|
|
@ -133,40 +133,62 @@ PayPro.prototype.x509Verify = function() { |
|
|
|
// http://tools.ietf.org/html/rfc5280#section-4.2
|
|
|
|
//
|
|
|
|
|
|
|
|
// Basic Constraints
|
|
|
|
var basicConstraints = nc.tbsCertificate.extensions.filter(function(ext) { |
|
|
|
return ext.extnID[3] === 19; |
|
|
|
})[0]; |
|
|
|
var ext; |
|
|
|
var eid; |
|
|
|
var extensions = { |
|
|
|
basicConstraints: null, |
|
|
|
keyUsage: null, |
|
|
|
subjectKeyIdentifier: null, |
|
|
|
authKeyIdentifier: null, |
|
|
|
CRLDistributionPoints: null, |
|
|
|
certificatePolicies: null, |
|
|
|
standardUnknown: [], |
|
|
|
unknown: [], |
|
|
|
}; |
|
|
|
|
|
|
|
for (var i = 0; i < nc.tbsCertificate.extensions.length; i++) { |
|
|
|
ext = nc.tbsCertificate.extensions[i]; |
|
|
|
eid = ext.extnID; |
|
|
|
if (eid.length === 4 && eid[0] === 2 && eid[1] === 5 && eid[2] === 29) { |
|
|
|
switch (eid[3]) { |
|
|
|
// Basic Constraints
|
|
|
|
case 19: |
|
|
|
extensions.basicConstraints = ext; |
|
|
|
break; |
|
|
|
// Key Usage
|
|
|
|
var keyUsage = nc.tbsCertificate.extensions.filter(function(ext) { |
|
|
|
return ext.extnID[3] === 15; |
|
|
|
})[0]; |
|
|
|
|
|
|
|
case 15: |
|
|
|
extensions.keyUsage = ext; |
|
|
|
break; |
|
|
|
// Subject Key Identifier
|
|
|
|
var authKeyIdentifier = nc.tbsCertificate.extensions.filter(function(ext) { |
|
|
|
return ext.extnID[3] === 14; |
|
|
|
})[0]; |
|
|
|
|
|
|
|
case 14: |
|
|
|
extensions.subjectKeyIdentifier = ext; |
|
|
|
break; |
|
|
|
// Authority Key Identifier
|
|
|
|
var authKeyIdentifier = nc.tbsCertificate.extensions.filter(function(ext) { |
|
|
|
return ext.extnID[3] === 35; |
|
|
|
})[0]; |
|
|
|
|
|
|
|
// Unknown Extension (not documented anywhere, probably non-standard)
|
|
|
|
var unknown = nc.tbsCertificate.extensions.filter(function(ext) { |
|
|
|
return ext.extnID[3] === 1; |
|
|
|
})[0]; |
|
|
|
|
|
|
|
case 35: |
|
|
|
extensions.authKeyIdentifier = ext; |
|
|
|
break; |
|
|
|
// CRL Distribution Points
|
|
|
|
var CRLDistributionPoints = nc.tbsCertificate.extensions.filter(function(ext) { |
|
|
|
return ext.extnID[3] === 31; |
|
|
|
})[0]; |
|
|
|
|
|
|
|
case 31: |
|
|
|
extensions.CRLDistributionPoints = ext; |
|
|
|
break; |
|
|
|
// Certificate Policies
|
|
|
|
var certPolicies = nc.tbsCertificate.extensions.filter(function(ext) { |
|
|
|
return ext.extnID[3] === 32; |
|
|
|
})[0]; |
|
|
|
case 32: |
|
|
|
extensions.certificatePolicies = ext; |
|
|
|
break; |
|
|
|
// Unknown Extension (not documented anywhere, probably non-standard)
|
|
|
|
default: |
|
|
|
extensions.standardUnknown.push(ext); |
|
|
|
break; |
|
|
|
} |
|
|
|
} else { |
|
|
|
extensions.unknown.push(ext); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
print(c); |
|
|
|
print(nc); |
|
|
|
print('issuerVerified: %s', issuerVerified); |
|
|
|
print(extensions); |
|
|
|
|
|
|
|
//
|
|
|
|
// Create a To-Be-Signed Certificate to verify using asn1.js:
|
|
|
@ -184,4 +206,16 @@ PayPro.prototype.x509Verify = function() { |
|
|
|
return verified && chainVerified; |
|
|
|
}; |
|
|
|
|
|
|
|
var util = require('util'); |
|
|
|
function inspect(obj) { |
|
|
|
return typeof obj !== 'string' |
|
|
|
? util.inspect(obj, false, 20, true) |
|
|
|
: obj; |
|
|
|
} |
|
|
|
function print(obj) { |
|
|
|
return typeof obj === 'object' |
|
|
|
? process.stdout.write(inspect(obj) + '\n') |
|
|
|
: console.log.apply(console, arguments); |
|
|
|
} |
|
|
|
|
|
|
|
module.exports = PayPro; |
|
|
|