diff --git a/Scripts/Billing/private.pem b/Scripts/Billing/private.pem new file mode 100644 index 0000000..ea93433 --- /dev/null +++ b/Scripts/Billing/private.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA0H5OmJRvYhdQUFXyKoMgIs6EyigqzFHzjWfEb3rDSffhN5Ig +dELpVWl69g5aVPUHz9tm2SJbGaZ8WOO6qjrzsKLIFRgBM72UtZXPRTdAW6nyD9ni +5kipLbFeB2R31zqKtPTTt8zbFGgJYpqcvb6vOpQzc3wlvea7VdiWht2RKihl31C8 +asm+fzAXAsQ5kDpq7FmXxiBsZnpsvJUTrPsExmiNDpyfZPaAlKEkypiVui2B1SXA +W41SgAXH3K42dnEedtxfNUZQu4mqoZnhzfE1+Djj3EOnBWdy/UxGKzXxTMYinG/W +bVkJe5QWF5GLov10dOqUM2tJn+CNcWJ4ogBwJQIDAQABAoIBAHM9XTP415fgSwQc +fT4CPEEA5WTXztAge/4s3ObBdC/uUw3kNwwL7+zF4LEgPc23ohnBq5dY5gHHg/Od +7A8rhoabcvw1yHRQ1WGI7IfVgj0oMiOQy1l90ATxhIeRgKv2L7TVnjB5ip484vMd +goVeYHyAbe/nLvVIE0Pf81OYJCSoMDmdN5jbxrUx9P+T89Z0pQPZpQHYX3Vfn0q0 +d8xMGSh+7dOOF1MhIwrQISw/mLeHTwHjBPMEfdu4V2iawALMonqrqqoilCnB9xr8 +63XEmAg0gC/fKXxrIigF5Z0QFzGm4pzh+1no813v5dNNEcwCxr+H3qzflJ8KKYCi +c2a0oAECgYEA6qq4O0kZ2xh+1H4hGy9blkKkfZCB0Kj9QAstlMkmeBVeqEO/KexV +rFaBAi63Ye3bwhKJA7oNYQQS/QzEoVFs8ThVMNYBFHhx+VrV6lLkvbgDr9uPoAqF +xCePFYYLMLYC34waZxQG9Kk6Di1ugKsgfGXXqLmM4PY68g0qUuR4pzUCgYEA43J3 +I5OHaSk7XU5MXdpAjw/vnLqdBB+k1KX1DABMJL5v9H4A4yUBsKcmKA/jbcE85bAq +tbDPp4g6zGN1gfB15F9yHJQYeFSTY7qjWxR9ckfO7LwvUzknHt6AfGJMwe75ZPWd +oZU4NOLWYs28G/puedoNR18yErxtAnBYzB7xkzECgYEApNukq/myEWrHB09IwMln +ZUuSNahEmqttpwVzUzhxLyGMK1fUv4YJthXbcgYRzNmGbnQJD7YwWfy7vkyvAsmq +aFhz+OgPQCtRnqVC7OipS+Mvq+bqorthuCk2ax+NUv47TIMntUyrikwsvfMK05fl +LZ96f01DfHNfe9bl6fAaFxUCgYEAtjAqXsT94q60brkZUtRQgkgxl0mkHHl8fxmw +gDx8wbIJ275S15/9CpPZbJ3Nf00aiqHilEddDsWA09eXeM40oQoTTfES6NBWf7ww +vfRbx/7dMaRMBE3zmDaClR/ofDAAdW6JJbVxoGtTbzF9TKv9cn3HxTPr2DY2241C +k771owECgYEArNW59ydph2IUsGCQbh79H94N22RqXELSZn9ExH1TYJlFLwWWnivE +8z18Ze3I2FWK/Db43kLXmawW0HXg7e+hdCkPlM/kAYhfW9cZe0btpaEZ/yZGryDd +SL0ZLGPsvQSTDgbWqqN1Z6NFuYnYBuHrJa/bx3gCfs+i2WX0a2dKLlo= +-----END RSA PRIVATE KEY----- diff --git a/Scripts/Billing/private.pem b/Scripts/Billing/private.pem new file mode 100644 index 0000000..ea93433 --- /dev/null +++ b/Scripts/Billing/private.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA0H5OmJRvYhdQUFXyKoMgIs6EyigqzFHzjWfEb3rDSffhN5Ig +dELpVWl69g5aVPUHz9tm2SJbGaZ8WOO6qjrzsKLIFRgBM72UtZXPRTdAW6nyD9ni +5kipLbFeB2R31zqKtPTTt8zbFGgJYpqcvb6vOpQzc3wlvea7VdiWht2RKihl31C8 +asm+fzAXAsQ5kDpq7FmXxiBsZnpsvJUTrPsExmiNDpyfZPaAlKEkypiVui2B1SXA +W41SgAXH3K42dnEedtxfNUZQu4mqoZnhzfE1+Djj3EOnBWdy/UxGKzXxTMYinG/W +bVkJe5QWF5GLov10dOqUM2tJn+CNcWJ4ogBwJQIDAQABAoIBAHM9XTP415fgSwQc +fT4CPEEA5WTXztAge/4s3ObBdC/uUw3kNwwL7+zF4LEgPc23ohnBq5dY5gHHg/Od +7A8rhoabcvw1yHRQ1WGI7IfVgj0oMiOQy1l90ATxhIeRgKv2L7TVnjB5ip484vMd +goVeYHyAbe/nLvVIE0Pf81OYJCSoMDmdN5jbxrUx9P+T89Z0pQPZpQHYX3Vfn0q0 +d8xMGSh+7dOOF1MhIwrQISw/mLeHTwHjBPMEfdu4V2iawALMonqrqqoilCnB9xr8 +63XEmAg0gC/fKXxrIigF5Z0QFzGm4pzh+1no813v5dNNEcwCxr+H3qzflJ8KKYCi +c2a0oAECgYEA6qq4O0kZ2xh+1H4hGy9blkKkfZCB0Kj9QAstlMkmeBVeqEO/KexV +rFaBAi63Ye3bwhKJA7oNYQQS/QzEoVFs8ThVMNYBFHhx+VrV6lLkvbgDr9uPoAqF +xCePFYYLMLYC34waZxQG9Kk6Di1ugKsgfGXXqLmM4PY68g0qUuR4pzUCgYEA43J3 +I5OHaSk7XU5MXdpAjw/vnLqdBB+k1KX1DABMJL5v9H4A4yUBsKcmKA/jbcE85bAq +tbDPp4g6zGN1gfB15F9yHJQYeFSTY7qjWxR9ckfO7LwvUzknHt6AfGJMwe75ZPWd +oZU4NOLWYs28G/puedoNR18yErxtAnBYzB7xkzECgYEApNukq/myEWrHB09IwMln +ZUuSNahEmqttpwVzUzhxLyGMK1fUv4YJthXbcgYRzNmGbnQJD7YwWfy7vkyvAsmq +aFhz+OgPQCtRnqVC7OipS+Mvq+bqorthuCk2ax+NUv47TIMntUyrikwsvfMK05fl +LZ96f01DfHNfe9bl6fAaFxUCgYEAtjAqXsT94q60brkZUtRQgkgxl0mkHHl8fxmw +gDx8wbIJ275S15/9CpPZbJ3Nf00aiqHilEddDsWA09eXeM40oQoTTfES6NBWf7ww +vfRbx/7dMaRMBE3zmDaClR/ofDAAdW6JJbVxoGtTbzF9TKv9cn3HxTPr2DY2241C +k771owECgYEArNW59ydph2IUsGCQbh79H94N22RqXELSZn9ExH1TYJlFLwWWnivE +8z18Ze3I2FWK/Db43kLXmawW0HXg7e+hdCkPlM/kAYhfW9cZe0btpaEZ/yZGryDd +SL0ZLGPsvQSTDgbWqqN1Z6NFuYnYBuHrJa/bx3gCfs+i2WX0a2dKLlo= +-----END RSA PRIVATE KEY----- diff --git a/Scripts/Billing/process-order.sh b/Scripts/Billing/process-order.sh new file mode 100755 index 0000000..a461c2d --- /dev/null +++ b/Scripts/Billing/process-order.sh @@ -0,0 +1,179 @@ +#!/bin/bash + +BILLING_PATH="$HOME/Code/code/Scripts/Billing" +OUTPUT=`$BILLING_PATH/dkim-verify.sh test.txt` +RESULT=$? +if [ "$RESULT" != "0" ] +then + echo "DKIM check failed" + exit $RESULT +fi + +KEY=`echo $OUTPUT | cut -d '=' -f 1` +VAL=`echo $OUTPUT | cut -d '=' -f 2- | cut -d ' ' -f 1` +if [ "$KEY" == "TEMPDIR" ] +then + TEMPDIR=$VAL +fi + +# echo "tempdir = -$TEMPDIR-" + +echo > $TEMPDIR/check-params.sh +cat $TEMPDIR/cheaders.txt | while read LINE +do + KEY=`echo $LINE | cut -d ':' -f 1` + VAL=`echo $LINE | cut -d ':' -f 2-` + [ "$KEY" == "reply-to" ] && echo "REPLYTO_EMAIL='$VAL'" >> $TEMPDIR/check-params.sh + [ "$KEY" == "content-type" ] && echo "CONTENT_TYPE='$VAL'" >> $TEMPDIR/check-params.sh +done + +# We are expecting that PayPal will DKIM sign the from and subject fields and so we search +# for those fields in dkim-headers.dos so we only detect them if they were signed +# If they are not in the dkim-headers that are signed, then the idea is that the rest of +# the script will fail as the names and emails will mis-match +cat $TEMPDIR/dkim-headers.dos | while read LINE +do + KEY=`echo $LINE | cut -d ':' -f 1` + VAL=`echo $LINE | cut -d ':' -f 2-` + [ "$KEY" == "from" ] && echo "$VAL" | sed 's/\(.*\) via PayPal.*/FROM_NAME='\''\1'\''/' >> $TEMPDIR/check-params.sh + [ "$KEY" == "subject" ] && echo "$VAL" | sed 's/\(.*\) - Notification of Payment Received from \(.*\) (\(.*\)).*/ITEM='\''\1'\''\nSENDER_NAME='\''\2'\''\nSENDER_EMAIL='\''\3'\''\n/' >> $TEMPDIR/check-params.sh +done +echo >> $TEMPDIR/check-params.sh + +. $TEMPDIR/check-params.sh + +echo > $TEMPDIR/plain-body.txt +MULTIPART_TYPE=`echo "$CONTENT_TYPE" | cut -d ';' -f 1` +if [ "$MULTIPART_TYPE" == "multipart/alternative" ] +then + MULTIPART_SEPERATOR=`echo "$CONTENT_TYPE" | cut -d ';' -f 2- | cut -d '=' -f 2` + PART=0 + cat $TEMPDIR/body.txt | while read LINE + do + [ "$PART" == "1" ] && echo "$LINE" >> $TEMPDIR/plain-body.txt + [ "$PART" == "1" ] && [ "$LINE" == "--$MULTIPART_SEPERATOR" ] && break + [ "$PART" == "0" ] && [ "$LINE" == "--$MULTIPART_SEPERATOR" ] && PART=1 + done +else + cat $TEMPDIR/body.txt >> $TEMPDIR/plain-body.txt +fi + +cat $TEMPDIR/plain-body.txt | perl -pe 'use MIME::QuotedPrint; $_=MIME::QuotedPrint::decode($_);' > $TEMPDIR/plain.txt + +STATE=0 +echo > $TEMPDIR/vals.sh +cat $TEMPDIR/plain.txt | while read LINE +do + KEY=`echo $LINE | cut -d ':' -f 1` + VAL=`echo $LINE | cut -d ':' -f 2- | sed 's/[ \t]*\(.*\)/\1/'` + [ "$LINE" == "" ] && STATE=0 + [ "$STATE" == "2" ] && echo "BUYER_EMAIL='$LINE'" >> $TEMPDIR/vals.sh && STATE=0 + [ "$STATE" == "1" ] && echo "BUYER_NAME='$LINE'" >> $TEMPDIR/vals.sh && STATE=2 + [ "$LINE" == "Buyer:" ] && STATE=1 + [ "$STATE" == "3" ] && echo "SHIPPING=\$SHIPPING' | $LINE'" >> $TEMPDIR/vals.sh + [ "$LINE" == "Shipping address:" ] && STATE=3 + [ "$KEY" == "Description" ] && echo "DESC='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Qty" ] && echo "QTY='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Unit price" ] && echo "UNIT_PRICE='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Total" ] && echo "PRICE='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Payment" ] && echo "PAID='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Payment sent to" ] && echo "ME='$VAL'" >> $TEMPDIR/vals.sh +done + +. $TEMPDIR/vals.sh + +if [ "$ME" != "billing@subflexion.com" ] +then + echo "Wrong account:" + echo " -$ME- is not -billing@subflexion.com- " + echo " Or perhaps the email isn't formatted as expected, perhaps paypal have changed the format?" + exit -1 +fi +if [ "$SENDER_NAME" != "$FROM_NAME" ] +then + echo "Name mismatch:" + echo " -$SENDER_NAME- is not -$FROM_NAME- " + echo " Perhaps the from or subject header fields were not signed, so can we really trust this email?" + exit -1 +fi +if [ "$REPLYTO_EMAIL" != "$SENDER_EMAIL" ] +then + echo "Email mismatch:" + echo " -$REPLYTO_EMAIL- is not -$SENDER_EMAIL- " + echo " Perhaps the from or subject header fields were not signed, so can we really trust this email?" + exit -1 +fi +if [ "$SENDER_NAME" != "$BUYER_NAME" ] +then + echo "Name mismatch:" + echo " -$SENDER_NAME- is not -$BUYER_NAME- " + echo " The email doesn't not appear to be formatted as expected, perhaps paypal have changed the format" + exit -1 +fi +if [ "$BUYER_EMAIL" != "$SENDER_EMAIL" ] +then + echo "Email mismatch:" + echo " -$BUYER_EMAIL- is not -$SENDER_EMAIL- " + echo " The email doesn't not appear to be formatted as expected, perhaps paypal have changed the format" + exit -1 +fi + +if [ "$ITEM" == "Item no.v1.0" ] +then + echo "Found requested stock item" + if [ "$UNIT_PRICE" != "\$0.99 USD" ] + then + echo "Price mismatch:" + echo " -$UNIT_PRICE- != \$0.99 USD" + echo " Prices changed, but this script not updated?" + echo " Or potentially someone is trying to make a paypal payment with the correct details except for the price" + exit -1 + fi + # TODO: calculate that the total price is the correctly calculated product of the unit price by the quantitya +else + exit -1 +fi + +echo "Generating license..." + +echo > $TEMPDIR/license.txt +echo "PRODUCT=$DESC" >> $TEMPDIR/license.txt +echo "COUNT=$QTY" >> $TEMPDIR/license.txt +echo "ID=`uuidgen`" >> $TEMPDIR/license.txt +echo "NAME=$BUYER_NAME" >> $TEMPDIR/license.txt +echo "EMAIL=$BUYER_EMAIL" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE1=`echo $SHIPPING | cut -d '|' -f 2 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE2=`echo $SHIPPING | cut -d '|' -f 3 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE3=`echo $SHIPPING | cut -d '|' -f 4 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE4=`echo $SHIPPING | cut -d '|' -f 5 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE5=`echo $SHIPPING | cut -d '|' -f 6 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt + +# openssl genrsa -out $BILLING_PATH/private.pem 2048 > /dev/null +# openssl rsa -in $BILLING_PATH/private.pem -outform PEM -pubout -out $BILLING_PATH/public.pem + +cat $TEMPDIR/license.txt | openssl dgst -keyform pem -sha256 -sign $BILLING_PATH/private.pem > $TEMPDIR/sig.bin + +cat $TEMPDIR/license.txt | openssl dgst -keyform pem -sha256 -verify $BILLING_PATH/public.pem -signature $TEMPDIR/sig.bin + +SIG=`cat $TEMPDIR/sig.bin | base64 -w 50` + +echo "SIGNATURE_LINE1=`echo $SIG | tr ' ' '\n' | head -n 1 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE2=`echo $SIG | tr ' ' '\n' | head -n 2 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE3=`echo $SIG | tr ' ' '\n' | head -n 3 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE4=`echo $SIG | tr ' ' '\n' | head -n 4 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE5=`echo $SIG | tr ' ' '\n' | head -n 5 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE6=`echo $SIG | tr ' ' '\n' | head -n 6 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE7=`echo $SIG | tr ' ' '\n' | head -n 7 | tail -n 1`" >> $TEMPDIR/license.txt + +cat $TEMPDIR/license.txt + +# Cleanup temporary files +if [ -d "$TEMPDIR" ] +then + if [ `dirname $TEMPDIR` == "$HOME/tmp" ] + then + rm -rf $TEMPDIR + fi +fi + + diff --git a/Scripts/Billing/private.pem b/Scripts/Billing/private.pem new file mode 100644 index 0000000..ea93433 --- /dev/null +++ b/Scripts/Billing/private.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA0H5OmJRvYhdQUFXyKoMgIs6EyigqzFHzjWfEb3rDSffhN5Ig +dELpVWl69g5aVPUHz9tm2SJbGaZ8WOO6qjrzsKLIFRgBM72UtZXPRTdAW6nyD9ni +5kipLbFeB2R31zqKtPTTt8zbFGgJYpqcvb6vOpQzc3wlvea7VdiWht2RKihl31C8 +asm+fzAXAsQ5kDpq7FmXxiBsZnpsvJUTrPsExmiNDpyfZPaAlKEkypiVui2B1SXA +W41SgAXH3K42dnEedtxfNUZQu4mqoZnhzfE1+Djj3EOnBWdy/UxGKzXxTMYinG/W +bVkJe5QWF5GLov10dOqUM2tJn+CNcWJ4ogBwJQIDAQABAoIBAHM9XTP415fgSwQc +fT4CPEEA5WTXztAge/4s3ObBdC/uUw3kNwwL7+zF4LEgPc23ohnBq5dY5gHHg/Od +7A8rhoabcvw1yHRQ1WGI7IfVgj0oMiOQy1l90ATxhIeRgKv2L7TVnjB5ip484vMd +goVeYHyAbe/nLvVIE0Pf81OYJCSoMDmdN5jbxrUx9P+T89Z0pQPZpQHYX3Vfn0q0 +d8xMGSh+7dOOF1MhIwrQISw/mLeHTwHjBPMEfdu4V2iawALMonqrqqoilCnB9xr8 +63XEmAg0gC/fKXxrIigF5Z0QFzGm4pzh+1no813v5dNNEcwCxr+H3qzflJ8KKYCi +c2a0oAECgYEA6qq4O0kZ2xh+1H4hGy9blkKkfZCB0Kj9QAstlMkmeBVeqEO/KexV +rFaBAi63Ye3bwhKJA7oNYQQS/QzEoVFs8ThVMNYBFHhx+VrV6lLkvbgDr9uPoAqF +xCePFYYLMLYC34waZxQG9Kk6Di1ugKsgfGXXqLmM4PY68g0qUuR4pzUCgYEA43J3 +I5OHaSk7XU5MXdpAjw/vnLqdBB+k1KX1DABMJL5v9H4A4yUBsKcmKA/jbcE85bAq +tbDPp4g6zGN1gfB15F9yHJQYeFSTY7qjWxR9ckfO7LwvUzknHt6AfGJMwe75ZPWd +oZU4NOLWYs28G/puedoNR18yErxtAnBYzB7xkzECgYEApNukq/myEWrHB09IwMln +ZUuSNahEmqttpwVzUzhxLyGMK1fUv4YJthXbcgYRzNmGbnQJD7YwWfy7vkyvAsmq +aFhz+OgPQCtRnqVC7OipS+Mvq+bqorthuCk2ax+NUv47TIMntUyrikwsvfMK05fl +LZ96f01DfHNfe9bl6fAaFxUCgYEAtjAqXsT94q60brkZUtRQgkgxl0mkHHl8fxmw +gDx8wbIJ275S15/9CpPZbJ3Nf00aiqHilEddDsWA09eXeM40oQoTTfES6NBWf7ww +vfRbx/7dMaRMBE3zmDaClR/ofDAAdW6JJbVxoGtTbzF9TKv9cn3HxTPr2DY2241C +k771owECgYEArNW59ydph2IUsGCQbh79H94N22RqXELSZn9ExH1TYJlFLwWWnivE +8z18Ze3I2FWK/Db43kLXmawW0HXg7e+hdCkPlM/kAYhfW9cZe0btpaEZ/yZGryDd +SL0ZLGPsvQSTDgbWqqN1Z6NFuYnYBuHrJa/bx3gCfs+i2WX0a2dKLlo= +-----END RSA PRIVATE KEY----- diff --git a/Scripts/Billing/process-order.sh b/Scripts/Billing/process-order.sh new file mode 100755 index 0000000..a461c2d --- /dev/null +++ b/Scripts/Billing/process-order.sh @@ -0,0 +1,179 @@ +#!