lukechilds
/
bitcoincashjs
mirror of https://github.com/lukechilds/bitcoincashjs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

paypro: implement "none" pki_type.

patch-2
Christopher Jeffrey 11 years ago
parent
a73699ba64
commit
a50b9ed3a3
2 changed files with 82 additions and 53 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 44
      lib/PayPro.js
  2. 91
      lib/browser/PayPro.js

44
lib/PayPro.js
View File

@ -17,12 +17,19 @@ PayPro.prototype.x509Sign = function(key, returnTrust) {
pki_data = PayPro.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
var details = this.get('serialized_payment_details');
var type = pki_type.split('+')[1].toUpperCase();
var signature = crypto.createSign('RSA-' + type);
var buf = this.serializeForSig();
signature.update(buf);
var sig = signature.sign(key);
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
if (type !== 'none') {
var signature = crypto.createSign('RSA-' + type);
var buf = this.serializeForSig();
signature.update(buf);
var sig = signature.sign(key);
} else {
var buf = this.serializeForSig();
var sig = '';
}
if (returnTrust) {
var cert = pki_data[pki_data.length - 1];
@ -57,15 +64,20 @@ PayPro.prototype.x509Verify = function(returnTrust) {
pki_data = pki_data.certificate;
var details = this.get('serialized_payment_details');
var buf = this.serializeForSig();
var type = pki_type.split('+')[1].toUpperCase();
var verifier = crypto.createVerify('RSA-' + type);
verifier.update(buf);
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
var pem = PayPro.DERtoPEM(der, 'CERTIFICATE');
var verified = verifier.verify(pem, sig);
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
if (type !== 'none') {
var verifier = crypto.createVerify('RSA-' + type);
verifier.update(buf);
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
var pem = PayPro.DERtoPEM(der, 'CERTIFICATE');
var verified = verifier.verify(pem, sig);
} else {
var verified = true;
}
var chain = pki_data;
@ -177,7 +189,7 @@ PayPro.verifyCertChain = function(chain, type) {
// from the DER Certificate:
var tbs = PayPro.getTBSCertificate(data);
var verifier = crypto.createVerify('RSA-' + sigAlg);
var verifier = crypto.createVerify(type ? 'RSA-' + type : 'RSA');
verifier.update(tbs);
var sigVerified = verifier.verify(npubKey, sig);

91
lib/browser/PayPro.js
View File

@ -18,23 +18,29 @@ PayPro.prototype.x509Sign = function(key, returnTrust) {
var pki_data = this.get('pki_data'); // contains one or more x509 certs
pki_data = PayPro.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
var buf = this.serializeForSig();
var rsa = new KJUR.RSAKey();
rsa.readPrivateKeyFromPEMString(key.toString());
key = rsa;
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
if (type !== 'none') {
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
jsrsaSig.init(key);
jsrsaSig.init(key);
jsrsaSig.updateHex(buf.toString('hex'));
jsrsaSig.updateHex(buf.toString('hex'));
var sig = new Buffer(jsrsaSig.sign(), 'hex');
var sig = new Buffer(jsrsaSig.sign(), 'hex');
} else {
var sig = '';
}
if (returnTrust) {
var cert = pki_data[pki_data.length - 1];
@ -66,20 +72,25 @@ PayPro.prototype.x509Verify = function(returnTrust) {
pki_data = PayPro.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
var buf = this.serializeForSig();
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
// var pem = self._DERtoPEM(der, 'CERTIFICATE');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
jsrsaSig.initVerifyByCertificatePEM(pem);
jsrsaSig.updateHex(buf.toString('hex'));
var verified = jsrsaSig.verify(sig.toString('hex'));
if (type !== 'none') {
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
// var pem = self._DERtoPEM(der, 'CERTIFICATE');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
jsrsaSig.initVerifyByCertificatePEM(pem);
jsrsaSig.updateHex(buf.toString('hex'));
var verified = jsrsaSig.verify(sig.toString('hex'));
} else {
var verified = true;
}
var chain = pki_data;
@ -169,12 +180,14 @@ PayPro.verifyCertChain = function(chain, type) {
//
// Get Public Key from next certificate (via KJUR because it's a mess):
//
var js = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
js.initVerifyByCertificatePEM(npem);
var npubKey = js.pubKey;
if (type !== 'none') {
var js = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
js.initVerifyByCertificatePEM(npem);
var npubKey = js.pubKey;
}
// XXX Somehow change the pubKey format to npubKeyAlg.
//
@ -199,19 +212,23 @@ PayPro.verifyCertChain = function(chain, type) {
// Verify current Certificate signature
//
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
jsrsaSig.initVerifyByPublicKey(npubKey);
if (type !== 'none') {
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
jsrsaSig.initVerifyByPublicKey(npubKey);
// Get the raw DER TBSCertificate
// from the DER Certificate:
var tbs = PayPro.getTBSCertificate(data);
// Get the raw DER TBSCertificate
// from the DER Certificate:
var tbs = PayPro.getTBSCertificate(data);
jsrsaSig.updateHex(tbs.toString('hex'));
jsrsaSig.updateHex(tbs.toString('hex'));
var sigVerified = jsrsaSig.verify(sig.toString('hex'));
var sigVerified = jsrsaSig.verify(sig.toString('hex'));
} else {
var sigVerified = true;
}
return validityVerified
&& issuerVerified

Write Preview
Loading…
Cancel
Save