bitcore/lib/browser/PayPro.js

"use strict";

var Key = require('./Key');
var KJUR = require('./x509');
var assert = require('assert');
var PayPro = require('../PayPro');
var RootCerts = require('../common/RootCerts');

PayPro.sign = function(key) {
  if (this.messageType !== 'PaymentRequest')
    throw new Error('Signing can only be performed on a PaymentRequest');

  var pki_type = this.get('pki_type');

  if (pki_type === 'SIN') {
    var sig = this.sinSign(key);
  } else if (pki_type === 'x509+sha256' || pki_type === 'x509+sha1') {
    throw new Error('x509 currently unsuported.');
  } else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
    var crypto = require('crypto');
    var pki_data = this.get('pki_data'); // contains one or more x509 certs
    var type = pki_type.split('+')[1].toUpperCase();
    var buf = this.serializeForSig();

    var trusted = [].concat(pki_data).every(function(cert) {
      var der = cert.toString('hex');
      var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
      return !!RootCerts[pem.replace(/\s+/g, '')];
    });

    if (!trusted) {
      // throw new Error('Unstrusted certificate.');
    }

    var jsrsaSig = new KJUR.crypto.Signature({
      alg: type + 'withRSA',
      prov: 'cryptojs/jsrsa'
    });

    jsrsaSig.initSign(key);

    jsrsaSig.updateHex(buf.toString('hex'));

    var sig = new Buffer(jsrsasig.sign(), 'hex');
  } else if (pki_type === 'none') {
    return this;
  } else {
    throw new Error('Unsupported pki_type');
  }

  this.set('signature', sig);
  return this;
};

PayPro.verify = function() {
  if (this.messageType !== 'PaymentRequest')
    throw new Error('Verifying can only be performed on a PaymentRequest');

  var pki_type = this.get('pki_type');

  if (pki_type === 'SIN') {
    return this.sinVerify();
  } else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
    var sig = this.get('signature');
    var pki_data = this.get('pki_data');
    var buf = this.serializeForSig();
    var type = pki_type.split('+')[1].toUpperCase();

    var jsrsaSig = new KJUR.crypto.Signature({
      alg: type + 'withRSA',
      prov: 'cryptojs/jsrsa'
    });

    return [].concat(pki_data).every(function(cert) {
      var der = cert.toString('hex');
      var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');

      if (!RootCerts[pem.replace(/\s+/g, '')]) {
        // throw new Error('Unstrusted certificate.');
      }

      jsrsaSig.initVerifyByCertificatePEM(pem);

      jsrsaSig.updateHex(buf.toString('hex'));

      return jsrsaSig.verify(sig.toString('hex'));
    });
  } else if (pki_type === 'none') {
    return true;
  }

  throw new Error('Unsupported pki_type');
};

module.exports = Point;
paypro: first pass at clientside x509. 2014-07-16 09:03:51 -07:00			`"use strict";`

			`var Key = require('./Key');`
paypro: clientside. start using jsrsasign api correctly. 2014-07-16 15:05:01 -07:00			`var KJUR = require('./x509');`
paypro: first pass at clientside x509. 2014-07-16 09:03:51 -07:00			`var assert = require('assert');`
			`var PayPro = require('../PayPro');`
paypro: move root certs to common. 2014-07-21 13:52:09 -07:00			`var RootCerts = require('../common/RootCerts');`
paypro: begin checking trusted certs. 2014-07-16 16:38:00 -07:00
paypro: first pass at clientside x509. 2014-07-16 09:03:51 -07:00			`PayPro.sign = function(key) {`
			`if (this.messageType !== 'PaymentRequest')`
			`throw new Error('Signing can only be performed on a PaymentRequest');`

			`var pki_type = this.get('pki_type');`

			`if (pki_type === 'SIN') {`
			`var sig = this.sinSign(key);`
paypro: begin checking trusted certs. 2014-07-16 16:38:00 -07:00			`} else if (pki_type === 'x509+sha256' \|\| pki_type === 'x509+sha1') {`
paypro: first pass at clientside x509. 2014-07-16 09:03:51 -07:00			`throw new Error('x509 currently unsuported.');`
			`} else if (pki_type === 'x509+sha1' \|\| pki_type === 'x509+sha256') {`
			`var crypto = require('crypto');`
			`var pki_data = this.get('pki_data'); // contains one or more x509 certs`
paypro: multiple fixes. 2014-07-16 18:10:23 -07:00			`var type = pki_type.split('+')[1].toUpperCase();`
paypro: first pass at clientside x509. 2014-07-16 09:03:51 -07:00			`var buf = this.serializeForSig();`
paypro: begin checking trusted certs. 2014-07-16 16:38:00 -07:00
paypro: treat pki_data as an array. 2014-07-17 17:15:25 -07:00			`var trusted = [].concat(pki_data).every(function(cert) {`
			`var der = cert.toString('hex');`
			`var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');`
paypro: convert root certs to hash table in build file. 2014-07-17 17:20:03 -07:00			`return !!RootCerts[pem.replace(/\s+/g, '')];`
paypro: treat pki_data as an array. 2014-07-17 17:15:25 -07:00			`});`
paypro: begin checking trusted certs. 2014-07-16 16:38:00 -07:00
paypro: treat pki_data as an array. 2014-07-17 17:15:25 -07:00			`if (!trusted) {`
paypro: temporarily disable untrusted cert error for tests. typo fix. 2014-07-16 18:24:19 -07:00			`// throw new Error('Unstrusted certificate.');`
paypro: handle untrusted certs on browser and node. 2014-07-16 18:23:37 -07:00			`}`

