Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function CryptoProvider(OBJECT1)
- {
- // CAPICOM constants
- //Const to verify
- CryptoProvider.prototype.CAPICOM_ACTIVE_DIRECTORY_USER_STORE = 3;
- CryptoProvider.prototype.CAPICOM_AUTHENTICATED_ATTRIBUTE_DOCUMENT_DESCRIPTION = 2;
- CryptoProvider.prototype.CAPICOM_AUTHENTICATED_ATTRIBUTE_DOCUMENT_NAME = 1;
- CryptoProvider.prototype.CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME = 0;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_APPLICATION_POLICY = 7;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_CERTIFICATE_POLICY = 8;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY = 6;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_EXTENSION = 5;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_ISSUER_NAME = 2;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_KEY_USAGE = 12;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_ROOT_NAME = 3;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_SHA1_HASH = 0;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME = 1;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_TEMPLATE_NAME = 4;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_TIME_EXPIRED = 11;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_TIME_NOT_YET_VALID = 10;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_FIND_TIME_VALID = 9;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_INCLUDE_CHAIN_EXCEPT_ROOT = 0;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_INCLUDE_END_ENTITY_ONLY = 2;
- CryptoProvider.prototype.CAPICOM_CERTIFICATE_INCLUDE_WHOLE_CHAIN = 1;
- CryptoProvider.prototype.CAPICOM_CURRENT_USER_STORE = 2;
- CryptoProvider.prototype.CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE = 0x00000080;
- CryptoProvider.prototype.CAPICOM_E_CANCELLED = -2138568446;
- CryptoProvider.prototype.CAPICOM_ENCODE_ANY = 0xffffffff;
- CryptoProvider.prototype.CAPICOM_ENCODE_BASE64 = 0;
- CryptoProvider.prototype.CAPICOM_ENCODE_BINARY = 1;
- CryptoProvider.prototype.CAPICOM_INFO_SUBJECT_SIMPLE_NAME = 0;
- CryptoProvider.prototype.CAPICOM_KEY_STORAGE_DEFAULT = 0;
- CryptoProvider.prototype.CAPICOM_LOCAL_MACHINE_STORE = 1;
- CryptoProvider.prototype.CAPICOM_PROPID_KEY_PROV_INFO = 2;
- CryptoProvider.prototype.CAPICOM_SMART_CARD_USER_STORE = 4;
- CryptoProvider.prototype.CAPICOM_STORE_OPEN_READ_ONLY = 0;
- CryptoProvider.prototype.CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE = 1
- CryptoProvider.prototype.CAPICOM_VERIFY_SIGNATURE_ONLY = 0;
- CryptoProvider.prototype.CERT_KEY_SPEC_PROP_ID = 6;
- //CryptoProvider.prototype.CertThumbprint = "";
- CryptoProvider.prototype.CertValue = "";
- CryptoProvider.prototype.CertHash = "";
- CryptoProvider.prototype.ErrorStack = "";
- CryptoProvider.prototype.ErrorState = 0;
- CryptoProvider.prototype.VerifySert = false;
- CryptoProvider.prototype.oCAPICOM = OBJECT1;
- //CryptoProvider.prototype.Init();
- }
- // объявляем, инициализируем, реализуем свойства и методы
- CryptoProvider.prototype.IsCAPICOMInstalled = function ()
- {
- if (typeof (this.oCAPICOM) == "object")
- {
- if ((this.oCAPICOM.object != null))
- {
- //alert(" We found CAPICOM!");
- return true;
- }
- }
- }
- CryptoProvider.prototype.Init = function ()
- {
- var FilteredCertificates = this.FilterCertificates();
- if (FilteredCertificates)
- {
- if (FilteredCertificates.Count == 1)
- {
- this.CertValue = FilteredCertificates.Item(1).GetInfo(this.CAPICOM_INFO_SUBJECT_SIMPLE_NAME);
- this.CertHash = FilteredCertificates.Item(1).Thumbprint;
- }
- else
- {
- this.CertValue = "";
- this.CertHash = "";
- this.SelectCertificate(FilteredCertificates);
- }
- FilteredCertificates = null;
- }
- else
- {
- this.ErrorStack += "У Вас нет действующих сертификатов.\n";
- this.ErrorState = 13;
- }
- }
- CryptoProvider.prototype.FilterCertificates = function ()
- {
- var MyStore = new ActiveXObject("CAPICOM.Store");
- var FilteredCertificates = new ActiveXObject("CAPICOM.Certificates");
- try
- {
- //MyStore.Open(this.CAPICOM_CURRENT_USER_STORE, "My", this.CAPICOM_STORE_OPEN_READ_ONLY);
- MyStore.Open(this.CAPICOM_CURRENT_USER_STORE, "MY");
- }
- catch (e)
- {
- if (e.number != this.CAPICOM_E_CANCELLED)
- {
- this.ErrorStack += "Ошибка при открытии хранилища сертификатов.\n";
- this.ErrorState = 11;
- return false;
- }
- }
- // find all of the certificates that:
- // * Are good for signing data
- // * Have PrivateKeys associated with then - Note how this is being done :)
