payment-kit 1.29.5 → 1.29.7

package/cloudflare/tests/x509-probe.mjs

@@ -0,0 +1,260 @@
+// X509 / crypto probe — runs inside REAL workerd (via miniflare) with the EXACT
+// production CF config (compatibility_date 2024-12-01 + nodejs_compat).
+//
+// Settles the Apple-IAP native-verify plan (intent/apple-iap-native-verify-plan/)
+// AND is the committed regression gate proving the §5 algorithm holds under
+// workerd. Rounds:
+//   Round 1 (baseline): X509Certificate construct/publicKey/verify, node ES256
+//            (DER sig), subtle ECDSA P-256, subtle importKey spki.
+//   Round 2 (§4 prep): the verify-path specifics NOT covered by round 1 —
+//     P1: leafCert.publicKey.export({type:'spki',format:'der'}) in workerd
+//     P2: verify a REAL P1363 (raw r||s) ES256 sig — (a) via crypto.subtle,
+//                                                      (b) via createVerify dsaEncoding:'ieee-p1363'
+//     P3: read an Apple custom extension OID (1.2.840.113635.*) WITHOUT an ASN.1
+//         lib — DER-encode the OID and indexOf() it in cert.raw. (Node's
+//         X509Certificate has NO generic extension-by-OID accessor.)
+//   chain_round (0.2): a synthetic 3-cert chain (root → CA int w/ Apple OID →
+//            leaf w/ Apple OID) — proves §5.4 walk (intermediate.verify(root),
+//            leaf.verify(int)) + §5.5 OID presence on BOTH certs under workerd,
+//            plus a cross-signed leaf that MUST fail leaf.verify(int).
+//            Mirrors api/tests/integrations/app-store/fixtures/make-chain.ts —
+//            keep the two in sync.
+//   pkcs8_sign_round (0.5): importKey('pkcs8') for SIGN + round-trip verify —
+//            de-risks the App Store Server API JWT bearer (Phase 2) BEFORE it is
+//            built. If workerd rejects pkcs8-for-sign, Phase 2 takes Approach J.
+//
+// Vectors are generated at runtime (openssl + node:crypto) so cert validity is
+// always current and the P1363 sig is real.
+//
+// Run:  node cloudflare/tests/x509-probe.mjs    (cwd = blocklets/core)
+import { Miniflare } from 'miniflare';
+import { execSync, execFileSync } from 'node:child_process';
+import { generateKeyPairSync, sign as nodeSign, X509Certificate } from 'node:crypto';
+import fs from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
+
+const LEAF_OID = '1.2.840.113635.100.6.11.1'; // Apple: present on the leaf
+const INT_OID = '1.2.840.113635.100.6.2.1'; // Apple: present on the intermediate (ABSENT from our leaf — negative control)
+const SIGNING_INPUT = 'header.payload';
+
+// DER-encode an OID's *content* octets (no 0x06 tag / length) — enough to scan
+// for inside a cert's DER with indexOf (the content is unique enough).
+function oidContentHex(oid) {
+  const parts = oid.split('.').map(Number);
+  const bytes = [40 * parts[0] + parts[1]];
+  for (let i = 2; i < parts.length; i++) {
+    let v = parts[i];
+    const stack = [v & 0x7f];
+    v = Math.floor(v / 128);
+    while (v > 0) {
+      stack.unshift((v & 0x7f) | 0x80);
+      v = Math.floor(v / 128);
+    }
+    bytes.push(...stack);
+  }
+  return Buffer.from(bytes).toString('hex');
+}
+
+// ---- generate vectors (node side) ----
+const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'x509-probe-'));
+const keyPath = path.join(dir, 'leaf.key');
+const certPem = path.join(dir, 'leaf.pem');
+const certDer = path.join(dir, 'leaf.der');
+execSync(`openssl ecparam -name prime256v1 -genkey -noout -out ${keyPath}`, { stdio: 'ignore' });
+// self-signed leaf carrying the Apple LEAF extension OID (value = ASN.1 NULL)
+execSync(
+  `openssl req -new -x509 -key ${keyPath} -out ${certPem} -days 3650 -subj "/CN=apple-leaf-probe" -addext "${LEAF_OID}=DER:0500"`,
+  { stdio: 'ignore' }
+);
+execSync(`openssl x509 -in ${certPem} -outform DER -out ${certDer}`, { stdio: 'ignore' });
+
+const certDerB64 = fs.readFileSync(certDer).toString('base64');
+const keyPem = fs.readFileSync(keyPath, 'utf8');
+// REAL P1363 ES256 signature (raw 64-byte r||s — the JWS form), NOT DER.
