RanchiMall/flocore
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

paypro: implement id parsing properly.

Browse Source
This commit is contained in:
Christopher Jeffrey 2014-08-25 15:42:27 -07:00
parent b6c8941368
commit 189dcb1b6f
1 changed files with 54 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
lib/PayPro.js
View File

@ -172,6 +172,8 @@ PayPro.prototype.x509Verify = function() {
for (var i = 0; i < nc.tbsCertificate.extensions.length; i++) {
ext = nc.tbsCertificate.extensions[i];
eid = ext.extnID;
// id-ce extensions - Standard Extensions
if (eid.length === 4 && eid[0] === 2 && eid[1] === 5 && eid[2] === 29) {
switch (eid[3]) {
// Authority Key Identifier
@ -191,19 +193,19 @@ PayPro.prototype.x509Verify = function() {
extensions.certificatePolicies = ext.extnValue;
break;
// Policy Mappings
case 0:
case 33:
extensions.policyMappings = ext.extnValue;
break;
// Subject Alternative Name
case 0:
case 17:
extensions.subjectAlternativeName = ext.extnValue;
break;
// Issuer Alternative Name
case 0:
case 18:
extensions.issuerAlternativeName = ext.extnValue;
break;
// Subject Directory Attributes
case 0:
case 9:
extensions.subjectDirectoryAttributes = ext.extnValue;
break;
// Basic Constraints
@ -211,15 +213,15 @@ PayPro.prototype.x509Verify = function() {
extensions.basicConstraints = ext.extnValue;
break;
// Name Constraints
case 0:
case 30:
extensions.nameConstraints = ext.extnValue;
break;
// Policy Constraints
case 0:
case 36:
extensions.policyConstraints = ext.extnValue;
break;
// Extended Key Usage
case 0:
case 37:
extensions.extendedKeyUsage = ext.extnValue;
break;
// CRL Distribution Points
@ -227,19 +229,40 @@ PayPro.prototype.x509Verify = function() {
extensions.CRLDistributionPoints = ext.extnValue;
break;
// Inhibit anyPolicy
case 0:
case 54:
extensions.inhibitAnyPolicy = ext.extnValue;
break;
// Freshest CRL
case 0:
case 46:
extensions.freshestCRL = ext.extnValue;
break;
// Unknown Extension (not documented anywhere, probably non-standard)
default:
extensions.unknown.push(ext);
extensions.standardUnknown.push(ext);
break;
}
continue;
}
// id-pe extensions - Private Internet Extensions
if (eid.length === 8
&& eid[0] === 1
&& eid[1] === 3
&& eid[2] === 6
&& eid[3] === 1
&& eid[4] === 5
&& eid[5] === 5
&& eid[6] === 7) {
switch (eid[3]) {
// Authority Information Access
case 0:
// id-pe:
case 1:
extensions.authorityInformationAccess = ext.extnValue;
break;
// Subject Information Access
case 0:
// id-pe:
case 11:
extensions.subjectInformationAccess = ext.extnValue;
break;
// Unknown Extension (not documented anywhere, probably non-standard)
@ -248,9 +271,10 @@ PayPro.prototype.x509Verify = function() {
extensions.standardUnknown.push(ext);
break;
}
} else {
extensions.unknown.push(ext);
continue;
}
extensions.unknown.push(ext);
}
var extensionsVerified = !extensions.unknown.filter(function(ext) {
@ -329,6 +353,10 @@ PayPro.prototype.x509Verify = function() {
var rfc5280 = {};
/**
* Standard Extensions
*/
/**
* 1
* # Authority Key Identifier
@ -640,6 +668,19 @@ rfc5280.SubjectKeyIdentifier = asn1.define('SubjectKeyIdentifier', function() {
var KeyUsage =
rfc5280.KeyUsage = asn1.define('KeyUsage', function() {
this.bitstr();
// keyUsage = {
// digitalSignature: !!((data >> 0) & 1),
// nonRepudiation: !!((data >> 1) & 1),
// // nonRepudiation renamed to contentCommitment:
// contentCommitment: !!((data >> 1) & 1),
// keyEncipherment: !!((data >> 2) & 1),
// dataEncipherment: !!((data >> 3) & 1),
// keyAgreement: !!((data >> 4) & 1),
// keyCertSign: !!((data >> 5) & 1),
// cRLSign: !!((data >> 6) & 1),
// encipherOnly: !!((data >> 7) & 1),
// decipherOnly: !!((data >> 8) & 1)
// };
});
/**