|
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
var Message = Message || require('./Message');
|
|
|
|
|
|
|
|
|
|
var RootCerts = require('./common/RootCerts');
|
|
|
|
|
|
|
|
|
|
var PayPro = require('./common/PayPro');
|
|
|
|
|
|
|
|
|
|
PayPro.prototype.x509Sign = function(key) {
|
|
|
|
|
var self = this;
|
|
|
|
|
var crypto = require('crypto');
|
|
|
|
|
var pki_type = this.get('pki_type');
|
|
|
|
|
var pki_data = this.get('pki_data'); // contains one or more x509 certs
|
|
|
|
|
pki_data = PayPro.X509Certificates.decode(pki_data);
|
|
|
|
|
pki_data = pki_data.certificate;
|
|
|
|
|
var details = this.get('serialized_payment_details');
|
|
|
|
|
var type = pki_type.split('+')[1].toUpperCase();
|
|
|
|
|
|
|
|
|
|
var trusted = pki_data.map(function(cert) {
|
|
|
|
|
var der = cert.toString('hex');
|
|
|
|
|
var pem = self._DERtoPEM(der, 'CERTIFICATE');
|
|
|
|
|
return RootCerts.getTrusted(pem);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// XXX Figure out what to do here
|
|
|
|
|
if (!trusted.length) {
|
|
|
|
|
// throw new Error('Unstrusted certificate.');
|
|
|
|
|
} else {
|
|
|
|
|
trusted.forEach(function(name) {
|
|
|
|
|
// console.log('Certificate: %s', name);
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var signature = crypto.createSign('RSA-' + type);
|
|
|
|
|
var buf = this.serializeForSig();
|
|
|
|
|
signature.update(buf);
|
|
|
|
|
var sig = signature.sign(key);
|
|
|
|
|
return sig;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
PayPro.prototype.x509Verify = function() {
|
|
|
|
|
var self = this;
|
|
|
|
|
var crypto = require('crypto');
|
|
|
|
|
var pki_type = this.get('pki_type');
|
|
|
|
|
var sig = this.get('signature');
|
|
|
|
|
var pki_data = this.get('pki_data');
|
|
|
|
|
pki_data = PayPro.X509Certificates.decode(pki_data);
|
|
|
|
|
pki_data = pki_data.certificate;
|
|
|
|
|
var details = this.get('serialized_payment_details');
|
|
|
|
|
var buf = this.serializeForSig();
|
|
|
|
|
var type = pki_type.split('+')[1].toUpperCase();
|
|
|
|
|
|
|
|
|
|
var verifier = crypto.createVerify('RSA-' + type);
|
|
|
|
|
verifier.update(buf);
|
|
|
|
|
|
|
|
|
|
return pki_data.every(function(cert) {
|
|
|
|
|
var der = cert.toString('hex');
|
|
|
|
|
var pem = self._DERtoPEM(der, 'CERTIFICATE');
|
|
|
|
|
|
|
|
|
|
var name = RootCerts.getTrusted(pem);
|
|
|
|
|
// XXX Figure out what to do here
|
|
|
|
|
if (!name) {
|
|
|
|
|
// throw new Error('Unstrusted certificate.');
|
|
|
|
|
} else {
|
|
|
|
|
// console.log('Certificate: %s', name);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return verifier.verify(pem, sig);
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
module.exports = PayPro;
|