+const p1363SigB64 = nodeSign('sha256', Buffer.from(SIGNING_INPUT), { key: keyPem, dsaEncoding: 'ieee-p1363' }).toString(
+  'base64'
+);
+
+// ---- chain_round vectors (0.2): synthetic root → CA int (Apple OID) → leaf (Apple OID) ----
+// Mirrors fixtures/make-chain.ts. The cross-signed leaf shares the int's subject
+// DN but is signed by a DIFFERENT key, so leaf.verify(int.publicKey) MUST fail.
+function buildChain() {
+  const d = fs.mkdtempSync(path.join(os.tmpdir(), 'x509-chain-'));
+  const f = (n) => path.join(d, n);
+  const run = (args) => execFileSync('openssl', args, { cwd: d, stdio: ['ignore', 'pipe', 'pipe'] });
+  const key = (n) => run(['ecparam', '-name', 'prime256v1', '-genkey', '-noout', '-out', f(n)]);
+  const SUBJ_INT = '/CN=Probe Apple WWDR Intermediate';
+  try {
+    key('root.key');
+    run(['req', '-new', '-x509', '-key', f('root.key'), '-out', f('root.pem'), '-days', '3650',
+      '-subj', '/CN=Probe Apple Root CA', '-addext', 'basicConstraints=critical,CA:TRUE']);
+    key('int.key');
+    run(['req', '-new', '-key', f('int.key'), '-out', f('int.csr'), '-subj', SUBJ_INT]);
+    fs.writeFileSync(f('int.ext'), `[v3]\nbasicConstraints=critical,CA:TRUE\n${INT_OID}=DER:0500`);
+    run(['x509', '-req', '-in', f('int.csr'), '-CA', f('root.pem'), '-CAkey', f('root.key'), '-CAcreateserial',
+      '-out', f('int.pem'), '-days', '3650', '-extfile', f('int.ext'), '-extensions', 'v3']);
+    key('leaf.key');
+    run(['req', '-new', '-key', f('leaf.key'), '-out', f('leaf.csr'), '-subj', '/CN=Probe Apple Leaf']);
+    fs.writeFileSync(f('leaf.ext'), `[v3]\nbasicConstraints=critical,CA:FALSE\n${LEAF_OID}=DER:0500`);
+    run(['x509', '-req', '-in', f('leaf.csr'), '-CA', f('int.pem'), '-CAkey', f('int.key'), '-CAcreateserial',
+      '-out', f('leaf.pem'), '-days', '3650', '-extfile', f('leaf.ext'), '-extensions', 'v3']);
+    // wrong intermediate: same subject DN, different key
+    key('wrongint.key');
+    run(['req', '-new', '-x509', '-key', f('wrongint.key'), '-out', f('wrongint.pem'), '-days', '3650',
+      '-subj', SUBJ_INT, '-addext', 'basicConstraints=critical,CA:TRUE']);
+    key('crossleaf.key');
+    run(['req', '-new', '-key', f('crossleaf.key'), '-out', f('crossleaf.csr'), '-subj', '/CN=Probe Apple Leaf']);
+    run(['x509', '-req', '-in', f('crossleaf.csr'), '-CA', f('wrongint.pem'), '-CAkey', f('wrongint.key'),
+      '-CAcreateserial', '-out', f('crossleaf.pem'), '-days', '3650', '-extfile', f('leaf.ext'), '-extensions', 'v3']);
+    const der = (n) => Buffer.from(new X509Certificate(fs.readFileSync(f(n))).raw).toString('base64');
+    return { leaf: der('leaf.pem'), int: der('int.pem'), root: der('root.pem'), crossLeaf: der('crossleaf.pem') };
+  } finally {
+    fs.rmSync(d, { recursive: true, force: true });
+  }
+}
+const chain = buildChain();
+
+// ---- pkcs8_sign_round vectors (0.5): EC P-256 pkcs8 (DER) + its spki, for SIGN ----
+const { privateKey: ecPriv, publicKey: ecPub } = generateKeyPairSync('ec', { namedCurve: 'P-256' });
