@it-enterprise/digital-signature 1.0.1 → 1.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.eslintrc.js +14 -3
- package/euscp/EndUserConstants.d.ts +50 -0
- package/euscp/euscp.d.ts +90 -1
- package/euscp/euscp.js +2 -2
- package/package.json +1 -1
- package/readme.md +30 -0
- package/src/DigitalSignature.js +230 -66
- package/src/GlSign.js +1 -4
- package/src/Models.js +80 -15
- package/.gitlab-ci.yml +0 -12
package/src/Models.js
CHANGED
|
@@ -2,7 +2,7 @@ import { EndUserCertificate, EndUserError, EndUserOwnerInfo, EndUserConstants }
|
|
|
2
2
|
import GlSign from "./GlSign";
|
|
3
3
|
import { downloadData, byteArrayToBase64, base64ToByteArray, signAlgoToHashAlgo, getSupportedSignAlgos } from "./Utils";
|
|
4
4
|
|
|
5
|
-
const LIBRARY_VERSION = "1.3.
|
|
5
|
+
const LIBRARY_VERSION = "1.3.49";
|
|
6
6
|
|
|
7
7
|
/**
|
|
8
8
|
* Параметры библиотеки электронной подписи
|
|
@@ -10,11 +10,13 @@ const LIBRARY_VERSION = "1.3.45";
|
|
|
10
10
|
export class DigitalSignatureSettings {
|
|
11
11
|
/**
|
|
12
12
|
* @param {string} language - Язык. Поддержываемые значения: en, ru, uk
|
|
13
|
+
* @param {string} userId - id пользователя (для сохранения ключей и предпочитаемого типа ключа)
|
|
13
14
|
* @param {string} httpProxyServiceURL - Ссылка на ProxyHandler
|
|
14
15
|
* @param {UriCertificatesProvider | WebCalcCertificatesProvider} certificatesProvider - Список центров сертификации, или ссылка на их скачивание
|
|
15
16
|
*/
|
|
16
|
-
constructor(language, httpProxyServiceURL, certificatesProvider, mssServiceURL, libraryUrl) {
|
|
17
|
+
constructor(language, userId, httpProxyServiceURL, certificatesProvider, mssServiceURL, libraryUrl) {
|
|
17
18
|
this.language = language || "ru";
|
|
19
|
+
this.userId = userId;
|
|
18
20
|
this.httpProxyServiceURL = httpProxyServiceURL;
|
|
19
21
|
this.certificatesProvider = certificatesProvider;
|
|
20
22
|
this.mssServiceURL = mssServiceURL;
|
|
@@ -28,12 +30,13 @@ export class DigitalSignatureSettings {
|
|
|
28
30
|
export class DefaultSettingProvider {
|
|
29
31
|
/**
|
|
30
32
|
* @param {string} language - Язык ошибок
|
|
33
|
+
* @param {string | function} userId - id пользователя (для сохранения ключей и предпочитаемого типа ключа)
|
|
31
34
|
* @param {string} glSign - ПГУ GlSign
|
|
32
35
|
* @param {string} basePath - путь к ProxyHandler
|
|
33
36
|
* @param {string} certificatesPath - путь к папке с сертификатами
|
|
34
37
|
*
|
|
35
38
|
*/
|
|
36
|
-
constructor(language, basePath) {
|
|
39
|
+
constructor(language, userId, basePath) {
|
|
37
40
|
if (typeof basePath !== "string") {
|
|
38
41
|
throw {
|
|
39
42
|
code: EndUserError.EU_ERROR_BAD_PARAMETER,
|
|
@@ -44,6 +47,7 @@ export class DefaultSettingProvider {
|
|
|
44
47
|
}
|
|
45
48
|
|
|
46
49
|
this.language = language;
|
|
50
|
+
this.userId = userId;
|
|
47
51
|
this.basePath = basePath;
|
|
48
52
|
}
