JS Capicom wrapper

1. function CryptoProvider(OBJECT1)
2. {
3.   // CAPICOM constants
4.   //Const to verify
5.   CryptoProvider.prototype.CAPICOM_ACTIVE_DIRECTORY_USER_STORE = 3;
6.   CryptoProvider.prototype.CAPICOM_AUTHENTICATED_ATTRIBUTE_DOCUMENT_DESCRIPTION = 2;
7.   CryptoProvider.prototype.CAPICOM_AUTHENTICATED_ATTRIBUTE_DOCUMENT_NAME = 1;
8.   CryptoProvider.prototype.CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME = 0;
9.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_APPLICATION_POLICY = 7;
10.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_CERTIFICATE_POLICY = 8;
11.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY = 6;
12.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_EXTENSION = 5;
13.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_ISSUER_NAME = 2;
14.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_KEY_USAGE = 12;
15.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_ROOT_NAME = 3;
16.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_SHA1_HASH = 0;
17.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME = 1;
18.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_TEMPLATE_NAME = 4;
19.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_TIME_EXPIRED = 11;
20.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_TIME_NOT_YET_VALID = 10;
21.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_TIME_VALID = 9;
22.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_INCLUDE_CHAIN_EXCEPT_ROOT = 0;
23.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_INCLUDE_END_ENTITY_ONLY = 2;
24.   CryptoProvider.prototype.CAPICOM_CERTIFICATE_INCLUDE_WHOLE_CHAIN = 1;
25.   CryptoProvider.prototype.CAPICOM_CURRENT_USER_STORE = 2;
26.   CryptoProvider.prototype.CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE = 0x00000080;
27.   CryptoProvider.prototype.CAPICOM_E_CANCELLED = -2138568446;
28.   CryptoProvider.prototype.CAPICOM_ENCODE_ANY = 0xffffffff;
29.   CryptoProvider.prototype.CAPICOM_ENCODE_BASE64 = 0;
30.   CryptoProvider.prototype.CAPICOM_ENCODE_BINARY = 1;
31.   CryptoProvider.prototype.CAPICOM_INFO_SUBJECT_SIMPLE_NAME = 0;
32.   CryptoProvider.prototype.CAPICOM_KEY_STORAGE_DEFAULT = 0;
33.   CryptoProvider.prototype.CAPICOM_LOCAL_MACHINE_STORE = 1;
34.   CryptoProvider.prototype.CAPICOM_PROPID_KEY_PROV_INFO = 2;
35.   CryptoProvider.prototype.CAPICOM_SMART_CARD_USER_STORE = 4;
36.   CryptoProvider.prototype.CAPICOM_STORE_OPEN_READ_ONLY = 0;
37.   CryptoProvider.prototype.CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE = 1
38.   CryptoProvider.prototype.CAPICOM_VERIFY_SIGNATURE_ONLY = 0;
39.   CryptoProvider.prototype.CERT_KEY_SPEC_PROP_ID = 6;
40.  
41.  
42.   //CryptoProvider.prototype.CertThumbprint = "";
43.   CryptoProvider.prototype.CertValue = "";
44.   CryptoProvider.prototype.CertHash = "";
45.   CryptoProvider.prototype.ErrorStack = "";
46.   CryptoProvider.prototype.ErrorState = 0;
47.   CryptoProvider.prototype.VerifySert = false;
48.  
49.   CryptoProvider.prototype.oCAPICOM = OBJECT1;
50.  
51.   //CryptoProvider.prototype.Init();
52. }
53.  
54. // объявляем, инициализируем, реализуем свойства и методы
55.  
56. CryptoProvider.prototype.IsCAPICOMInstalled = function ()
57. {
58.   if (typeof (this.oCAPICOM) == "object")
59.   {
60.     if ((this.oCAPICOM.object != null))
61.     {
62.       //alert(" We found CAPICOM!");
63.       return true;
64.     }
65.   }
66. }
67.  
