From 017f044b53627901f7bcda8f7dde5e9759cfaf22 Mon Sep 17 00:00:00 2001 From: Christopher Jeffrey Date: Mon, 21 Jul 2014 19:52:43 -0700 Subject: [PATCH] paypro: fix browser signatures with KJUR. move pem/der functions to common. --- lib/PayPro.js | 37 ------------------------------------- lib/browser/PayPro.js | 21 +++++++++++++++------ lib/common/PayPro.js | 37 +++++++++++++++++++++++++++++++++++++ test/test.PayPro.js | 8 +++++--- 4 files changed, 57 insertions(+), 46 deletions(-) diff --git a/lib/PayPro.js b/lib/PayPro.js index be76503..4812f14 100644 --- a/lib/PayPro.js +++ b/lib/PayPro.js @@ -58,41 +58,4 @@ PayPro.prototype.x509Verify = function() { }); }; -// Helpers - -PayPro.prototype._PEMtoDER = function(pem) { - return this._PEMtoDERParam(pem); -}; - -PayPro.prototype._PEMtoDERParam = function(pem, param) { - if (Buffer.isBuffer(pem)) { - pem = pem.toString(); - } - var start = new RegExp('(?=-----BEGIN ' + (param || '[^-]+') + '-----)', 'i'); - var end = new RegExp('^-----END ' + (param || '[^-]+') + '-----$', 'gmi'); - pem = pem.replace(end, ''); - var parts = pem.split(start); - return parts.map(function(part) { - var type = /-----BEGIN ([^-]+)-----/.exec(part)[1]; - part = part.replace(/-----BEGIN ([^-]+)-----/g, ''); - part = part.replace(/\s+/g, ''); - if (!param || type !== param) return; - return new Buffer(part, 'base64'); - }).filter(Boolean); -}; - -PayPro.prototype._DERtoPEM = function(der, type) { - if (typeof der === 'string') { - der = new Buffer(der, 'hex'); - } - var type = type || 'UNKNOWN'; - der = der.toString('base64'); - der = der.replace(/(.{64})/g, '$1\r\n'); - der = der.replace(/\r\n$/, ''); - return '' - + '-----BEGIN ' + type + '-----\r\n' - + der - + '\r\n-----END ' + type + '-----\r\n'; -}; - module.exports = PayPro; diff --git a/lib/browser/PayPro.js b/lib/browser/PayPro.js index 3d00e14..253d6ba 100644 --- a/lib/browser/PayPro.js +++ b/lib/browser/PayPro.js @@ -6,8 +6,11 @@ var assert = require('assert'); var PayPro = require('../common/PayPro'); var RootCerts = require('../common/RootCerts'); +// Documentation: +// http://kjur.github.io/jsrsasign/api/symbols/KJUR.crypto.Signature.html#.sign +// http://kjur.github.io/jsrsasign/api/symbols/RSAKey.html + PayPro.prototype.x509Sign = function(key) { - var crypto = require('crypto'); var pki_type = this.get('pki_type'); var pki_data = this.get('pki_data'); // contains one or more x509 certs var type = pki_type.split('+')[1].toUpperCase(); @@ -24,17 +27,23 @@ PayPro.prototype.x509Sign = function(key) { // throw new Error('Unstrusted certificate.'); } + var rsa = new KJUR.RSAKey(); + rsa.readPrivateKeyFromPEMString(key.toString()); + key = rsa; + var jsrsaSig = new KJUR.crypto.Signature({ - alg: type + 'withRSA', + alg: type.toUpperCase() + 'withRSA', prov: 'cryptojs/jsrsa' }); - jsrsaSig.initSign(key); + // XXX Could use this? + //jsrsaSig.initSign(key); + + jsrsaSig.init(key); jsrsaSig.updateHex(buf.toString('hex')); - var sig = new Buffer(jsrsasig.sign(), 'hex'); - //var sig = new Buffer(new Uint8Array(jsrsasig.sign()), 'hex'); + var sig = new Buffer(jsrsaSig.sign(), 'hex'); return sig; }; @@ -46,7 +55,7 @@ PayPro.prototype.x509Verify = function(key) { var type = pki_type.split('+')[1].toUpperCase(); var jsrsaSig = new KJUR.crypto.Signature({ - alg: type + 'withRSA', + alg: type.toUpperCase() + 'withRSA', prov: 'cryptojs/jsrsa' }); diff --git a/lib/common/PayPro.js b/lib/common/PayPro.js index 7ac1457..58d4bbf 100644 --- a/lib/common/PayPro.js +++ b/lib/common/PayPro.js @@ -256,4 +256,41 @@ PayPro.prototype.sinVerify = function() { return Message.verifyWithPubKey(pubkey, buf, sig); }; +// Helpers + +PayPro.prototype._PEMtoDER = function(pem) { + return this._PEMtoDERParam(pem); +}; + +PayPro.prototype._PEMtoDERParam = function(pem, param) { + if (Buffer.isBuffer(pem)) { + pem = pem.toString(); + } + var start = new RegExp('(?=-----BEGIN ' + (param || '[^-]+') + '-----)', 'i'); + var end = new RegExp('^-----END ' + (param || '[^-]+') + '-----$', 'gmi'); + pem = pem.replace(end, ''); + var parts = pem.split(start); + return parts.map(function(part) { + var type = /-----BEGIN ([^-]+)-----/.exec(part)[1]; + part = part.replace(/-----BEGIN ([^-]+)-----/g, ''); + part = part.replace(/\s+/g, ''); + if (!param || type !== param) return; + return new Buffer(part, 'base64'); + }).filter(Boolean); +}; + +PayPro.prototype._DERtoPEM = function(der, type) { + if (typeof der === 'string') { + der = new Buffer(der, 'hex'); + } + var type = type || 'UNKNOWN'; + der = der.toString('base64'); + der = der.replace(/(.{64})/g, '$1\r\n'); + der = der.replace(/\r\n$/, ''); + return '' + + '-----BEGIN ' + type + '-----\r\n' + + der + + '\r\n-----END ' + type + '-----\r\n'; +}; + module.exports = PayPro; diff --git a/test/test.PayPro.js b/test/test.PayPro.js index 8491ff2..dd943ed 100644 --- a/test/test.PayPro.js +++ b/test/test.PayPro.js @@ -5,8 +5,6 @@ var should = chai.should(); var expect = chai.expect; var bitcore = bitcore || require('../bitcore'); -var KJUR = require('jsrsasign'); - var PayPro = bitcore.PayPro; var Key = bitcore.Key; @@ -538,7 +536,11 @@ describe('PayPro', function() { it('convert a DER cert to PEM', function() { var paypro = new PayPro(); var pem1 = paypro._DERtoPEM(x509.der, 'CERTIFICATE'); - var pem2 = KJUR.asn1.ASN1Util.getPEMStringFromHex(x509.der.toString('hex'), 'CERTIFICATE'); + //var KJUR = require('jsrsasign'); + //var pem2 = KJUR.asn1.ASN1Util.getPEMStringFromHex(x509.der.toString('hex'), 'CERTIFICATE'); + var pem2 = x509.pem.toString(); + pem1 = pem1.replace(/\s+/g, ''); + pem2 = pem2.replace(/\s+/g, ''); pem1.should.equal(pem2); }); });