Browse Source

paypro: cleanup debugging code and comments.

patch-2
Christopher Jeffrey 11 years ago
parent
commit
e86b70fd4a
  1. 99
      lib/PayPro.js

99
lib/PayPro.js

@ -6,8 +6,6 @@ var RootCerts = require('./common/RootCerts');
var PayPro = require('./common/PayPro'); var PayPro = require('./common/PayPro');
var KJUR = require('jsrsasign');
var asn1 = require('asn1.js'); var asn1 = require('asn1.js');
var rfc3280 = require('asn1.js/rfc/3280'); var rfc3280 = require('asn1.js/rfc/3280');
var rfc5280 = require('asn1.js/rfc/5280'); var rfc5280 = require('asn1.js/rfc/5280');
@ -71,7 +69,8 @@ PayPro.prototype.x509Verify = function() {
// 2. Extract signature from current certificate. // 2. Extract signature from current certificate.
// 3. If current cert is not trusted, verify that the current cert is signed // 3. If current cert is not trusted, verify that the current cert is signed
// by NEXT by the certificate. // by NEXT by the certificate.
// NOTE: XXX What to do when the certificate is revoked? // NOTE: What to do when the certificate is
// revoked -> Hit CRL Distribution Points URL
var chainVerified = chain.every(function(cert, i) { var chainVerified = chain.every(function(cert, i) {
var der = cert.toString('hex'); var der = cert.toString('hex');
@ -144,9 +143,6 @@ PayPro.prototype.x509Verify = function() {
// //
// Handle Cert Extensions // Handle Cert Extensions
// http://www.ietf.org/rfc/rfc3280.txt
// http://www.ietf.org/rfc/rfc5280.txt
// http://tools.ietf.org/html/rfc5280#section-4.2
// //
var extensions = rfc5280.decodeExtensions(c, 'der', { partial: false }); var extensions = rfc5280.decodeExtensions(c, 'der', { partial: false });
var extensionsVerified = extensions.verified; var extensionsVerified = extensions.verified;
@ -170,68 +166,6 @@ PayPro.prototype.x509Verify = function() {
nski.sha1Key = nski.decoded; nski.sha1Key = nski.decoded;
var nku = nextensions.keyUsage; var nku = nextensions.keyUsage;
// Subject Key was derived from Next Public Key
// Authority Key Identifier:
// { decoded: { _unknown: <Buffer 80 14 d2 c4 b0 d2 91 d4 4c 11 71 b3 61 cb 3d a1 fe dd a8 6a d4 e3> },
// raw: <Buffer 30 16 80 14 d2 c4 b0 d2 91 d4 4c 11 71 b3 61 cb 3d a1 fe dd a8 6a d4 e3> }
// ~/work/node_modules/asn1.js/lib/asn1/decoders/der.js
// ~/work/node_modules/asn1.js/lib/asn1/constants/der.js
// 0x30 - SEQ
// 0x16 - Octet Len = 22 - the sha is 20 bytes
// 0x80 - ??
// 0x14 - ??
// 0xd2 -
// 0xc4 -
// 0xb0 -
// 0xd2 -
// 0x91 -
// 0xd4 -
// 0x4c -
// 0x11 -
// 0x71 -
// 0xb3 -
// 0x61 -
// 0xcb -
// 0x3d -
// 0xa1 -
// 0xfe -
// 0xdd -
// 0xa8 -
// 0x6a -
// 0xd4 -
// 0xe3 -
// Subject Key Identifier
// { decoded: <Buffer 3a 9a 85 07 10 67 28 b6 ef f6 bd 05 41 6e 20 c1 94 da 0f de>,
// raw: <Buffer 04 14 3a 9a 85 07 10 67 28 b6 ef f6 bd 05 41 6e 20 c1 94 da 0f de> }
// 0x04 - octet string
// 0x14 = 20 bytes
// rest: sha1 (20 bytes)
// if (extensions.subjectDirectoryAttributes.decoded.cA) {
// followed by 0100 = 64 = 0x40 = exactly 7 bits
print('Authority Key Identifier:');
print(aki);
print('');
print('Subject Key Identifier');
print(ski);
print('Key Usage:');
print(ku);
print('');
print('Next Authority Key Identifier:');
print(naki);
print('');
print('Next Subject Key Identifier');
print(nski);
print('Next Key Usage:');
print(nku);
// Object.keys(extensions).forEach(function(key) { // Object.keys(extensions).forEach(function(key) {
// if (extensions[key].execute) { // if (extensions[key].execute) {
// c = extensions[key].execute(c); // c = extensions[key].execute(c);
@ -248,40 +182,13 @@ PayPro.prototype.x509Verify = function() {
verifier.update(tbs); verifier.update(tbs);
var sigVerified = verifier.verify(npubKey, sig); var sigVerified = verifier.verify(npubKey, sig);
// print(c);
// print(nc);
// print(extensions);
print('---');
print('validityVerified: %s', validityVerified);
print('issuerVerified: %s', issuerVerified);
print('extensionsVerified: %s', extensionsVerified);
print('sigVerified: %s', sigVerified);
return validityVerified return validityVerified
&& issuerVerified && issuerVerified
&& extensionsVerified && extensionsVerified
&& (sigVerified || true); && sigVerified;
}); });
return verified && chainVerified; return verified && chainVerified;
}; };
/**
* Debug
*/
var util = require('util');
function inspect(obj) {
return typeof obj !== 'string'
? util.inspect(obj, false, 20, true)
: obj;
}
function print(obj) {
return typeof obj === 'object'
? process.stdout.write(inspect(obj) + '\n')
: console.log.apply(console, arguments);
}
module.exports = PayPro; module.exports = PayPro;

Loading…
Cancel
Save