diff --git a/browser/root-certs b/browser/root-certs index 402f1178e..f38a55d3a 100755 --- a/browser/root-certs +++ b/browser/root-certs @@ -46,11 +46,7 @@ function getRootCerts(callback) { + '}, {});\n' + '\n' + 'function getTrusted(pem) {\n' - + ' pem = pem + "";\n' - + ' pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, "");\n' - + ' pem = pem.replace(/-----END CERTIFICATE-----/g, "");\n' - + ' pem = pem.trim().split(/(?:\\r?\\n){2,}/).pop();' - + ' pem = pem.replace(/\\s+/g, "");\n' + + ' pem = parsePEM(pem).pem;\n' + ' if (!Object.prototype.hasOwnProperty.call(trusted, pem)) return;\n' + ' return trusted[pem];\n' + '}\n' @@ -61,10 +57,39 @@ function getRootCerts(callback) { + ' return certs[name];\n' + '}\n' + '\n' + + 'function parsePEM(pem) {\n' + + ' pem = pem + "";\n' + + ' pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, "");\n' + + ' pem = pem.replace(/-----END CERTIFICATE-----/g, "");\n' + + ' var parts = pem.trim().split(/(?:\\r?\\n){2,}/);\n' + + ' var meta = {};\n' + + ' if (parts.length > 1) {\n' + + ' meta = parts[0].trim().split(/[\\r\\n]/).reduce(function(out, line) {\n' + + ' var parts = line.split(/:[ \\t]+/);\n' + + ' var key = parts[0].trim().toLowerCase();\n' + + ' var value = (parts.slice(1).join("") || "").trim();\n' + + ' out[key] = value;\n' + + ' return out;\n' + + ' }, {});\n' + + ' pem = parts.slice(1).join("");\n' + + ' }\n' + + ' pem = pem.replace(/\\s+/g, "");\n' + +' var der = pem\n' + + ' ? new Buffer(pem, "base64")\n' + + ' : null;\n' + + ' return {\n' + + ' meta: meta,\n' + + ' pem: pem,\n' + + ' der: der,\n' + + ' data: der || new Buffer([0])\n' + + ' };\n' + + '}\n' + + '\n' + 'exports.certs = certs;\n' + 'exports.trusted = trusted;\n' + 'exports.getCert = getCert;\n' + 'exports.getTrusted = getTrusted;\n'; + + 'exports.parsePEM = parsePEM;\n'; return callback(null, body); }); } diff --git a/lib/common/PayPro.js b/lib/common/PayPro.js index b3cffa9a5..ab187d598 100644 --- a/lib/common/PayPro.js +++ b/lib/common/PayPro.js @@ -409,4 +409,6 @@ PayPro.prototype._DERtoPEM = function(der, type) { + '\r\n-----END ' + type + '-----\r\n'; }; +PayPro.parsePEM = RootCerts.parsePEM; + module.exports = PayPro; diff --git a/lib/common/RootCerts.js b/lib/common/RootCerts.js index f5eb32446..029748207 100644 --- a/lib/common/RootCerts.js +++ b/lib/common/RootCerts.js @@ -3715,11 +3715,7 @@ var trusted = Object.keys(certs).reduce(function(trusted, key) { }, {}); function getTrusted(pem) { - pem = pem + ""; - pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, ""); - pem = pem.replace(/-----END CERTIFICATE-----/g, ""); - pem = pem.trim().split(/(?:\r?\n){2,}/).pop(); - pem = pem.replace(/\s+/g, ""); + pem = parsePEM(pem).pem; if (!Object.prototype.hasOwnProperty.call(trusted, pem)) return; return trusted[pem]; } @@ -3730,6 +3726,34 @@ function getCert(name) { return certs[name]; } +function parsePEM(pem) { + pem = pem + ""; + pem = pem.replace(/-----BEGIN CERTIFICATE-----/g, ""); + pem = pem.replace(/-----END CERTIFICATE-----/g, ""); + var parts = pem.trim().split(/(?:\r?\n){2,}/); + var meta = {}; + if (parts.length > 1) { + meta = parts[0].trim().split(/[\r\n]/).reduce(function(out, line) { + var parts = line.split(/:[ \t]+/); + var key = parts[0].trim().toLowerCase(); + var value = (parts.slice(1).join("") || "").trim(); + out[key] = value; + return out; + }, {}); + pem = parts.slice(1).join(""); + } + pem = pem.replace(/\s+/g, ""); + var der = pem + ? new Buffer(pem, "base64") + : null; + return { + meta: meta, + pem: pem, + der: der, + data: der || new Buffer([0]) + }; +} + exports.certs = certs; exports.trusted = trusted; exports.getCert = getCert;