search

mobilpay / Node.js

Proof of concept - mobilPay integration in Node.js
8 stars 4 forks source link

Decriptarea datelor a esuat #5

Open CAlexlazar opened 4 years ago

CAlexlazar commented 4 years ago

Salut, Se genereaza envData si envKey in urma encodarii dar in urma redirectului catre mobilpay primesc mesajul Decriptarea datelor a esuat. Am incercat si cu key si cer in format original, am incercat si sa extrag public.cer cu openssl x509 -pubkey -noout -in PUBLIC_CERTIFICATE_FILE.cer > PUBLIC_KEY.pem si nimic.

Ionut-Milas commented 3 years ago

@CAlexlazar Ai reusit ceva pana la urma? Aceasi eroare o am si eu.

AndreiNeagu27 commented 1 year ago

La fel si eu in .Net 7. A reusit careva cumva? Super enervant!

andonirina commented 1 year ago

A mai gasit cineva o solutie la aceasta problema?

raztirlea commented 1 year ago

Aceeasi eroare o am si eu, acelasi 'Decriptarea datelor a esuat' in urma POST-ului cu env_key si data. In ciuda codului de pe repo am incercat si cu {env_key, data} dar is cu {envKey, envData}, degeaba. Certificatul nu corespunde cheii private, daca se ruleaza functia de decriptare se ajunge la eroare de padding:

Error: error:0407109F:rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error at Object.privateDecrypt (node:internal/crypto/cipher:79:12) at Object.decrypt (/Users/tirlearazvan/netopia/Node.js/encrypt.js:31:28) at /Users/tirlearazvan/netopia/Node.js/order.js:76:28 at new Promise (<anonymous>) at decodeResponse (/Users/tirlearazvan/netopia/Node.js/order.js:75:10) at Object.<anonymous> (/Users/tirlearazvan/netopia/Node.js/order.js:85:1) at Module._compile (node:internal/modules/cjs/loader:1196:14) at Object.Module._extensions..js (node:internal/modules/cjs/loader:1250:10) at Module.load (node:internal/modules/cjs/loader:1074:32) at Function.Module._load (node:internal/modules/cjs/loader:909:12) { opensslErrorStack: [ 'error:04065072:rsa routines:rsa_ossl_private_decrypt:padding check failed' ], library: 'rsa routines', function: 'RSA_padding_check_PKCS1_type_2', reason: 'pkcs decoding error', code: 'ERR_OSSL_RSA_PKCS_DECODING_ERROR' Am incercat mai multe tipuri de padding cu crypto.constants si la fel, acelasi decoding error care cred ca e si cauza erorii din partea mobilpay la redirectionare catre portalul de plata.

eFlavian commented 7 months ago

Salut. Logica din cate o vad eu este in felul urmator:

  1. Nu modificati .key ul si .cer ul primit.
  2. Dupa ce construiti xml-ul, criptati-l cu cheia publica si in el ar trebui sa aveti un envKey si un envData.
  3. Requestul ar trebui sa contina ca si parametrii: url (poate fi http://sandboxsecure.mobilpay.ro sau https://secure.mobilpay.ro depinzand de mediul folosit), _envkey si data.
  4. Primii 3 pasi ar trebui realizati intr-un rest api dedicat, posibil un lambda function (in cazul meu NodeJS).
  5. Functia in care faceti acest intreg proces, ar trebui sa returneze un body (catre interfata clientului, react in cazul meu) de forma: 
    
    // Return the URL, env_key, and data to the client
    return {
        statusCode: 200,
        // If there are CORS policy errors.
        // headers: {
        //     'Access-Control-Allow-Origin': '*',
        //     'Access-Control-Allow-Headers': '*',
        // },
        body: JSON.stringify({
            url: request.url,
            env_key: request.env_key,
            data: request.data,
        }),
    };
6. In cazul meu (react), fac un request catre aceasta lambda function de forma:
    const response = await API.post('paymentsAPI', '/payments');
    const { url, env_key, data } = response;
7. Folosesc **_url_**, **_env_key_** si **_data_** la nivelul clientului pentru a face un form cu detaliile primite din call si ii dau submit:
    const form = document.createElement('form');
    form.method = 'POST';
    form.action = url;

    const envKeyInput = document.createElement('input');
    envKeyInput.type = 'hidden';
    envKeyInput.name = 'env_key';
    envKeyInput.value = env_key;

    const dataInput = document.createElement('input');
    dataInput.type = 'hidden';
    dataInput.name = 'data';
    dataInput.value = data;

    form.appendChild(envKeyInput);
    form.appendChild(dataInput);

    document.body.appendChild(form);
    console.log(form);

    form.submit();


   8. Aruncati un ochi pe implementarea de la https://www.npmjs.com/package/netopia-card. Se lamuresc multe lucruri din implementarea baietilor.

   Mult succes! 😊
andreirosu97 commented 5 months ago

Primesc si eu asta la decriptare, Error: error:0200009F:rsa routines::pkcs decoding error at Object.privateDecrypt (node:internal/crypto/cipher:80:12) at decrypt (/home/ucp/node_modules/netopia-card/functions/decrypt.js:6:28) at /home/ucp/node_modules/netopia-card/index.js:311:26 at new Promise () at Netopia.confirmPayment (/home/ucp/node_modules/netopia-card/index.js:310:12) at Netopia.validatePayment (/home/ucp/node_modules/netopia-card/index.js:327:41) at Object.confirmPayment (/home/ucp/services/payments.service.js:84:36) at confirmPayment (/home/ucp/controllers/payments.controller.js:21:25) at Layer.handle [as handle_request] (/home/ucp/node_modules/express/lib/router/layer.js:95:5) at next (/home/ucp/node_modules/express/lib/router/route.js:144:13) { opensslErrorStack: [ 'error:02000072:rsa routines::padding check failed' ], library: 'rsa routines', reason: 'pkcs decoding error', code: 'ERR_OSSL_RSA_PKCS_DECODING_ERROR' }

Nu inteleg, ar trebui o alta cheie privata pentru serveru de sandbox?

eFlavian commented 5 months ago

Salut @andreirosu97 . Cheia publica si semnatura sunt aceleasi atat in sandbox cat si in productie. Cheia privata este diferita.