Browse Source

paypro: implement "none" pki_type.

patch-2
Christopher Jeffrey 11 years ago
parent
commit
a50b9ed3a3
  1. 20
      lib/PayPro.js
  2. 23
      lib/browser/PayPro.js

20
lib/PayPro.js

@ -17,12 +17,19 @@ PayPro.prototype.x509Sign = function(key, returnTrust) {
pki_data = PayPro.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
var details = this.get('serialized_payment_details');
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
if (type !== 'none') {
var signature = crypto.createSign('RSA-' + type);
var buf = this.serializeForSig();
signature.update(buf);
var sig = signature.sign(key);
} else {
var buf = this.serializeForSig();
var sig = '';
}
if (returnTrust) {
var cert = pki_data[pki_data.length - 1];
@ -57,15 +64,20 @@ PayPro.prototype.x509Verify = function(returnTrust) {
pki_data = pki_data.certificate;
var details = this.get('serialized_payment_details');
var buf = this.serializeForSig();
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
if (type !== 'none') {
var verifier = crypto.createVerify('RSA-' + type);
verifier.update(buf);
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
var pem = PayPro.DERtoPEM(der, 'CERTIFICATE');
var verified = verifier.verify(pem, sig);
} else {
var verified = true;
}
var chain = pki_data;
@ -177,7 +189,7 @@ PayPro.verifyCertChain = function(chain, type) {
// from the DER Certificate:
var tbs = PayPro.getTBSCertificate(data);
var verifier = crypto.createVerify('RSA-' + sigAlg);
var verifier = crypto.createVerify(type ? 'RSA-' + type : 'RSA');
verifier.update(tbs);
var sigVerified = verifier.verify(npubKey, sig);

23
lib/browser/PayPro.js

@ -18,13 +18,16 @@ PayPro.prototype.x509Sign = function(key, returnTrust) {
var pki_data = this.get('pki_data'); // contains one or more x509 certs
pki_data = PayPro.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
var buf = this.serializeForSig();
var rsa = new KJUR.RSAKey();
rsa.readPrivateKeyFromPEMString(key.toString());
key = rsa;
if (type !== 'none') {
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
@ -35,6 +38,9 @@ PayPro.prototype.x509Sign = function(key, returnTrust) {
jsrsaSig.updateHex(buf.toString('hex'));
var sig = new Buffer(jsrsaSig.sign(), 'hex');
} else {
var sig = '';
}
if (returnTrust) {
var cert = pki_data[pki_data.length - 1];
@ -66,13 +72,15 @@ PayPro.prototype.x509Verify = function(returnTrust) {
pki_data = PayPro.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
var buf = this.serializeForSig();
var type = pki_type.split('+')[1].toUpperCase();
var type = pki_type !== 'none'
? pki_type.split('+')[1].toUpperCase()
: pki_type;
if (type !== 'none') {
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
// var pem = self._DERtoPEM(der, 'CERTIFICATE');
@ -80,6 +88,9 @@ PayPro.prototype.x509Verify = function(returnTrust) {
jsrsaSig.initVerifyByCertificatePEM(pem);
jsrsaSig.updateHex(buf.toString('hex'));
var verified = jsrsaSig.verify(sig.toString('hex'));
} else {
var verified = true;
}
var chain = pki_data;
@ -169,12 +180,14 @@ PayPro.verifyCertChain = function(chain, type) {
//
// Get Public Key from next certificate (via KJUR because it's a mess):
//
if (type !== 'none') {
var js = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
js.initVerifyByCertificatePEM(npem);
var npubKey = js.pubKey;
}
// XXX Somehow change the pubKey format to npubKeyAlg.
//
@ -199,6 +212,7 @@ PayPro.verifyCertChain = function(chain, type) {
// Verify current Certificate signature
//
if (type !== 'none') {
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
@ -212,6 +226,9 @@ PayPro.verifyCertChain = function(chain, type) {
jsrsaSig.updateHex(tbs.toString('hex'));
var sigVerified = jsrsaSig.verify(sig.toString('hex'));
} else {
var sigVerified = true;
}
return validityVerified
&& issuerVerified

Loading…
Cancel
Save