- // * Are they time valid
- //var FilteredCertificates = MyStore.Certificates.Find(this.CAPICOM_CERTIFICATE_FIND_KEY_USAGE, this.CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE).Find(this.CAPICOM_CERTIFICATE_FIND_TIME_VALID).Find(this.CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY, this.CERT_KEY_SPEC_PROP_ID);
- var FilteredCertificates = MyStore.Certificates.Find(this.CAPICOM_CERTIFICATE_FIND_KEY_USAGE, this.CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE).Find(this.CAPICOM_CERTIFICATE_FIND_TIME_VALID).Find(this.CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY, this.CERT_KEY_SPEC_PROP_ID);
- //var FilteredCertificates = MyStore.Certificates.Find(this.CAPICOM_CERTIFICATE_FIND_KEY_USAGE, this.CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE).Find(this.CAPICOM_CERTIFICATE_FIND_TIME_VALID);
- return FilteredCertificates;
- MyStore = null;
- FilteredCertificates = null;
- }
- CryptoProvider.prototype.FindCertificateByHash = function (szThumbprint)
- {
- // instantiate the CAPICOM objects
- var MyStore = new ActiveXObject("CAPICOM.Store");
- // open the current users personal certificate store
- try
- {
- MyStore.Open(this.CAPICOM_CURRENT_USER_STORE, "My", this.CAPICOM_STORE_OPEN_READ_ONLY);
- }
- catch (e)
- {
- if (e.number != this.CAPICOM_E_CANCELLED)
- {
- this.ErrorStack += "Ошибка при открытии хранилища сертификатов.\n";
- this.ErrorState = 12;
- return false;
- }
- }
- // find all of the certificates that have the specified hash
- var FilteredCertificates = MyStore.Certificates.Find(this.CAPICOM_CERTIFICATE_FIND_SHA1_HASH, szThumbprint);
- return FilteredCertificates.Item(1);
- // Clean Up
- MyStore = null;
- FilteredCertificates = null;
- }
- CryptoProvider.prototype.SelectCertificate = function (Serts)
- {
- var ret;
- var FilteredCertificates = Serts;
- try
- {
- // Pop up the selection UI
- var SelectedCertificate = FilteredCertificates.Select();
- if (SelectedCertificate)
- {
- this.CertValue = SelectedCertificate.Item(1).GetInfo(this.CAPICOM_INFO_SUBJECT_SIMPLE_NAME); ;
- this.CertHash = SelectedCertificate.Item(1).Thumbprint;
- ret = true;
- }
- else
- {
- this.CertValue = "";
- this.CertHash = "";
- this.ErrorStack += "Вы не выбрали сертификат.\n";
- this.ErrorState = 20;
- ret = false;
- }
- }
- catch (e)
- {
- this.CertValue = "";
- this.CertHash = "";
- this.ErrorStack += e.description + "\n";
- this.ErrorState = 19;
- ret = false;
- }
- SelectedCertificate = null;
- FilteredCertificates = null;
- return ret;
- }
- CryptoProvider.prototype.SignedData = function (toSign)
- {
- // instantiate the CAPICOM objects
- var SignedData = new ActiveXObject("CAPICOM.SignedData");
- var Signer = new ActiveXObject("CAPICOM.Signer");
- var TimeAttribute = new ActiveXObject("CAPICOM.Attribute");
- // only do this if the user selected a certificate
- if (this.CertHash != "")
- {
- try
- {
- if (toSign == "")
- {
- throw new userException('Отсутствуют данные для подписи.');
- }
- SignedData.Content = toSign;
- // Set the Certificate we would like to sign with
- Signer.Certificate = this.FindCertificateByHash(this.CertHash);
- // Set the time in which we are applying the signature
- var Today = new Date();
- TimeAttribute.Name = this.CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME;
- TimeAttribute.Value = Today.getVarDate();
- Today = null;
- Signer.AuthenticatedAttributes.Add(TimeAttribute);
- // Do the Sign operation
- var szSignature = SignedData.Sign(Signer, true, this.CAPICOM_ENCODE_BASE64);
- }
- catch (e)
- {
- if (e.number != this.CAPICOM_E_CANCELLED)
- {
- this.ErrorStack += "Ошибка доступа к подписываемому содержимому: " + e.description + "\n";
- this.ErrorState = 10;
- return "";
- }
- else
- {
- this.ErrorStack += e.description + "\n";
- this.ErrorState = 15;
- return "";
- }
- }
- return szSignature;
- }
- else
- {
- this.ErrorStack += 'Не был выбран сертификат.\n';
- this.ErrorState = 16;
- return "";
- }
- }
- CryptoProvider.prototype.VerifySig = function (toVer, sign)
- {
- // instantiate the CAPICOM objects
- var SignedData = new ActiveXObject('CAPICOM.SignedData');
- try
- {
- SignedData.Content = toVer;
- var mode;
- this.VerifySert ? mode = this.CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE : mode = this.CAPICOM_VERIFY_SIGNATURE_ONLY;
- SignedData.Verify(sign, true, mode);
- }
- catch (e)
- {
- this.ErrorStack += e.description + "\n";
- return false;
- }
- return true;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement