paypro: move x509 sign and verify to their own methods.
This commit is contained in:
parent
2bb8b520a2
commit
aafbca46d9
|
@ -212,26 +212,7 @@ PayPro.prototype.sign = function(key) {
|
||||||
if (pki_type === 'SIN') {
|
if (pki_type === 'SIN') {
|
||||||
var sig = this.sinSign(key);
|
var sig = this.sinSign(key);
|
||||||
} else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
|
} else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
|
||||||
var crypto = require('crypto');
|
var sig = this.x509Sign(key);
|
||||||
var pki_data = this.get('pki_data'); // contains one or more x509 certs
|
|
||||||
var details = this.get('serialized_payment_details');
|
|
||||||
var type = pki_type.split('+')[1].toUpperCase();
|
|
||||||
|
|
||||||
var trusted = [].concat(pki_data).every(function(cert) {
|
|
||||||
var der = cert.toString('hex');
|
|
||||||
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
|
|
||||||
// var pem = DERtoPEM(der, 'CERTIFICATE');
|
|
||||||
return !!RootCerts[pem.replace(/\s+/g, '')];
|
|
||||||
});
|
|
||||||
|
|
||||||
if (!trusted) {
|
|
||||||
// throw new Error('Unstrusted certificate.');
|
|
||||||
}
|
|
||||||
|
|
||||||
var signature = crypto.createSign('RSA-' + type);
|
|
||||||
var buf = this.serializeForSig();
|
|
||||||
signature.update(buf);
|
|
||||||
var sig = signature.sign(key);
|
|
||||||
} else if (pki_type === 'none') {
|
} else if (pki_type === 'none') {
|
||||||
return this;
|
return this;
|
||||||
} else {
|
} else {
|
||||||
|
@ -252,6 +233,39 @@ PayPro.prototype.verify = function() {
|
||||||
if (pki_type === 'SIN') {
|
if (pki_type === 'SIN') {
|
||||||
return this.sinVerify();
|
return this.sinVerify();
|
||||||
} else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
|
} else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
|
||||||
|
return this.x509Verify();
|
||||||
|
} else if (pki_type === 'none') {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
throw new Error('Unsupported pki_type');
|
||||||
|
};
|
||||||
|
|
||||||
|
PayPro.prototype.x509Sign = function(key) {
|
||||||
|
var crypto = require('crypto');
|
||||||
|
var pki_data = this.get('pki_data'); // contains one or more x509 certs
|
||||||
|
var details = this.get('serialized_payment_details');
|
||||||
|
var type = pki_type.split('+')[1].toUpperCase();
|
||||||
|
|
||||||
|
var trusted = [].concat(pki_data).every(function(cert) {
|
||||||
|
var der = cert.toString('hex');
|
||||||
|
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
|
||||||
|
// var pem = DERtoPEM(der, 'CERTIFICATE');
|
||||||
|
return !!RootCerts[pem.replace(/\s+/g, '')];
|
||||||
|
});
|
||||||
|
|
||||||
|
if (!trusted) {
|
||||||
|
// throw new Error('Unstrusted certificate.');
|
||||||
|
}
|
||||||
|
|
||||||
|
var signature = crypto.createSign('RSA-' + type);
|
||||||
|
var buf = this.serializeForSig();
|
||||||
|
signature.update(buf);
|
||||||
|
var sig = signature.sign(key);
|
||||||
|
return sig;
|
||||||
|
};
|
||||||
|
|
||||||
|
PayPro.prototype.x509Verify = function() {
|
||||||
var crypto = require('crypto');
|
var crypto = require('crypto');
|
||||||
var sig = this.get('signature');
|
var sig = this.get('signature');
|
||||||
var pki_data = this.get('pki_data');
|
var pki_data = this.get('pki_data');
|
||||||
|
@ -273,11 +287,6 @@ PayPro.prototype.verify = function() {
|
||||||
|
|
||||||
return verifier.verify(pem, sig);
|
return verifier.verify(pem, sig);
|
||||||
});
|
});
|
||||||
} else if (pki_type === 'none') {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
throw new Error('Unsupported pki_type');
|
|
||||||
};
|
};
|
||||||
|
|
||||||
//default signing function for prototype.sign
|
//default signing function for prototype.sign
|
||||||
|
|
Loading…
Reference in New Issue