From c38e64d81803334333d2118c1f54695287556a21 Mon Sep 17 00:00:00 2001
From: Dominik Hebeler <dominik@suma-ev.de>
Date: Wed, 16 Nov 2022 11:48:35 +0100
Subject: [PATCH] using correct amount of sales_receipts

---
 pass/resources/js/checkout.js    | 17 +++++++++++++++--
 pass/routes/checkout/checkout.js | 13 ++++++++++++-
 2 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/pass/resources/js/checkout.js b/pass/resources/js/checkout.js
index 564f6e1..bf8342b 100644
--- a/pass/resources/js/checkout.js
+++ b/pass/resources/js/checkout.js
@@ -14,11 +14,22 @@ function one_generate_encrypted_sales_receipt() {
   );
   let next_step_container = document.getElementById("execute-payment");
 
-  let amount = document.querySelector("input[name=amount]").value;
+  let amount = parseInt(document.querySelector("input[name=amount]").value);
+  let unit_size = parseInt(
+    document.querySelector("input[name=unit_size]").value
+  );
   let N = document.querySelector("input[name=public_key_n]").value;
   let E = document.querySelector("input[name=public_key_e]").value;
 
-  for (let i = 0; i < amount; i++) {
+  let ticket_count = (amount * unit_size) / 50;
+  if (ticket_count % 1 !== 0) {
+    console.error(
+      "This should not happen. Ticket count should only produce integer values"
+    );
+    return;
+  }
+
+  for (let i = 0; i < ticket_count; i++) {
     let uuid = uuid_generator.v4();
     metager_pass_sales_receipts.push(uuid);
     let { blinded, r } = BlindSignature.blind({
@@ -30,6 +41,8 @@ function one_generate_encrypted_sales_receipt() {
     metager_pass_encrypted_sales_receipts_r.push(r.toString());
   }
 
+  console.log(metager_pass_encrypted_sales_receipts);
+
   current_step_container.classList.remove("current");
   current_step_container.classList.add("finished");
   next_step_container.classList.add("current");
diff --git a/pass/routes/checkout/checkout.js b/pass/routes/checkout/checkout.js
index 24b3bb1..5562a3f 100644
--- a/pass/routes/checkout/checkout.js
+++ b/pass/routes/checkout/checkout.js
@@ -19,6 +19,13 @@ router.get(
       return res.status(400).json({ errors: errors.array() });
     }
 
+    /**
+     * The user interface allows either 100 searches or steps of 250 searches (up to 12 * 250 = 3000)
+     * 100 searches are a little bit more expensive than 250
+     *
+     * an amount of 0 corresponds to 100 searches
+     * an amount of 1-12 corresponds to 1-12 * 250 searches
+     */
     let params = {
       amount: req.query.amount === 0 ? 1 : req.query.amount,
       unit_size: req.query.amount === 0 ? 100 : 250,
@@ -110,7 +117,11 @@ router.use(
           );
         }
       }
-      if (value.length !== req.body.amount) {
+      let expected_ticket_count = (req.body.amount * req.body.unit_size) / 50;
+      if (expected_ticket_count % 1 !== 0) {
+        return Promise.reject("Expected ticket count is not an integer.");
+      }
+      if (value.length !== expected_ticket_count) {
         return Promise.reject("Two many receipts compared to the order.");
       }
       return true;
-- 
GitLab