paypro: move validity and issuer validation into common.
This commit is contained in:
parent
eba2825f5a
commit
f98ebe69d8
|
@ -101,36 +101,12 @@ PayPro.prototype.x509Verify = function() {
|
||||||
//
|
//
|
||||||
// Check Validity of Certificates
|
// Check Validity of Certificates
|
||||||
//
|
//
|
||||||
var validityVerified = true;
|
var validityVerified = PayPro.validateCertTime(c, nc);
|
||||||
var now = Date.now();
|
|
||||||
var cBefore = c.tbsCertificate.validity.notBefore.value;
|
|
||||||
var cAfter = c.tbsCertificate.validity.notAfter.value;
|
|
||||||
var nBefore = nc.tbsCertificate.validity.notBefore.value;
|
|
||||||
var nAfter = nc.tbsCertificate.validity.notAfter.value;
|
|
||||||
if (cBefore > now || cAfter < now || nBefore > now || nAfter < now) {
|
|
||||||
validityVerified = false;
|
|
||||||
}
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// Check the Issuer matches the Subject of the next certificate:
|
// Check the Issuer matches the Subject of the next certificate:
|
||||||
//
|
//
|
||||||
var issuer = c.tbsCertificate.issuer;
|
var issuerVerified = PayPro.validateCertIssuer(c, nc);
|
||||||
var subject = nc.tbsCertificate.subject;
|
|
||||||
var issuerVerified = issuer.type === subject.type && issuer.value.every(function(issuerArray, i) {
|
|
||||||
var subjectArray = subject.value[i];
|
|
||||||
return issuerArray.every(function(issuerObject, i) {
|
|
||||||
var subjectObject = subjectArray[i];
|
|
||||||
|
|
||||||
var issuerObjectType = issuerObject.type.join('.');
|
|
||||||
var subjectObjectType = subjectObject.type.join('.');
|
|
||||||
|
|
||||||
var issuerObjectValue = issuerObject.value.toString('hex');
|
|
||||||
var subjectObjectValue = subjectObject.value.toString('hex');
|
|
||||||
|
|
||||||
return issuerObjectType === subjectObjectType
|
|
||||||
&& issuerObjectValue === subjectObjectValue;
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// Verify current Certificate signature
|
// Verify current Certificate signature
|
||||||
|
|
|
@ -127,36 +127,12 @@ PayPro.prototype.x509Verify = function(key) {
|
||||||
//
|
//
|
||||||
// Check Validity of Certificates
|
// Check Validity of Certificates
|
||||||
//
|
//
|
||||||
var validityVerified = true;
|
var validityVerified = PayPro.validateCertTime(c, nc);
|
||||||
var now = Date.now();
|
|
||||||
var cBefore = c.tbsCertificate.validity.notBefore.value;
|
|
||||||
var cAfter = c.tbsCertificate.validity.notAfter.value;
|
|
||||||
var nBefore = nc.tbsCertificate.validity.notBefore.value;
|
|
||||||
var nAfter = nc.tbsCertificate.validity.notAfter.value;
|
|
||||||
if (cBefore > now || cAfter < now || nBefore > now || nAfter < now) {
|
|
||||||
validityVerified = false;
|
|
||||||
}
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// Check the Issuer matches the Subject of the next certificate:
|
// Check the Issuer matches the Subject of the next certificate:
|
||||||
//
|
//
|
||||||
var issuer = c.tbsCertificate.issuer;
|
var issuerVerified = PayPro.validateCertIssuer(c, nc);
|
||||||
var subject = nc.tbsCertificate.subject;
|
|
||||||
var issuerVerified = issuer.type === subject.type && issuer.value.every(function(issuerArray, i) {
|
|
||||||
var subjectArray = subject.value[i];
|
|
||||||
return issuerArray.every(function(issuerObject, i) {
|
|
||||||
var subjectObject = subjectArray[i];
|
|
||||||
|
|
||||||
var issuerObjectType = issuerObject.type.join('.');
|
|
||||||
var subjectObjectType = subjectObject.type.join('.');
|
|
||||||
|
|
||||||
var issuerObjectValue = issuerObject.value.toString('hex');
|
|
||||||
var subjectObjectValue = subjectObject.value.toString('hex');
|
|
||||||
|
|
||||||
return issuerObjectType === subjectObjectType
|
|
||||||
&& issuerObjectValue === subjectObjectValue;
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// Verify current Certificate signature
|
// Verify current Certificate signature
|
||||||
|
|
|
@ -93,6 +93,42 @@ PayPro.getTBSCertificate = function(data) {
|
||||||
return data.slice(start, end);
|
return data.slice(start, end);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// Check Validity of Certificates
|
||||||
|
PayPro.validateCertTime = function(c, nc) {
|
||||||
|
var validityVerified = true;
|
||||||
|
var now = Date.now();
|
||||||
|
var cBefore = c.tbsCertificate.validity.notBefore.value;
|
||||||
|
var cAfter = c.tbsCertificate.validity.notAfter.value;
|
||||||
|
var nBefore = nc.tbsCertificate.validity.notBefore.value;
|
||||||
|
var nAfter = nc.tbsCertificate.validity.notAfter.value;
|
||||||
|
if (cBefore > now || cAfter < now || nBefore > now || nAfter < now) {
|
||||||
|
validityVerified = false;
|
||||||
|
}
|
||||||
|
return validityVerified;
|
||||||
|
};
|
||||||
|
|
||||||
|
// Check the Issuer matches the Subject of the next certificate:
|
||||||
|
PayPro.validateCertIssuer = function(c, nc) {
|
||||||
|
var issuer = c.tbsCertificate.issuer;
|
||||||
|
var subject = nc.tbsCertificate.subject;
|
||||||
|
var issuerVerified = issuer.type === subject.type && issuer.value.every(function(issuerArray, i) {
|
||||||
|
var subjectArray = subject.value[i];
|
||||||
|
return issuerArray.every(function(issuerObject, i) {
|
||||||
|
var subjectObject = subjectArray[i];
|
||||||
|
|
||||||
|
var issuerObjectType = issuerObject.type.join('.');
|
||||||
|
var subjectObjectType = subjectObject.type.join('.');
|
||||||
|
|
||||||
|
var issuerObjectValue = issuerObject.value.toString('hex');
|
||||||
|
var subjectObjectValue = subjectObject.value.toString('hex');
|
||||||
|
|
||||||
|
return issuerObjectType === subjectObjectType
|
||||||
|
&& issuerObjectValue === subjectObjectValue;
|
||||||
|
});
|
||||||
|
});
|
||||||
|
return issuerVerified;
|
||||||
|
};
|
||||||
|
|
||||||
PayPro.RootCerts = RootCerts;
|
PayPro.RootCerts = RootCerts;
|
||||||
|
|
||||||
PayPro.proto = {};
|
PayPro.proto = {};
|
||||||
|
|
Loading…
Reference in New Issue