/bin/bash + +BILLING_PATH="$HOME/Code/code/Scripts/Billing" +OUTPUT=`$BILLING_PATH/dkim-verify.sh test.txt` +RESULT=$? +if [ "$RESULT" != "0" ] +then + echo "DKIM check failed" + exit $RESULT +fi + +KEY=`echo $OUTPUT | cut -d '=' -f 1` +VAL=`echo $OUTPUT | cut -d '=' -f 2- | cut -d ' ' -f 1` +if [ "$KEY" == "TEMPDIR" ] +then + TEMPDIR=$VAL +fi + +# echo "tempdir = -$TEMPDIR-" + +echo > $TEMPDIR/check-params.sh +cat $TEMPDIR/cheaders.txt | while read LINE +do + KEY=`echo $LINE | cut -d ':' -f 1` + VAL=`echo $LINE | cut -d ':' -f 2-` + [ "$KEY" == "reply-to" ] && echo "REPLYTO_EMAIL='$VAL'" >> $TEMPDIR/check-params.sh + [ "$KEY" == "content-type" ] && echo "CONTENT_TYPE='$VAL'" >> $TEMPDIR/check-params.sh +done + +# We are expecting that PayPal will DKIM sign the from and subject fields and so we search +# for those fields in dkim-headers.dos so we only detect them if they were signed +# If they are not in the dkim-headers that are signed, then the idea is that the rest of +# the script will fail as the names and emails will mis-match +cat $TEMPDIR/dkim-headers.dos | while read LINE +do + KEY=`echo $LINE | cut -d ':' -f 1` + VAL=`echo $LINE | cut -d ':' -f 2-` + [ "$KEY" == "from" ] && echo "$VAL" | sed 's/\(.*\) via PayPal.*/FROM_NAME='\''\1'\''/' >> $TEMPDIR/check-params.sh + [ "$KEY" == "subject" ] && echo "$VAL" | sed 's/\(.*\) - Notification of Payment Received from \(.*\) (\(.*\)).*/ITEM='\''\1'\''\nSENDER_NAME='\''\2'\''\nSENDER_EMAIL='\''\3'\''\n/' >> $TEMPDIR/check-params.sh +done +echo >> $TEMPDIR/check-params.sh + +. $TEMPDIR/check-params.sh + +echo > $TEMPDIR/plain-body.txt +MULTIPART_TYPE=`echo "$CONTENT_TYPE" | cut -d ';' -f 1` +if [ "$MULTIPART_TYPE" == "multipart/alternative" ] +then + MULTIPART_SEPERATOR=`echo "$CONTENT_TYPE" | cut -d ';' -f 2- | cut -d '=' -f 2` + PART=0 + cat $TEMPDIR/body.txt | while read LINE + do + [ "$PART" == "1" ] && echo "$LINE" >> $TEMPDIR/plain-body.txt + [ "$PART" == "1" ] && [ "$LINE" == "--$MULTIPART_SEPERATOR" ] && break + [ "$PART" == "0" ] && [ "$LINE" == "--$MULTIPART_SEPERATOR" ] && PART=1 + done +else + cat $TEMPDIR/body.txt >> $TEMPDIR/plain-body.txt +fi + +cat $TEMPDIR/plain-body.txt | perl -pe 'use MIME::QuotedPrint; $_=MIME::QuotedPrint::decode($_);' > $TEMPDIR/plain.txt + +STATE=0 +echo > $TEMPDIR/vals.sh +cat $TEMPDIR/plain.txt | while read LINE +do + KEY=`echo $LINE | cut -d ':' -f 1` + VAL=`echo $LINE | cut -d ':' -f 2- | sed 's/[ \t]*\(.