|
|
49
53
|
|
|
@@ -56,6 +60,7 @@ export class DefaultSettingProvider {
|
|
|
56
60
|
if (!this._settings) {
|
|
57
61
|
this._settings = new DigitalSignatureSettings(
|
|
58
62
|
this.language,
|
|
63
|
+
this.userId,
|
|
59
64
|
this.basePath + "/ProxyHandler",
|
|
60
65
|
new UriCertificatesProvider(
|
|
61
66
|
this.basePath + "/files?name=CAs.json",
|
|
@@ -76,11 +81,12 @@ export class DefaultSettingProvider {
|
|
|
76
81
|
export class GraphQlSettingProvider {
|
|
77
82
|
/**
|
|
78
83
|
* @param {string} language - Язык ошибок
|
|
84
|
+
* @param {string | function} userId - id пользователя (для сохранения ключей и предпочитаемого типа ключа)
|
|
79
85
|
* @param {string} graphQlUri - Ссылка на GraphQl сервер
|
|
80
86
|
* @param {string} wsUri - Ссылка на веб-сервисы
|
|
81
87
|
* @param {Object} auth - Функция для получения токена авторизации
|
|
82
88
|
*/
|
|
83
|
-
constructor(language, graphQlUri, wsUri, auth) {
|
|
89
|
+
constructor(language, userId, graphQlUri, wsUri, auth) {
|
|
84
90
|
if (typeof graphQlUri !== "string") {
|
|
85
91
|
throw {
|
|
86
92
|
code: EndUserError.EU_ERROR_BAD_PARAMETER,
|
|
@@ -92,6 +98,7 @@ export class GraphQlSettingProvider {
|
|
|
92
98
|
}
|
|
93
99
|
|
|
94
100
|
this.language = language;
|
|
101
|
+
this.userId = userId;
|
|
95
102
|
this.graphQlUri = graphQlUri;
|
|
96
103
|
this.wsUri = wsUri;
|
|
97
104
|
this.auth = auth;
|
|
@@ -104,6 +111,7 @@ export class GraphQlSettingProvider {
|
|
|
104
111
|
getSettings(testMode) {
|
|
105
112
|
return new DigitalSignatureSettings(
|
|
106
113
|
this.language,
|
|
114
|
+
this.userId,
|
|
107
115
|
this.graphQlUri + "/api/digitalSignature/ProxyHandler",
|
|
108
116
|
new GraphQlCertificatesProvider(testMode, this.graphQlUri, this.wsUri)
|
|
109
117
|
);
|
|
@@ -164,7 +172,7 @@ export class UriCertificatesProvider extends CertificatesProvider {
|
|
|
164
172
|
|
|
165
173
|
async loadCertificates() {
|
|
166
174
|
try {
|
|
167
|
-
|
|
175
|
+
const [CAs, CACertificates] = await Promise.all([downloadData(this.CAsUri, "json"), downloadData(this.CACertificatesUri, "binary")]);
|
|
168
176
|
|
|
169
177
|
return { CAs, CACertificates };
|
|
170
178
|
} catch (error) {
|
|
@@ -204,8 +212,8 @@ export class GraphQlCertificatesProvider extends CertificatesProvider {
|
|
|
204
212
|
|
|
205
213
|
async loadCertificates() {
|
|
206
214
|
let CAs = this._getItem("CAs"),
|
|
207
|
-
CACertificates = this._getItem("CACertificates")
|
|
208
|
-
|
|
215
|
+
CACertificates = this._getItem("CACertificates");
|
|
216
|
+
const CACertificatesVersion = this._getItem("CACertificatesVersion"),
|
|
209
217
|
CAsVersion = this._getItem("CAsVersion");
|
|
210
218
|
|
|
211
219
|
const version = { VERSIONCAS: CAsVersion, VERSIONCERT: CACertificatesVersion, INCLUDETEST: this.testMode };
|
|
@@ -231,7 +239,7 @@ export class GraphQlCertificatesProvider extends CertificatesProvider {
