public CardTransaction OnlinePayment(decimal amount, string destinationName, string destinationAccount, string cvv) { if (!CVV.Equals(cvv)) { throw new CVVMismatchException(CVV, cvv); } var transaction = BankAccount.CreatePayment(amount, destinationName, destinationAccount, "Online Payment"); var cardTransaction = CardTransaction.Create(transaction, CardTransactionType.Online); cardTransactions.Add(cardTransaction); return(cardTransaction); }
public static void Thread1(object sock) { string sendMessage, receiveMessage; Common c = new Common(); Socket socket = (Socket)sock; //nhận message từ gateway string issuerPrivateKey = File.ReadAllText("d:/file/IssuerPrivateKey.xml"); receiveMessage = c.receive(socket); string[] splitAuthReq = receiveMessage.Split('-'); ForwardAuthorizationRequest forwardAuthorization = new ForwardAuthorizationRequest(splitAuthReq[0], splitAuthReq[1], splitAuthReq[2], splitAuthReq[3]); Console.WriteLine("verify gateway forward authorization: " + forwardAuthorization.verify(issuerPrivateKey)); string PI = forwardAuthorization.getPI(issuerPrivateKey); string cardNumber, CVV, dateValid, transID; long tien; string[] splitPI = PI.Split(':'); transID = splitPI[0]; cardNumber = splitPI[3]; CVV = splitPI[4]; dateValid = splitPI[5]; tien = Convert.ToInt64(splitPI[6]); //connect SQL server SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(); builder.DataSource = "localhost"; builder.UserID = "sa"; builder.Password = "******"; builder.InitialCatalog = "Bank"; bool flag = false; using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) { connection.Open(); string sql; StringBuilder sb = new StringBuilder(); sql = "SELECT CardNumber, CVV, DateValid FROM Issuer;"; using (SqlCommand command = new SqlCommand(sql, connection)) { string a; using (SqlDataReader reader = command.ExecuteReader()) { while (reader.Read()) { a = reader.GetString(2); if (cardNumber.Equals(reader.GetString(0)) == true && CVV.Equals(reader.GetString(1)) == true && dateValid.Equals(reader.GetString(2)) == true) { flag = true; } } } } //Console.WriteLine("kq sql server: " + flag); //ghi PI vào log Isuuer sb.Clear(); sb.Append("INSERT LogIssuer (TransID, CardNumber, Money, Paid) "); sb.Append("VALUES (@trans, @cardid, @money, @paid);"); sql = sb.ToString(); using (SqlCommand command = new SqlCommand(sql, connection)) { command.Parameters.AddWithValue("@trans", transID); command.Parameters.AddWithValue("@cardid", cardNumber); command.Parameters.AddWithValue("@money", tien); command.Parameters.AddWithValue("@paid", 0); int rowsAffected = command.ExecuteNonQuery(); Console.WriteLine(rowsAffected + " row(s) inserted"); } connection.Close(); } //gửi forward response X509Certificate2 issuerCertificate = new X509Certificate2("d:/file/issuer.crt", "123456"); string issuerCert = c.ByteArrayToString(issuerCertificate.GetRawCertData()); ForwardAuthorizationResponse authorizationResponse = new ForwardAuthorizationResponse(transID, splitPI[1], 1, "ok", issuerPrivateKey, issuerCert); c.send(authorizationResponse.ToMessage(), socket); //nhận capture request từ gateway receiveMessage = c.receive(socket); string[] splitCapture = receiveMessage.Split('-'); string keyCapture = c.DecryptionRSA(issuerPrivateKey, splitCapture[2]); string captureRequest = c.DecryptDES(splitCapture[1], keyCapture);//transid:RRPID:merchantcard:merchantCVV:merchantDatevalid:tien X509Certificate2 certificate2 = new X509Certificate2(c.StringToByteArray(splitCapture[3])); string gatewayPublicKey = certificate2.GetRSAPublicKey().ToXmlString(false); Console.WriteLine("verify capture