Understanding certificates and how to implement them in the bitcoin payment protocol? #4864

issue derrend opened this issue on September 8, 2014
  1. derrend commented at 2:20 AM on September 8, 2014: none

    Originally asked on stackoverflow: link - http://stackoverflow.com/questions/25716130/how-to-add-signed-certificates-to-a-bitcoin-bip70-payment-message-python

    References: https://github.com/bitcoin/bips/blob/master/bip-0070.mediawiki https://github.com/aantonop/bitcoinbook/blob/develop/selected%20BIPs/bip-0070.mediawiki#paymentdetailspaymentrequest

    message PaymentRequest {
    ##optional uint32 payment_details_version = 1 [default = 1]; # 'x509+sha256' in this case.
    ##optional string pki_type = 2 [default = "none"];
    optional bytes pki_data = 3;
    ##required bytes serialized_payment_details = 4;
    optional bytes signature = 5;
}

    The ones with ## at the front are not a problem, I've solved them already.

    optional bytes pki_data wants a byte encoded version of 'x509+sha256' so...

    x509_bytes = open('/path/to/x509.der', 'rb').read()
pki_data = hashib.sha256(x509_bytes)

    Is the above correct?

    Next optional bytes signature, 'digital signature over a hash of the protocol buffer serialized variation of the PaymentRequest message'

    I'm not sure how to achieve this so any suggestions would be greatly appreciated.

    Finally I have...

    message X509Certificates {
        repeated bytes certificate = 1;
    }

    repeated bytes certificate 'Each certificate is a DER [ITU.X690.1994] PKIX certificate value. The certificate containing the public key of the entity that digitally signed the PaymentRequest MUST be the first certificate.'

    I only have the one cert I got from the comodo so I think I only need to supply the raw byte data of the cert to satisfy this one which already exists in the form of x509_bytes above, so...

    repeated bytes certificate = x509_bytes

    Am I close??

    Also I notice that repeated bytes certificate comes after optional bytes signature but shouldn't I deal with that before message PaymentRequest so that I can serialise it into my http response somehow?

    EDIT:

    For what it's worth I'm aware that I need to import, instantiate and in some cases serialise these methods before sending them as a request/response but what I'm looking for are the methods on how to manipulate and supply the information required.

    Thanks :)

  2. derrend commented at 11:26 PM on September 11, 2014: none

    Solved it, seems there was an error in the mediawiki which should be fixed now.

  3. derrend closed this on Sep 11, 2014
  4. MarcoFalke locked this on Sep 8, 2021
Contributors
derrend
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-21 21:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me