diff --git a/lib/PayPro.js b/lib/PayPro.js index 2aa01b7..9d3afdb 100644 --- a/lib/PayPro.js +++ b/lib/PayPro.js @@ -147,7 +147,7 @@ PayPro.prototype.x509Verify = function() { // http://www.ietf.org/rfc/rfc5280.txt // http://tools.ietf.org/html/rfc5280#section-4.2 // - var extensions = rfc5280.decodeExtensions(c, { partial: true }); + var extensions = rfc5280.decodeExtensions(c, { partial: false }); var extensionsVerified = extensions.verified; // Object.keys(extensions).forEach(function(key) { @@ -201,7 +201,15 @@ var rfc5280 = {}; var AuthorityKeyIdentifier = rfc5280.AuthorityKeyIdentifier = asn1.define('AuthorityKeyIdentifier', function() { + // XXX Parse Error + this.any(); + return; + + // decodedTag: {"cls":"context","primitive":true,"tag":0,"tagStr":"end"} + // expectedTag: "octstr" + this.seq().obj( + // this.key('_unknown').end(), this.key('keyIdentifier').optional().use(KeyIdentifier), this.key('authorityCertIssuer').optional().use(GeneralNames), this.key('authorityCertSerialNumber').optional().use(CertificateSerialNumber) @@ -242,7 +250,9 @@ rfc5280.GeneralNames = asn1.define('GeneralNames', function() { var GeneralName = rfc5280.GeneralName = asn1.define('GeneralName', function() { this.choice({ - otherName: this.use(OtherName), + _unknown: this.int(), + otherName: this.use(AnotherName), + // otherName: this.use(rfc3280.Name), rfc822Name: this.ia5str(), dNSName: this.ia5str(), x400Address: this.use(ORAddress), @@ -255,11 +265,79 @@ rfc5280.GeneralName = asn1.define('GeneralName', function() { }); /** - * #### OtherName + * #### AnotherName + * Also referenced as "OtherName" */ -var OtherName = -rfc5280.OtherName = asn1.define('OtherName', function() { +var AnotherName = +rfc5280.AnotherName = asn1.define('AnotherName', function() { + // XXX Parse Error + // this.any(); + // return; + + // XXX THE ROOT OF THE PROBLEM LIES HERE: + // Used by Subject Alternative Name + // Fails on the objid() + + // input._reporterState.path is empty array, which is why we get '(shallow)' + // { _reporterState: { obj: {}, path: [], options: { partial: false }, errors: [] }, + // base: , + // offset: 2, + // length: 28 } + + // ~/work/node_modules/asn1.js/lib/asn1/decoders/der.js + // ~/work/node_modules/asn1.js/lib/asn1/base/node.js L459 + + // node._decode(input) call error. + // Failed to match tag: "seq" at: (shallow) + // node._decode(input) call error. + // Failed to match tag: "ia5str" at: (shallow) + // node._decode(input) call error. + // Failed to match tag: "ia5str" at: (shallow) + // node._decode(input) call error. + // Failed to match tag: "seq" at: (shallow) + // node._decode(input) call error. + // Failed to match tag: "seqof" at: (shallow) + // node._decode(input) call error. + // Choice not matched at: (shallow) + + // node._decode(input) call error. + // Failed to match tag: "seq" at: (shallow) + // node._decode(input) call error. + // Failed to match tag: "ia5str" at: (shallow) + // node._decode(input) call error. + // Failed to match tag: "octstr" at: (shallow) + // node._decode(input) call error. + // Failed to match tag: "objid" at: (shallow) + + // ~/work/node_modules/asn1.js/lib/asn1/decoders/der.js L66 + // It's decoding it as an int (decodedTag): + // It's describing GeneralNames: + // decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"} + // expectedTag: "seq" + // decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"} + // expectedTag: "ia5str" + // decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"} + // expectedTag: "ia5str" + // decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"} + // expectedTag: "seq" + // decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"} + // expectedTag: "seqof" + // decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"} + // expectedTag: "seq" + // decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"} + // expectedTag: "ia5str" + // decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"} + // expectedTag: "octstr" + // decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"} + // expectedTag: "objid" + + // Specification: + // this.seq().obj( + // this.key('typeId').objid(), + // this.key('value').explicit(0).any() + // ); + this.seq().obj( this.key('typeId').objid(), this.key('value').explicit(0).any() @@ -748,16 +826,38 @@ rfc5280.DistributionPoint = asn1.define('DistributionPoint', function() { var DistributionPointName = rfc5280.DistributionPointName = asn1.define('DistributionPointName', function() { + // XXX Parse Error + // this.any(); + // return; + + // decodedTag: {"cls":"context","primitive":false,"tag":0,"tagStr":"end"} + // expectedTag: "seqof" + // decodedTag: {"cls":"context","primitive":false,"tag":0,"tagStr":"end"} + // expectedTag: "setof" + + // Has tag "end": + // ~/work/node_modules/asn1.js/lib/asn1/constants/der.js + // ~/work/node_modules/asn1.js/lib/asn1/decoders/der.js + // function derDecodeTag(buf, fail) { + this.choice({ + // _unknown: this.end(), fullName: this.use(GeneralNames), nameRelativeToCRLIssuer: this.use(RelativeDistinguishedName) }); }); +// rfc3280.Name; +// rfc3280.RDNSequence; +// rfc3280.RelativeDistinguishedName + /** * #### Relative Distinguished Name */ +var RelativeDistinguishedName = +rfc5280.RelativeDistinguishedName = rfc3280.RelativeDistinguishedName; + var RelativeDistinguishedName = rfc5280.RelativeDistinguishedName = asn1.define('RelativeDistinguishedName', function() { this.setof(AttributeTypeAndValue); @@ -850,11 +950,11 @@ rfc5280.extensions = { name: 'Key Usage', parse: function(decoded, cert, ext, edata) { // For bitstr: KeyUsage + // NOTE: nonRepudiation was renamed to contentCommitment: var data = decoded.data[0]; return { digitalSignature: !!((data >> 0) & 1), nonRepudiation: !!((data >> 1) & 1), - // nonRepudiation renamed to contentCommitment: contentCommitment: !!((data >> 1) & 1), keyEncipherment: !!((data >> 2) & 1), dataEncipherment: !!((data >> 3) & 1), @@ -881,6 +981,7 @@ rfc5280.extensions = { 31: { name: 'CRL Distribution Points', parse: function(decoded, cert, ext, edata) { + return decoded; // XXX Find the bitstr: ReasonFlags print('@@@@@@@@@@@@@@@@@@@@@@@@@@@'); print(decoded);