request: " + c.Verify(gatewayPublicKey, splitCapture[0], captureRequest)); string merchantCardNumber, merchantCVV, merchantDateValid; string[] splitCaptureRequest = captureRequest.Split(':'); transID = splitCaptureRequest[0]; string RRPID = splitCaptureRequest[1]; merchantCardNumber = splitCaptureRequest[2]; merchantCVV = splitCaptureRequest[3]; merchantDateValid = splitCaptureRequest[4]; tien = Convert.ToInt64(splitCaptureRequest[5]); //nhập dữ liệu thanh toán vào sql server using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) { connection.Open(); string sql; StringBuilder sb = new StringBuilder(); sb.Clear(); sb.Append("UPDATE LogIssuer SET Paid = @paid WHERE TransID = @id"); sql = sb.ToString(); using (SqlCommand command = new SqlCommand(sql, connection)) { command.Parameters.AddWithValue("@id", transID); command.Parameters.AddWithValue("@paid", 1); int rowsAffected = command.ExecuteNonQuery(); } string customerCardNumber = ""; sql = "SELECT TransID, CardNumber FROM LogIssuer;"; using (SqlCommand command = new SqlCommand(sql, connection)) { string a; using (SqlDataReader reader = command.ExecuteReader()) { while (reader.Read()) { a = reader.GetString(1); if (transID.Equals(reader.GetString(0)) == true) { customerCardNumber = reader.GetString(1); } } } } long tienBanDau = 0; sql = "SELECT CardNumber, UsedMoney FROM Issuer;"; using (SqlCommand command = new SqlCommand(sql, connection)) { string a; using (SqlDataReader reader = command.ExecuteReader()) { while (reader.Read()) { if (cardNumber.Equals(reader.GetString(0)) == true) { tienBanDau = reader.GetInt64(1); } } } } sb.Clear(); sb.Append("UPDATE Issuer SET UsedMoney = @tien WHERE CardNumber = @id"); sql = sb.ToString(); using (SqlCommand command = new SqlCommand(sql, connection)) { command.Parameters.AddWithValue("@tien", tien + tienBanDau); command.Parameters.AddWithValue("@id", customerCardNumber); int rowsAffected = command.ExecuteNonQuery(); } connection.Close(); } //send message to acquirer string message = transID + ":" + merchantCardNumber + ":" + merchantCVV + ":" + merchantDateValid + ":" + tien; sendMessage = message + "-" + c.Sign(issuerPrivateKey, message) + "-" + issuerCert; IPEndPoint iep = new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1237); Socket client = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); client.Connect(iep); c.send(sendMessage, client); //nhận message từ acquirer receiveMessage = c.receive(client); string[] splitAcquirer = receiveMessage.Split('-'); X509Certificate2 acquirerCertificate = new X509Certificate2(c.StringToByteArray(splitAcquirer[2])); string acquirerPublicKey = acquirerCertificate.GetRSAPublicKey().ToXmlString(false); Console.WriteLine("verify message from acquirer: " + c.Verify(acquirerPublicKey, splitAcquirer[1], splitAcquirer[0])); string[] splitAcquirerMessage = splitAcquirer[0].Split(':'); if (splitAcquirerMessage[1].CompareTo("1") == 0) { //gửi capture response tới gateway message = splitAcquirerMessage[0] + ":" + RRPID + ":" + splitAcquirerMessage[1] + ":" + splitAcquirerMessage[2]; c.send(message + "-" + c.Sign(issuerPrivateKey, message) + "-" + issuerCert, socket); } else { } Console.Read(); }
