From bb3da9d6dcd839def5c0e7d41a397653e0428af5 Mon Sep 17 00:00:00 2001 From: Christopher Jeffrey Date: Mon, 25 Aug 2014 15:55:44 -0700 Subject: [PATCH] paypro: parse all extensions. --- lib/PayPro.js | 98 ++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 93 insertions(+), 5 deletions(-) diff --git a/lib/PayPro.js b/lib/PayPro.js index 55e0d11..88d8c1f 100644 --- a/lib/PayPro.js +++ b/lib/PayPro.js @@ -183,16 +183,18 @@ PayPro.prototype.x509Verify = function() { extensions.authorityKeyIdentifier = rfc5280.AuthorityKeyIdentifier.decode( extensions.authorityKeyIdentifier, 'der'); + print('Authority Key Identifier:'); print(extensions.authorityKeyIdentifier); break; // Subject Key Identifier case 14: extensions.subjectKeyIdentifier = ext.extnValue; // parse - // extensions.subjectKeyIdentifier = rfc5280.SubjectKeyIdentifier.decode( - // extensions.subjectKeyIdentifier, - // 'der'); - // print(extensions.subjectKeyIdentifier); + extensions.subjectKeyIdentifier = rfc5280.SubjectKeyIdentifier.decode( + extensions.subjectKeyIdentifier, + 'der'); + print('Subject Key Identifier:'); + print(extensions.subjectKeyIdentifier); break; // Key Usage case 15: @@ -214,55 +216,128 @@ PayPro.prototype.x509Verify = function() { encipherOnly: !!((data >> 7) & 1), decipherOnly: !!((data >> 8) & 1) }; + print('Key Usage:'); print(extensions.keyUsage); break; // Certificate Policies case 32: extensions.certificatePolicies = ext.extnValue; + // parse + extensions.certificatePolicies = rfc5280.CertificatePolicies.decode( + extensions.certificatePolicies, + 'der'); + print('Certificate Policies:'); + print(extensions.certificatePolicies); break; // Policy Mappings case 33: extensions.policyMappings = ext.extnValue; + // parse + extensions.policyMappings = rfc5280.PolicyMappings.decode( + extensions.policyMappings, + 'der'); + print('Policy Mappings:'); + print(extensions.policyMappings); break; // Subject Alternative Name case 17: extensions.subjectAlternativeName = ext.extnValue; + // parse + extensions.subjectAlternativeName = rfc5280.SubjectAlternativeName.decode( + extensions.subjectAlternativeName, + 'der'); + print('Subject Alternative Name:'); + print(extensions.subjectAlternativeName); break; // Issuer Alternative Name case 18: extensions.issuerAlternativeName = ext.extnValue; + // parse + extensions.issuerAlternativeName = rfc5280.IssuerAlternativeName.decode( + extensions.issuerAlternativeName, + 'der'); + print('Issuer Alternative Name:'); + print(extensions.issuerAlternativeName); break; // Subject Directory Attributes case 9: extensions.subjectDirectoryAttributes = ext.extnValue; + // parse + extensions.subjectDirectoryAttributes = rfc5280.SubjectDirectoryAttributes.decode( + extensions.subjectDirectoryAttributes, + 'der'); + print('Subject Directory Attributes:'); + print(extensions.subjectDirectoryAttributes); break; // Basic Constraints case 19: extensions.basicConstraints = ext.extnValue; + // parse + extensions.basicConstraints = rfc5280.BasicConstraints.decode( + extensions.basicConstraints, + 'der'); + print('Basic Constraints:'); + print(extensions.basicConstraints); break; // Name Constraints case 30: extensions.nameConstraints = ext.extnValue; + // parse + extensions.nameConstraints = rfc5280.NameConstraints.decode( + extensions.nameConstraints, + 'der'); + print('Name Constraints:'); + print(extensions.nameConstraints); break; // Policy Constraints case 36: extensions.policyConstraints = ext.extnValue; + // parse + extensions.policyConstraints = rfc5280.PolicyConstraints.decode( + extensions.policyConstraints, + 'der'); + print('Policy Constraints:'); + print(extensions.policyConstraints); break; // Extended Key Usage case 37: extensions.extendedKeyUsage = ext.extnValue; + // parse + extensions.extendedKeyUsage = rfc5280.ExtendedKeyUsage.decode( + extensions.extendedKeyUsage, + 'der'); + print('Extended Key Usage'); + print(extensions.extendedKeyUsage); break; // CRL Distribution Points case 31: extensions.CRLDistributionPoints = ext.extnValue; + // parse + extensions.CRLDistributionPoints = rfc5280.CRLDistributionPoints.decode( + extensions.CRLDistributionPoints, + 'der'); + print('CRL Distribution Points:'); + print(extensions.CRLDistributionPoints); break; // Inhibit anyPolicy case 54: extensions.inhibitAnyPolicy = ext.extnValue; + // parse + extensions.inhibitAnyPolicy = rfc5280.InhibitAnyPolicy.decode( + extensions.inhibitAnyPolicy, + 'der'); + print('Inhibit Any Policy:'); + print(extensions.inhibitAnyPolicy); break; // Freshest CRL case 46: extensions.freshestCRL = ext.extnValue; + // parse + extensions.freshestCRL = rfc5280.FreshestCRL.decode( + extensions.freshestCRL, + 'der'); + print('Freshest CRL:'); + print(extensions.freshestCRL); break; // Unknown Extension (not documented anywhere, probably non-standard) default: @@ -287,11 +362,23 @@ PayPro.prototype.x509Verify = function() { // id-pe: case 1: extensions.authorityInformationAccess = ext.extnValue; + // parse + extensions.authorityInformationAccess = rfc5280.AuthorityInformationAccess.decode( + extensions.authorityInformationAccess, + 'der'); + print('Authority Information Access:'); + print(extensions.freshestCRL); break; // Subject Information Access // id-pe: case 11: extensions.subjectInformationAccess = ext.extnValue; + // parse + extensions.subjectInformationAccess = rfc5280.SubjectInformationAccess.decode( + extensions.subjectInformationAccess, + 'der'); + print('Subject Information Access:'); + print(extensions.subjectInformationAccess); break; // Unknown Extension (not documented anywhere, probably non-standard) default: @@ -802,7 +889,8 @@ var Attribute = rfc5280.AttributeTypeAndValue = AttributeTypeAndValue; var BasicConstraints = rfc5280.BasicConstraints = asn1.define('BasicConstraints', function() { this.seq().obj( - this.key('cA').default(false).bool(), + // this.key('cA').default(false).bool(), + this.key('cA').bool(), this.key('pathLenConstraint').optional().int() ); });