+const pkcs8B64 = ecPriv.export({ type: 'pkcs8', format: 'der' }).toString('base64');
+const spkiSignB64 = ecPub.export({ type: 'spki', format: 'der' }).toString('base64');
+const badPkcs8B64 = Buffer.from('not-a-real-pkcs8-key').toString('base64');
+
+const script = `
+import { X509Certificate, createVerify } from 'node:crypto';
+import { Buffer } from 'node:buffer';
+
+const CERT_DER_B64   = ${JSON.stringify(certDerB64)};
+const P1363_SIG_B64  = ${JSON.stringify(p1363SigB64)};
+const LEAF_OID_HEX   = ${JSON.stringify(oidContentHex(LEAF_OID))};
+const INT_OID_HEX    = ${JSON.stringify(oidContentHex(INT_OID))};
+const MSG = ${JSON.stringify(SIGNING_INPUT)};
+
+// chain_round (0.2)
+const CHAIN = ${JSON.stringify(chain)};
+// pkcs8_sign_round (0.5)
+const PKCS8_B64      = ${JSON.stringify(pkcs8B64)};
+const SPKI_SIGN_B64  = ${JSON.stringify(spkiSignB64)};
+const BAD_PKCS8_B64  = ${JSON.stringify(badPkcs8B64)};
+
+function ok(v){ return { ok: true, ...v }; }
+function err(e){ return { ok: false, error: String(e && e.message || e) }; }
+function hex(buf){ return Buffer.from(buf).toString('hex'); }
+
+export default {
+  async fetch() {
+    const out = {};
+    const cert = new X509Certificate(Buffer.from(CERT_DER_B64, 'base64'));
+
+    // P1 — export leaf public key as SPKI DER (needed to feed crypto.subtle)
+    let spkiDer = null;
+    try {
+      spkiDer = cert.publicKey.export({ type: 'spki', format: 'der' });
+      out.P1_export_spki_der = ok({ bytes: spkiDer.byteLength ?? spkiDer.length });
+    } catch (e) { out.P1_export_spki_der = err(e); }
+
+    // P2a — verify REAL P1363 ES256 sig via crypto.subtle (preferred)
+    try {
+      if (!spkiDer) throw new Error('no spki from P1');
+      const key = await crypto.subtle.importKey(
+        'spki', spkiDer, { name: 'ECDSA', namedCurve: 'P-256' }, false, ['verify']
+      );
+      const valid = await crypto.subtle.verify(
+        { name: 'ECDSA', hash: 'SHA-256' }, key,
+        Buffer.from(P1363_SIG_B64, 'base64'), new TextEncoder().encode(MSG)
+      );
+      out.P2a_subtle_p1363_verify = ok({ valid });
+    } catch (e) { out.P2a_subtle_p1363_verify = err(e); }
+
+    // P2b — verify REAL P1363 sig via node createVerify dsaEncoding:'ieee-p1363' (fallback)
+    try {
+      const v = createVerify('SHA256');
+      v.update(MSG); v.end();
+      const valid = v.verify({ key: cert.publicKey, dsaEncoding: 'ieee-p1363' }, Buffer.from(P1363_SIG_B64, 'base64'));
+      out.P2b_node_p1363_verify = ok({ valid });
+    } catch (e) { out.P2b_node_p1363_verify = err(e); }
+
+    // P3 — Apple extension-OID presence via indexOf in cert.raw (no ASN.1 lib)
+    try {
+      const rawHex = hex(cert.raw);
+      const leafPresent = rawHex.includes(LEAF_OID_HEX);   // expect TRUE  (we added it)
+      const intPresent  = rawHex.includes(INT_OID_HEX);    // expect FALSE (negative control)
+      // also confirm Node has NO generic extension accessor (documents the gap)
+      const hasGenericExtAccessor =
