lco91
commented
5 months ago cine stie cand cei de la Netopia o sa schimbe criptarea folosita, o sa fac si un fork spre final de saptamana
Closed lco91 closed 4 months ago
lco91
commented
5 months ago cine stie cand cei de la Netopia o sa schimbe criptarea folosita, o sa fac si un fork spre final de saptamana
lco91
commented
5 months ago nice job cu repo-ul, multumesc, usureaza implementarea cu Netopia fata de varianta lor
victorocna
commented
5 months ago Salutare! Multumim frumos pentru aprecieri si pentru solutia propusa. Am avut si noi aceeasi eroare si am reusit sa o fixam temporar prin downgrade la node la o versiune anterioara celei cu probleme, in cazul nostru 20.8.0.
Am primit si un raspuns oficial de la Netopia:
Pe server s-a facut update la versiunea de OpenSSL. Iar in node js 20.11 nu mai este valabil RSA_PKCS1_PADDING ( poate fi dezactivat apelând node --security-revert=CVE-2023-46809 ), dar nu este recomandat. De aceea, va recomandam sa faceti integrarea ultimului api, pus la dispozitie de NETOPIA. Documentatia va este pusa la dispozitie aici https://apidoc.netopia-payments.com/index.html.
www-chique
commented
5 months ago Ran into the same problem today. Thanks @victorocna. You saved my day.
georgealexandruiancu
commented
5 months ago Thanks a lot @lco91 for solution and @victorocna for this amazing repo.
If someone want to have a direct solution with class extended here it is .. needs to be installed node-forge and check the installation for xml2js
`
const Netopia = require("netopia-card");
const forge = require("node-forge"); // Import forge module
const rc4 = require("netopia-card/functions/arc4");
const xml2js = require("xml2js");
const parser = new xml2js.Parser({
explicitArray: false
});
class NetopiaCardNewEncryption extends Netopia {
constructor() {
super();
}
/**
* Decrypt data using a custom decryption function.
*
* @param {string} privateKeyPem The RSA private key in PEM format.
* @param {string} env_key The env_key.
* @param {string} encryptedData The encrypted data.
* @returns {string} The decrypted data.
*/
decrypt2(privateKeyPem: any, env_key: any, encryptedData: any) {
const privateKey = forge.pki.privateKeyFromPem(privateKeyPem);
const decodedEnvKey = forge.util.decode64(env_key);
const symmetricKey = Buffer.from(privateKey.decrypt(decodedEnvKey, "RSAES-PKCS1-V1_5"), "binary");
const decodedData = forge.util.decode64(encryptedData);
const binaryData = Buffer.from(decodedData, "binary");
const cipher = rc4(symmetricKey);
return cipher.decode(binaryData, "utf8");
}
/**
* Override the confirmPayment method to use the custom decrypt2 function.
*
* @param {string} env_key The env_key.
* @param {string} data The data.
* @returns {Promise} A promise that resolves with the decrypted payment confirmation.
*/
confirmPayment(env_key: any, data: any): Promise<any> {
const privateKey = this.privateKey;
// Save the reference to 'this' in a variable to use inside the Promise callback
// eslint-disable-next-line consistent-this
const self = this;
return new Promise(function (resolve, reject) {
parser.parseString(self.decrypt2(privateKey, env_key, data), function (err: any, result: any) {
if (err) {
reject(err);
}
resolve(result);
});
});
}
}`
victorocna
commented
4 months ago Hello everyone!
We are preparing a new major version for this package which will solve this issue and will use Netopia v2. Many things are changing, but we will prepare an easy to use migration guide.
Link to the official Netopia documentation: https://apidoc.netopia-payments.com/index.html
We'll announce the new release soon 😁
victorocna
commented
4 months ago Hello everyone!
Happy to announce that v2 is here. You can find the migration guide in the README file. Closing this issue for now, I hope everything works as expected when you migrate to v2. If not, feel free to open a new issue and we will investigate as soon as possible.
Decriptarea nu mai merge cu crypto. O alta posibila solutie este folosind node-forge.