From e86b70fd4aa15b86f977a2962d990ae081e833aa Mon Sep 17 00:00:00 2001 From: Christopher Jeffrey Date: Wed, 27 Aug 2014 10:32:27 -0700 Subject: [PATCH] paypro: cleanup debugging code and comments. --- lib/PayPro.js | 99 ++------------------------------------------------- 1 file changed, 3 insertions(+), 96 deletions(-) diff --git a/lib/PayPro.js b/lib/PayPro.js index ec1cefa..7dbc308 100644 --- a/lib/PayPro.js +++ b/lib/PayPro.js @@ -6,8 +6,6 @@ var RootCerts = require('./common/RootCerts'); var PayPro = require('./common/PayPro'); -var KJUR = require('jsrsasign'); - var asn1 = require('asn1.js'); var rfc3280 = require('asn1.js/rfc/3280'); var rfc5280 = require('asn1.js/rfc/5280'); @@ -71,7 +69,8 @@ PayPro.prototype.x509Verify = function() { // 2. Extract signature from current certificate. // 3. If current cert is not trusted, verify that the current cert is signed // by NEXT by the certificate. - // NOTE: XXX What to do when the certificate is revoked? + // NOTE: What to do when the certificate is + // revoked -> Hit CRL Distribution Points URL var chainVerified = chain.every(function(cert, i) { var der = cert.toString('hex'); @@ -144,9 +143,6 @@ PayPro.prototype.x509Verify = function() { // // Handle Cert Extensions - // http://www.ietf.org/rfc/rfc3280.txt - // http://www.ietf.org/rfc/rfc5280.txt - // http://tools.ietf.org/html/rfc5280#section-4.2 // var extensions = rfc5280.decodeExtensions(c, 'der', { partial: false }); var extensionsVerified = extensions.verified; @@ -170,68 +166,6 @@ PayPro.prototype.x509Verify = function() { nski.sha1Key = nski.decoded; var nku = nextensions.keyUsage; - // Subject Key was derived from Next Public Key - - // Authority Key Identifier: - // { decoded: { _unknown: }, - // raw: } - - // ~/work/node_modules/asn1.js/lib/asn1/decoders/der.js - // ~/work/node_modules/asn1.js/lib/asn1/constants/der.js - - // 0x30 - SEQ - // 0x16 - Octet Len = 22 - the sha is 20 bytes - // 0x80 - ?? - // 0x14 - ?? - // 0xd2 - - // 0xc4 - - // 0xb0 - - // 0xd2 - - // 0x91 - - // 0xd4 - - // 0x4c - - // 0x11 - - // 0x71 - - // 0xb3 - - // 0x61 - - // 0xcb - - // 0x3d - - // 0xa1 - - // 0xfe - - // 0xdd - - // 0xa8 - - // 0x6a - - // 0xd4 - - // 0xe3 - - - // Subject Key Identifier - // { decoded: , - // raw: } - - // 0x04 - octet string - // 0x14 = 20 bytes - // rest: sha1 (20 bytes) - - // if (extensions.subjectDirectoryAttributes.decoded.cA) { - - // followed by 0100 = 64 = 0x40 = exactly 7 bits - - print('Authority Key Identifier:'); - print(aki); - print(''); - print('Subject Key Identifier'); - print(ski); - print('Key Usage:'); - print(ku); - print(''); - print('Next Authority Key Identifier:'); - print(naki); - print(''); - print('Next Subject Key Identifier'); - print(nski); - print('Next Key Usage:'); - print(nku); - // Object.keys(extensions).forEach(function(key) { // if (extensions[key].execute) { // c = extensions[key].execute(c); @@ -248,40 +182,13 @@ PayPro.prototype.x509Verify = function() { verifier.update(tbs); var sigVerified = verifier.verify(npubKey, sig); - // print(c); - // print(nc); - // print(extensions); - print('---'); - print('validityVerified: %s', validityVerified); - print('issuerVerified: %s', issuerVerified); - print('extensionsVerified: %s', extensionsVerified); - print('sigVerified: %s', sigVerified); - return validityVerified && issuerVerified && extensionsVerified - && (sigVerified || true); + && sigVerified; }); return verified && chainVerified; }; -/** - * Debug - */ - -var util = require('util'); - -function inspect(obj) { - return typeof obj !== 'string' - ? util.inspect(obj, false, 20, true) - : obj; -} - -function print(obj) { - return typeof obj === 'object' - ? process.stdout.write(inspect(obj) + '\n') - : console.log.apply(console, arguments); -} - module.exports = PayPro;