•   almost 12 years ago

PHP lib for MintChip

The original PHP code fragments were a bit incomplete and/or not written with best practice in mind. I've put this together into a class I named MintChipMessage which allows parsing and generation of messages.
It's still work in progress, but the source can be seen online and help is welcome. I'm planning on a MintChip class that will communicate either with remote mintchip or local ones too.

Source:

https://github.com/MagicalTux/mintchip/blob/master/php/MintChipMessage.class.php

An example of generated vm req message (not sure if the format is right yet, will have to try):
YF4wXKADCgEBoR4WHERvbmF0ZSAxMCBVU0QgZm9yIFBIUCBkZXYgOymiNaEzMDEECBMQAAAAATEhBAEBBAMAA+gBAf8WGmh0dHA6Ly9ibG9nLm1hZ2ljYWx0dXgubmV0

  • 16 comments

  •   •   almost 12 years ago

    Mark, Thanks for this. I poked around your code to solve some typing issues i was not previous familiar with
    bin2hex()
    hexdec()
    and hexec(bin2hex())
    are now my friends. Anyone else you know of doing php development on the project?

  •   •   almost 12 years ago

    bin2hex() converts binary data to their hexadecimal representation
    hexdec() converts hexadecimal string to decimal
    hexdec(bin2hex()) is a dirty but useful hack used in the original MintChip library that allows to "read" a value in bytes of arbitrary length. I do not recommend this method (knowing the length of your binary data and using pack()/unpack() is the best, but the MintChip format uses variable length so well...).

    A few people I know are also starting to work on this and may pull some changes to that lib. I also started rewriting the communication system with the actual MintChip in PHP... :)

  •   •   almost 12 years ago

    Yes the conversion and typing are quite confusing. I'm now trying to tackle the payer-cert conversion. If MintChip is delivering that in binary form, what is the best way to convert it so PHP can parse the cert? I'm getting gibbrish without any type conversion:

    http://i1172.photobucket.com/albums/r577/mint_chipper/payer-cert.png.

    Any direction would be greatly appreciated. Good luck with the comm system rewrite. I'll also check back into the git code. Thanks for the response.

  •   •   almost 12 years ago

    I guess you did a base64_decode of that

    A parse example is available there:
    https://github.com/MagicalTux/mintchip/blob/master/php/test.php

    (export() will re-compose the message, but you can also var_dump($msg) directly to see what was parsed)

  •   •   almost 12 years ago

    Yes it was decoded with the rest of the data.

    I'm not able to run your class. I hitting a Fatal error on line 240 and have yet to debug it.

    public function export() {
    // product output format
    switch($this->type) {
    case self::TYPE_VM_REQ: return $this->_export_vm_req();
    default:
    throw new \Exception('Unsupported format or uninitialized message');
    }
    }

  •   •   almost 12 years ago

    Hi,

    You need at least PHP 5.3 to run this class. If you use an older version, it is highly recommended to upgrade to PHP 5.3 or PHP 5.4.

  •   •   almost 12 years ago

    Running PHP 5.3.8

    It seems that the MintChip php code is base64_decoding the payer-cert when it begins to parse the Value Message from the Spender's Chip. Does the payer-cert need to be base64_encoded again to be able to parse it for the PKI message validation? Trying that now.

  •   •   almost 12 years ago

    For info we cannot export VM_RESP yet, only VP_REQ. You can stop trying to do the export, it should work.

  •   •   almost 12 years ago

    Wish i know that several hours ago!

    So far I've been able to:
    1. Create the Value Message
    2. POST the value massage to the remote.mintchipchallange server
    3. The spender is able to accept or deny the payment. But then the remote.mintchipchallenge.com server posts the VM_RESP back to my server, I see the value deducted from the spender's chip but it is not added to the receivers chip. Am I missing something.

  •   •   almost 12 years ago

    Mark,

    I was able to parse the cert:
    $cert_value=$mintchipAttributes["vm-resp"]["payer-cert"];

    $cert = "-----BEGIN CERTIFICATE-----\r\n".chunk_split(base64_encode($cert_value),$chunklen = 76, $end = "\r\n")."-----END CERTIFICATE-----";

    Thanks for your help.

  •   •   almost 12 years ago

    Mark,

    The VM_RESP values have to be OCTET STRING (of the required lenght) to pass the openssl_verify() test. So the API seems to require OCTET values to pass the data and for signature checking, then the values must be converted to PHP string,dec, or int for display and processing. I'm sure this is all in the docs but I hope it helps someone else save a few hours of scouring.

    Please post if you come up with a safe and reliable way to consistently convert the OCTET values (or maybe MintChip will standardize the length values and update the specs).

  •   •   almost 12 years ago

    Have you had any luck Loading the Value Message by posting to /mintchip/receipts? I've use the .submit() method demonstrated in the docs to post the value message request and get "455 Invalid value message packet error". I've also tried using curl, setting Content-Type: application/vnd.scg.ecn-message and the server doesn't seem to be allowing curl requests. The Value Message I'm sending is correct as I'm able to post the same value message manually at https://remote.mintchipchallenge.com/index.htm#accept so it must be something with the format of the request.

  •   •   over 11 years ago

    So are the value message requests this library creates properly formatted? I have been trying to create a value message using the example value message request you posted, and keep getting error code 454, Format Related. I have tried the example value message request from the mintchip php example itself, ] tried to generate a value message request using your library and the mintchip official one, and all the value request messages have returned the same error.

  •   •   over 11 years ago

    And note I am trying to use the hosted API, so attempting to do a POST using the value message request as the body

  •   •   over 11 years ago

    Are you using curl? Pls post here.

  •   •   over 11 years ago

    I am writing an iPhone app, so no. Using NSURLConnection. I can successfully create value messages using POST /mintchip/payments/{payeeid}/{currencycode}/{amountincents}, and perform all the GET commands. I've set the content-type header to application/vnd.scg.ecn-message, the accept header to */*, and the content length header.

Comments are closed.