14 #include <openssl/x509.h>
15 #include <openssl/x509_vfy.h>
18 #include <QSslCertificate>
29 bool parseOK =
paymentRequest.ParseFromArray(data.data(), data.size());
31 qDebug() <<
"PaymentRequestPlus::parse : Error parsing payment request";
42 qDebug() <<
"PaymentRequestPlus::parse : Error parsing payment details";
74 const EVP_MD* digestAlgorithm = NULL;
76 digestAlgorithm = EVP_sha256();
79 digestAlgorithm = EVP_sha1();
82 qDebug() <<
"PaymentRequestPlus::getMerchant : Payment request: pki_type == none";
86 qDebug() <<
"PaymentRequestPlus::getMerchant : Payment request: unknown pki_type " << QString::fromStdString(
paymentRequest.
pki_type());
92 qDebug() <<
"PaymentRequestPlus::getMerchant : Payment request: error parsing pki_data";
96 std::vector<X509*> certs;
97 const QDateTime currentTime = QDateTime::currentDateTime();
100 QSslCertificate qCert(certData, QSsl::Der);
101 if (currentTime < qCert.effectiveDate() || currentTime > qCert.expiryDate()) {
102 qDebug() <<
"PaymentRequestPlus::getMerchant : Payment request: certificate expired or not yet active: " << qCert;
105 #if QT_VERSION >= 0x050000
106 if (qCert.isBlacklisted()) {
107 qDebug() <<
"PaymentRequestPlus::getMerchant : Payment request: certificate blacklisted: " << qCert;
111 const unsigned char *
data = (
const unsigned char *)certChain.
certificate(i).data();
112 X509 *cert = d2i_X509(NULL, &data, certChain.
certificate(i).size());
114 certs.push_back(cert);
117 qDebug() <<
"PaymentRequestPlus::getMerchant : Payment request: empty certificate chain";
123 STACK_OF(X509) *chain = sk_X509_new_null();
124 for (
int i = certs.size()-1; i > 0; i--) {
125 sk_X509_push(chain, certs[i]);
127 X509 *signing_cert = certs[0];
131 X509_STORE_CTX *store_ctx = X509_STORE_CTX_new();
133 qDebug() <<
"PaymentRequestPlus::getMerchant : Payment request: error creating X509_STORE_CTX";
137 char *website = NULL;
141 if (!X509_STORE_CTX_init(store_ctx, certStore, signing_cert, chain))
143 int error = X509_STORE_CTX_get_error(store_ctx);
148 int result = X509_verify_cert(store_ctx);
150 int error = X509_STORE_CTX_get_error(store_ctx);
153 X509_NAME *certname = X509_get_subject_name(signing_cert);
158 std::string data_to_verify;
159 rcopy.SerializeToString(&data_to_verify);
162 EVP_PKEY *pubkey = X509_get_pubkey(signing_cert);
163 EVP_MD_CTX_init(&ctx);
164 if (!EVP_VerifyInit_ex(&ctx, digestAlgorithm, NULL) ||
165 !EVP_VerifyUpdate(&ctx, data_to_verify.data(), data_to_verify.size()) ||
172 int textlen = X509_NAME_get_text_by_NID(certname, NID_commonName, NULL, 0);
173 website =
new char[textlen + 1];
174 if (X509_NAME_get_text_by_NID(certname, NID_commonName, website, textlen + 1) == textlen && textlen > 0) {
185 qDebug() <<
"PaymentRequestPlus::getMerchant : SSL error: " << err.what();
190 X509_STORE_CTX_free(store_ctx);
191 for (
unsigned int i = 0; i < certs.size(); i++)
199 QList<std::pair<CScript,qint64> > result;
const ::std::string & certificate(int index) const
bool IsInitialized() const
inline::google::protobuf::uint32 payment_details_version() const
SSLVerifyError(std::string err)
bool getMerchant(X509_STORE *certStore, QString &merchant) const
const ::std::string & pki_data() const
bool SerializeToString(string *output) const
const ::std::string & signature() const
const ::std::string & script() const
const ::payments::Output & outputs(int index) const
static bool error(const char *format)
inline::google::protobuf::uint64 amount() const
bool parse(const QByteArray &data)
payments::PaymentDetails details
void set_signature(const ::std::string &value)
payments::PaymentRequest paymentRequest
Serialized script, used inside transaction inputs and outputs.
const ::std::string & serialized_payment_details() const
QString getPKIType() const
static const CCheckpointData data
int certificate_size() const
bool IsInitialized() const
QList< std::pair< CScript, qint64 > > getPayTo() const
const ::std::string & pki_type() const