add paypro checks
This commit is contained in:
Matias Alejo Garcia
parent
30c04c615f
commit
32f281fb82
5 changed files with 222 additions and 352 deletions
126
test/PayPro.js
126
test/PayPro.js
|
|
@ -788,132 +788,6 @@ describe('PayPro (in Wallet) model', function() {
|
|||
});
|
||||
});
|
||||
|
||||
it('#try to sign a tampered payment request (raw)', function(done) {
|
||||
var w = createWallet();
|
||||
should.exist(w);
|
||||
var address = 'bitcoin:2NBzZdFBoQymDgfzH2Pmnthser1E71MmU47?amount=0.00003&r=' + server.uri + '/request';
|
||||
var commentText = 'Hello, server. I\'d like to make a payment.';
|
||||
w.createPaymentTx({
|
||||
uri: address,
|
||||
memo: commentText
|
||||
}, function(err, ntxid, merchantData) {
|
||||
should.equal(err, null);
|
||||
should.exist(ntxid);
|
||||
should.exist(merchantData);
|
||||
|
||||
// Tamper with payment request in its raw form:
|
||||
var data = new Buffer(merchantData.raw, 'hex');
|
||||
data = PayPro.PaymentRequest.decode(data);
|
||||
var pr = new PayPro();
|
||||
pr = pr.makePaymentRequest(data);
|
||||
var details = pr.get('serialized_payment_details');
|
||||
details = PayPro.PaymentDetails.decode(details);
|
||||
var pd = new PayPro();
|
||||
pd = pd.makePaymentDetails(details);
|
||||
var outputs = pd.get('outputs');
|
||||
outputs[outputs.length - 1].set('amount', 1000000000);
|
||||
pd.set('outputs', outputs);
|
||||
pr.set('serialized_payment_details', pd.serialize());
|
||||
merchantData.raw = pr.serialize().toString('hex');
|
||||
|
||||
var myId = w.getMyCopayerId();
|
||||
var txp = w.txProposals.get(ntxid);
|
||||
should.exist(txp);
|
||||
should.exist(txp.signedBy[myId]);
|
||||
should.not.exist(txp.rejectedBy[myId]);
|
||||
|
||||
w.verifyPaymentRequest(ntxid).should.equal(false);
|
||||
|
||||
return done();
|
||||
});
|
||||
});
|
||||
|
||||
it('#try to sign a tampered payment request (abstract)', function(done) {
|
||||
var w = createWallet();
|
||||
should.exist(w);
|
||||
var address = 'bitcoin:2NBzZdFBoQymDgfzH2Pmnthser1E71MmU47?amount=0.00003&r=' + server.uri + '/request';
|
||||
var commentText = 'Hello, server. I\'d like to make a payment.';
|
||||
w.createPaymentTx({
|
||||
uri: address,
|
||||
memo: commentText
|
||||
}, function(err, ntxid, merchantData) {
|
||||
should.equal(err, null);
|
||||
should.exist(ntxid);
|
||||
should.exist(merchantData);
|
||||
|
||||
// Tamper with payment request in its abstract form:
|
||||
var outputs = merchantData.pr.pd.outputs;
|
||||
var output = outputs[outputs.length - 1];
|
||||
var amount = output.amount;
|
||||
amount.low = 2;
|
||||
|
||||
var myId = w.getMyCopayerId();
|
||||
var txp = w.txProposals.get(ntxid);
|
||||
should.exist(txp);
|
||||
should.exist(txp.signedBy[myId]);
|
||||
should.not.exist(txp.rejectedBy[myId]);
|
||||
|
||||
w.verifyPaymentRequest(ntxid).should.equal(false);
|
||||
|
||||
return done();
|
||||
});
|
||||
});
|
||||
|
||||
it('#try to sign a tampered txp tx (abstract)', function(done) {
|
||||
var w = createWallet();
|
||||
should.exist(w);
|
||||
var address = 'bitcoin:2NBzZdFBoQymDgfzH2Pmnthser1E71MmU47?amount=0.00003&r=' + server.uri + '/request';
|
||||
var commentText = 'Hello, server. I\'d like to make a payment.';
|
||||
w.createPaymentTx({
|
||||
uri: address,
|
||||
memo: commentText
|
||||
}, function(err, ntxid, merchantData) {
|
||||
should.equal(err, null);
|
||||
should.exist(ntxid);
|
||||
should.exist(merchantData);
|
||||
|
||||
// Tamper with payment request in its abstract form:
|
||||
var txp = w.txProposals.get(ntxid);
|
||||
var tx = txp.builder.tx || txp.builder.build();
|
||||
tx.outs[0].v = new Buffer([2, 0, 0, 0, 0, 0, 0, 0]);
|
||||
|
||||
var myId = w.getMyCopayerId();
|
||||
var txp = w.txProposals.get(ntxid);
|
||||
should.exist(txp);
|
||||
should.exist(txp.signedBy[myId]);
|
||||
should.not.exist(txp.rejectedBy[myId]);
|
||||
|
||||
w.verifyPaymentRequest(ntxid).should.equal(false);
|
||||
|
||||
return done();
|
||||
});
|
||||
});
|
||||
|
||||
it('#sign an untampered payment request', function(done) {
|
||||
var w = createWallet();
|
||||
should.exist(w);
|
||||
var address = 'bitcoin:2NBzZdFBoQymDgfzH2Pmnthser1E71MmU47?amount=0.00003&r=' + server.uri + '/request';
|
||||
var commentText = 'Hello, server. I\'d like to make a payment.';
|
||||
w.createPaymentTx({
|
||||
uri: address,
|
||||
memo: commentText
|
||||
}, function(err, ntxid, merchantData) {
|
||||
should.equal(err, null);
|
||||
should.exist(ntxid);
|
||||
should.exist(merchantData);
|
||||
|
||||
var myId = w.getMyCopayerId();
|
||||
var txp = w.txProposals.get(ntxid);
|
||||
should.exist(txp);
|
||||
should.exist(txp.signedBy[myId]);
|
||||
should.not.exist(txp.rejectedBy[myId]);
|
||||
|
||||
w.verifyPaymentRequest(ntxid).should.equal(true);
|
||||
|
||||
return done();
|
||||
});
|
||||
});
|
||||
|
||||
it('#close payment server', function(done) {
|
||||
server.close(function() {
|
||||
return done();
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue