coolaj86
/
le-acme-core.js
1
0
Fork 0
Code Issues Pull Requests Releases Activity

fix leaky globals and strict mode violations

This commit is contained in:
AJ ONeal 2015-12-16 03:23:02 +00:00
parent 36e1adfaa2
commit 14d3558943
2 changed files with 20 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lib/acme-util.js
View File

@ -2,6 +2,7 @@
// This Source Code Form is subject to the terms of the Mozilla Public // This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this // License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/. // file, You can obtain one at http://mozilla.org/MPL/2.0/.
'use strict';
module.exports = { module.exports = {
@ -29,7 +30,7 @@ module.exports = {
}, },
isB64String: function(x) { isB64String: function(x) {
return (typeof(x) == "string") && !x.match(/[^a-zA-Z0-9_-]/); return ("string" === typeof x) && !x.match(/[^a-zA-Z0-9_-]/);
}, },
fieldsPresent: function(fields, object) { fieldsPresent: function(fields, object) {
@ -42,19 +43,19 @@ module.exports = {
}, },
validSignature: function(sig) { validSignature: function(sig) {
return ((typeof(sig) == "object") && return (("object" === typeof sig) &&
("alg" in sig) && (typeof(sig.alg) == "string") && ("alg" in sig) && ("string" === typeof sig.alg) &&
("nonce" in sig) && this.isB64String(sig.nonce) && ("nonce" in sig) && this.isB64String(sig.nonce) &&
("sig" in sig) && this.isB64String(sig.sig) && ("sig" in sig) && this.isB64String(sig.sig) &&
("jwk" in sig) && this.validJWK(sig.jwk)); ("jwk" in sig) && this.validJWK(sig.jwk));
}, },
validJWK: function(jwk) { validJWK: function(jwk) {
return ((typeof(jwk) == "object") && ("kty" in jwk) && ( return (("object" === typeof jwk) && ("kty" in jwk) && (
((jwk.kty == "RSA") ((jwk.kty === "RSA")
&& ("n" in jwk) && this.isB64String(jwk.n) && ("n" in jwk) && this.isB64String(jwk.n)
&& ("e" in jwk) && this.isB64String(jwk.e)) || && ("e" in jwk) && this.isB64String(jwk.e)) ||
((jwk.kty == "EC") ((jwk.kty === "EC")
&& ("crv" in jwk) && ("crv" in jwk)
&& ("x" in jwk) && this.isB64String(jwk.x) && ("x" in jwk) && this.isB64String(jwk.x)
&& ("y" in jwk) && this.isB64String(jwk.y)) && ("y" in jwk) && this.isB64String(jwk.y))

22
lib/letsencrypt-forge.js
View File

@ -9,7 +9,7 @@ var forge = require("node-forge");
var util = require("./acme-util.js"); var util = require("./acme-util.js");
var TOKEN_SIZE = 16; var TOKEN_SIZE = 16;
var NONCE_SIZE = 16; //var NONCE_SIZE = 16;
function bytesToBuffer(bytes) { function bytesToBuffer(bytes) {
return new Buffer(forge.util.bytesToHex(bytes), "hex"); return new Buffer(forge.util.bytesToHex(bytes), "hex");
@ -29,7 +29,7 @@ function base64ToBytes(base64) {
function bnToBase64(bn) { function bnToBase64(bn) {
var hex = bn.toString(16); var hex = bn.toString(16);
if (hex.length % 2 == 1) { hex = "0" + hex; } if (hex.length % 2 === 1) { hex = "0" + hex; }
return util.b64enc(new Buffer(hex, "hex")); return util.b64enc(new Buffer(hex, "hex"));
} }
@ -140,7 +140,7 @@ module.exports = {
thumbprint: function(publicKey) { thumbprint: function(publicKey) {
// Only handling RSA keys // Only handling RSA keys
input = bytesToBuffer('{"e":"'+ publicKey.e + '","kty":"RSA","n":"'+ publicKey.n +'"}'); var input = bytesToBuffer('{"e":"'+ publicKey.e + '","kty":"RSA","n":"'+ publicKey.n +'"}');
return util.b64enc(crypto.createHash('sha256').update(input).digest()); return util.b64enc(crypto.createHash('sha256').update(input).digest());
}, },
@ -170,10 +170,12 @@ module.exports = {
protected: protected64, protected: protected64,
payload: payload64, payload: payload64,
signature: util.b64enc(bytesToBuffer(sig)), signature: util.b64enc(bytesToBuffer(sig)),
} };
}, },
verifySignature: function(jws) { verifySignature: function(jws) {
var key;
if (jws.protected) { if (jws.protected) {
if (!jws.header) { if (!jws.header) {
jws.header = {}; jws.header = {};
@ -188,13 +190,13 @@ module.exports = {
jws.header[key] = protectedObj[key]; jws.header[key] = protectedObj[key];
} }
} catch (e) { } catch (e) {
console.log("error unmarshaling json: "+e) console.log("error unmarshaling json: "+e);
return false; return false;
} }
} }
// Assumes validSignature(sig) // Assumes validSignature(sig)
if (!jws.header.jwk || (jws.header.jwk.kty != "RSA")) { if (!jws.header.jwk || (jws.header.jwk.kty !== "RSA")) {
// Unsupported key type // Unsupported key type
console.log("Unsupported key type"); console.log("Unsupported key type");
return false; return false;
@ -240,6 +242,8 @@ module.exports = {
csr.setSubject([{ name: 'commonName', value: names[0] }]); csr.setSubject([{ name: 'commonName', value: names[0] }]);
var sans = []; var sans = [];
var i;
for (i in names) { for (i in names) {
sans.push({ type: 2, value: names[i] }); sans.push({ type: 2, value: names[i] });
} }
@ -264,7 +268,7 @@ module.exports = {
} }
for (var i=0; i<csr.subject.attributes.length; ++i) { for (var i=0; i<csr.subject.attributes.length; ++i) {
if (csr.subject.attributes[i].name == "commonName") { if (csr.subject.attributes[i].name === "commonName") {
return csr.subject.attributes[i].value; return csr.subject.attributes[i].value;
} }
} }
@ -289,7 +293,7 @@ module.exports = {
var publicKey = csr.publicKey; var publicKey = csr.publicKey;
var commonName = null; var commonName = null;
for (var i=0; i<csr.subject.attributes.length; ++i) { for (var i=0; i<csr.subject.attributes.length; ++i) {
if (csr.subject.attributes[i].name == "commonName") { if (csr.subject.attributes[i].name === "commonName") {
commonName = csr.subject.attributes[i].value; commonName = csr.subject.attributes[i].value;
break; break;
} }
@ -320,7 +324,7 @@ module.exports = {
cert.sign(privateKey); cert.sign(privateKey);
// Return base64-encoded DER // Return base64-encoded DER
var der = forge.asn1.toDer(forge.pki.certificateToAsn1(cert)); der = forge.asn1.toDer(forge.pki.certificateToAsn1(cert));
return bytesToBuffer(der); return bytesToBuffer(der);
}, },