search

PayU-EMEA / apple-pay

This library is used to decode tokens for Apple Pay.
48 stars 31 forks source link

Calculating the IV #12

Closed leroy-j closed 4 years ago

leroy-j commented 4 years ago

Hi, This is more a question. According to the payment token reference the IV is "the SHA-256 hash of your merchant ID string literal; 32 bytes in size". When I look at your merchantID it is "merchant.sandbox.payu". How did you do the conversion of "merchant.sandbox.payu" to get const IV = '00000000000000000000000000000000'

trydocatch commented 4 years ago

Hi,

The text you quoted gave above is the description for "Party V Info" which is a "SHA-256 hash of your merchant ID". This is different from IV which is an initialization vector.

They are even used in diferrent places. "Party V Info" is being used in \PayU\ApplePay\Decoding\Decoder\ApplePayEccDecoder::getKdfInfo for restoring the symmetric key while the IV is used later for the actual decoding.

leroy-j commented 4 years ago

Hi, I really appreciate your response. I have one more question: The decoding instructions from apple payment token reference, step 2 says

"Use the value of the publicKeyHash key to determine which merchant public key was used by Apple, and then retrieve the corresponding merchant public key certificate and private key."

In your code /PayU-EMEA/apple-pay/blob/master/examples/decode_token.php you are using the private key used to create the CSR instead using the publicKeyHash in the payment token data to get to the private key value. Since I dont have the private key used to create my CSR, Should I extract the private key from my Payment Processing Certificate and use this value for my private key OR

should I use this process:

  1. extract the public key from the Payment Processing Certificate,
  2. get the base64 encoding of the public key
  3. compare the value of the publicKeyHash to the value from 2 above
  4. if there is a match, extract the private key
  5. else use the try steps 1 - 3 above using the certificates in the payment data signature

payment token reference:https://developer.apple.com/library/archive/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html Payment Token Format Reference - Apple Inc.https://developer.apple.com/library/archive/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html Payment Token Format Reference. A payment token is created by the Secure Element based on a payment request. The payment token has a nested structure, as shown in Figure 1-1.. Figure 1-1 Structure of a payment token. The Secure Element encrypts the token’s payment data using either elliptic curve cryptography (ECC) or RSA encryption. developer.apple.com

From: Daniel Cata notifications@github.com Sent: Sunday, March 8, 2020 4:38 AM To: PayU-EMEA/apple-pay apple-pay@noreply.github.com Cc: leroy-j johnodread01@hotmail.com; Author author@noreply.github.com Subject: Re: [PayU-EMEA/apple-pay] Calculating the IV (#12)

Hi,

The text you quoted gave above is the description for "Party V Info" which is a "SHA-256 hash of your merchant ID". This is different from IV which is an initialization vector.

They are even used in diferrent places. "Party V Info" is being used in \PayU\ApplePay\Decoding\Decoder\ApplePayEccDecoder::getKdfInfo for restoring the symmetric key while the IV is used later for the actual decoding.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FPayU-EMEA%2Fapple-pay%2Fissues%2F12%3Femail_source%3Dnotifications%26email_token%3DAJEVOP4YEDRJYN77KM7FS6LRGNRQHA5CNFSM4LDEASUKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEOERBSI%23issuecomment-596185289&data=02%7C01%7C%7Cdef41403c6f748ba4e8808d7c3446af5%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637192570922474728&sdata=OTjCQeZhT6bEbvMJMdzkcsTJfOiHb3MAiASpMiLjzJQ%3D&reserved=0, or unsubscribehttps://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAJEVOP2K4RJW6B3LBJXR5A3RGNRQHANCNFSM4LDEASUA&data=02%7C01%7C%7Cdef41403c6f748ba4e8808d7c3446af5%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637192570922484739&sdata=UG3QMFpiBqR%2Fn9BnQQrppqfH0M%2FiegeL%2BnwEHdXR86c%3D&reserved=0.

trydocatch commented 4 years ago

"Since I dont have the private key used to create my CSR, Should I extract the private key from my Payment Processing Certificate and use this value"

The Payment Processing Certificate does not contain the private key. PPC is generated based on a CSR. To generate a CSR you need a private key. So without having the initial private key, you can't decode any Payment Token.

