From 5b4c4f389458e87a52c93ef2fd669e7589beedfc Mon Sep 17 00:00:00 2001
From: Christopher Jeffrey <chjjeffrey@gmail.com>
Date: Thu, 24 Jul 2014 17:40:56 -0700
Subject: [PATCH] paypro: get root cert names.

---
 browser/root-certs      |  6 +++---
 lib/PayPro.js           | 21 ++++++++++++++-------
 lib/browser/PayPro.js   | 24 ++++++++++++++----------
 lib/common/RootCerts.js |  4 ++--
 4 files changed, 33 insertions(+), 22 deletions(-)

diff --git a/browser/root-certs b/browser/root-certs
index eeac16386..f5dc0e2a6 100755
--- a/browser/root-certs
+++ b/browser/root-certs
@@ -45,7 +45,7 @@ function getRootCerts(callback) {
       + '  return trusted;\n'
       + '}, {});\n'
       + '\n'
-      + 'function isTrusted(pem) {\n'
+      + 'function getTrusted(pem) {\n'
       + '  pem = pem + "";\n'
       + '  pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, "");\n'
       + '  pem = pem.replace(/-----END CERTIFICATE-----/g, "");\n'
@@ -59,8 +59,8 @@ function getRootCerts(callback) {
       + '\n'
       + 'exports.certs = certs;\n'
       + 'exports.trusted = trusted;\n'
-      + 'exports.isTrusted = isTrusted;\n'
-      + 'exports.getCert = getCert;\n';
+      + 'exports.getCert = getCert;\n'
+      + 'exports.getTrusted = getTrusted;\n';
     return callback(null, body);
   });
 }
diff --git a/lib/PayPro.js b/lib/PayPro.js
index 5a073c3b9..0d9abc557 100644
--- a/lib/PayPro.js
+++ b/lib/PayPro.js
@@ -16,15 +16,19 @@ PayPro.prototype.x509Sign = function(key) {
   var details = this.get('serialized_payment_details');
   var type = pki_type.split('+')[1].toUpperCase();
 
-  var trusted = [].concat(pki_data).every(function(cert) {
+  var trusted = pki_data.map(function(cert) {
     var der = cert.toString('hex');
     var pem = self._DERtoPEM(der, 'CERTIFICATE');
-    return RootCerts.isTrusted(pem);
+    return RootCerts.getTrusted(pem);
   });
 
-  if (!trusted) {
-    // XXX Figure out what to do here
+  // XXX Figure out what to do here
+  if (!trusted.length) {
     // throw new Error('Unstrusted certificate.');
+  } else {
+    trusted.forEach(function(name) {
+      // console.log('Certificate: %s', name);
+    });
   }
 
   var signature = crypto.createSign('RSA-' + type);
@@ -49,13 +53,16 @@ PayPro.prototype.x509Verify = function() {
   var verifier = crypto.createVerify('RSA-' + type);
   verifier.update(buf);
 
-  return [].concat(pki_data).every(function(cert) {
+  return pki_data.every(function(cert) {
     var der = cert.toString('hex');
     var pem = self._DERtoPEM(der, 'CERTIFICATE');
 
-    if (!RootCerts.isTrusted(pem)) {
-      // XXX Figure out what to do here
+    var name = RootCerts.getTrusted(pem);
+    // XXX Figure out what to do here
+    if (!name) {
       // throw new Error('Unstrusted certificate.');
+    } else {
+      // console.log('Certificate: %s', name);
     }
 
     return verifier.verify(pem, sig);
diff --git a/lib/browser/PayPro.js b/lib/browser/PayPro.js
index e41a8e055..16b23cbf5 100644
--- a/lib/browser/PayPro.js
+++ b/lib/browser/PayPro.js
@@ -18,15 +18,19 @@ PayPro.prototype.x509Sign = function(key) {
   var type = pki_type.split('+')[1].toUpperCase();
   var buf = this.serializeForSig();
 
-  var trusted = [].concat(pki_data).every(function(cert) {
+  var trusted = pki_data.map(function(cert) {
     var der = cert.toString('hex');
     var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
-    return RootCerts.isTrusted(pem);
+    return RootCerts.getTrusted(pem);
   });
 
-  if (!trusted) {
-    // XXX Figure out what to do here
+  // XXX Figure out what to do here
+  if (!trusted.length) {
     // throw new Error('Unstrusted certificate.');
+  } else {
+    trusted.forEach(function(name) {
+      // console.log('Certificate: %s', name);
+    });
   }
 
   var rsa = new KJUR.RSAKey();
@@ -38,9 +42,6 @@ PayPro.prototype.x509Sign = function(key) {
     prov: 'cryptojs/jsrsa'
   });
 
-  // XXX Could use this?
-  //jsrsaSig.initSign(key);
-
   jsrsaSig.init(key);
 
   jsrsaSig.updateHex(buf.toString('hex'));
@@ -63,13 +64,16 @@ PayPro.prototype.x509Verify = function(key) {
     prov: 'cryptojs/jsrsa'
   });
 
-  return [].concat(pki_data).every(function(cert) {
+  return pki_data.every(function(cert) {
     var der = cert.toString('hex');
     var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
 
-    if (!RootCerts.isTrusted(pem)) {
-      // XXX Figure out what to do here
+    // XXX Figure out what to do here
+    var name = RootCerts.getTrusted(pem);
+    if (!name) {
       // throw new Error('Unstrusted certificate.');
+    } else {
+      // console.log('Certificate: %s', name);
     }
 
     jsrsaSig.initVerifyByCertificatePEM(pem);
diff --git a/lib/common/RootCerts.js b/lib/common/RootCerts.js
index 2686d384c..5e7bb80fa 100644
--- a/lib/common/RootCerts.js
+++ b/lib/common/RootCerts.js
@@ -3714,7 +3714,7 @@ var trusted = Object.keys(certs).reduce(function(trusted, key) {
   return trusted;
 }, {});
 
-function isTrusted(pem) {
+function getTrusted(pem) {
   pem = pem + "";
   pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, "");
   pem = pem.replace(/-----END CERTIFICATE-----/g, "");
@@ -3728,5 +3728,5 @@ function getCert(name) {
 
 exports.certs = certs;
 exports.trusted = trusted;
-exports.isTrusted = isTrusted;
 exports.getCert = getCert;
+exports.getTrusted = getTrusted;