mirror of
https://github.com/crypto-pro-web/crypto-pro-js.git
synced 2024-11-24 00:55:00 +03:00
fixed signature verification
This commit is contained in:
German Arutyunov
parent
17e248e495
commit
19a9bab9f7
@ -6,14 +6,14 @@ import { _getCadesCert } from '../helpers/_getCadesCert';
|
|||||||
import { _getDateObj } from '../helpers/_getDateObj';
|
import { _getDateObj } from '../helpers/_getDateObj';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Создает присоединенную подпись сообщения по отпечатку сертификата
|
* Добавляет присоединенную подпись к подписанному сообщению по отпечатку сертификата
|
||||||
*
|
*
|
||||||
* @param thumbprint - отпечаток сертификата
|
* @param thumbprint - отпечаток сертификата
|
||||||
* @param message - подписываемое сообщение
|
* @param signedMessage - подписанное сообщение
|
||||||
* @returns подпись в формате PKCS#7
|
* @returns подпись в формате PKCS#7
|
||||||
*/
|
*/
|
||||||
export const addAttachedSignature = _afterPluginsLoaded(
|
export const addAttachedSignature = _afterPluginsLoaded(
|
||||||
async (thumbprint: string, unencryptedMessage: string | ArrayBuffer): Promise<string> => {
|
async (thumbprint: string, signedMessage: string | ArrayBuffer): Promise<string> => {
|
||||||
const { cadesplugin } = window;
|
const { cadesplugin } = window;
|
||||||
const cadesCertificate = await _getCadesCert(thumbprint);
|
const cadesCertificate = await _getCadesCert(thumbprint);
|
||||||
|
|
||||||
@ -47,7 +47,7 @@ export const addAttachedSignature = _afterPluginsLoaded(
|
|||||||
let messageBase64;
|
let messageBase64;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
messageBase64 = Buffer.from(unencryptedMessage).toString('base64');
|
messageBase64 = Buffer.from(signedMessage).toString('base64');
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
console.error(error);
|
console.error(error);
|
||||||
|
|
||||||
@ -72,7 +72,7 @@ export const addAttachedSignature = _afterPluginsLoaded(
|
|||||||
let signature: string;
|
let signature: string;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
void (__cadesAsyncToken__ + cadesSignedData.VerifyCades(messageBase64, cadesplugin.CADESCOM_PKCS7_TYPE));
|
void (__cadesAsyncToken__ + cadesSignedData.VerifyCades(signedMessage, cadesplugin.CADESCOM_PKCS7_TYPE));
|
||||||
signature = __cadesAsyncToken__ + cadesSignedData.CoSignCades(cadesSigner, cadesplugin.CADESCOM_PKCS7_TYPE);
|
signature = __cadesAsyncToken__ + cadesSignedData.CoSignCades(cadesSigner, cadesplugin.CADESCOM_PKCS7_TYPE);
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
console.error(error);
|
console.error(error);
|
||||||
|
|||||||
@ -3,6 +3,7 @@ import { rawCertificates, parsedCertificates } from '../__mocks__/certificates';
|
|||||||
import { createDetachedSignature } from './createDetachedSignature';
|
import { createDetachedSignature } from './createDetachedSignature';
|
||||||
import { _getCadesCert } from '../helpers/_getCadesCert';
|
import { _getCadesCert } from '../helpers/_getCadesCert';
|
||||||
import { addDetachedSignature } from './addDetachedSignature';
|
import { addDetachedSignature } from './addDetachedSignature';
|
||||||
|
import { createHash } from './createHash';
|
||||||
|
|
