crypto-pro-web/crypto-pro-js
1
0
Fork 0
mirror of https://github.com/crypto-pro-web/crypto-pro-js.git synced 2024-11-23 16:44:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

fixed signature verification

Browse Source
This commit is contained in:
German Arutyunov 2021-03-23 17:31:39 +03:00
parent 17e248e495
commit 19a9bab9f7
3 changed files with 46 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/api/addAttachedSignature.ts
View File

@ -6,14 +6,14 @@ import { _getCadesCert } from '../helpers/_getCadesCert';
import { _getDateObj } from '../helpers/_getDateObj';
/**
* Создает присоединенную подпись сообщения по отпечатку сертификата
* Добавляет присоединенную подпись к подписанному сообщению по отпечатку сертификата
*
* @param thumbprint - отпечаток сертификата
* @param message - подписываемое сообщение
* @param signedMessage - подписанное сообщение
* @returns подпись в формате PKCS#7
*/
export const addAttachedSignature = _afterPluginsLoaded(
async (thumbprint: string, unencryptedMessage: string | ArrayBuffer): Promise<string> => {
async (thumbprint: string, signedMessage: string | ArrayBuffer): Promise<string> => {
const { cadesplugin } = window;
const cadesCertificate = await _getCadesCert(thumbprint);
@ -47,7 +47,7 @@ export const addAttachedSignature = _afterPluginsLoaded(
let messageBase64;
try {
messageBase64 = Buffer.from(unencryptedMessage).toString('base64');
messageBase64 = Buffer.from(signedMessage).toString('base64');
} catch (error) {
console.error(error);
@ -72,7 +72,7 @@ export const addAttachedSignature = _afterPluginsLoaded(
let signature: string;
try {
void (__cadesAsyncToken__ + cadesSignedData.VerifyCades(messageBase64, cadesplugin.CADESCOM_PKCS7_TYPE));
void (__cadesAsyncToken__ + cadesSignedData.VerifyCades(signedMessage, cadesplugin.CADESCOM_PKCS7_TYPE));
signature = __cadesAsyncToken__ + cadesSignedData.CoSignCades(cadesSigner, cadesplugin.CADESCOM_PKCS7_TYPE);
} catch (error) {
console.error(error);

36
src/api/addDetachedSignature.test.ts
View File

@ -3,6 +3,7 @@ import { rawCertificates, parsedCertificates } from '../__mocks__/certificates';
import { createDetachedSignature } from './createDetachedSignature';
import { _getCadesCert } from '../helpers/_getCadesCert';
import { addDetachedSignature } from './addDetachedSignature';
import { createHash } from './createHash';
const [rawCertificateMock] = rawCertificates;
const [parsedCertificateMock] = parsedCertificates;
@ -21,6 +22,7 @@ const executionSteps = [
Symbol('step 4'),
Symbol('step 5'),
Symbol('step 6'),
Symbol('step 7'),
];
const executionFlow = {
@ -32,7 +34,7 @@ const executionFlow = {
propset_ContentEncoding: jest.fn(),
propset_Content: jest.fn(),
SignHash: jest.fn(() => executionSteps[4]),
VerifyCades: jest.fn(),
VerifyHash: jest.fn(),
CoSignHash: jest.fn(() => executionSteps[6]),
},
[executionSteps[2]]: {
@ -46,9 +48,13 @@ const executionFlow = {
[executionSteps[4]]: 'signature',
[executionSteps[5]]: {
propset_Algorithm: jest.fn(),
propset_DataEncoding: jest.fn(),
Hash: jest.fn(),
Value: executionSteps[7],
SetHashValue: jest.fn(),
},
[executionSteps[6]]: 'newSignature',
[executionSteps[7]]: 'hash',
};
window.cadesplugin.__defineExecutionFlow(executionFlow);
@ -67,16 +73,40 @@ window.cadesplugin.CreateObjectAsync.mockImplementation((object) => {
describe('addDetachedSignature', () => {
test('uses specified certificate', async () => {
const originalBufferFrom = global.Buffer.from;
(global.Buffer.from as jest.Mock) = jest.fn(() => ({
toString: jest.fn(),
}));
const signature = await createDetachedSignature(parsedCertificateMock.thumbprint, 'message');
await addDetachedSignature(parsedCertificateMock.thumbprint, signature);
const signatureHash = await createHash(signature);
await addDetachedSignature(parsedCertificateMock.thumbprint, signature, signatureHash);
expect(_getCadesCert).toHaveBeenCalledWith(parsedCertificateMock.thumbprint);
expect(global.Buffer.from).toHaveBeenCalledTimes(1);
global.Buffer.from = originalBufferFrom;
});
test('returns new signature', async () => {
const originalBufferFrom = global.Buffer.from;
(global.Buffer.from as jest.Mock) = jest.fn(() => ({
toString: jest.fn(),
}));
let signature = await createDetachedSignature(parsedCertificateMock.thumbprint, 'message');
signature = await addDetachedSignature(parsedCertificateMock.thumbprint, signature);
const signatureHash = await createHash(signature);
signature = await addDetachedSignature(parsedCertificateMock.thumbprint, signature, signatureHash);
expect(_getCadesCert).toHaveBeenCalledWith(parsedCertificateMock.thumbprint);
expect(global.Buffer.from).toHaveBeenCalledTimes(1);
expect(signature).toEqual('newSignature');
global.Buffer.from = originalBufferFrom;
});
});

12
src/api/addDetachedSignature.ts
View File

@ -6,14 +6,15 @@ import { _getCadesCert } from '../helpers/_getCadesCert';
import { _getDateObj } from '../helpers/_getDateObj';
/**
* Создает отсоединенную подпись хеша по отпечатку сертификата
* Добавляет отсоединенную подпись хеша к подписанному сообщению по отпечатку сертификата
*
* @param thumbprint - отпечаток сертификата
* @param messageHash - хеш подписываемого сообщения, сгенерированный по ГОСТ Р 34.11-2012 256 бит
* @param signedMessage - подписанное сообщение
* @param messageHash - хеш подписанного сообщения, сгенерированный по ГОСТ Р 34.11-2012 256 бит
* @returns подпись в формате PKCS#7
*/
export const addDetachedSignature = _afterPluginsLoaded(
async (thumbprint: string, messageHash: string): Promise<string> => {
async (thumbprint: string, signedMessage: string | ArrayBuffer, messageHash: string): Promise<string> => {
const { cadesplugin } = window;
const cadesCertificate = await _getCadesCert(thumbprint);
@ -74,7 +75,10 @@ export const addDetachedSignature = _afterPluginsLoaded(
let signature: string;
try {
void (__cadesAsyncToken__ + cadesSignedData.VerifyCades(cadesHashedData, cadesplugin.CADESCOM_PKCS7_TYPE));
void (
__cadesAsyncToken__ +
cadesSignedData.VerifyHash(cadesHashedData, signedMessage, cadesplugin.CADESCOM_PKCS7_TYPE)
);
signature =
__cadesAsyncToken__ +
cadesSignedData.CoSignHash(cadesHashedData, cadesSigner, cadesplugin.CADESCOM_PKCS7_TYPE);