lukechilds
/
bitcoincashjs
mirror of https://github.com/lukechilds/bitcoincashjs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

paypro: begin checking trusted certs.

patch-2
Christopher Jeffrey 11 years ago
parent
29b067ab73
commit
119ef0d611
1 changed files with 15 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      lib/browser/PayPro.js

16
lib/browser/PayPro.js
View File

@ -6,6 +6,13 @@ var assert = require('assert');
var PayPro = require('../PayPro'); var PayPro = require('../PayPro');
var Trusted = require('./Trusted'); var Trusted = require('./Trusted');
// Use hash table for efficiency:
var trustHash = Trusted.reduce(function(out, cert) {
cert = cert.replace(/\s+/g, '');
trusted[cert] = true;
return trusted;
}, {});
PayPro.sign = function(key) { PayPro.sign = function(key) {
if (this.messageType !== 'PaymentRequest') if (this.messageType !== 'PaymentRequest')
throw new Error('Signing can only be performed on a PaymentRequest'); throw new Error('Signing can only be performed on a PaymentRequest');
@ -14,13 +21,20 @@ PayPro.sign = function(key) {
if (pki_type === 'SIN') { if (pki_type === 'SIN') {
var sig = this.sinSign(key); var sig = this.sinSign(key);
} else if (pki_type === 'none' || pki_type === 'x509+sha256' || pki_type === 'x509+sha1') { } else if (pki_type === 'x509+sha256' || pki_type === 'x509+sha1') {
throw new Error('x509 currently unsuported.'); throw new Error('x509 currently unsuported.');
} else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') { } else if (pki_type === 'x509+sha1' || pki_type === 'x509+sha256') {
var crypto = require('crypto'); var crypto = require('crypto');
var pki_data = this.get('pki_data'); // contains one or more x509 certs var pki_data = this.get('pki_data'); // contains one or more x509 certs
var type = pki_type.split('+').toUpperCase(); var type = pki_type.split('+').toUpperCase();
var buf = this.serializeForSig(); var buf = this.serializeForSig();
// TODO: parse all certs
var cert = pki_data.split(/-----BEGIN[^\n]*KEY-----/)[0].replace(/\s+/g, '');
if (!trustHash[cert])) {
; // untrusted cert
}
var jsrsaSig = new KJUR.crypto.Signature({ var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA', alg: type + 'withRSA',
prov: 'cryptojs/jsrsa' prov: 'cryptojs/jsrsa'

Write Preview
Loading…
Cancel
Save