paypro: fix payment protocol for DER certs.

lib/PayPro.js

@@ -209,16 +209,14 @@ PayPro.prototype.sign = function(key) {
   if (pki_type === 'SIN') {
     var sig = this.sinSign(key);
   } else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
-    // XXX node only
     var crypto = require('crypto');
     var pki_data = this.get('pki_data'); // contains one or more x509 certs
-    //var details = this.get('serialized_payment_details');
+    var details = this.get('serialized_payment_details');
     var type = pki_type.split('+').toUpperCase();
     var signature = crypto.createSign('RSA-' + type);
     var buf = this.serializeForSig();
     signature.update(buf);
-    //var pki_data = require('fs').readFileSync(__dirname + '/../test/data/x509.pem');
-    var sig = signature.sign(pki_data);
+    var sig = signature.sign(key);
   } else if (pki_type === 'none') {
     return this;
   } else {
@@ -239,11 +237,10 @@ PayPro.prototype.verify = function() {
   if (pki_type === 'SIN') {
     return this.sinVerify();
   } else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
-    // XXX node only
     var crypto = require('crypto');
     var sig = this.get('signature');
     var pki_data = this.get('pki_data');
-    // var details = this.get('serialized_payment_details');
+    var details = this.get('serialized_payment_details');
     var buf = this.serializeForSig();
     var type = pki_type.split('+').toUpperCase();
     var verifier = crypto.createVerify('RSA-' + type);

lib/browser/PayPro.js

@@ -7,7 +7,7 @@ var PayPro = require('../PayPro');
 var Trusted = require('./Trusted');
 
 // Use hash table for efficiency:
-var trustHash = Trusted.reduce(function(out, cert) {
+Trusted = Trusted.reduce(function(out, cert) {
   cert = cert.replace(/\s+/g, '');
   trusted[cert] = true;
   return trusted;
@@ -31,7 +31,7 @@ PayPro.sign = function(key) {
 
     // TODO: parse all certs
     var cert = pki_data.split(/-----BEGIN[^\n]*KEY-----/)[0].replace(/\s+/g, '');
-    if (!trustHash[cert])) {
+    if (!Trusted[cert])) {
       ; // untrusted cert
     }
 
@@ -39,8 +39,11 @@ PayPro.sign = function(key) {
       alg: type + 'withRSA',
       prov: 'cryptojs/jsrsa'
     });
+
     jsrsaSig.initSign(pki_data);
+
     jsrsaSig.updateHex(buf.toString('hex'));
+
     var sig = new Buffer(jsrsasig.sign(), 'hex');
   } else if (pki_type === 'none') {
     return this;

test/data/x509.pub

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTJuK2aGLn1dXJKDh4Mw
+PLUkl3HI5pGnG5ac4l/0ihmq8cwC+FVPgZMS59aykisB+zC7vtvkJk/bv+BSOX7o
+xdIsuL3dKQFpuXXVfrdb95wYn4M+/njEhXMlhVMH/OCiAg9JKhTKWL6GRWZAAhA7
+lBRhgSNDTiTC51CbiK7xA6pN4+tQHxomJPXrZRkbB2klOfWwbv93Y3J1KFD+i0PM
+QHLw7rhEumxC93+HHUVYVH7H1TPZH1bdUJJ02gQeylJssYCJydZPzNT/zuts/KJW
+dRv5lxwG9u9tMNMghJbmAaMkMGi+o7PNEyP3qHFrYpYhs5pqLHMRNB78QM9IeNjL
+FwIDAQAB
+-----END PUBLIC KEY-----

test/test.PayPro.js

@@ -320,9 +320,12 @@ describe('PayPro', function() {
 
   });
 
-  var x509sig = new Buffer(0);
-  var x509path = __dirname + '/data/x509.pem';
-  var x509pem = fs.readFileSync(x509path);
+  var x509 = {
+    priv: fs.readFileSync(__dirname + '/data/x509.key'),
+    pub: fs.readFileSync(__dirname + '/data/x509.pub'),
+    crt: fs.readFileSync(__dirname + '/data/x509.der'),
+    sig: new Buffer(0)
+  };
 
   describe('#x509Sign', function() {
     it('should sign assuming pki_type is x509', function() {
@@ -336,17 +339,12 @@ describe('PayPro', function() {
 
       paypro.set('serialized_payment_details', pdbuf);
       paypro.set('pki_type', 'x509+sha256');
-      paypro.set('pki_data', x509pem);
+      paypro.set('pki_data', x509.crt);
 
-      var key = new bitcore.Key();
-      key.private = bitcore.util.sha256('test key');
-      key.regenerateSync();
+      paypro.sign(x509.priv);
 
-      paypro.sign(key);
-
-      var sig = paypro.get('signature');
-      x509sig = sig;
-      sig.length.should.be.greaterThan(0);
+      x509.sig = paypro.get('signature');
+      x509.sig.length.should.be.greaterThan(0);
     });
   });
 
@@ -363,8 +361,8 @@ describe('PayPro', function() {
       paypro.set('serialized_payment_details', pdbuf);
       paypro.set('pki_type', 'x509+sha256');
 
-      paypro.set('signature', x509sig); // sig buffer
-      paypro.set('pki_data', x509pem); // contains one or more x509 certs
+      paypro.set('signature', x509.sig); // sig buffer
+      paypro.set('pki_data', x509.crt); // contains one or more x509 certs
 
       var verify = paypro.verify();
       verify.should.equal(true);