From 83286113ff60ec089097b0ba9f12f1edbe8643dd Mon Sep 17 00:00:00 2001
From: Christopher Jeffrey <chjjeffrey@gmail.com>
Date: Mon, 25 Aug 2014 12:05:17 -0700
Subject: [PATCH] paypro: parse keyUsage bit string properly.

---
 lib/PayPro.js | 43 ++++++++++++++++++++++++++++---------------
 1 file changed, 28 insertions(+), 15 deletions(-)

diff --git a/lib/PayPro.js b/lib/PayPro.js
index 7b02aa0..931ffae 100644
--- a/lib/PayPro.js
+++ b/lib/PayPro.js
@@ -221,9 +221,22 @@ PayPro.prototype.x509Verify = function() {
     // }
 
     if (extensions.keyUsage) {
-      extensions.keyUsage = rfc5280.KeyUsage.decode(
+      data = rfc5280.KeyUsage.decode(
         extensions.keyUsage,
-        'der');
+        'der').data[0];
+      extensions.keyUsage = {
+        digitalSignature: !!((data >> 0) & 1),
+        nonRepudiation: !!((data >> 1) & 1),
+        // nonRepudiation renamed to contentCommitment:
+        contentCommitment: !!((data >> 1) & 1),
+        keyEncipherment: !!((data >> 2) & 1),
+        dataEncipherment: !!((data >> 3) & 1),
+        keyAgreement: !!((data >> 4) & 1),
+        keyCertSign: !!((data >> 5) & 1),
+        cRLSign: !!((data >> 6) & 1),
+        encipherOnly: !!((data >> 7) & 1),
+        decipherOnly: !!((data >> 8) & 1)
+      };
       print(extensions.keyUsage);
     }
 
@@ -281,19 +294,19 @@ rfc5280.KeyUsage = asn1.define('KeyUsage', function() {
   this.bitstr();
 });
 
-rfc5280.KeyUsage = asn1.define('KeyUsage', function() {
-  this.seq().obj(
-    this.key('digitalSignature').bitstr(),
-    this.key('nonRepudiation').bitstr(),
-    this.key('keyEncipherment').bitstr(),
-    this.key('dataEncipherment').bitstr(),
-    this.key('keyAgreement').bitstr(),
-    this.key('keyCertSign').bitstr(),
-    this.key('cRLSign').bitstr(),
-    this.key('encipherOnly').bitstr(),
-    this.key('decipherOnly').bitstr()
-  );
-});
+// rfc5280.KeyUsage = asn1.define('KeyUsage', function() {
+//   this.seq().obj(
+//     this.key('digitalSignature').bitstr(),
+//     this.key('nonRepudiation').bitstr(),
+//     this.key('keyEncipherment').bitstr(),
+//     this.key('dataEncipherment').bitstr(),
+//     this.key('keyAgreement').bitstr(),
+//     this.key('keyCertSign').bitstr(),
+//     this.key('cRLSign').bitstr(),
+//     this.key('encipherOnly').bitstr(),
+//     this.key('decipherOnly').bitstr()
+//   );
+// });
 
 /**
  * Debug