Use x509 master and apply changes

.gitignore

@@ -1,2 +1,5 @@
+
+node_modules
 build
 *.log
+*.DS_Store

.travis.yml

@@ -1,19 +1,30 @@
-language: node_js
+os:
+  - linux
+
+addons:
+  apt:
+    sources:
+      - ubuntu-toolchain-r-test
+    packages:
+      - g++-4.8
 
+language: node_js
 node_js:
-  - "0.11"
+  - "stable"
+  - "4.0"
+  - "0.12"
   - "0.10"
-  - "0.8"
-
-notifications:
-  email: false
 
-  irc:
-    channels:
-      - "chat.freenode.net#jitsu"
-    on_success: change
-    on_failure: change
+install:
+  - export CXX=g++-4.8
+  - $CXX --version
+  - npm i 
 
 before_install:
   - npm install -g node-gyp
   - rm -rf ~/.node-gyp/
+
+notifications:
+  email: false
+
+sudo: false

README.md

@@ -1,11 +1,13 @@
 node-x509
 =========
 
+[![Build Status](https://travis-ci.org/Southern/node-x509.svg?branch=master)](https://travis-ci.org/Southern/node-x509)
+
 Simple X509 certificate parser.
 
 ## Installation
 
-From NPM *(recommended)*: `npm install x.509`
+From NPM *(recommended)*: `npm install x509`
 
 Building and testing from source:
 ```
@@ -17,30 +19,26 @@ npm test
 ## Usage
 Reading from a file:
 ```js
-var x509 = require('x509');
-
+const x509 = require('x509');
 var issuer = x509.getIssuer(__dirname + '/certs/your.crt');
 ```
 
 Reading from a string:
 ```js
-var fs = require('fs'),
-    x509 = require('x509');
-
+const fs = require('fs'),
+      x509 = require('x509');
 var issuer = x509.getIssuer(fs.readFileSync('./certs/your.crt').toString());
 ```
 
 ## Methods
 **Notes:**
 - `cert` may be a filename or a raw base64 encoded PEM string in any of these methods.
 
-
 #### x509.getAltNames(`cert`)
 Parse certificate with `x509.parseCert` and return the alternate names.
 
 ```js
-var x509 = require('x509');
-
+const x509 = require('x509');
 var altNames = x509.getAltNames(__dirname + '/certs/nodejitsu.com.crt');
 /*
 altNames = [ '*.nodejitsu.com', 'nodejitsu.com' ]
@@ -51,8 +49,7 @@ altNames = [ '*.nodejitsu.com', 'nodejitsu.com' ]
 Parse certificate with `x509.parseCert` and return the issuer.
 
 ```js
-var x509 = require('x509');
-
+const x509 = require('x509');
 var issuer = x509.getIssuer(__dirname + '/certs/nodejitsu.com.crt');
 /*
 issuer = { countryName: 'GB',
@@ -67,8 +64,7 @@ issuer = { countryName: 'GB',
 Parse certificate with `x509.parseCert` and return the subject.
 
 ```js
-var x509 = require('x509');
-
+const x509 = require('x509');
 var subject = x509.getSubject(__dirname + '/certs/nodejitsu.com.crt');
 /*
 subject = { countryName: 'US',
@@ -86,11 +82,10 @@ subject = { countryName: 'US',
 Parse subject, issuer, valid before and after date, and alternate names from certificate.
 
 ```js
-var x509 = require('x509');
-
+const x509 = require('x509');
 var cert = x509.parseCert(__dirname + '/certs/nodejitsu.com.crt');
 /*
-cert = { subject: 
+cert = { subject:
    { countryName: 'US',
      postalCode: '10010',
      stateOrProvinceName: 'NY',
@@ -99,7 +94,7 @@ cert = { subject:
      organizationName: 'Nodejitsu',
      organizationalUnitName: 'PremiumSSL Wildcard',
      commonName: '*.nodejitsu.com' },
-  issuer: 
+  issuer:
    { countryName: 'GB',
      stateOrProvinceName: 'Greater Manchester',
      localityName: 'Salford',
@@ -117,11 +112,36 @@ cert = { subject:
 */
 ```
 
