paypro: add isTrusted function to RootCerts.

11 years ago · cec71a51fd
4 changed files with 26 additions and 6 deletions
--- a/browser/root-certs
+++ b/browser/root-certs
@ -29,13 +29,23 @@ function getRootCerts(callback) {
    body = body.replace(/^"/gm, '+ "');
    body = body.replace(/^\+ "-----B/gm, '"-----B');
    body += ''
+      + '\n'
      + '// Use hash table for efficiency:\n'
      + 'RootCerts = RootCerts.reduce(function(trusted, cert) {\n'
      + '  cert = cert.replace(/\\s+/g, "");\n'
      + '  trusted[cert] = true;\n'
      + '  return trusted;\n'
      + '}, {});\n'
-      + 'module.exports = RootCerts;\n';
+      + '\n'
+      + 'function isTrusted(pem) {\n'
+      + '  pem = pem + "";\n'
+      + '  pem = pem.replace(/\\s+/g, "");\n'
+      + '  return !!RootCerts[pem];\n'
+      + '}\n'
+      + '\n'
+      + 'exports = RootCerts;\n'
+      + 'exports.isTrusted = isTrusted;\n'
+      + 'module.exports = exports;\n';
    return callback(null, body);
  });
 }
--- a/lib/PayPro.js
+++ b/lib/PayPro.js
@ -251,7 +251,7 @@ PayPro.prototype.x509Sign = function(key) {
  var trusted = [].concat(pki_data).every(function(cert) {
    var der = cert.toString('hex');
    var pem = self._DERtoPEM(der, 'CERTIFICATE');
-    return !!RootCerts[pem.replace(/\s+/g, '')];
+    return RootCerts.isTrusted(pem);
  });

  if (!trusted) {
@ -282,7 +282,7 @@ PayPro.prototype.x509Verify = function() {
    var der = cert.toString('hex');
    var pem = self._DERtoPEM(der, 'CERTIFICATE');

-    if (!RootCerts[pem.replace(/\s+/g, '')]) {
+    if (!RootCerts.isTrusted(pem)) {
      // throw new Error('Unstrusted certificate.');
    }

--- a/lib/browser/PayPro.js
+++ b/lib/browser/PayPro.js
@ -25,7 +25,7 @@ PayPro.sign = function(key) {
    var trusted = [].concat(pki_data).every(function(cert) {
      var der = cert.toString('hex');
      var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
-      return !!RootCerts[pem.replace(/\s+/g, '')];
+      return RootCerts.isTrusted(pem);
    });

    if (!trusted) {
@ -75,7 +75,7 @@ PayPro.verify = function() {
      var der = cert.toString('hex');
      var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');

-      if (!RootCerts[pem.replace(/\s+/g, '')]) {
+      if (!RootCerts.isTrusted(pem)) {
        // throw new Error('Unstrusted certificate.');
      }

--- a/lib/common/RootCerts.js
+++ b/lib/common/RootCerts.js
@ -3560,10 +3560,20 @@ var RootCerts = [
 + "-----END CERTIFICATE-----\n",

 ];
+
 // Use hash table for efficiency:
 RootCerts = RootCerts.reduce(function(trusted, cert) {
  cert = cert.replace(/\s+/g, "");
  trusted[cert] = true;
  return trusted;
 }, {});
-module.exports = RootCerts;
+
+function isTrusted(pem) {
+  pem = pem + "";
+  pem = pem.replace(/\s+/g, "");
+  return !!RootCerts[pem];
+}
+
+exports = RootCerts;
+exports.isTrusted = isTrusted;
+module.exports = exports;