|
@ -147,7 +147,7 @@ PayPro.prototype.x509Verify = function() { |
|
|
// http://www.ietf.org/rfc/rfc5280.txt
|
|
|
// http://www.ietf.org/rfc/rfc5280.txt
|
|
|
// http://tools.ietf.org/html/rfc5280#section-4.2
|
|
|
// http://tools.ietf.org/html/rfc5280#section-4.2
|
|
|
//
|
|
|
//
|
|
|
var extensions = rfc5280.decodeExtensions(c, { partial: true }); |
|
|
var extensions = rfc5280.decodeExtensions(c, { partial: false }); |
|
|
var extensionsVerified = extensions.verified; |
|
|
var extensionsVerified = extensions.verified; |
|
|
|
|
|
|
|
|
// Object.keys(extensions).forEach(function(key) {
|
|
|
// Object.keys(extensions).forEach(function(key) {
|
|
@ -201,7 +201,15 @@ var rfc5280 = {}; |
|
|
|
|
|
|
|
|
var AuthorityKeyIdentifier = |
|
|
var AuthorityKeyIdentifier = |
|
|
rfc5280.AuthorityKeyIdentifier = asn1.define('AuthorityKeyIdentifier', function() { |
|
|
rfc5280.AuthorityKeyIdentifier = asn1.define('AuthorityKeyIdentifier', function() { |
|
|
|
|
|
// XXX Parse Error
|
|
|
|
|
|
this.any(); |
|
|
|
|
|
return; |
|
|
|
|
|
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":0,"tagStr":"end"}
|
|
|
|
|
|
// expectedTag: "octstr"
|
|
|
|
|
|
|
|
|
this.seq().obj( |
|
|
this.seq().obj( |
|
|
|
|
|
// this.key('_unknown').end(),
|
|
|
this.key('keyIdentifier').optional().use(KeyIdentifier), |
|
|
this.key('keyIdentifier').optional().use(KeyIdentifier), |
|
|
this.key('authorityCertIssuer').optional().use(GeneralNames), |
|
|
this.key('authorityCertIssuer').optional().use(GeneralNames), |
|
|
this.key('authorityCertSerialNumber').optional().use(CertificateSerialNumber) |
|
|
this.key('authorityCertSerialNumber').optional().use(CertificateSerialNumber) |
|
@ -242,7 +250,9 @@ rfc5280.GeneralNames = asn1.define('GeneralNames', function() { |
|
|
var GeneralName = |
|
|
var GeneralName = |
|
|
rfc5280.GeneralName = asn1.define('GeneralName', function() { |
|
|
rfc5280.GeneralName = asn1.define('GeneralName', function() { |
|
|
this.choice({ |
|
|
this.choice({ |
|
|
otherName: this.use(OtherName), |
|
|
_unknown: this.int(), |
|
|
|
|
|
otherName: this.use(AnotherName), |
|
|
|
|
|
// otherName: this.use(rfc3280.Name),
|
|
|
rfc822Name: this.ia5str(), |
|
|
rfc822Name: this.ia5str(), |
|
|
dNSName: this.ia5str(), |
|
|
dNSName: this.ia5str(), |
|
|
x400Address: this.use(ORAddress), |
|
|
x400Address: this.use(ORAddress), |
|
@ -255,11 +265,79 @@ rfc5280.GeneralName = asn1.define('GeneralName', function() { |
|
|
}); |
|
|
}); |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* #### OtherName |
|
|
* #### AnotherName |
|
|
|
|
|
* Also referenced as "OtherName" |
|
|
*/ |
|
|
*/ |
|
|
|
|
|
|
|
|
var OtherName = |
|
|
var AnotherName = |
|
|
rfc5280.OtherName = asn1.define('OtherName', function() { |
|
|
rfc5280.AnotherName = asn1.define('AnotherName', function() { |
|
|
|
|
|
// XXX Parse Error
|
|
|
|
|
|
// this.any();
|
|
|
|
|
|
// return;
|
|
|
|
|
|
|
|
|
|
|
|
// XXX THE ROOT OF THE PROBLEM LIES HERE:
|
|
|
|
|
|
// Used by Subject Alternative Name
|
|
|
|
|
|
// Fails on the objid()
|
|
|
|
|
|
|
|
|
|
|
|
// input._reporterState.path is empty array, which is why we get '(shallow)'
|
|