|
|
|
231
239
|
}
|
|
232
240
|
|
|
233
241
|
try {
|
|
234
|
-
|
|
242
|
+
const res = await downloadData(this.graphQlUri + "/api/digitalSignature/CAsAndCertificates?version=" + JSON.stringify(version), "json");
|
|
235
243
|
if (!res) {
|
|
236
244
|
return { CAs, CACertificates };
|
|
237
245
|
}
|
|
@@ -263,7 +271,7 @@ export class GraphQlCertificatesProvider extends CertificatesProvider {
|
|
|
263
271
|
}
|
|
264
272
|
}
|
|
265
273
|
|
|
266
|
-
/** Подпись файловыми ключами,
|
|
274
|
+
/** Подпись файловыми ключами, через облачные сервисы */
|
|
267
275
|
export const DigitalSignatureLibraryTypeJS = 0;
|
|
268
276
|
/** Подпись аппартными ключами */
|
|
269
277
|
export const DigitalSignatureLibraryTypeSW = 1;
|
|
@@ -282,10 +290,8 @@ export const DigitalSignatureLibraryType = {
|
|
|
282
290
|
export const DigitalSignatureKeyTypeFile = 0;
|
|
283
291
|
/** Аппаратный ключ */
|
|
284
292
|
export const DigitalSignatureKeyTypeToken = 1;
|
|
285
|
-
/** MobileID */
|
|
286
|
-
export const DigitalSignatureKeyTypeMobileID = 2;
|
|
287
293
|
/** Облачный сервис */
|
|
288
|
-
export const DigitalSignatureKeyTypeKSP =
|
|
294
|
+
export const DigitalSignatureKeyTypeKSP = 2;
|
|
289
295
|
|
|
290
296
|
/**
|
|
291
297
|
* Типы ключей
|
|
@@ -293,7 +299,6 @@ export const DigitalSignatureKeyTypeKSP = 3;
|
|
|
293
299
|
export const DigitalSignatureKeyType = {
|
|
294
300
|
File: DigitalSignatureKeyTypeFile,
|
|
295
301
|
Token: DigitalSignatureKeyTypeToken,
|
|
296
|
-
MobileID: DigitalSignatureKeyTypeMobileID,
|
|
297
302
|
KSP: DigitalSignatureKeyTypeKSP
|
|
298
303
|
};
|
|
299
304
|
|
|
@@ -302,11 +307,15 @@ export class PrivateKeyInfo {
|
|
|
302
307
|
* @param {number} keyType - Тип ключа
|
|
303
308
|
* @param {EndUserOwnerInfo} ownerInfo - Информация о владельце ключа
|
|
304
309
|
* @param {EndUserCertificate[]} certificates - Сертификаты ключа
|
|
310
|
+
* @param {string} visibleName - Имя ключа
|
|
311
|
+
* @param {string} id - Идентификатор ключа
|
|
305
312
|
*/
|
|
306
|
-
constructor(keyType, ownerInfo, certificates) {
|
|
313
|
+
constructor(keyType, ownerInfo, certificates, visibleName, id) {
|
|
307
314
|
this.keyType = keyType;
|
|
308
315
|
this.ownerInfo = ownerInfo;
|
|
309
316
|
this.certificates = certificates;
|
|
317
|
+
this.visibleName = visibleName;
|
|
318
|
+
this.id = id;
|
|
310
319
|
}
|
|
311
320
|
|
|
312
321
|
/**
|
|
@@ -328,6 +337,10 @@ export class PrivateKeyInfo {
|
|
|
328
337
|
* Ключ поддерживает электронную подпись
|
|
329
338
|
*/
|
|
330
339
|
supportSigning() {
|
|
340
|
+
if(this instanceof KspPrivateKeyInfo) {
|
|
341
|
+
return true;
|
|
342
|
+
}
|
|
343
|
+
|
|
331
344
|
const certificates = this.certificates;
|
|
332
345
|
for (let certificate = 0; certificate < certificates.length; certificate++) {
|
|
333
346
|
const infoEx = certificates[certificate].infoEx;