paypro: fix encodings with jsrsasign. 2014-07-16 15:08:02 -07:00			`var jsrsaSig = new KJUR.crypto.Signature({`
paypro: clientside. start using jsrsasign api correctly. 2014-07-16 15:05:01 -07:00			`alg: type + 'withRSA',`
			`prov: 'cryptojs/jsrsa'`
			`});`
paypro: fix payment protocol for DER certs. 2014-07-16 17:16:03 -07:00
paypro: fix browser paypro. TODO: fix parsing DER certs. 2014-07-16 17:22:35 -07:00			`jsrsaSig.initSign(key);`
paypro: fix payment protocol for DER certs. 2014-07-16 17:16:03 -07:00
paypro: fix encodings with jsrsasign. 2014-07-16 15:08:02 -07:00			`jsrsaSig.updateHex(buf.toString('hex'));`
paypro: fix payment protocol for DER certs. 2014-07-16 17:16:03 -07:00
paypro: clientside. start using jsrsasign api correctly. 2014-07-16 15:05:01 -07:00			`var sig = new Buffer(jsrsasig.sign(), 'hex');`
paypro: first pass at clientside x509. 2014-07-16 09:03:51 -07:00			`} else if (pki_type === 'none') {`
			`return this;`
			`} else {`
			`throw new Error('Unsupported pki_type');`
			`}`

			`this.set('signature', sig);`
			`return this;`
			`};`

			`PayPro.verify = function() {`
			`if (this.messageType !== 'PaymentRequest')`
			`throw new Error('Verifying can only be performed on a PaymentRequest');`

			`var pki_type = this.get('pki_type');`

			`if (pki_type === 'SIN') {`
			`return this.sinVerify();`
			`} else if (pki_type === 'x509+sha1' \|\| pki_type === 'x509+sha256') {`
			`var sig = this.get('signature');`
			`var pki_data = this.get('pki_data');`
			`var buf = this.serializeForSig();`
paypro: multiple fixes. 2014-07-16 18:10:23 -07:00			`var type = pki_type.split('+')[1].toUpperCase();`
paypro: clientside. start using jsrsasign api correctly. 2014-07-16 15:05:01 -07:00
paypro: fix encodings with jsrsasign. 2014-07-16 15:08:02 -07:00			`var jsrsaSig = new KJUR.crypto.Signature({`
paypro: clientside. start using jsrsasign api correctly. 2014-07-16 15:05:01 -07:00			`alg: type + 'withRSA',`
			`prov: 'cryptojs/jsrsa'`
			`});`

paypro: treat pki_data as an array. 2014-07-17 17:15:25 -07:00			`return [].concat(pki_data).every(function(cert) {`
			`var der = cert.toString('hex');`
			`var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');`
paypro: handle untrusted certs on browser and node. 2014-07-16 18:23:37 -07:00
paypro: convert root certs to hash table in build file. 2014-07-17 17:20:03 -07:00			`if (!RootCerts[pem.replace(/\s+/g, '')]) {`
paypro: treat pki_data as an array. 2014-07-17 17:15:25 -07:00			`// throw new Error('Unstrusted certificate.');`
			`}`
paypro: clientside. start using jsrsasign api correctly. 2014-07-16 15:05:01 -07:00
paypro: treat pki_data as an array. 2014-07-17 17:15:25 -07:00			`jsrsaSig.initVerifyByCertificatePEM(pem);`
paypro: clientside. start using jsrsasign api correctly. 2014-07-16 15:05:01 -07:00
paypro: treat pki_data as an array. 2014-07-17 17:15:25 -07:00			`jsrsaSig.updateHex(buf.toString('hex'));`
paypro: clientside. start using jsrsasign api correctly. 2014-07-16 15:05:01 -07:00
paypro: treat pki_data as an array. 2014-07-17 17:15:25 -07:00			`return jsrsaSig.verify(sig.toString('hex'));`
			`});`
paypro: first pass at clientside x509. 2014-07-16 09:03:51 -07:00			`} else if (pki_type === 'none') {`
			`return true;`
			`}`

			`throw new Error('Unsupported pki_type');`
			`};`

			`module.exports = Point;`