+
+#### x509.verify(`cert`, `CABundlePath`, function(err, result){ /*...*/})
+
+Performs basic certificate validation against a bundle of ca certificates.
+
+It accepts an error-first callback as first argument. If the error is null, then
+the certificate is valid.
+
+The error messages are the same returned by openssl: [x509_verify_cert_error_string](https://www.openssl.org/docs/man1.0.2/crypto/X509_STORE_CTX_get_error.html)
+
+
+**Note:**
+As now, this function only accepts absolute paths to existing files as arguments
+
+```js
+const x509 = require('x509');
+
+x509.verify(
+  __dirname + '/certs/user.com.crt',
+  __dirname + 'enduser-example.com.chain',
+  function(err, result){ /*...*/}
+);
+
+```
+
 ## Examples
 Checking the date to make sure the certificate is active:
 ```js
-var x509 = require('x509'),
-    cert = x509.parseCert('yourcert.crt'),
+const x509 = require('x509');
+var cert = x509.parseCert('yourcert.crt'),
     date = new Date();
 
 if (cert.notBefore > date) {
@@ -134,4 +154,7 @@ if (cert.notAfter < date) {
 
 ## License
 
-MIT
+MIT
+
+#### Alternative implementation / build issues
+If you are suffering from hard to fix build issues, there is an alternative (pure javascript) implementation using emscripten: https://github.com/encharm/x509.js (based on node-x509, slightly different API)

binding.gyp

@@ -16,7 +16,8 @@
         'src/x509.cc'
       ],
       'include_dirs': [
-        'include'
+        'include',
+        "<!(node -e \"require('nan')\")"
       ],
       'conditions': [
         [ 'OS=="win"', {
@@ -35,7 +36,7 @@
           'defines': [
             'uint=unsigned int',
           ],
-          'libraries': [ 
+          'libraries': [
             '-l<(openssl_root)/lib/libeay32.lib',
           ],
           'include_dirs': [
@@ -47,7 +48,7 @@
             '<(node_root_dir)/deps/openssl/openssl/include'
           ],
         }],
-      ],	  
+      ],
     }
   ]
 }

include/addon.h

@@ -6,6 +6,6 @@
 
 using namespace v8;
 
-void init(Handle<Object> exports);
+void init(Local<Object> exports);
 
 #endif

include/x509.h

@@ -4,6 +4,8 @@
 // Include header for addon version, node/v8 inclusions, etc.
 #include <addon.h>
 #include <node_version.h>
+#include <nan.h>
+#include <string>
 
 // OpenSSL headers
 #include <openssl/asn1.h>
@@ -17,23 +19,19 @@
 
 using namespace v8;
 
-#if NODE_VERSION_AT_LEAST(0, 11, 3) && defined(__APPLE__)
-  void get_altnames(const FunctionCallbackInfo<Value> &args);
-  void get_subject(const FunctionCallbackInfo<Value> &args);
-  void get_issuer(const FunctionCallbackInfo<Value> &args);
-  char* parse_args(const FunctionCallbackInfo<Value> &args);
-  void parse_cert(const FunctionCallbackInfo<Value> &args);
-#else
-  Handle<Value> get_altnames(const Arguments &args);
-  Handle<Value> get_subject(const Arguments &args);
-  Handle<Value> get_issuer(const Arguments &args);
-  Handle<Value> parse_cert(const Arguments &args);
-#endif
+NAN_METHOD(get_altnames);
+NAN_METHOD(get_subject);
+NAN_METHOD(get_issuer);
+NAN_METHOD(parse_cert);
+NAN_METHOD(verify);
+
+Local<Value> try_parse(const std::string& dataString);
+Local<Value> verify(const std::string& dataString);
+Local<Value> parse_date(ASN1_TIME *date);
+Local<Value> parse_serial(ASN1_INTEGER *serial);
+Local<Object> parse_name(X509_NAME *subject);
 
-Handle<Value> try_parse(char *data);
