paypro: stat using jsrsasign to convert DER to PEM and derive public keys for sig verification.

This commit is contained in:
Christopher Jeffrey 2014-07-16 17:58:47 -07:00
parent 37f20f3268
commit 24ae03247f
2 changed files with 31 additions and 7 deletions

View File

@ -2,6 +2,8 @@
var protobufjs = protobufjs || require('protobufjs/dist/ProtoBuf'); var protobufjs = protobufjs || require('protobufjs/dist/ProtoBuf');
var Message = Message || require('./Message'); var Message = Message || require('./Message');
var KJUR = require('jsrsasign');
// BIP 70 - payment protocol // BIP 70 - payment protocol
function PayPro() { function PayPro() {
this.messageType = null; this.messageType = null;
@ -245,7 +247,17 @@ PayPro.prototype.verify = function() {
var type = pki_type.split('+').toUpperCase(); var type = pki_type.split('+').toUpperCase();
var verifier = crypto.createVerify('RSA-' + type); var verifier = crypto.createVerify('RSA-' + type);
verifier.update(buf); verifier.update(buf);
return verifier.verify(pki_data, sig);
pki_data = pki_data && pki_data.unshift
? pki_data[0]
: pki_data;
var der = pki_data.toString('hex');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
var pub = KJUR.KEYUTIL.getHexKeyFromPEM(pem, 'PUBLIC KEY')
// var pub = KJUR.X509.getPublicKeyFromCertPEM(pem);
return verifier.verify(pub, sig);
} else if (pki_type === 'none') { } else if (pki_type === 'none') {
return true; return true;
} }

View File

@ -29,11 +29,14 @@ PayPro.sign = function(key) {
var type = pki_type.split('+').toUpperCase(); var type = pki_type.split('+').toUpperCase();
var buf = this.serializeForSig(); var buf = this.serializeForSig();
// TODO: parse all certs pki_data = pki_data && pki_data.unshift
// var cert = pki_data.split(/-----BEGIN[^\n]*KEY-----/)[0].replace(/\s+/g, ''); ? pki_data[0]
// if (!Trusted[cert])) { : pki_data;
// ; // untrusted cert
// } var der = pki_data.toString('hex');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
var pub = KJUR.KEYUTIL.getHexKeyFromPEM(pem, 'PUBLIC KEY')
// var pub = KJUR.X509.getPublicKeyFromCertPEM(pem);
var jsrsaSig = new KJUR.crypto.Signature({ var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA', alg: type + 'withRSA',
@ -74,7 +77,16 @@ PayPro.verify = function() {
prov: 'cryptojs/jsrsa' prov: 'cryptojs/jsrsa'
}); });
jsrsaSig.initVerifyByCertificatePEM(pki_data); pki_data = pki_data && pki_data.unshift
? pki_data[0]
: pki_data;
var der = pki_data.toString('hex');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
var pub = KJUR.KEYUTIL.getHexKeyFromPEM(pem, 'PUBLIC KEY')
// var pub = KJUR.X509.getPublicKeyFromCertPEM(pem);
jsrsaSig.initVerifyByCertificatePEM(pem);
jsrsaSig.updateHex(buf.toString('hex')); jsrsaSig.updateHex(buf.toString('hex'));