public static void Thread1(object sock) { X509Certificate2 caCertificate = new X509Certificate2("d:/file/ca.crt"); X509Certificate2 gatewayCertificate; string issuerPrivateKey = File.ReadAllText("d:/file/IssuerPrivateKey.xml"); X509Certificate2 issuerCertificate = new X509Certificate2("d:/file/issuer.crt"); string sendMessage, receiveMessage; Common c = new Common(); Socket socket = (Socket)sock; string message; //nhận authorization request từ gateway receiveMessage = c.receive(ref socket); string[] splitAuthReq = receiveMessage.Split('-'); gatewayCertificate = new X509Certificate2(c.StringToByteArray(splitAuthReq[3])); if (c.VerifyCertificate(caCertificate, gatewayCertificate) == false) { Console.WriteLine("verify authorization request certificate from gateway false"); message = "ERROR" + ":" + "3" + ":" + "xac thuc that bai"; ForwardAuthorizationResponse forwardAuthorizationResponse = new ForwardAuthorizationResponse(message, issuerPrivateKey, c.ByteArrayToString(issuerCertificate.GetRawCertData())); c.send(forwardAuthorizationResponse.ToMessage(), ref socket); } else { Console.WriteLine("verify authorization request certificate from gateway true"); ForwardAuthorizationRequest forwardAuthorization = new ForwardAuthorizationRequest(splitAuthReq[0], splitAuthReq[1], splitAuthReq[2], splitAuthReq[3]); if (forwardAuthorization.verify(issuerPrivateKey) == false) { Console.WriteLine("verify authorization request from gateway false"); string message1 = "ERROR" + ":" + "3" + ":" + "xac thuc that bai"; ForwardAuthorizationResponse forwardAuthorizationResponse = new ForwardAuthorizationResponse(message1, issuerPrivateKey, c.ByteArrayToString(issuerCertificate.GetRawCertData())); c.send(forwardAuthorizationResponse.ToMessage(), ref socket); } else { Console.WriteLine("verify authorization request from gateway true"); string PI = forwardAuthorization.getPI(issuerPrivateKey); string cardNumber, CVV, dateValid, transID; long tien; string[] splitPI = PI.Split(':'); transID = splitPI[0]; cardNumber = splitPI[3]; CVV = splitPI[4]; dateValid = splitPI[5]; tien = Convert.ToInt64(splitPI[6]); //connect SQL server SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(); builder.DataSource = "localhost"; builder.UserID = "sa"; builder.Password = "******"; builder.InitialCatalog = "Bank"; using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) { connection.Open(); bool flag = false; string sql; StringBuilder sb = new StringBuilder(); sql = "SELECT CardNumber, CVV, DateValid FROM Issuer;"; using (SqlCommand command = new SqlCommand(sql, connection)) { string a; using (SqlDataReader sqlReader = command.ExecuteReader()) { while (sqlReader.Read()) { a = sqlReader.GetString(2); if (cardNumber.Equals(sqlReader.GetString(0)) == true && CVV.Equals(sqlReader.GetString(1)) == true && dateValid.Equals(sqlReader.GetString(2)) == true) { flag = true;//kiểm tra tài khoản customer có đúng hay không } } } } if (flag == false) { string s = "ERROR" + ":" + "2" + ":" + "tai khoan khong chinh xac"; ForwardAuthorizationResponse forwardAuthorizationResponse = new ForwardAuthorizationResponse(s, issuerPrivateKey, c.ByteArrayToString(issuerCertificate.GetRawCertData())); c.send(forwardAuthorizationResponse.ToMessage(), ref socket); } else { //ghi PI vào log Isuuer sb.Clear(); sb.Append("INSERT LogIssuer (TransID, CardNumber, Money, Paid) "); sb.Append("VALUES (@trans, @cardid, @money, @paid);"); sql = sb.ToString(); using (SqlCommand command = new SqlCommand(sql, connection)) { command.Parameters.AddWithValue("@trans", transID); command.Parameters.AddWithValue("@cardid", cardNumber); command.Parameters.AddWithValue("@money", tien); command.Parameters.AddWithValue("@paid", 0); int rowsAffected = command.ExecuteNonQuery(); } //gửi forward response string issuerCert = c.ByteArrayToString(issuerCertificate.GetRawCertData()); ForwardAuthorizationResponse authorizationResponse = new ForwardAuthorizationResponse(transID, 