68. CryptoProvider.prototype.Init = function ()
69. {
70.   var FilteredCertificates = this.FilterCertificates();
71.   if (FilteredCertificates)
72.   {
73.     if (FilteredCertificates.Count == 1)
74.     {
75.       this.CertValue = FilteredCertificates.Item(1).GetInfo(this.CAPICOM_INFO_SUBJECT_SIMPLE_NAME);
76.       this.CertHash = FilteredCertificates.Item(1).Thumbprint;
77.     }
78.     else
79.     {
80.       this.CertValue = "";
81.       this.CertHash = "";
82.       this.SelectCertificate(FilteredCertificates);
83.     }
84.     FilteredCertificates = null;
85.   }
86.   else
87.   {
88.     this.ErrorStack += "У Вас нет действующих сертификатов.\n";
89.     this.ErrorState = 13;
90.   }
91. }
92.  
93.  
94. CryptoProvider.prototype.FilterCertificates = function ()
95. {
96.   var MyStore = new ActiveXObject("CAPICOM.Store");
97.   var FilteredCertificates = new ActiveXObject("CAPICOM.Certificates");
98.   try
99.   {
100.     //MyStore.Open(this.CAPICOM_CURRENT_USER_STORE, "My", this.CAPICOM_STORE_OPEN_READ_ONLY);
101.     MyStore.Open(this.CAPICOM_CURRENT_USER_STORE, "MY");
102.   }
103.   catch (e)
104.   {
105.     if (e.number != this.CAPICOM_E_CANCELLED)
106.     {
107.       this.ErrorStack += "Ошибка при открытии хранилища сертификатов.\n";
108.       this.ErrorState = 11;
109.       return false;
110.     }
111.   }
112.   // find all of the certificates that:
113.   //  * Are good for signing data
114.   //  * Have PrivateKeys associated with then - Note how this is being done :)
115.   //  * Are they time valid
116.   //var FilteredCertificates = MyStore.Certificates.Find(this.CAPICOM_CERTIFICATE_FIND_KEY_USAGE, this.CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE).Find(this.CAPICOM_CERTIFICATE_FIND_TIME_VALID).Find(this.CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY, this.CERT_KEY_SPEC_PROP_ID);
117.   var FilteredCertificates = MyStore.Certificates.Find(this.CAPICOM_CERTIFICATE_FIND_KEY_USAGE, this.CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE).Find(this.CAPICOM_CERTIFICATE_FIND_TIME_VALID).Find(this.CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY, this.CERT_KEY_SPEC_PROP_ID);
118.   //var FilteredCertificates = MyStore.Certificates.Find(this.CAPICOM_CERTIFICATE_FIND_KEY_USAGE, this.CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE).Find(this.CAPICOM_CERTIFICATE_FIND_TIME_VALID);
119.   return FilteredCertificates;
120.   MyStore = null;
121.   FilteredCertificates = null;
122. }
123.  
124. CryptoProvider.prototype.FindCertificateByHash = function (szThumbprint)
125. {
126.   // instantiate the CAPICOM objects
127.   var MyStore = new ActiveXObject("CAPICOM.Store");
128.   // open the current users personal certificate store
129.   try
130.   {
131.     MyStore.Open(this.CAPICOM_CURRENT_USER_STORE, "My", this.CAPICOM_STORE_OPEN_READ_ONLY);
132.   }
133.   catch (e)
134.   {
135.     if (e.number != this.CAPICOM_E_CANCELLED)
136.     {
137.       this.ErrorStack += "Ошибка при открытии хранилища сертификатов.\n";
138.       this.ErrorState = 12;
139.       return false;
140.     }
141.   }
142.  
143.   // find all of the certificates that have the specified hash
144.   var FilteredCertificates = MyStore.Certificates.Find(this.CAPICOM_CERTIFICATE_FIND_SHA1_HASH, szThumbprint);
145.   return FilteredCertificates.Item(1);
146.  
