From b3f9216c544f3781255b3cde06552ce25d3126c0 Mon Sep 17 00:00:00 2001 From: Nicolas Dorier Date: Thu, 21 Dec 2023 10:29:28 +0900 Subject: [PATCH] Use PullPaymentId to derive the cardkey of Boltcard (#5575) --- BTCPayServer.Tests/SeleniumTests.cs | 2 +- BTCPayServer/BTCPayServer.csproj | 2 +- .../GreenField/GreenfieldPullPaymentController.cs | 3 ++- BTCPayServer/Controllers/UIBoltcardController.cs | 2 +- .../Controllers/UIPullPaymentController.Boltcard.cs | 4 ++-- BTCPayServer/Extensions.cs | 6 ++++++ 6 files changed, 13 insertions(+), 6 deletions(-) diff --git a/BTCPayServer.Tests/SeleniumTests.cs b/BTCPayServer.Tests/SeleniumTests.cs index 368724e203..ddf7653d43 100644 --- a/BTCPayServer.Tests/SeleniumTests.cs +++ b/BTCPayServer.Tests/SeleniumTests.cs @@ -2151,7 +2151,7 @@ await TestUtils.EventuallyAsync(async () => var ppid = lnurl.AbsoluteUri.Split("/").Last(); var issuerKey = new IssuerKey(SettingsRepositoryExtensions.FixedKey()); var uid = RandomNumberGenerator.GetBytes(7); - var cardKey = issuerKey.CreateCardKey(uid, 0); + var cardKey = issuerKey.CreatePullPaymentCardKey(uid, 0, ppid); var keys = cardKey.DeriveBoltcardKeys(issuerKey); await db.LinkBoltcardToPullPayment(ppid, issuerKey, uid); var piccData = new byte[] { 0xc7 }.Concat(uid).Concat(new byte[] { 1, 0, 0, 0, 0, 0, 0, 0 }).ToArray(); diff --git a/BTCPayServer/BTCPayServer.csproj b/BTCPayServer/BTCPayServer.csproj index 99aa473404..22d2fb36e0 100644 --- a/BTCPayServer/BTCPayServer.csproj +++ b/BTCPayServer/BTCPayServer.csproj @@ -46,7 +46,7 @@ - + diff --git a/BTCPayServer/Controllers/GreenField/GreenfieldPullPaymentController.cs b/BTCPayServer/Controllers/GreenField/GreenfieldPullPaymentController.cs index 1d450a299d..56e067d299 100644 --- a/BTCPayServer/Controllers/GreenField/GreenfieldPullPaymentController.cs +++ b/BTCPayServer/Controllers/GreenField/GreenfieldPullPaymentController.cs @@ -1,6 +1,7 @@ #nullable enable using System; using System.Collections.Generic; +using System.IO.IsolatedStorage; using System.Linq; using System.Text.RegularExpressions; using System.Threading; @@ -218,7 +219,7 @@ public async Task RegisterBoltcard(string pullPaymentId, Register var issuerKey = await _settingsRepository.GetIssuerKey(_env); var version = await _dbContextFactory.LinkBoltcardToPullPayment(pullPaymentId, issuerKey, request.UID, request.OnExisting); - var keys = issuerKey.CreateCardKey(request.UID, version).DeriveBoltcardKeys(issuerKey); + var keys = issuerKey.CreatePullPaymentCardKey(request.UID, version, pullPaymentId).DeriveBoltcardKeys(issuerKey); var boltcardUrl = Url.Action(nameof(UIBoltcardController.GetWithdrawRequest), "UIBoltcard"); boltcardUrl = Request.GetAbsoluteUri(boltcardUrl); diff --git a/BTCPayServer/Controllers/UIBoltcardController.cs b/BTCPayServer/Controllers/UIBoltcardController.cs index 297e420085..fd81ab0048 100644 --- a/BTCPayServer/Controllers/UIBoltcardController.cs +++ b/BTCPayServer/Controllers/UIBoltcardController.cs @@ -61,7 +61,7 @@ public async Task GetWithdrawRequest([FromQuery] string? p, [From var registration = await ContextFactory.GetBoltcardRegistration(issuerKey, piccData, updateCounter: pr is not null); if (registration?.PullPaymentId is null) return BadRequest(new LNUrlStatusResponse { Status = "ERROR", Reason = "Replayed or expired query" }); - var cardKey = issuerKey.CreateCardKey(piccData.Uid, registration.Version); + var cardKey = issuerKey.CreatePullPaymentCardKey(piccData.Uid, registration.Version, registration.PullPaymentId); if (!cardKey.CheckSunMac(c, piccData)) return BadRequest(new LNUrlStatusResponse { Status = "ERROR", Reason = "Replayed or expired query" }); LNURLController.ControllerContext.HttpContext = HttpContext; diff --git a/BTCPayServer/Controllers/UIPullPaymentController.Boltcard.cs b/BTCPayServer/Controllers/UIPullPaymentController.Boltcard.cs index 9e5bd09186..2eb6395bc7 100644 --- a/BTCPayServer/Controllers/UIPullPaymentController.Boltcard.cs +++ b/BTCPayServer/Controllers/UIPullPaymentController.Boltcard.cs @@ -111,7 +111,7 @@ public async Task VaultNFCBridgeConnection(string pullPaymentId) try { var version = await _dbContextFactory.LinkBoltcardToPullPayment(pullPaymentId, issuerKey, uid); - var cardKey = issuerKey.CreateCardKey(uid, version); + var cardKey = issuerKey.CreatePullPaymentCardKey(uid, version, pullPaymentId); await ntag.SetupBoltcard(boltcardUrl, BoltcardKeys.Default, cardKey.DeriveBoltcardKeys(issuerKey)); } catch @@ -135,7 +135,7 @@ public async Task VaultNFCBridgeConnection(string pullPaymentId) } else if (cardOrigin is CardOrigin.ThisIssuer thisIssuer) { - var cardKey = issuerKey.CreateCardKey(thisIssuer.Registration.UId, thisIssuer.Registration.Version); + var cardKey = issuerKey.CreatePullPaymentCardKey(thisIssuer.Registration.UId, thisIssuer.Registration.Version, pullPaymentId); await ntag.ResetCard(issuerKey, cardKey); await _dbContextFactory.SetBoltcardResetState(issuerKey, thisIssuer.Registration.UId); await vaultClient.Show(VaultMessageType.Ok, "Card reset succeed", cts.Token); diff --git a/BTCPayServer/Extensions.cs b/BTCPayServer/Extensions.cs index e4895f35f6..de00c308c2 100644 --- a/BTCPayServer/Extensions.cs +++ b/BTCPayServer/Extensions.cs @@ -19,6 +19,7 @@ using BTCPayServer.Logging; using BTCPayServer.Models; using BTCPayServer.Models.StoreViewModels; +using BTCPayServer.NTag424; using BTCPayServer.Payments; using BTCPayServer.Payments.Bitcoin; using BTCPayServer.Security; @@ -41,6 +42,11 @@ namespace BTCPayServer { public static class Extensions { + public static CardKey CreatePullPaymentCardKey(this IssuerKey issuerKey, byte[] uid, int version, string pullPaymentId) + { + var data = Encoding.UTF8.GetBytes(pullPaymentId); + return issuerKey.CreateCardKey(uid, version, data); + } public static DateTimeOffset TruncateMilliSeconds(this DateTimeOffset dt) => new (dt.Year, dt.Month, dt.Day, dt.Hour, dt.Minute, dt.Second, 0, dt.Offset); public static decimal? GetDue(this InvoiceCryptoInfo invoiceCryptoInfo) {