paypro: begin checking trusted certs.
This commit is contained in:
parent
29b067ab73
commit
119ef0d611
|
@ -6,6 +6,13 @@ var assert = require('assert');
|
|||
var PayPro = require('../PayPro');
|
||||
var Trusted = require('./Trusted');
|
||||
|
||||
// Use hash table for efficiency:
|
||||
var trustHash = Trusted.reduce(function(out, cert) {
|
||||
cert = cert.replace(/\s+/g, '');
|
||||
trusted[cert] = true;
|
||||
return trusted;
|
||||
}, {});
|
||||
|
||||
PayPro.sign = function(key) {
|
||||
if (this.messageType !== 'PaymentRequest')
|
||||
throw new Error('Signing can only be performed on a PaymentRequest');
|
||||
|
@ -14,13 +21,20 @@ PayPro.sign = function(key) {
|
|||
|
||||
if (pki_type === 'SIN') {
|
||||
var sig = this.sinSign(key);
|
||||
} else if (pki_type === 'none' || pki_type === 'x509+sha256' || pki_type === 'x509+sha1') {
|
||||
} else if (pki_type === 'x509+sha256' || pki_type === 'x509+sha1') {
|
||||
throw new Error('x509 currently unsuported.');
|
||||
} else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
|
||||
var crypto = require('crypto');
|
||||
var pki_data = this.get('pki_data'); // contains one or more x509 certs
|
||||
var type = pki_type.split('+').toUpperCase();
|
||||
var buf = this.serializeForSig();
|
||||
|
||||
// TODO: parse all certs
|
||||
var cert = pki_data.split(/-----BEGIN[^\n]*KEY-----/)[0].replace(/\s+/g, '');
|
||||
if (!trustHash[cert])) {
|
||||
; // untrusted cert
|
||||
}
|
||||
|
||||
var jsrsaSig = new KJUR.crypto.Signature({
|
||||
alg: type + 'withRSA',
|
||||
prov: 'cryptojs/jsrsa'
|
||||
|
|
Loading…
Reference in New Issue