1, cardNumber, issuerPrivateKey, issuerCert); c.send(authorizationResponse.ToMessage(), ref socket); //nhận capture request từ gateway receiveMessage = c.receive(ref socket); string[] splitCapture = receiveMessage.Split('-'); gatewayCertificate = new X509Certificate2(c.StringToByteArray(splitCapture[6])); if (c.VerifyCertificate(caCertificate, gatewayCertificate) == false) { Console.WriteLine("verify capture request certificate from gateway false"); string s = "ERROR" + ":" + "3" + ":" + "xac thuc that bai"; s = s + "-" + c.Sign(issuerPrivateKey, s) + "-" + c.ByteArrayToString(issuerCertificate.GetRawCertData()); c.send(s, ref socket); } else { Console.WriteLine("verify capture request certificate from gateway true"); string captureRequest = getToken(receiveMessage);//thông tin tài khoản customer if (captureRequest == null) { string message1 = "ERROR" + ":" + "3" + ":" + "xac thuc that bai"; message1 = message1 + "-" + c.Sign(issuerPrivateKey, message1) + "-" + c.ByteArrayToString(issuerCertificate.GetRawCertData()); c.send(message1, ref socket); } else { string customerCardNumber; long soTien; string[] splitCaptureRequest = captureRequest.Split(':'); transID = splitCaptureRequest[0]; customerCardNumber = splitCaptureRequest[1]; soTien = Convert.ToInt64(splitCaptureRequest[2]); //nhập dữ liệu thanh toán vào sql server using (SqlConnection connection1 = new SqlConnection(builder.ConnectionString)) { connection1.Open(); string sql1; StringBuilder sb1 = new StringBuilder(); sb1.Clear(); sb1.Append("UPDATE LogIssuer SET Paid = @paid WHERE TransID = @id"); sql1 = sb1.ToString(); using (SqlCommand command = new SqlCommand(sql1, connection1)) { command.Parameters.AddWithValue("@id", transID); command.Parameters.AddWithValue("@paid", 1); int rowsAffected = command.ExecuteNonQuery(); } long tienBanDau = 0; sql1 = "SELECT CardNumber, UsedMoney FROM Issuer;"; using (SqlCommand command = new SqlCommand(sql1, connection1)) { using (SqlDataReader sqlReader = command.ExecuteReader()) { while (sqlReader.Read()) { if (cardNumber.Equals(sqlReader.GetString(0)) == true) { tienBanDau = sqlReader.GetInt64(1); } } } } sb1.Clear(); sb1.Append("UPDATE Issuer SET UsedMoney = @tien WHERE CardNumber = @id"); sql1 = sb1.ToString(); using (SqlCommand command = new SqlCommand(sql1, connection1)) { command.Parameters.AddWithValue("@tien", soTien + tienBanDau); command.Parameters.AddWithValue("@id", customerCardNumber); int rowsAffected = command.ExecuteNonQuery(); } connection1.Close(); connection.Close(); } //send message to acquirer sendMessage = splitCapture[0] + "-" + splitCapture[1] + "-" + splitCapture[2] + "-" + splitCapture[6]; IPEndPoint iep = new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1237); Socket client = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); client.Connect(iep); c.send(sendMessage, ref client); //nhận message từ acquirer receiveMessage = c.receive(ref client); string[] splitAcquirer = receiveMessage.Split('-'); X509Certificate2 acquirerCertificate = new X509Certificate2(c.StringToByteArray(splitAcquirer[2])); if (c.VerifyCertificate(caCertificate, acquirerCertificate) == true) { Console.WriteLine("verify capture response certificate from acquirer true"); string acquirerPublicKey = acquirerCertificate.GetRSAPublicKey().ToXmlString(false); if (c.Verify(acquirerPublicKey, splitAcquirer[1], splitAcquirer[0]) == true) { Console.WriteLine("verify capture response from acquirer true"); message = splitAcquirer[0]; c.send(message + "-" + c.Sign(issuerPrivateKey, message) + "-" + issuerCert, ref socket); } } //client.Close(); } } } } } } socket.Close(); }