BTCPrivate
/
bitcore
mirror of https://github.com/BTCPrivate/bitcore.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

paypro: implement "none" pki_type.

This commit is contained in:
Christopher Jeffrey 2014-08-29 20:31:27 -07:00
parent a73699ba64
commit a50b9ed3a3
2 changed files with 80 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
lib/PayPro.js
View File

@ -17,12 +17,19 @@ PayPro.prototype.x509Sign = function(key, returnTrust) {
pki_data = PayPro.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
var details = this.get('serialized_payment_details');
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
var signature = crypto.createSign('RSA-' + type);
var buf = this.serializeForSig();
signature.update(buf);
var sig = signature.sign(key);
if (type !== 'none') {
var signature = crypto.createSign('RSA-' + type);
var buf = this.serializeForSig();
signature.update(buf);
var sig = signature.sign(key);
} else {
var buf = this.serializeForSig();
var sig = '';
}
if (returnTrust) {
var cert = pki_data[pki_data.length - 1];
@ -57,15 +64,20 @@ PayPro.prototype.x509Verify = function(returnTrust) {
pki_data = pki_data.certificate;
var details = this.get('serialized_payment_details');
var buf = this.serializeForSig();
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
var verifier = crypto.createVerify('RSA-' + type);
verifier.update(buf);
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
var pem = PayPro.DERtoPEM(der, 'CERTIFICATE');
var verified = verifier.verify(pem, sig);
if (type !== 'none') {
var verifier = crypto.createVerify('RSA-' + type);
verifier.update(buf);
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
var pem = PayPro.DERtoPEM(der, 'CERTIFICATE');
var verified = verifier.verify(pem, sig);
} else {
var verified = true;
}
var chain = pki_data;
@ -177,7 +189,7 @@ PayPro.verifyCertChain = function(chain, type) {
// from the DER Certificate:
var tbs = PayPro.getTBSCertificate(data);
var verifier = crypto.createVerify('RSA-' + sigAlg);
var verifier = crypto.createVerify(type ? 'RSA-' + type : 'RSA');
verifier.update(tbs);
var sigVerified = verifier.verify(npubKey, sig);

91
lib/browser/PayPro.js
View File

@ -18,23 +18,29 @@ PayPro.prototype.x509Sign = function(key, returnTrust) {
var pki_data = this.get('pki_data'); // contains one or more x509 certs
pki_data = PayPro.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
var buf = this.serializeForSig();
var rsa = new KJUR.RSAKey();
rsa.readPrivateKeyFromPEMString(key.toString());
key = rsa;
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
if (type !== 'none') {
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
jsrsaSig.init(key);
jsrsaSig.init(key);
jsrsaSig.updateHex(buf.toString('hex'));
jsrsaSig.updateHex(buf.toString('hex'));
var sig = new Buffer(jsrsaSig.sign(), 'hex');
var sig = new Buffer(jsrsaSig.sign(), 'hex');
} else {
var sig = '';
}
if (returnTrust) {
var cert = pki_data[pki_data.length - 1];
@ -66,20 +72,25 @@ PayPro.prototype.x509Verify = function(returnTrust) {
pki_data = PayPro.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
var buf = this.serializeForSig();
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
// var pem = self._DERtoPEM(der, 'CERTIFICATE');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
jsrsaSig.initVerifyByCertificatePEM(pem);
jsrsaSig.updateHex(buf.toString('hex'));
var verified = jsrsaSig.verify(sig.toString('hex'));
if (type !== 'none') {
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
// var pem = self._DERtoPEM(der, 'CERTIFICATE');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
jsrsaSig.initVerifyByCertificatePEM(pem);
jsrsaSig.updateHex(buf.toString('hex'));
var verified = jsrsaSig.verify(sig.toString('hex'));
} else {
var verified = true;
}
var chain = pki_data;
@ -169,12 +180,14 @@ PayPro.verifyCertChain = function(chain, type) {
//
// Get Public Key from next certificate (via KJUR because it's a mess):
//
var js = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
js.initVerifyByCertificatePEM(npem);
var npubKey = js.pubKey;
if (type !== 'none') {
var js = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
js.initVerifyByCertificatePEM(npem);
var npubKey = js.pubKey;
}
// XXX Somehow change the pubKey format to npubKeyAlg.
//
@ -199,19 +212,23 @@ PayPro.verifyCertChain = function(chain, type) {
// Verify current Certificate signature
//
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
jsrsaSig.initVerifyByPublicKey(npubKey);
if (type !== 'none') {
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
jsrsaSig.initVerifyByPublicKey(npubKey);
// Get the raw DER TBSCertificate
// from the DER Certificate:
var tbs = PayPro.getTBSCertificate(data);
// Get the raw DER TBSCertificate
// from the DER Certificate:
var tbs = PayPro.getTBSCertificate(data);
jsrsaSig.updateHex(tbs.toString('hex'));
jsrsaSig.updateHex(tbs.toString('hex'));
var sigVerified = jsrsaSig.verify(sig.toString('hex'));
var sigVerified = jsrsaSig.verify(sig.toString('hex'));
} else {
var sigVerified = true;
}
return validityVerified
&& issuerVerified