BTCPrivate
/
bitcore
mirror of https://github.com/BTCPrivate/bitcore.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

paypro: get root cert names.

This commit is contained in:
Christopher Jeffrey 2014-07-24 17:40:56 -07:00
parent 0020e289d8
commit 5b4c4f3894
4 changed files with 33 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
browser/root-certs
View File

@ -45,7 +45,7 @@ function getRootCerts(callback) {
+ ' return trusted;\n' + ' return trusted;\n'
+ '}, {});\n' + '}, {});\n'
+ '\n' + '\n'
+ 'function isTrusted(pem) {\n' + 'function getTrusted(pem) {\n'
+ ' pem = pem + "";\n' + ' pem = pem + "";\n'
+ ' pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, "");\n' + ' pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, "");\n'
+ ' pem = pem.replace(/-----END CERTIFICATE-----/g, "");\n' + ' pem = pem.replace(/-----END CERTIFICATE-----/g, "");\n'
@ -59,8 +59,8 @@ function getRootCerts(callback) {
+ '\n' + '\n'
+ 'exports.certs = certs;\n' + 'exports.certs = certs;\n'
+ 'exports.trusted = trusted;\n' + 'exports.trusted = trusted;\n'
+ 'exports.isTrusted = isTrusted;\n' + 'exports.getCert = getCert;\n'
+ 'exports.getCert = getCert;\n'; + 'exports.getTrusted = getTrusted;\n';
return callback(null, body); return callback(null, body);
}); });
} }

21
lib/PayPro.js
View File

@ -16,15 +16,19 @@ PayPro.prototype.x509Sign = function(key) {
var details = this.get('serialized_payment_details'); var details = this.get('serialized_payment_details');
var type = pki_type.split('+')[1].toUpperCase(); var type = pki_type.split('+')[1].toUpperCase();
var trusted = [].concat(pki_data).every(function(cert) { var trusted = pki_data.map(function(cert) {
var der = cert.toString('hex'); var der = cert.toString('hex');
var pem = self._DERtoPEM(der, 'CERTIFICATE'); var pem = self._DERtoPEM(der, 'CERTIFICATE');
return RootCerts.isTrusted(pem); return RootCerts.getTrusted(pem);
}); });
if (!trusted) { // XXX Figure out what to do here
// XXX Figure out what to do here if (!trusted.length) {
// throw new Error('Unstrusted certificate.'); // throw new Error('Unstrusted certificate.');
} else {
trusted.forEach(function(name) {
// console.log('Certificate: %s', name);
});
} }
var signature = crypto.createSign('RSA-' + type); var signature = crypto.createSign('RSA-' + type);
@ -49,13 +53,16 @@ PayPro.prototype.x509Verify = function() {
var verifier = crypto.createVerify('RSA-' + type); var verifier = crypto.createVerify('RSA-' + type);
verifier.update(buf); verifier.update(buf);
return [].concat(pki_data).every(function(cert) { return pki_data.every(function(cert) {
var der = cert.toString('hex'); var der = cert.toString('hex');
var pem = self._DERtoPEM(der, 'CERTIFICATE'); var pem = self._DERtoPEM(der, 'CERTIFICATE');
if (!RootCerts.isTrusted(pem)) { var name = RootCerts.getTrusted(pem);
// XXX Figure out what to do here // XXX Figure out what to do here
if (!name) {
// throw new Error('Unstrusted certificate.'); // throw new Error('Unstrusted certificate.');
} else {
// console.log('Certificate: %s', name);
} }
return verifier.verify(pem, sig); return verifier.verify(pem, sig);

24
lib/browser/PayPro.js
View File

@ -18,15 +18,19 @@ PayPro.prototype.x509Sign = function(key) {
var type = pki_type.split('+')[1].toUpperCase(); var type = pki_type.split('+')[1].toUpperCase();
var buf = this.serializeForSig(); var buf = this.serializeForSig();
var trusted = [].concat(pki_data).every(function(cert) { var trusted = pki_data.map(function(cert) {
var der = cert.toString('hex'); var der = cert.toString('hex');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE'); var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
return RootCerts.isTrusted(pem); return RootCerts.getTrusted(pem);
}); });
if (!trusted) { // XXX Figure out what to do here
// XXX Figure out what to do here if (!trusted.length) {
// throw new Error('Unstrusted certificate.'); // throw new Error('Unstrusted certificate.');
} else {
trusted.forEach(function(name) {
// console.log('Certificate: %s', name);
});
} }
var rsa = new KJUR.RSAKey(); var rsa = new KJUR.RSAKey();
@ -38,9 +42,6 @@ PayPro.prototype.x509Sign = function(key) {
prov: 'cryptojs/jsrsa' prov: 'cryptojs/jsrsa'
}); });
// XXX Could use this?
//jsrsaSig.initSign(key);
jsrsaSig.init(key); jsrsaSig.init(key);
jsrsaSig.updateHex(buf.toString('hex')); jsrsaSig.updateHex(buf.toString('hex'));
@ -63,13 +64,16 @@ PayPro.prototype.x509Verify = function(key) {
prov: 'cryptojs/jsrsa' prov: 'cryptojs/jsrsa'
}); });
return [].concat(pki_data).every(function(cert) { return pki_data.every(function(cert) {
var der = cert.toString('hex'); var der = cert.toString('hex');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE'); var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
if (!RootCerts.isTrusted(pem)) { // XXX Figure out what to do here
// XXX Figure out what to do here var name = RootCerts.getTrusted(pem);
if (!name) {
// throw new Error('Unstrusted certificate.'); // throw new Error('Unstrusted certificate.');
} else {
// console.log('Certificate: %s', name);
} }
jsrsaSig.initVerifyByCertificatePEM(pem); jsrsaSig.initVerifyByCertificatePEM(pem);

4
lib/common/RootCerts.js
View File

@ -3714,7 +3714,7 @@ var trusted = Object.keys(certs).reduce(function(trusted, key) {
return trusted; return trusted;
}, {}); }, {});
function isTrusted(pem) { function getTrusted(pem) {
pem = pem + ""; pem = pem + "";
pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, ""); pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, "");
pem = pem.replace(/-----END CERTIFICATE-----/g, ""); pem = pem.replace(/-----END CERTIFICATE-----/g, "");
@ -3728,5 +3728,5 @@ function getCert(name) {
exports.certs = certs; exports.certs = certs;
exports.trusted = trusted; exports.trusted = trusted;
exports.isTrusted = isTrusted;
exports.getCert = getCert; exports.getCert = getCert;
exports.getTrusted = getTrusted;