147.   // Clean Up
148.   MyStore = null;
149.   FilteredCertificates = null;
150. }
151.  
152. CryptoProvider.prototype.SelectCertificate = function (Serts)
153. {
154.   var ret;
155.   var FilteredCertificates = Serts;
156.   try
157.   {
158.     // Pop up the selection UI
159.     var SelectedCertificate = FilteredCertificates.Select();
160.     if (SelectedCertificate)
161.     {
162.       this.CertValue = SelectedCertificate.Item(1).GetInfo(this.CAPICOM_INFO_SUBJECT_SIMPLE_NAME); ;
163.       this.CertHash = SelectedCertificate.Item(1).Thumbprint;
164.       ret = true;
165.     }
166.     else
167.     {
168.       this.CertValue = "";
169.       this.CertHash = "";
170.       this.ErrorStack += "Вы не выбрали сертификат.\n";
171.       this.ErrorState = 20;
172.       ret = false;
173.     }
174.   }
175.   catch (e)
176.   {
177.     this.CertValue = "";
178.     this.CertHash = "";
179.     this.ErrorStack += e.description + "\n";
180.     this.ErrorState = 19;
181.     ret = false;
182.   }
183.   SelectedCertificate = null;
184.   FilteredCertificates = null;
185.   return ret;
186. }
187.  
188. CryptoProvider.prototype.SignedData = function (toSign)
189. {
190.   // instantiate the CAPICOM objects
191.   var SignedData = new ActiveXObject("CAPICOM.SignedData");
192.   var Signer = new ActiveXObject("CAPICOM.Signer");
193.   var TimeAttribute = new ActiveXObject("CAPICOM.Attribute");
194.   // only do this if the user selected a certificate
195.   if (this.CertHash != "")
196.   {
197.     try
198.     {
199.       if (toSign == "")
200.       {
201.         throw new userException('Отсутствуют данные для подписи.');
202.       }
203.       SignedData.Content = toSign;
204.       // Set the Certificate we would like to sign with
205.       Signer.Certificate = this.FindCertificateByHash(this.CertHash);
206.      
207.       // Set the time in which we are applying the signature
208.       var Today = new Date();
209.       TimeAttribute.Name = this.CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME;
210.       TimeAttribute.Value = Today.getVarDate();
211.       Today = null;
212.       Signer.AuthenticatedAttributes.Add(TimeAttribute);
213.       // Do the Sign operation
214.       var szSignature = SignedData.Sign(Signer, true, this.CAPICOM_ENCODE_BASE64);
215.     }
216.  
217.     catch (e)
218.     {
219.       if (e.number != this.CAPICOM_E_CANCELLED)
220.       {
221.         this.ErrorStack += "Ошибка доступа к подписываемому содержимому: " + e.description + "\n";
222.         this.ErrorState = 10;
223.         return "";
224.       }
225.       else
226.       {
227.         this.ErrorStack += e.description + "\n";
228.         this.ErrorState = 15;
229.         return "";
230.       }
231.     }
232.     return szSignature;
233.   }
234.   else
235.   {
236.     this.ErrorStack += 'Не был выбран сертификат.\n';
237.     this.ErrorState = 16;
238.     return "";
239.   }
240. }
241.  
242. CryptoProvider.prototype.VerifySig = function (toVer, sign)
243. {
244.   // instantiate the CAPICOM objects
245.   var SignedData = new ActiveXObject('CAPICOM.SignedData');
246.   try
247.   {
248.     SignedData.Content = toVer;
249.     var mode;
250.     this.VerifySert ? mode = this.CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE : mode = this.CAPICOM_VERIFY_SIGNATURE_ONLY;
251.     SignedData.Verify(sign, true, mode);
252.   }
253.   catch (e)
254.   {
255.     this.ErrorStack += e.description + "\n";
256.     return false;
257.   }
258.   return true;
259. }