-Handle<Value> parse_date(char *date);
-Handle<Value> parse_serial(ASN1_INTEGER *serial);
-Handle<Object> parse_name(X509_NAME *subject);
 char* real_name(char *data);
+char* trim(char *data, int len);
 
 #endif

index.js

@@ -1,11 +1,43 @@
-
 var x509 = require('./build/Release/x509');
+var fs = require('fs');
 
 exports.version = x509.version;
 exports.getAltNames = x509.getAltNames;
 exports.getSubject = x509.getSubject;
 exports.getIssuer = x509.getIssuer;
 
+exports.verify = function(certPath, CABundlePath, cb) {
+  if (!certPath) {
+    throw new TypeError('Certificate path is required');
+  }
+  if (!CABundlePath) {
+    throw new TypeError('CA Bundle path is required');
+  }
+
+  fs.stat(certPath, function(certPathErr) {
+
+    if (certPathErr) {
+      return cb(certPathErr);
+    }
+
+    fs.stat(CABundlePath, function(bundlePathErr) {
+
+      if (bundlePathErr) {
+        return cb(bundlePathErr);
+      }
+
+      try {
+        x509.verify(certPath, CABundlePath);
+        cb(null);
+      }
+      catch (verificationError) {
+        cb(verificationError);
+      }
+    });
+  });
+};
+
+
 exports.parseCert = function(path) {
   var ret = x509.parseCert(path);
   var exts = {};
@@ -17,4 +49,4 @@ exports.parseCert = function(path) {
   delete ret.extensions;
   ret.extensions = exts;
   return ret;
-};
+};

package.json

@@ -1,15 +1,18 @@
 {
-  "name": "x.509",
-  "version": "0.1.1",
+  "name": "x509",
+  "version": "0.3.4",
   "description": "Simple X509 certificate parser.",
-  "author": "Yorkie Neil <yorkiefixer@gmail.com>",
+  "author": "Colton Baker",
   "main": "index.js",
   "repository": {
     "type": "git",
-    "url": "http://github.com/yorkie/node-x509"
+    "url": "git@github.com:Southern/node-x509.git"
   },
   "scripts": {
     "test": "node test/test"
   },
-  "license": "MIT"
+  "license": "MIT",
+  "dependencies": {
+    "nan": "2.12.0"
+  }
 }

src/addon.cc

@@ -6,12 +6,27 @@
 
 using namespace v8;
 
-void init(Handle<Object> exports) {
-  exports->Set(String::NewSymbol("version"), String::New(VERSION));
-  exports->Set(String::NewSymbol("getAltNames"), FunctionTemplate::New(get_altnames)->GetFunction());
-  exports->Set(String::NewSymbol("getSubject"), FunctionTemplate::New(get_subject)->GetFunction());
-  exports->Set(String::NewSymbol("getIssuer"), FunctionTemplate::New(get_issuer)->GetFunction());
-  exports->Set(String::NewSymbol("parseCert"), FunctionTemplate::New(parse_cert)->GetFunction());
+void init(Local<Object> exports) {
+  Nan::Set(exports,
+    Nan::New<String>("version").ToLocalChecked(),
+    Nan::New<String>(VERSION).ToLocalChecked());
+
+  Nan::Set(exports,
+    Nan::New<String>("verify").ToLocalChecked(),
+    Nan::New<FunctionTemplate>(verify)->GetFunction());
+
+  Nan::Set(exports,
+    Nan::New<String>("getAltNames").ToLocalChecked(),
+    Nan::New<FunctionTemplate>(get_altnames)->GetFunction());
+  Nan::Set(exports,
+    Nan::New<String>("getSubject").ToLocalChecked(),
+    Nan::New<FunctionTemplate>(get_subject)->GetFunction());
+  Nan::Set(exports,
+    Nan::New<String>("getIssuer").ToLocalChecked(),
+    Nan::New<FunctionTemplate>(get_issuer)->GetFunction());
+  Nan::Set(exports,
+    Nan::New<String>("parseCert").ToLocalChecked(),
+    Nan::New<FunctionTemplate>(parse_cert)->GetFunction());
 }
 
 NODE_MODULE(x509, init)