||||||
const [rawCertificateMock] = rawCertificates;
|
const [rawCertificateMock] = rawCertificates;
|
||||||
const [parsedCertificateMock] = parsedCertificates;
|
const [parsedCertificateMock] = parsedCertificates;
|
||||||
@ -21,6 +22,7 @@ const executionSteps = [
|
|||||||
Symbol('step 4'),
|
Symbol('step 4'),
|
||||||
Symbol('step 5'),
|
Symbol('step 5'),
|
||||||
Symbol('step 6'),
|
Symbol('step 6'),
|
||||||
|
Symbol('step 7'),
|
||||||
];
|
];
|
||||||
|
|
||||||
const executionFlow = {
|
const executionFlow = {
|
||||||
@ -32,7 +34,7 @@ const executionFlow = {
|
|||||||
propset_ContentEncoding: jest.fn(),
|
propset_ContentEncoding: jest.fn(),
|
||||||
propset_Content: jest.fn(),
|
propset_Content: jest.fn(),
|
||||||
SignHash: jest.fn(() => executionSteps[4]),
|
SignHash: jest.fn(() => executionSteps[4]),
|
||||||
VerifyCades: jest.fn(),
|
VerifyHash: jest.fn(),
|
||||||
CoSignHash: jest.fn(() => executionSteps[6]),
|
CoSignHash: jest.fn(() => executionSteps[6]),
|
||||||
},
|
},
|
||||||
[executionSteps[2]]: {
|
[executionSteps[2]]: {
|
||||||
@ -46,9 +48,13 @@ const executionFlow = {
|
|||||||
[executionSteps[4]]: 'signature',
|
[executionSteps[4]]: 'signature',
|
||||||
[executionSteps[5]]: {
|
[executionSteps[5]]: {
|
||||||
propset_Algorithm: jest.fn(),
|
propset_Algorithm: jest.fn(),
|
||||||
|
propset_DataEncoding: jest.fn(),
|
||||||
|
Hash: jest.fn(),
|
||||||
|
Value: executionSteps[7],
|
||||||
SetHashValue: jest.fn(),
|
SetHashValue: jest.fn(),
|
||||||
},
|
},
|
||||||
[executionSteps[6]]: 'newSignature',
|
[executionSteps[6]]: 'newSignature',
|
||||||
|
[executionSteps[7]]: 'hash',
|
||||||
};
|
};
|
||||||
|
|
||||||
window.cadesplugin.__defineExecutionFlow(executionFlow);
|
window.cadesplugin.__defineExecutionFlow(executionFlow);
|
||||||
@ -67,16 +73,40 @@ window.cadesplugin.CreateObjectAsync.mockImplementation((object) => {
|
|||||||
|
|
||||||
describe('addDetachedSignature', () => {
|
describe('addDetachedSignature', () => {
|
||||||
test('uses specified certificate', async () => {
|
test('uses specified certificate', async () => {
|
||||||
|
const originalBufferFrom = global.Buffer.from;
|
||||||
|
|
||||||
|
(global.Buffer.from as jest.Mock) = jest.fn(() => ({
|
||||||
|
toString: jest.fn(),
|
||||||
|
}));
|
||||||
|
|
||||||
const signature = await createDetachedSignature(parsedCertificateMock.thumbprint, 'message');
|
const signature = await createDetachedSignature(parsedCertificateMock.thumbprint, 'message');
|
||||||
await addDetachedSignature(parsedCertificateMock.thumbprint, signature);
|
const signatureHash = await createHash(signature);
|
||||||
|
await addDetachedSignature(parsedCertificateMock.thumbprint, signature, signatureHash);
|
||||||
|
|
||||||
expect(_getCadesCert).toHaveBeenCalledWith(parsedCertificateMock.thumbprint);
|
expect(_getCadesCert).toHaveBeenCalledWith(parsedCertificateMock.thumbprint);
|
||||||
|
|
||||||
|
expect(global.Buffer.from).toHaveBeenCalledTimes(1);
|
||||||
|
|
||||||
|
global.Buffer.from = originalBufferFrom;
|
||||||
});
|
});
|
||||||
|
|
||||||
test('returns new signature', async () => {
|
test('returns new signature', async () => {
|
||||||
|
const originalBufferFrom = global.Buffer.from;