*\)/\1/'` + [ "$LINE" == "" ] && STATE=0 + [ "$STATE" == "2" ] && echo "BUYER_EMAIL='$LINE'" >> $TEMPDIR/vals.sh && STATE=0 + [ "$STATE" == "1" ] && echo "BUYER_NAME='$LINE'" >> $TEMPDIR/vals.sh && STATE=2 + [ "$LINE" == "Buyer:" ] && STATE=1 + [ "$STATE" == "3" ] && echo "SHIPPING=\$SHIPPING' | $LINE'" >> $TEMPDIR/vals.sh + [ "$LINE" == "Shipping address:" ] && STATE=3 + [ "$KEY" == "Description" ] && echo "DESC='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Qty" ] && echo "QTY='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Unit price" ] && echo "UNIT_PRICE='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Total" ] && echo "PRICE='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Payment" ] && echo "PAID='$VAL'" >> $TEMPDIR/vals.sh + [ "$KEY" == "Payment sent to" ] && echo "ME='$VAL'" >> $TEMPDIR/vals.sh +done + +. $TEMPDIR/vals.sh + +if [ "$ME" != "billing@subflexion.com" ] +then + echo "Wrong account:" + echo " -$ME- is not -billing@subflexion.com- " + echo " Or perhaps the email isn't formatted as expected, perhaps paypal have changed the format?" + exit -1 +fi +if [ "$SENDER_NAME" != "$FROM_NAME" ] +then + echo "Name mismatch:" + echo " -$SENDER_NAME- is not -$FROM_NAME- " + echo " Perhaps the from or subject header fields were not signed, so can we really trust this email?" + exit -1 +fi +if [ "$REPLYTO_EMAIL" != "$SENDER_EMAIL" ] +then + echo "Email mismatch:" + echo " -$REPLYTO_EMAIL- is not -$SENDER_EMAIL- " + echo " Perhaps the from or subject header fields were not signed, so can we really trust this email?" + exit -1 +fi +if [ "$SENDER_NAME" != "$BUYER_NAME" ] +then + echo "Name mismatch:" + echo " -$SENDER_NAME- is not -$BUYER_NAME- " + echo " The email doesn't not appear to be formatted as expected, perhaps paypal have changed the format" + exit -1 +fi +if [ "$BUYER_EMAIL" != "$SENDER_EMAIL" ] +then + echo "Email mismatch:" + echo " -$BUYER_EMAIL- is not -$SENDER_EMAIL- " + echo " The email doesn't not appear to be formatted as expected, perhaps paypal have changed the format" + exit -1 +fi + +if [ "$ITEM" == "Item no.v1.0" ] +then + echo "Found requested stock item" + if [ "$UNIT_PRICE" != "\$0.99 USD" ] + then + echo "Price mismatch:" + echo " -$UNIT_PRICE- != \$0.99 USD" + echo " Prices changed, but this script not updated?" + echo " Or potentially someone is trying to make a paypal payment with the correct details except for the price" + exit -1 + fi + # TODO: calculate that the total price is the correctly calculated product of the unit price by the quantitya +else + exit -1 +fi + +echo "Generating license..." + +echo > $TEMPDIR/license.txt +echo "PRODUCT=$DESC" >> $TEMPDIR/license.txt +echo "COUNT=$QTY" >> $TEMPDIR/license.txt +echo "ID=`uuidgen`" >> $TEMPDIR/license.txt +echo "NAME=$BUYER_NAME" >> $TEMPDIR/license.txt +echo "EMAIL=$BUYER_EMAIL" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE1=`echo $SHIPPING | cut -d '|' -f 2 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE2=`echo $SHIPPING | cut -d '|' -f 3 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE3=`echo $SHIPPING | cut -d '|' -f 4 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE4=`echo $SHIPPING | cut -d '|' -f 5 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt +echo "ADDRESS_LINE5=`echo $SHIPPING | cut -d '|' -f 6 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt + +# openssl genrsa -out $BILLING_PATH/private.pem 2048 > /dev/null +# openssl rsa -in $BILLING_PATH/private.pem -outform PEM -pubout -out $BILLING_PATH/public.pem + +cat $TEMPDIR/license.txt | openssl dgst -keyform pem -sha256 -sign $BILLING_PATH/private.pem > $TEMPDIR/sig.bin + +cat $TEMPDIR/license.txt | openssl dgst -keyform pem -sha256 -verify $BILLING_PATH/public.pem -signature $TEMPDIR/sig.bin + +SIG=`cat $TEMPDIR/sig.bin | base64 -w 50` + +echo "SIGNATURE_LINE1=`echo $SIG | tr ' ' '\n' | head -n 1 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE2=`echo $SIG | tr ' ' '\n' | head -n 2 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE3=`echo $SIG | tr ' ' '\n' | head -n 3 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE4=`echo $SIG | tr ' ' '\n' | head -n 4 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE5=`echo $SIG | tr ' ' '\n' | head -n 5 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE6=`echo $SIG | tr ' ' '\n' | head -n 6 | tail -n 1`" >> $TEMPDIR/license.txt +echo "SIGNATURE_LINE7=`echo $SIG | tr ' ' '\n' | head -n 7 | tail -n 1`" >> $TEMPDIR/license.txt + +cat $TEMPDIR/license.txt + +# Cleanup temporary files +if [ -d "$TEMPDIR" ] +then + if [ `dirname $TEMPDIR` == "$HOME/tmp" ] + then + rm -rf $TEMPDIR + fi +fi + + diff --git a/Scripts/Billing/public.pem b/Scripts/Billing/public.pem new file mode 100644 index 0000000..7bb12ca --- /dev/null +++ b/Scripts/Billing/public.pem @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H5OmJRvYhdQUFXyKoMg +Is6EyigqzFHzjWfEb3rDSffhN5IgdELpVWl69g5aVPUHz9tm2SJbGaZ8WOO6qjrz +sKLIFRgBM72UtZXPRTdAW6nyD9ni5kipLbFeB2R31zqKtPTTt8zbFGgJYpqcvb6v +OpQzc3wlvea7VdiWht2RKihl31C8asm+fzAXAsQ5kDpq7FmXxiBsZnpsvJUTrPsE +xmiNDpyfZPaAlKEkypiVui2B1SXAW41SgAXH3K42dnEedtxfNUZQu4mqoZnhzfE1 ++Djj3EOnBWdy/UxGKzXxTMYinG/WbVkJe5QWF5GLov10dOqUM2tJn+CNcWJ4ogBw +JQIDAQAB +-----END PUBLIC KEY-----