|
|
|
|
// { _reporterState: { obj: {}, path: [], options: { partial: false }, errors: [] },
|
|
|
|
|
|
// base: <Buffer 30 1a 82 0c 2a 2e 62 69 74 70 61 79 2e 63 6f 6d 82 0a 62 69 74 70 61 79 2e 63 6f 6d>,
|
|
|
|
|
|
// offset: 2,
|
|
|
|
|
|
// length: 28 }
|
|
|
|
|
|
|
|
|
|
|
|
// ~/work/node_modules/asn1.js/lib/asn1/decoders/der.js
|
|
|
|
|
|
// ~/work/node_modules/asn1.js/lib/asn1/base/node.js L459
|
|
|
|
|
|
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Failed to match tag: "seq" at: (shallow)
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Failed to match tag: "ia5str" at: (shallow)
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Failed to match tag: "ia5str" at: (shallow)
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Failed to match tag: "seq" at: (shallow)
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Failed to match tag: "seqof" at: (shallow)
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Choice not matched at: (shallow)
|
|
|
|
|
|
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Failed to match tag: "seq" at: (shallow)
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Failed to match tag: "ia5str" at: (shallow)
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Failed to match tag: "octstr" at: (shallow)
|
|
|
|
|
|
// node._decode(input) call error.
|
|
|
|
|
|
// Failed to match tag: "objid" at: (shallow)
|
|
|
|
|
|
|
|
|
|
|
|
// ~/work/node_modules/asn1.js/lib/asn1/decoders/der.js L66
|
|
|
|
|
|
// It's decoding it as an int (decodedTag):
|
|
|
|
|
|
// It's describing GeneralNames:
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"}
|
|
|
|
|
|
// expectedTag: "seq"
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"}
|
|
|
|
|
|
// expectedTag: "ia5str"
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"}
|
|
|
|
|
|
// expectedTag: "ia5str"
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"}
|
|
|
|
|
|
// expectedTag: "seq"
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"}
|
|
|
|
|
|
// expectedTag: "seqof"
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"}
|
|
|
|
|
|
// expectedTag: "seq"
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"}
|
|
|
|
|
|
// expectedTag: "ia5str"
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"}
|
|
|
|
|
|
// expectedTag: "octstr"
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":true,"tag":2,"tagStr":"int"}
|
|
|
|
|
|
// expectedTag: "objid"
|
|
|
|
|
|
|
|
|
|
|
|
// Specification:
|
|
|
|
|
|
// this.seq().obj(
|
|
|
|
|
|
// this.key('typeId').objid(),
|
|
|
|
|
|
// this.key('value').explicit(0).any()
|
|
|
|
|
|
// );
|
|
|
|
|
|
|
|
|
this.seq().obj( |
|
|
this.seq().obj( |
|
|
this.key('typeId').objid(), |
|
|
this.key('typeId').objid(), |
|
|
this.key('value').explicit(0).any() |
|
|
this.key('value').explicit(0).any() |
|
@ -748,16 +826,38 @@ rfc5280.DistributionPoint = asn1.define('DistributionPoint', function() { |
|
|
|
|
|
|
|
|
var DistributionPointName = |
|
|
var DistributionPointName = |
|
|
rfc5280.DistributionPointName = asn1.define('DistributionPointName', function() { |
|
|
rfc5280.DistributionPointName = asn1.define('DistributionPointName', function() { |