|
||||||
|
|
||||||
|
(global.Buffer.from as jest.Mock) = jest.fn(() => ({
|
||||||
|
toString: jest.fn(),
|
||||||
|
}));
|
||||||
|
|
||||||
let signature = await createDetachedSignature(parsedCertificateMock.thumbprint, 'message');
|
let signature = await createDetachedSignature(parsedCertificateMock.thumbprint, 'message');
|
||||||
signature = await addDetachedSignature(parsedCertificateMock.thumbprint, signature);
|
const signatureHash = await createHash(signature);
|
||||||
|
signature = await addDetachedSignature(parsedCertificateMock.thumbprint, signature, signatureHash);
|
||||||
|
|
||||||
|
expect(_getCadesCert).toHaveBeenCalledWith(parsedCertificateMock.thumbprint);
|
||||||
|
|
||||||
|
expect(global.Buffer.from).toHaveBeenCalledTimes(1);
|
||||||
|
|
||||||
expect(signature).toEqual('newSignature');
|
expect(signature).toEqual('newSignature');
|
||||||
|
|
||||||
|
global.Buffer.from = originalBufferFrom;
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|||||||
@ -6,14 +6,15 @@ import { _getCadesCert } from '../helpers/_getCadesCert';
|
|||||||
import { _getDateObj } from '../helpers/_getDateObj';
|
import { _getDateObj } from '../helpers/_getDateObj';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Создает отсоединенную подпись хеша по отпечатку сертификата
|
* Добавляет отсоединенную подпись хеша к подписанному сообщению по отпечатку сертификата
|
||||||
*
|
*
|
||||||
* @param thumbprint - отпечаток сертификата
|
* @param thumbprint - отпечаток сертификата
|
||||||
* @param messageHash - хеш подписываемого сообщения, сгенерированный по ГОСТ Р 34.11-2012 256 бит
|
* @param signedMessage - подписанное сообщение
|
||||||
|
* @param messageHash - хеш подписанного сообщения, сгенерированный по ГОСТ Р 34.11-2012 256 бит
|
||||||
* @returns подпись в формате PKCS#7
|
* @returns подпись в формате PKCS#7
|
||||||
*/
|
*/
|
||||||
export const addDetachedSignature = _afterPluginsLoaded(
|
export const addDetachedSignature = _afterPluginsLoaded(
|
||||||
async (thumbprint: string, messageHash: string): Promise<string> => {
|
async (thumbprint: string, signedMessage: string | ArrayBuffer, messageHash: string): Promise<string> => {
|
||||||
const { cadesplugin } = window;
|
const { cadesplugin } = window;
|
||||||
const cadesCertificate = await _getCadesCert(thumbprint);
|
const cadesCertificate = await _getCadesCert(thumbprint);
|
||||||
|
|
||||||
@ -74,7 +75,10 @@ export const addDetachedSignature = _afterPluginsLoaded(
|
|||||||
let signature: string;
|
let signature: string;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
void (__cadesAsyncToken__ + cadesSignedData.VerifyCades(cadesHashedData, cadesplugin.CADESCOM_PKCS7_TYPE));
|
void (
|
||||||
|
__cadesAsyncToken__ +
|
||||||
|
cadesSignedData.VerifyHash(cadesHashedData, signedMessage, cadesplugin.CADESCOM_PKCS7_TYPE)
|
||||||
|
);
|
||||||
signature =
|
signature =
|
||||||
__cadesAsyncToken__ +
|
__cadesAsyncToken__ +
|
||||||
cadesSignedData.CoSignHash(cadesHashedData, cadesSigner, cadesplugin.CADESCOM_PKCS7_TYPE);
|
cadesSignedData.CoSignHash(cadesHashedData, cadesSigner, cadesplugin.CADESCOM_PKCS7_TYPE);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user