouncy Castle to re-parse the string into
      // binary form
      // again and then look for the names we want. Fail!
      org.spongycastle.asn1.x500.X500Name name = new X500Name(principal.getName());
      String entityName = null, orgName = null;
      for (RDN rdn : name.getRDNs()) {
        AttributeTypeAndValue pair = rdn.getFirst();
        if (pair.getType().equals(RFC4519Style.cn))
          entityName = ((ASN1String) pair.getValue()).getString();
        else if (pair.getType().equals(RFC4519Style.o))
          orgName = ((ASN1String) pair.getValue()).getString();
      }
      if (entityName == null && orgName == null)
        throw new PaymentRequestException.PkiVerificationException(
            "Invalid certificate, no CN or O fields");
      // Everything is peachy. Return some useful data to the caller.
      PkiVerificationData data =
          new PkiVerificationData(entityName, orgName, publicKey, result.getTrustAnchor());
      // Cache the result so we don't have to re-verify if this method is called again.
      pkiVerificationData = data;
      return data;
    } catch (InvalidProtocolBufferException e) {
      // Data structures are malformed.
      throw new PaymentRequestException.InvalidPkiData(e);
    } catch (CertificateException e) {
      // The X.509 certificate data didn't parse correctly.
      throw new PaymentRequestException.PkiVerificationException(e);
    } catch (NoSuchAlgorithmException e) {
      // Should never happen so don't make users have to think about it. PKIX is always present.
      throw new RuntimeException(e);
    } catch (InvalidAlgorithmParameterException e) {
      throw new RuntimeException(e);
    } catch (CertPathValidatorException e) {
      // The certificate chain isn't known or trusted, probably, the server is using an SSL root we
      // don't
      // know about and the user needs to upgrade to a new version of the software (or import a root
      // cert).
      throw new PaymentRequestException.PkiVerificationException(e);
    } catch (InvalidKeyException e) {
      // Shouldn't happen if the certs verified correctly.
      throw new PaymentRequestException.PkiVerificationException(e);
    } catch (SignatureException e) {
      // Something went wrong during hashing (yes, despite the name, this does not mean the sig was
      // invalid).
      throw new PaymentRequestException.PkiVerificationException(e);
    } catch (IOException e) {
      throw new PaymentRequestException.PkiVerificationException(e);
    } catch (KeyStoreException e) {
      throw new RuntimeException(e);
    }
  }
  public static PaymentIntent parsePaymentRequest(@Nonnull final byte[] serializedPaymentRequest)
      throws PaymentProtocolException {
    try {
      if (serializedPaymentRequest.length > 50000)
        throw new PaymentProtocolException(
            "payment request too big: " + serializedPaymentRequest.length);

      final Protos.PaymentRequest paymentRequest =
          Protos.PaymentRequest.parseFrom(serializedPaymentRequest);

      final String pkiName;
      final String pkiCaName;
      if (!"none".equals(paymentRequest.getPkiType())) {
        final KeyStore keystore = new TrustStoreLoader.DefaultTrustStoreLoader().getKeyStore();
        final PkiVerificationData verificationData =
            PaymentProtocol.verifyPaymentRequestPki(paymentRequest, keystore);
        pkiName = verificationData.displayName;
        pkiCaName = verificationData.rootAuthorityName;
      } else {
        pkiName = null;
        pkiCaName = null;
      }

      final PaymentSession paymentSession = PaymentProtocol.parsePaymentRequest(paymentRequest);

      if (paymentSession.isExpired())
        throw new PaymentProtocolException.Expired(
            "payment details expired: current time "
                + new Date()
                + " after expiry time "
                + paymentSession.getExpires());

      if (!paymentSession.getNetworkParameters().equals(Constants.NETWORK_PARAMETERS))
        throw new PaymentProtocolException.InvalidNetwork(
            "cannot handle payment request network: " + paymentSession.getNetworkParameters());

      final ArrayList<PaymentIntent.Output> outputs = new ArrayList<PaymentIntent.Output>(1);
      for (final PaymentProtocol.Output output : paymentSession.getOutputs())
        outputs.add(PaymentIntent.Output.valueOf(output));

      final String memo = paymentSession.getMemo();

      final String paymentUrl = paymentSession.getPaymentUrl();

      final byte[] merchantData = paymentSession.getMerchantData();

      final byte[] paymentRequestHash =
          Hashing.sha256().hashBytes(serializedPaymentRequest).asBytes();

      final PaymentIntent paymentIntent =
          new PaymentIntent(
              PaymentIntent.Standard.BIP70,
              pkiName,
              pkiCaName,
              outputs.toArray(new PaymentIntent.Output[0]),
              memo,
              paymentUrl,
              merchantData,
              null,
              paymentRequestHash);

      if (paymentIntent.hasPaymentUrl() && !paymentIntent.isSupportedPaymentUrl())
        throw new PaymentProtocolException.InvalidPaymentURL(
            "cannot handle payment url: " + paymentIntent.paymentUrl);

      return paymentIntent;
    } catch (final InvalidProtocolBufferException x) {
      throw new PaymentProtocolException(x);
    } catch (final UninitializedMessageException x) {
      throw new PaymentProtocolException(x);
    } catch (final FileNotFoundException x) {
      throw new RuntimeException(x);
    } catch (final KeyStoreException x) {
      throw new RuntimeException(x);
    }
  }