bitcoincashjs/lib/browser/PayPro.js

"use strict";

var Key = require('./Key');
var KJUR = require('jsrsasign');
var assert = require('assert');
var PayPro = require('../common/PayPro');
var RootCerts = require('../common/RootCerts');

// Documentation:
// http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html#.sign
// http://kjur.github.io/jsrsasign/api/symbols/RSAKey.html

PayPro.prototype.x509Sign = function(key) {
  var pki_type = this.get('pki_type');
  var pki_data = this.get('pki_data'); // contains one or more x509 certs
  var type = pki_type.split('+')[1].toUpperCase();
  var buf = this.serializeForSig();

  var trusted = [].concat(pki_data).every(function(cert) {
    var der = cert.toString('hex');
    var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
    return RootCerts.isTrusted(pem);
  });

  if (!trusted) {
    // XXX Figure out what to do here
    // throw new Error('Unstrusted certificate.');
  }

  var rsa = new KJUR.RSAKey();
  rsa.readPrivateKeyFromPEMString(key.toString());
  key = rsa;

  var jsrsaSig = new KJUR.crypto.Signature({
    alg: type.toUpperCase() + 'withRSA',
    prov: 'cryptojs/jsrsa'
  });

  // XXX Could use this?
  //jsrsaSig.initSign(key);

  jsrsaSig.init(key);

  jsrsaSig.updateHex(buf.toString('hex'));

  var sig = new Buffer(jsrsaSig.sign(), 'hex');
  return sig;
};

PayPro.prototype.x509Verify = function(key) {
  var sig = this.get('signature');
  var pki_type = this.get('pki_type');
  var pki_data = this.get('pki_data');
  var buf = this.serializeForSig();
  var type = pki_type.split('+')[1].toUpperCase();

  var jsrsaSig = new KJUR.crypto.Signature({
    alg: type.toUpperCase() + 'withRSA',
    prov: 'cryptojs/jsrsa'
  });

  return [].concat(pki_data).every(function(cert) {
    var der = cert.toString('hex');
    var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');

    if (!RootCerts.isTrusted(pem)) {
      // XXX Figure out what to do here
      // throw new Error('Unstrusted certificate.');
    }

    jsrsaSig.initVerifyByCertificatePEM(pem);

    jsrsaSig.updateHex(buf.toString('hex'));

    return jsrsaSig.verify(sig.toString('hex'));
  });
};

module.exports = PayPro;
paypro: first pass at clientside x509. 11 years ago			`"use strict";`

			`var Key = require('./Key');`
paypro: remove x509.js 11 years ago			`var KJUR = require('jsrsasign');`
paypro: first pass at clientside x509. 11 years ago			`var assert = require('assert');`
paypro: split up paypro into node/browser/common. 11 years ago			`var PayPro = require('../common/PayPro');`
paypro: move root certs to common. 11 years ago			`var RootCerts = require('../common/RootCerts');`
paypro: begin checking trusted certs. 11 years ago
paypro: fix browser signatures with KJUR. move pem/der functions to common. 11 years ago			`// Documentation:`
			`// http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html#.sign`
			`// http://kjur.github.io/jsrsasign/api/symbols/RSAKey.html`

paypro: split up paypro into node/browser/common. 11 years ago			`PayPro.prototype.x509Sign = function(key) {`
paypro: first pass at clientside x509. 11 years ago			`var pki_type = this.get('pki_type');`
paypro: split up paypro into node/browser/common. 11 years ago			`var pki_data = this.get('pki_data'); // contains one or more x509 certs`
			`var type = pki_type.split('+')[1].toUpperCase();`
			`var buf = this.serializeForSig();`

			`var trusted = [].concat(pki_data).every(function(cert) {`
			`var der = cert.toString('hex');`
			`var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');`
			`return RootCerts.isTrusted(pem);`
			`});`

			`if (!trusted) {`
			`// XXX Figure out what to do here`
			`// throw new Error('Unstrusted certificate.');`
			`}`
paypro: first pass at clientside x509. 11 years ago
paypro: fix browser signatures with KJUR. move pem/der functions to common. 11 years ago			`var rsa = new KJUR.RSAKey();`
			`rsa.readPrivateKeyFromPEMString(key.toString());`
			`key = rsa;`

paypro: split up paypro into node/browser/common. 11 years ago			`var jsrsaSig = new KJUR.crypto.Signature({`
paypro: fix browser signatures with KJUR. move pem/der functions to common. 11 years ago			`alg: type.toUpperCase() + 'withRSA',`
paypro: split up paypro into node/browser/common. 11 years ago			`prov: 'cryptojs/jsrsa'`
			`});`
paypro: fix payment protocol for DER certs. 11 years ago
paypro: fix browser signatures with KJUR. move pem/der functions to common. 11 years ago			`// XXX Could use this?`
			`//jsrsaSig.initSign(key);`

			`jsrsaSig.init(key);`
paypro: fix payment protocol for DER certs. 11 years ago
paypro: split up paypro into node/browser/common. 11 years ago			`jsrsaSig.updateHex(buf.toString('hex'));`
paypro: first pass at clientside x509. 11 years ago
paypro: fix browser signatures with KJUR. move pem/der functions to common. 11 years ago			`var sig = new Buffer(jsrsaSig.sign(), 'hex');`
paypro: split up paypro into node/browser/common. 11 years ago			`return sig;`
paypro: first pass at clientside x509. 11 years ago			`};`

paypro: split up paypro into node/browser/common. 11 years ago			`PayPro.prototype.x509Verify = function(key) {`
			`var sig = this.get('signature');`
paypro: first pass at clientside x509. 11 years ago			`var pki_type = this.get('pki_type');`
paypro: split up paypro into node/browser/common. 11 years ago			`var pki_data = this.get('pki_data');`
			`var buf = this.serializeForSig();`
			`var type = pki_type.split('+')[1].toUpperCase();`
paypro: first pass at clientside x509. 11 years ago
paypro: split up paypro into node/browser/common. 11 years ago			`var jsrsaSig = new KJUR.crypto.Signature({`
paypro: fix browser signatures with KJUR. move pem/der functions to common. 11 years ago			`alg: type.toUpperCase() + 'withRSA',`
paypro: split up paypro into node/browser/common. 11 years ago			`prov: 'cryptojs/jsrsa'`
			`});`
paypro: clientside. start using jsrsasign api correctly. 11 years ago
paypro: split up paypro into node/browser/common. 11 years ago			`return [].concat(pki_data).every(function(cert) {`
			`var der = cert.toString('hex');`
			`var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');`
paypro: handle untrusted certs on browser and node. 11 years ago
paypro: split up paypro into node/browser/common. 11 years ago			`if (!RootCerts.isTrusted(pem)) {`
			`// XXX Figure out what to do here`
			`// throw new Error('Unstrusted certificate.');`
			`}`
paypro: clientside. start using jsrsasign api correctly. 11 years ago
paypro: split up paypro into node/browser/common. 11 years ago			`jsrsaSig.initVerifyByCertificatePEM(pem);`
paypro: clientside. start using jsrsasign api correctly. 11 years ago
paypro: split up paypro into node/browser/common. 11 years ago			`jsrsaSig.updateHex(buf.toString('hex'));`
paypro: first pass at clientside x509. 11 years ago
paypro: split up paypro into node/browser/common. 11 years ago			`return jsrsaSig.verify(sig.toString('hex'));`
			`});`
paypro: first pass at clientside x509. 11 years ago			`};`

paypro: split up paypro into node/browser/common. 11 years ago			`module.exports = PayPro;`