|
|
|
|
|
// XXX Parse Error
|
|
|
|
|
|
// this.any();
|
|
|
|
|
|
// return;
|
|
|
|
|
|
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":false,"tag":0,"tagStr":"end"}
|
|
|
|
|
|
// expectedTag: "seqof"
|
|
|
|
|
|
// decodedTag: {"cls":"context","primitive":false,"tag":0,"tagStr":"end"}
|
|
|
|
|
|
// expectedTag: "setof"
|
|
|
|
|
|
|
|
|
|
|
|
// Has tag "end":
|
|
|
|
|
|
// ~/work/node_modules/asn1.js/lib/asn1/constants/der.js
|
|
|
|
|
|
// ~/work/node_modules/asn1.js/lib/asn1/decoders/der.js
|
|
|
|
|
|
// function derDecodeTag(buf, fail) {
|
|
|
|
|
|
|
|
|
this.choice({ |
|
|
this.choice({ |
|
|
|
|
|
// _unknown: this.end(),
|
|
|
fullName: this.use(GeneralNames), |
|
|
fullName: this.use(GeneralNames), |
|
|
nameRelativeToCRLIssuer: this.use(RelativeDistinguishedName) |
|
|
nameRelativeToCRLIssuer: this.use(RelativeDistinguishedName) |
|
|
}); |
|
|
}); |
|
|
}); |
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
// rfc3280.Name;
|
|
|
|
|
|
// rfc3280.RDNSequence;
|
|
|
|
|
|
// rfc3280.RelativeDistinguishedName
|
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* #### Relative Distinguished Name |
|
|
* #### Relative Distinguished Name |
|
|
*/ |
|
|
*/ |
|
|
|
|
|
|
|
|
|
|
|
var RelativeDistinguishedName = |
|
|
|
|
|
rfc5280.RelativeDistinguishedName = rfc3280.RelativeDistinguishedName; |
|
|
|
|
|
|
|
|
var RelativeDistinguishedName = |
|
|
var RelativeDistinguishedName = |
|
|
rfc5280.RelativeDistinguishedName = asn1.define('RelativeDistinguishedName', function() { |
|
|
rfc5280.RelativeDistinguishedName = asn1.define('RelativeDistinguishedName', function() { |
|
|
this.setof(AttributeTypeAndValue); |
|
|
this.setof(AttributeTypeAndValue); |
|
@ -850,11 +950,11 @@ rfc5280.extensions = { |
|
|
name: 'Key Usage', |
|
|
name: 'Key Usage', |
|
|
parse: function(decoded, cert, ext, edata) { |
|
|
parse: function(decoded, cert, ext, edata) { |
|
|
// For bitstr: KeyUsage
|
|
|
// For bitstr: KeyUsage
|
|
|
|
|
|
// NOTE: nonRepudiation was renamed to contentCommitment:
|
|
|
var data = decoded.data[0]; |
|
|
var data = decoded.data[0]; |
|
|
return { |
|
|
return { |
|
|
digitalSignature: !!((data >> 0) & 1), |
|
|
digitalSignature: !!((data >> 0) & 1), |
|
|
nonRepudiation: !!((data >> 1) & 1), |
|
|
nonRepudiation: !!((data >> 1) & 1), |
|
|
// nonRepudiation renamed to contentCommitment:
|
|
|
|
|
|
contentCommitment: !!((data >> 1) & 1), |
|
|
contentCommitment: !!((data >> 1) & 1), |
|
|
keyEncipherment: !!((data >> 2) & 1), |
|
|
keyEncipherment: !!((data >> 2) & 1), |
|
|
dataEncipherment: !!((data >> 3) & 1), |
|
|
dataEncipherment: !!((data >> 3) & 1), |
|
@ -881,6 +981,7 @@ rfc5280.extensions = { |
|
|
31: { |
|
|
31: { |
|
|
name: 'CRL Distribution Points', |
|
|
name: 'CRL Distribution Points', |
|
|
parse: function(decoded, cert, ext, edata) { |
|
|
parse: function(decoded, cert, ext, edata) { |
|
|
|
|
|
return decoded; |
|
|
// XXX Find the bitstr: ReasonFlags
|
|
|
// XXX Find the bitstr: ReasonFlags
|
|
|
print('@@@@@@@@@@@@@@@@@@@@@@@@@@@'); |
|
|
print('@@@@@@@@@@@@@@@@@@@@@@@@@@@'); |
|
|
print(decoded); |
|
|
print(decoded); |
|
|