"In your code /PayU-EMEA/apple-pay/blob/master/examples/decode_token.php you are using the private key used to create the CSR instead using the publicKeyHash"

This library assumes you already have the private key. So the step in which you should see which private key to use based on public key hash should be done outside this library, before calling the ApplePayDecodingService

leroy-j commented 4 years ago

Daniel, I appreciate this. I have learned a lot more abt ssl certificates and cryptography in the last week to better understand how they all work together. Once I learned that the private key is created before and used when creating the CSR, it was easy to use your library successfully. I am able to decrypt the tokens

I hope you dont mind I wish to learn some more. Apple has this line in the token reference:

  1. Use the value of the publicKeyHash key to determine which merchant public key was used by Apple, and then retrieve the corresponding merchant public key certificate and private key.

I think it is asking us to determine the hash of the public key of the payment processing certificate then compare it to the value at the publicKeyHash key. If there is a match then continue. I was looking for that logic your library. Was that done outside of the library and does it make sense to add that logic to the library

In this file /ApplePay/Decoding/Decoder/ApplePayEccDecoder.php, you are setting const IV = '00000000000000000000000000000000'; Where is this value coming from. Is it a 0 byte string?

In this file /ApplePay/Decoding/Decoder/Algorithms/Ecc.php we are generating the symetricKey. would you mind explaining what is happening in these lines 2 and 3? 1... $hashRes = hash_init('sha256'); 2... hash_update ( $hashRes, base64_decode('AAAA')); 3... hash_update ( $hashRes, base64_decode('AQ==')); 4... hash_update ( $hashRes, $sharedSecretBin); 5...hash_update ( $hashRes, $kdfInfo);

From: Daniel Cata notifications@github.com Sent: Wednesday, March 18, 2020 2:05 AM To: PayU-EMEA/apple-pay apple-pay@noreply.github.com Cc: leroy-j johnodread01@hotmail.com; Author author@noreply.github.com Subject: Re: [PayU-EMEA/apple-pay] Calculating the IV (#12)

"Since I dont have the private key used to create my CSR, Should I extract the private key from my Payment Processing Certificate and use this value"

The Payment Processing Certificate does not contain the private key. PPC is generated based on a CSR. To generate a CSR you need a private key. So without having the initial private key, you can't decode any Payment Token.

"In your code /PayU-EMEA/apple-pay/blob/master/examples/decode_token.php you are using the private key used to create the CSR instead using the publicKeyHash"

This library assumes you already have the private key. So the step in which you should see which private key to use based on public key hash should be done outside this library, before calling the ApplePayDecodingService

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FPayU-EMEA%2Fapple-pay%2Fissues%2F12%23issuecomment-600458416&data=02%7C01%7C%7Cf035b6bceb214b9c417308d7cb0aba52%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637201119235222444&sdata=lLVuIjr9qMFa7iE1RM3nAsSbhWkM%2BJ2%2FNgeO%2FZC4SBU%3D&reserved=0, or unsubscribehttps://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAJEVOPYS7KSYZSPZCN5TEWLRIBXDFANCNFSM4LDEASUA&data=02%7C01%7C%7Cf035b6bceb214b9c417308d7cb0aba52%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637201119235222444&sdata=g%2F4Ul5NOFTGrFcGMKYCWMVzUJkqVoGtvTmRKBi3vdl4%3D&reserved=0.

trydocatch commented 4 years ago

Hi,

Below are my answers:

"Was that done outside of the library and does it make sense to add that logic to the library"

The scope of this library is to decode tokens from ApplePay. So it assumes you already have what you need...and that is the payment token and the private key. So adding here logic to find the right private key is out of the scope of this library. Also, depending on how everyone is storing their keys, there might already be logic in those systems for getting the right key. So we'd only add code that won't be used here.

"Where is this value coming from. Is it a 0 byte string?"

It is a hexadecimal value of a 16 bytes long null characters string. Instead of this we could have used "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"

"we are generating the symetricKey. would you mind explaining what is happening in these lines 2 and 3?"

I recommed you first read more about ECC Encryption. Maybe start with this: https://cryptobook.nakov.com/asymmetric-key-ciphers/ecc-encryption-decryption

leroy-j commented 4 years ago

Daniel, I really want to thank you for being such a great resource