zcash-hackworks
/
bitcore-lib-zcash
mirror of https://github.com/zcash-hackworks/bitcore-lib-zcash.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

paypro: verify chain refactor.

This commit is contained in:
Christopher Jeffrey 2014-08-22 08:38:19 -07:00
parent 16b646d0e7
commit 4a12d5a491
1 changed files with 9 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
lib/PayPro.js
View File

@ -71,13 +71,9 @@ PayPro.prototype.x509Verify = function() {
// 2. Extract signature from current certificate.
// 3. If current cert is not trusted, verify that the current cert is signed
// by NEXT by the certificate.
// 4. XXX What to do when the certificate is revoked?
// NOTE: XXX What to do when the certificate is revoked?
var blen = +type.replace(/[^\d]+/g, '');
if (blen === 1) blen = 20;
if (blen === 256) blen = 32;
chain.forEach(function(cert, i) {
var chainVerified = chain.every(function(cert, i) {
var der = cert.toString('hex');
var pem = self._DERtoPEM(der, 'CERTIFICATE');
var name = RootCerts.getTrusted(pem);
@ -85,36 +81,34 @@ PayPro.prototype.x509Verify = function() {
var ncert = chain[i + 1];
// The root cert, check if it's trusted:
if (!ncert || name) {
return;
chain.length = 0;
return true;
}
var nder = ncert.toString('hex');
var npem = self._DERtoPEM(nder, 'CERTIFICATE');
// Get public key from next certificate.
// Get public key from next certificate:
var data = new Buffer(nder, 'hex');
var nc = Certificate.decode(data, 'der');
var npubKey = nc.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data;
npubKey = self._DERtoPEM(npubKey, 'RSA PUBLIC KEY');
// Get signature from current certificate.
// Get signature from current certificate:
var data = new Buffer(der, 'hex');
var c = Certificate.decode(data, 'der');
var sig = c.signature.data;
var verifier = crypto.createVerify('RSA-' + type);
// Create a To-Be-Signed Certificate using asn1.js:
// Create a To-Be-Signed Certificate to verify using asn1.js:
// Fails at Issuer:
var tbs = rfc3280.TBSCertificate.encode(c.tbsCertificate, 'der');
verifier.update(tbs);
var v = verifier.verify(npubKey, sig);
if (!v) {
verified = false;
}
return verifier.verify(npubKey, sig);
});
return verified;
return verified && chainVerified;
};
module.exports = PayPro;