RanchiMall/flocore
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

paypro: implement id parsing properly.

Browse Source
This commit is contained in:
Christopher Jeffrey 2014-08-25 15:42:27 -07:00
parent b6c8941368
commit 189dcb1b6f
1 changed files with 54 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
lib/PayPro.js
View File

@ -172,6 +172,8 @@ PayPro.prototype.x509Verify = function() {
for (var i = 0; i < nc.tbsCertificate.extensions.length; i++) { for (var i = 0; i < nc.tbsCertificate.extensions.length; i++) {
ext = nc.tbsCertificate.extensions[i]; ext = nc.tbsCertificate.extensions[i];
eid = ext.extnID; eid = ext.extnID;
// id-ce extensions - Standard Extensions
if (eid.length === 4 && eid[0] === 2 && eid[1] === 5 && eid[2] === 29) { if (eid.length === 4 && eid[0] === 2 && eid[1] === 5 && eid[2] === 29) {
switch (eid[3]) { switch (eid[3]) {
// Authority Key Identifier // Authority Key Identifier
@ -191,19 +193,19 @@ PayPro.prototype.x509Verify = function() {
extensions.certificatePolicies = ext.extnValue; extensions.certificatePolicies = ext.extnValue;
break; break;
// Policy Mappings // Policy Mappings
case 0: case 33:
extensions.policyMappings = ext.extnValue; extensions.policyMappings = ext.extnValue;
break; break;
// Subject Alternative Name // Subject Alternative Name
case 0: case 17:
extensions.subjectAlternativeName = ext.extnValue; extensions.subjectAlternativeName = ext.extnValue;
break; break;
// Issuer Alternative Name // Issuer Alternative Name
case 0: case 18:
extensions.issuerAlternativeName = ext.extnValue; extensions.issuerAlternativeName = ext.extnValue;
break; break;
// Subject Directory Attributes // Subject Directory Attributes
case 0: case 9:
extensions.subjectDirectoryAttributes = ext.extnValue; extensions.subjectDirectoryAttributes = ext.extnValue;
break; break;
// Basic Constraints // Basic Constraints
@ -211,15 +213,15 @@ PayPro.prototype.x509Verify = function() {
extensions.basicConstraints = ext.extnValue; extensions.basicConstraints = ext.extnValue;
break; break;
// Name Constraints // Name Constraints
case 0: case 30:
extensions.nameConstraints = ext.extnValue; extensions.nameConstraints = ext.extnValue;
break; break;
// Policy Constraints // Policy Constraints
case 0: case 36:
extensions.policyConstraints = ext.extnValue; extensions.policyConstraints = ext.extnValue;
break; break;
// Extended Key Usage // Extended Key Usage
case 0: case 37:
extensions.extendedKeyUsage = ext.extnValue; extensions.extendedKeyUsage = ext.extnValue;
break; break;
// CRL Distribution Points // CRL Distribution Points
@ -227,19 +229,40 @@ PayPro.prototype.x509Verify = function() {
extensions.CRLDistributionPoints = ext.extnValue; extensions.CRLDistributionPoints = ext.extnValue;
break; break;
// Inhibit anyPolicy // Inhibit anyPolicy
case 0: case 54:
extensions.inhibitAnyPolicy = ext.extnValue; extensions.inhibitAnyPolicy = ext.extnValue;
break; break;
// Freshest CRL // Freshest CRL
case 0: case 46:
extensions.freshestCRL = ext.extnValue; extensions.freshestCRL = ext.extnValue;
break; break;
// Unknown Extension (not documented anywhere, probably non-standard)
default:
extensions.unknown.push(ext);
extensions.standardUnknown.push(ext);
break;
}
continue;
}
// id-pe extensions - Private Internet Extensions
if (eid.length === 8
&& eid[0] === 1
&& eid[1] === 3
&& eid[2] === 6
&& eid[3] === 1
&& eid[4] === 5
&& eid[5] === 5
&& eid[6] === 7) {
switch (eid[3]) {
// Authority Information Access // Authority Information Access
case 0: // id-pe:
case 1:
extensions.authorityInformationAccess = ext.extnValue; extensions.authorityInformationAccess = ext.extnValue;
break; break;
// Subject Information Access // Subject Information Access
case 0: // id-pe:
case 11:
extensions.subjectInformationAccess = ext.extnValue; extensions.subjectInformationAccess = ext.extnValue;
break; break;
// Unknown Extension (not documented anywhere, probably non-standard) // Unknown Extension (not documented anywhere, probably non-standard)
@ -248,9 +271,10 @@ PayPro.prototype.x509Verify = function() {
extensions.standardUnknown.push(ext); extensions.standardUnknown.push(ext);
break; break;
} }
} else { continue;
extensions.unknown.push(ext);
} }
extensions.unknown.push(ext);
} }
var extensionsVerified = !extensions.unknown.filter(function(ext) { var extensionsVerified = !extensions.unknown.filter(function(ext) {
@ -329,6 +353,10 @@ PayPro.prototype.x509Verify = function() {
var rfc5280 = {}; var rfc5280 = {};
/**
* Standard Extensions
*/
/** /**
* 1 * 1
* # Authority Key Identifier * # Authority Key Identifier
@ -640,6 +668,19 @@ rfc5280.SubjectKeyIdentifier = asn1.define('SubjectKeyIdentifier', function() {
var KeyUsage = var KeyUsage =
rfc5280.KeyUsage = asn1.define('KeyUsage', function() { rfc5280.KeyUsage = asn1.define('KeyUsage', function() {
this.bitstr(); this.bitstr();
// keyUsage = {
// digitalSignature: !!((data >> 0) & 1),
// nonRepudiation: !!((data >> 1) & 1),
// // nonRepudiation renamed to contentCommitment:
// contentCommitment: !!((data >> 1) & 1),
// keyEncipherment: !!((data >> 2) & 1),
// dataEncipherment: !!((data >> 3) & 1),
// keyAgreement: !!((data >> 4) & 1),
// keyCertSign: !!((data >> 5) & 1),
// cRLSign: !!((data >> 6) & 1),
// encipherOnly: !!((data >> 7) & 1),
// decipherOnly: !!((data >> 8) & 1)
// };
}); });
/** /**