diff --git a/lib/acme-util.js b/lib/acme-util.js index d763698..9c4976f 100644 --- a/lib/acme-util.js +++ b/lib/acme-util.js @@ -2,6 +2,7 @@ // This Source Code Form is subject to the terms of the Mozilla Public // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. +'use strict'; module.exports = { @@ -29,7 +30,7 @@ module.exports = { }, isB64String: function(x) { - return (typeof(x) == "string") && !x.match(/[^a-zA-Z0-9_-]/); + return ("string" === typeof x) && !x.match(/[^a-zA-Z0-9_-]/); }, fieldsPresent: function(fields, object) { @@ -42,19 +43,19 @@ module.exports = { }, validSignature: function(sig) { - return ((typeof(sig) == "object") && - ("alg" in sig) && (typeof(sig.alg) == "string") && + return (("object" === typeof sig) && + ("alg" in sig) && ("string" === typeof sig.alg) && ("nonce" in sig) && this.isB64String(sig.nonce) && ("sig" in sig) && this.isB64String(sig.sig) && ("jwk" in sig) && this.validJWK(sig.jwk)); }, validJWK: function(jwk) { - return ((typeof(jwk) == "object") && ("kty" in jwk) && ( - ((jwk.kty == "RSA") + return (("object" === typeof jwk) && ("kty" in jwk) && ( + ((jwk.kty === "RSA") && ("n" in jwk) && this.isB64String(jwk.n) && ("e" in jwk) && this.isB64String(jwk.e)) || - ((jwk.kty == "EC") + ((jwk.kty === "EC") && ("crv" in jwk) && ("x" in jwk) && this.isB64String(jwk.x) && ("y" in jwk) && this.isB64String(jwk.y)) diff --git a/lib/letsencrypt-forge.js b/lib/letsencrypt-forge.js index 4db0fee..2e9c768 100644 --- a/lib/letsencrypt-forge.js +++ b/lib/letsencrypt-forge.js @@ -9,7 +9,7 @@ var forge = require("node-forge"); var util = require("./acme-util.js"); var TOKEN_SIZE = 16; -var NONCE_SIZE = 16; +//var NONCE_SIZE = 16; function bytesToBuffer(bytes) { return new Buffer(forge.util.bytesToHex(bytes), "hex"); @@ -29,7 +29,7 @@ function base64ToBytes(base64) { function bnToBase64(bn) { var hex = bn.toString(16); - if (hex.length % 2 == 1) { hex = "0" + hex; } + if (hex.length % 2 === 1) { hex = "0" + hex; } return util.b64enc(new Buffer(hex, "hex")); } @@ -140,7 +140,7 @@ module.exports = { thumbprint: function(publicKey) { // Only handling RSA keys - input = bytesToBuffer('{"e":"'+ publicKey.e + '","kty":"RSA","n":"'+ publicKey.n +'"}'); + var input = bytesToBuffer('{"e":"'+ publicKey.e + '","kty":"RSA","n":"'+ publicKey.n +'"}'); return util.b64enc(crypto.createHash('sha256').update(input).digest()); }, @@ -170,10 +170,12 @@ module.exports = { protected: protected64, payload: payload64, signature: util.b64enc(bytesToBuffer(sig)), - } + }; }, verifySignature: function(jws) { + var key; + if (jws.protected) { if (!jws.header) { jws.header = {}; @@ -188,13 +190,13 @@ module.exports = { jws.header[key] = protectedObj[key]; } } catch (e) { - console.log("error unmarshaling json: "+e) + console.log("error unmarshaling json: "+e); return false; } } // Assumes validSignature(sig) - if (!jws.header.jwk || (jws.header.jwk.kty != "RSA")) { + if (!jws.header.jwk || (jws.header.jwk.kty !== "RSA")) { // Unsupported key type console.log("Unsupported key type"); return false; @@ -240,6 +242,8 @@ module.exports = { csr.setSubject([{ name: 'commonName', value: names[0] }]); var sans = []; + var i; + for (i in names) { sans.push({ type: 2, value: names[i] }); } @@ -264,7 +268,7 @@ module.exports = { } for (var i=0; i