paypro: add isTrusted function to RootCerts.
This commit is contained in:
parent
672e667e9c
commit
cec71a51fd
|
@ -29,13 +29,23 @@ function getRootCerts(callback) {
|
||||||
body = body.replace(/^"/gm, '+ "');
|
body = body.replace(/^"/gm, '+ "');
|
||||||
body = body.replace(/^\+ "-----B/gm, '"-----B');
|
body = body.replace(/^\+ "-----B/gm, '"-----B');
|
||||||
body += ''
|
body += ''
|
||||||
|
+ '\n'
|
||||||
+ '// Use hash table for efficiency:\n'
|
+ '// Use hash table for efficiency:\n'
|
||||||
+ 'RootCerts = RootCerts.reduce(function(trusted, cert) {\n'
|
+ 'RootCerts = RootCerts.reduce(function(trusted, cert) {\n'
|
||||||
+ ' cert = cert.replace(/\\s+/g, "");\n'
|
+ ' cert = cert.replace(/\\s+/g, "");\n'
|
||||||
+ ' trusted[cert] = true;\n'
|
+ ' trusted[cert] = true;\n'
|
||||||
+ ' return trusted;\n'
|
+ ' return trusted;\n'
|
||||||
+ '}, {});\n'
|
+ '}, {});\n'
|
||||||
+ 'module.exports = RootCerts;\n';
|
+ '\n'
|
||||||
|
+ 'function isTrusted(pem) {\n'
|
||||||
|
+ ' pem = pem + "";\n'
|
||||||
|
+ ' pem = pem.replace(/\\s+/g, "");\n'
|
||||||
|
+ ' return !!RootCerts[pem];\n'
|
||||||
|
+ '}\n'
|
||||||
|
+ '\n'
|
||||||
|
+ 'exports = RootCerts;\n'
|
||||||
|
+ 'exports.isTrusted = isTrusted;\n'
|
||||||
|
+ 'module.exports = exports;\n';
|
||||||
return callback(null, body);
|
return callback(null, body);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
|
@ -251,7 +251,7 @@ PayPro.prototype.x509Sign = function(key) {
|
||||||
var trusted = [].concat(pki_data).every(function(cert) {
|
var trusted = [].concat(pki_data).every(function(cert) {
|
||||||
var der = cert.toString('hex');
|
var der = cert.toString('hex');
|
||||||
var pem = self._DERtoPEM(der, 'CERTIFICATE');
|
var pem = self._DERtoPEM(der, 'CERTIFICATE');
|
||||||
return !!RootCerts[pem.replace(/\s+/g, '')];
|
return RootCerts.isTrusted(pem);
|
||||||
});
|
});
|
||||||
|
|
||||||
if (!trusted) {
|
if (!trusted) {
|
||||||
|
@ -282,7 +282,7 @@ PayPro.prototype.x509Verify = function() {
|
||||||
var der = cert.toString('hex');
|
var der = cert.toString('hex');
|
||||||
var pem = self._DERtoPEM(der, 'CERTIFICATE');
|
var pem = self._DERtoPEM(der, 'CERTIFICATE');
|
||||||
|
|
||||||
if (!RootCerts[pem.replace(/\s+/g, '')]) {
|
if (!RootCerts.isTrusted(pem)) {
|
||||||
// throw new Error('Unstrusted certificate.');
|
// throw new Error('Unstrusted certificate.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -25,7 +25,7 @@ PayPro.sign = function(key) {
|
||||||
var trusted = [].concat(pki_data).every(function(cert) {
|
var trusted = [].concat(pki_data).every(function(cert) {
|
||||||
var der = cert.toString('hex');
|
var der = cert.toString('hex');
|
||||||
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
|
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
|
||||||
return !!RootCerts[pem.replace(/\s+/g, '')];
|
return RootCerts.isTrusted(pem);
|
||||||
});
|
});
|
||||||
|
|
||||||
if (!trusted) {
|
if (!trusted) {
|
||||||
|
@ -75,7 +75,7 @@ PayPro.verify = function() {
|
||||||
var der = cert.toString('hex');
|
var der = cert.toString('hex');
|
||||||
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
|
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
|
||||||
|
|
||||||
if (!RootCerts[pem.replace(/\s+/g, '')]) {
|
if (!RootCerts.isTrusted(pem)) {
|
||||||
// throw new Error('Unstrusted certificate.');
|
// throw new Error('Unstrusted certificate.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -3560,10 +3560,20 @@ var RootCerts = [
|
||||||
+ "-----END CERTIFICATE-----\n",
|
+ "-----END CERTIFICATE-----\n",
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
// Use hash table for efficiency:
|
// Use hash table for efficiency:
|
||||||
RootCerts = RootCerts.reduce(function(trusted, cert) {
|
RootCerts = RootCerts.reduce(function(trusted, cert) {
|
||||||
cert = cert.replace(/\s+/g, "");
|
cert = cert.replace(/\s+/g, "");
|
||||||
trusted[cert] = true;
|
trusted[cert] = true;
|
||||||
return trusted;
|
return trusted;
|
||||||
}, {});
|
}, {});
|
||||||
module.exports = RootCerts;
|
|
||||||
|
function isTrusted(pem) {
|
||||||
|
pem = pem + "";
|
||||||
|
pem = pem.replace(/\s+/g, "");
|
||||||
|
return !!RootCerts[pem];
|
||||||
|
}
|
||||||
|
|
||||||
|
exports = RootCerts;
|
||||||
|
exports.isTrusted = isTrusted;
|
||||||
|
module.exports = exports;
|
||||||
|
|
Loading…
Reference in New Issue