+        typeof cert.getExtension === 'function' || typeof cert.extensions !== 'undefined';
+      out.P3_oid_scan = ok({
+        rawIsBuffer: cert.raw instanceof Uint8Array,
+        leafOidPresent: leafPresent,
+        intOidPresent: intPresent,
+        hasGenericExtAccessor,
+      });
+    } catch (e) { out.P3_oid_scan = err(e); }
+
+    // chain_round (0.2) — full §5.4 walk + §5.5 OID presence on a 3-cert chain
+    try {
+      const leaf = new X509Certificate(Buffer.from(CHAIN.leaf, 'base64'));
+      const intermediate = new X509Certificate(Buffer.from(CHAIN.int, 'base64'));
+      const root = new X509Certificate(Buffer.from(CHAIN.root, 'base64'));
+      const crossLeaf = new X509Certificate(Buffer.from(CHAIN.crossLeaf, 'base64'));
+      out.chain_round = ok({
+        intVerifiesRoot: intermediate.verify(root.publicKey),
+        leafVerifiesInt: leaf.verify(intermediate.publicKey),
+        leafOidPresent: hex(leaf.raw).includes(LEAF_OID_HEX),
+        intOidPresent: hex(intermediate.raw).includes(INT_OID_HEX),
+        intIsCa: intermediate.ca === true,
+        crossSignedLeafVerifies: crossLeaf.verify(intermediate.publicKey), // expect FALSE
+      });
+    } catch (e) { out.chain_round = err(e); }
+
+    // pkcs8_sign_round (0.5) — importKey('pkcs8') for SIGN + round-trip verify
+    try {
+      const signKey = await crypto.subtle.importKey(
+        'pkcs8', Buffer.from(PKCS8_B64, 'base64'), { name: 'ECDSA', namedCurve: 'P-256' }, false, ['sign']
+      );
+      const sig = await crypto.subtle.sign(
+        { name: 'ECDSA', hash: 'SHA-256' }, signKey, new TextEncoder().encode(MSG)
+      );
+      const verifyKey = await crypto.subtle.importKey(
+        'spki', Buffer.from(SPKI_SIGN_B64, 'base64'), { name: 'ECDSA', namedCurve: 'P-256' }, false, ['verify']
+      );
+      const roundTripVerifyOk = await crypto.subtle.verify(
+        { name: 'ECDSA', hash: 'SHA-256' }, verifyKey, sig, new TextEncoder().encode(MSG)
+      );
+      // negative control: a malformed pkcs8 must surface as importPkcs8Ok:false, not a silent unsigned key
+      let importBadOk = true;
+      try {
+        await crypto.subtle.importKey(
+          'pkcs8', Buffer.from(BAD_PKCS8_B64, 'base64'), { name: 'ECDSA', namedCurve: 'P-256' }, false, ['sign']
+        );
+      } catch { importBadOk = false; }
+      out.pkcs8_sign_round = ok({
+        importPkcs8Ok: true,
+        signOk: sig.byteLength > 0,
+        roundTripVerifyOk,
+        malformedPkcs8Rejected: importBadOk === false,
+      });
+    } catch (e) { out.pkcs8_sign_round = err(e); }
+
+    return new Response(JSON.stringify(out, null, 2), { headers: { 'content-type': 'application/json' } });
+  }
+};
+`;
+
+const mf = new Miniflare({
+  modules: true,
+  script,
+  compatibilityDate: '2024-12-01',
+  compatibilityFlags: ['nodejs_compat'],
+});
+
+try {
+  const res = await mf.dispatchFetch('http://localhost/');
+  console.log(await res.text());
+} catch (e) {
+  console.error('PROBE FAILED TO RUN:', e);
+  process.exitCode = 1;