|
|
@@ -357,7 +370,15 @@ export class PrivateKeyInfo {
|
|
|
357
370
|
*/
|
|
358
371
|
getSignAlgo() {
|
|
359
372
|
const certificates = this.certificates;
|
|
360
|
-
|
|
373
|
+
if(this instanceof KspPrivateKeyInfo) {
|
|
374
|
+
return EndUserConstants.EndUserSignAlgo.DSTU4145WithGOST34311;
|
|
375
|
+
}
|
|
376
|
+
else if(certificates.length > 0) {
|
|
377
|
+
return getSupportedSignAlgos(certificates)[0];
|
|
378
|
+
}
|
|
379
|
+
else{
|
|
380
|
+
return EndUserConstants.EndUserSignAlgo.Unknown;
|
|
381
|
+
}
|
|
361
382
|
}
|
|
362
383
|
|
|
363
384
|
/**
|
|
@@ -367,3 +388,47 @@ export class PrivateKeyInfo {
|
|
|
367
388
|
return signAlgoToHashAlgo(this.getSignAlgo());
|
|
368
389
|
}
|
|
369
390
|
}
|
|
391
|
+
|
|
392
|
+
export class FilePrivateKeyInfo extends PrivateKeyInfo {
|
|
393
|
+
/**
|
|
394
|
+
* @param {number} keyType - Тип ключа
|
|
395
|
+
* @param {EndUserOwnerInfo} ownerInfo - Информация о владельце ключа
|
|
396
|
+
* @param {EndUserCertificate[]} certificates - Сертификаты ключа
|
|
397
|
+
* @param {Uint8Array} privateKey - Файловый ключ
|
|
398
|
+
* @param {string?} password - Пароль от ключа
|
|
399
|
+
*/
|
|
400
|
+
constructor(keyType, ownerInfo, certificates, privateKey, password) {
|
|
401
|
+
super(keyType, ownerInfo, certificates, certificates[0].infoEx.subjCN, certificates[0].infoEx.serial);
|
|
402
|
+
this.privateKey = privateKey;
|
|
403
|
+
this.password = password;
|
|
404
|
+
}
|
|
405
|
+
}
|
|
406
|
+
|
|
407
|
+
export class HardwarePrivateKeyInfo extends PrivateKeyInfo {
|
|
408
|
+
/**
|
|
409
|
+
* @param {number} keyType - Тип ключа
|
|
410
|
+
* @param {EndUserOwnerInfo} ownerInfo - Информация о владельце ключа
|
|
411
|
+
* @param {EndUserCertificate[]} certificates - Сертификаты ключа
|
|
412
|
+
* @param {EndUserKeyMedia} keyMedia - Параметры аппаратного ключа
|
|
413
|
+
* @param {boolean} needSavePassword - Нужно ли сохранять пароль
|
|
414
|
+
*/
|
|
415
|
+
constructor(keyType, ownerInfo, certificates, keyMedia) {
|
|
416
|
+
super(keyType, ownerInfo, certificates, certificates[0].infoEx.subjCN, certificates[0].infoEx.serial);
|
|
417
|
+
this.keyMedia = keyMedia;
|
|
418
|
+
}
|
|
419
|
+
}
|
|
420
|
+
|
|
421
|
+
export class KspPrivateKeyInfo extends PrivateKeyInfo {
|
|
422
|
+
/**
|
|
423
|
+
* @param {number} keyType - Тип ключа
|
|
424
|
+
* @param {EndUserOwnerInfo} ownerInfo - Информация о владельце ключа
|
|
425
|
+
* @param {EndUserCertificate[]} certificates - Сертификаты ключа
|
|
426
|
+
* @param {string} userId - Идентификатор пользователя
|
|
427
|
+
* @param {EndUserKSP} ksp - Объект KSP
|
|
428
|
+
*/
|
|
429
|
+
constructor(keyType, ownerInfo, certificates, userId, ksp) {
|
|
430
|
+
super(keyType, ownerInfo, certificates, userId, userId);
|
|
431
|
+
this.userId = userId;
|
|
432
|
+
this.ksp = ksp;
|
|
433
|
+
}
|
|
434
|
+
}
|