From b52eb6f922639c75a5e394cb41bc16295aad8b7a Mon Sep 17 00:00:00 2001 From: Christopher Jeffrey Date: Mon, 25 Aug 2014 11:18:24 -0700 Subject: [PATCH] paypro: better extension parsing with more debugging. --- lib/PayPro.js | 102 +++++++++++++++++++++++++++++++++----------------- 1 file changed, 68 insertions(+), 34 deletions(-) diff --git a/lib/PayPro.js b/lib/PayPro.js index a27ce0f..7a3736c 100644 --- a/lib/PayPro.js +++ b/lib/PayPro.js @@ -133,40 +133,62 @@ PayPro.prototype.x509Verify = function() { // http://tools.ietf.org/html/rfc5280#section-4.2 // - // Basic Constraints - var basicConstraints = nc.tbsCertificate.extensions.filter(function(ext) { - return ext.extnID[3] === 19; - })[0]; - - // Key Usage - var keyUsage = nc.tbsCertificate.extensions.filter(function(ext) { - return ext.extnID[3] === 15; - })[0]; - - // Subject Key Identifier - var authKeyIdentifier = nc.tbsCertificate.extensions.filter(function(ext) { - return ext.extnID[3] === 14; - })[0]; - - // Authority Key Identifier - var authKeyIdentifier = nc.tbsCertificate.extensions.filter(function(ext) { - return ext.extnID[3] === 35; - })[0]; - - // Unknown Extension (not documented anywhere, probably non-standard) - var unknown = nc.tbsCertificate.extensions.filter(function(ext) { - return ext.extnID[3] === 1; - })[0]; - - // CRL Distribution Points - var CRLDistributionPoints = nc.tbsCertificate.extensions.filter(function(ext) { - return ext.extnID[3] === 31; - })[0]; - - // Certificate Policies - var certPolicies = nc.tbsCertificate.extensions.filter(function(ext) { - return ext.extnID[3] === 32; - })[0]; + var ext; + var eid; + var extensions = { + basicConstraints: null, + keyUsage: null, + subjectKeyIdentifier: null, + authKeyIdentifier: null, + CRLDistributionPoints: null, + certificatePolicies: null, + standardUnknown: [], + unknown: [], + }; + + for (var i = 0; i < nc.tbsCertificate.extensions.length; i++) { + ext = nc.tbsCertificate.extensions[i]; + eid = ext.extnID; + if (eid.length === 4 && eid[0] === 2 && eid[1] === 5 && eid[2] === 29) { + switch (eid[3]) { + // Basic Constraints + case 19: + extensions.basicConstraints = ext; + break; + // Key Usage + case 15: + extensions.keyUsage = ext; + break; + // Subject Key Identifier + case 14: + extensions.subjectKeyIdentifier = ext; + break; + // Authority Key Identifier + case 35: + extensions.authKeyIdentifier = ext; + break; + // CRL Distribution Points + case 31: + extensions.CRLDistributionPoints = ext; + break; + // Certificate Policies + case 32: + extensions.certificatePolicies = ext; + break; + // Unknown Extension (not documented anywhere, probably non-standard) + default: + extensions.standardUnknown.push(ext); + break; + } + } else { + extensions.unknown.push(ext); + } + } + + print(c); + print(nc); + print('issuerVerified: %s', issuerVerified); + print(extensions); // // Create a To-Be-Signed Certificate to verify using asn1.js: @@ -184,4 +206,16 @@ PayPro.prototype.x509Verify = function() { return verified && chainVerified; }; +var util = require('util'); +function inspect(obj) { + return typeof obj !== 'string' + ? util.inspect(obj, false, 20, true) + : obj; +} +function print(obj) { + return typeof obj === 'object' + ? process.stdout.write(inspect(obj) + '\n') + : console.log.apply(console, arguments); +} + module.exports = PayPro;