+} finally {
+  await mf.dispose();
+  fs.rmSync(dir, { recursive: true, force: true });
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "payment-kit",
-  "version": "1.29.5",
+  "version": "1.29.7",
   "scripts": {
     "dev": "blocklet dev --open",
     "prelint": "npm run types",
@@ -47,9 +47,8 @@
   },
   "dependencies": {
     "@abtnode/cron": "^1.17.13-beta-20260613-094425-b81920c8",
-    "@apple/app-store-server-library": "^3.1.0",
     "@arcblock/did": "^1.30.24",
-    "@arcblock/did-connect-js": "^4.0.6",
+    "@arcblock/did-connect-js": "^4.0.7",
     "@arcblock/did-connect-react": "^3.5.4",
     "@arcblock/did-connect-storage-nedb": "^1.8.0",
     "@arcblock/did-util": "^1.30.24",
@@ -61,9 +60,9 @@
     "@blocklet/error": "^0.3.5",
     "@blocklet/js-sdk": "^1.17.13-beta-20260613-094425-b81920c8",
     "@blocklet/logger": "^1.17.13-beta-20260613-094425-b81920c8",
-    "@blocklet/payment-broker-client": "1.29.5",
-    "@blocklet/payment-react": "1.29.5",
-    "@blocklet/payment-vendor": "1.29.5",
+    "@blocklet/payment-broker-client": "1.29.7",
+    "@blocklet/payment-react": "1.29.7",
+    "@blocklet/payment-vendor": "1.29.7",
     "@blocklet/sdk": "^1.17.13-beta-20260613-094425-b81920c8",
     "@blocklet/ui-react": "^3.5.4",
     "@blocklet/uploader": "^0.3.20",
@@ -105,7 +104,6 @@
     "morgan": "^1.10.0",
     "mui-daterange-picker": "^1.0.5",
     "nanoid": "^3.3.11",
-    "node-apple-receipt-verify": "^1.15.0",
     "numbro": "^2.5.0",
     "p-all": "3.0.0",
     "p-wait-for": "^3.2.0",
@@ -135,12 +133,11 @@
   "devDependencies": {
     "@abtnode/types": "^1.17.13-beta-20260613-094425-b81920c8",
     "@arcblock/eslint-config-ts": "^0.3.3",
-    "@blocklet/payment-types": "1.29.5",
+    "@blocklet/payment-types": "1.29.7",
     "@types/connect": "^3.4.38",
     "@types/debug": "^4.1.12",
     "@types/dotenv-flow": "^3.3.3",
     "@types/node": "^18.19.112",
-    "@types/node-apple-receipt-verify": "^1.7.5",
     "@types/react": "^18.3.23",
     "@types/react-dom": "^18.3.7",
     "@vitejs/plugin-react": "^4.6.0",
@@ -183,5 +180,5 @@
       "parser": "typescript"
     }
   },
-  "gitHead": "b392a84d8557fd6f32f47540d76d642d62e59dd3"
+  "gitHead": "e1999aecfa9ce64bfd56da14bf47b255a19ef394"
 }

package/api/src/integrations/app-store/node-apple-receipt-verify.d.ts

@@ -1,17 +0,0 @@
-// Minimal ambient declarations for `node-apple-receipt-verify`.
-// The library ships no @types package; we only use config() + validate(),
-// and accept that validate() returns `unknown` items we narrow ourselves.
-
-declare module 'node-apple-receipt-verify' {
-  export interface AppleReceiptConfig {
-    secret?: string;
-    verbose?: boolean;
-    environment?: Array<'production' | 'sandbox'>;
-    /** ignore expired items, default false */
-    ignoreExpired?: boolean;
-    /** extended fields, etc. */
-    [k: string]: any;
-  }
-  export function config(options: AppleReceiptConfig): void;
-  export function validate(options: { receipt: string }): Promise<unknown[]>;
-}