@nicksakerin/eimzo 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +448 -0
- package/dist/config.d.ts +42 -0
- package/dist/config.d.ts.map +1 -0
- package/dist/config.js +174 -0
- package/dist/config.js.map +1 -0
- package/dist/eimzo.d.ts +14 -0
- package/dist/eimzo.d.ts.map +1 -0
- package/dist/eimzo.js +142 -0
- package/dist/eimzo.js.map +1 -0
- package/dist/errors.d.ts +45 -0
- package/dist/errors.d.ts.map +1 -0
- package/dist/errors.js +45 -0
- package/dist/errors.js.map +1 -0
- package/dist/index.d.ts +8 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +10 -0
- package/dist/index.js.map +1 -0
- package/dist/messages.d.ts +19 -0
- package/dist/messages.d.ts.map +1 -0
- package/dist/messages.js +19 -0
- package/dist/messages.js.map +1 -0
- package/dist/sign/attach.d.ts +11 -0
- package/dist/sign/attach.d.ts.map +1 -0
- package/dist/sign/attach.js +46 -0
- package/dist/sign/attach.js.map +1 -0
- package/dist/sign/getAcceptSignature.d.ts +15 -0
- package/dist/sign/getAcceptSignature.d.ts.map +1 -0
- package/dist/sign/getAcceptSignature.js +90 -0
- package/dist/sign/getAcceptSignature.js.map +1 -0
- package/dist/sign/getSignature.d.ts +12 -0
- package/dist/sign/getSignature.d.ts.map +1 -0
- package/dist/sign/getSignature.js +66 -0
- package/dist/sign/getSignature.js.map +1 -0
- package/dist/sign/index.d.ts +8 -0
- package/dist/sign/index.d.ts.map +1 -0
- package/dist/sign/index.js +8 -0
- package/dist/sign/index.js.map +1 -0
- package/dist/sign/keyLoaders.d.ts +21 -0
- package/dist/sign/keyLoaders.d.ts.map +1 -0
- package/dist/sign/keyLoaders.js +87 -0
- package/dist/sign/keyLoaders.js.map +1 -0
- package/dist/sign/pkcs7.d.ts +33 -0
- package/dist/sign/pkcs7.d.ts.map +1 -0
- package/dist/sign/pkcs7.js +182 -0
- package/dist/sign/pkcs7.js.map +1 -0
- package/dist/sign/sign.d.ts +11 -0
- package/dist/sign/sign.d.ts.map +1 -0
- package/dist/sign/sign.js +42 -0
- package/dist/sign/sign.js.map +1 -0
- package/dist/sign/types.d.ts +48 -0
- package/dist/sign/types.d.ts.map +1 -0
- package/dist/sign/types.js +3 -0
- package/dist/sign/types.js.map +1 -0
- package/dist/types.d.ts +43 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +3 -0
- package/dist/types.js.map +1 -0
- package/dist/utils/parseData.d.ts +13 -0
- package/dist/utils/parseData.d.ts.map +1 -0
- package/dist/utils/parseData.js +96 -0
- package/dist/utils/parseData.js.map +1 -0
- package/package.json +41 -0
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
// Экспорт всех функций подписания
|
|
2
|
+
export { sign } from './sign';
|
|
3
|
+
export { getSignature } from './getSignature';
|
|
4
|
+
export { getAcceptSignature } from './getAcceptSignature';
|
|
5
|
+
export { attach } from './attach';
|
|
6
|
+
export { createPkcs7, attachTimestampToken, appendPkcs7Attached } from './pkcs7';
|
|
7
|
+
export { loadCertkeyKey, loadPfxKey, getPfxKeyId } from './keyLoaders';
|
|
8
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/sign/index.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAElC,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAC9B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAClC,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AACjF,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { Result, EimzoError } from '../errors';
|
|
2
|
+
import { ICert } from '../types';
|
|
3
|
+
/**
|
|
4
|
+
* Загрузить ключ для certkey сертификата
|
|
5
|
+
* @param cert - сертификат типа certkey
|
|
6
|
+
* @returns Result с ID загруженного ключа
|
|
7
|
+
*/
|
|
8
|
+
export declare function loadCertkeyKey(cert: ICert): Promise<Result<string, EimzoError>>;
|
|
9
|
+
/**
|
|
10
|
+
* Получить ID ключа из кэша или загрузить новый для pfx сертификата
|
|
11
|
+
* @param cert - сертификат типа pfx
|
|
12
|
+
* @returns Result с ID ключа
|
|
13
|
+
*/
|
|
14
|
+
export declare function getPfxKeyId(cert: ICert): Promise<Result<string, EimzoError>>;
|
|
15
|
+
/**
|
|
16
|
+
* Загрузить ключ для pfx сертификата
|
|
17
|
+
* @param cert - сертификат типа pfx
|
|
18
|
+
* @returns Result с ID загруженного ключа
|
|
19
|
+
*/
|
|
20
|
+
export declare function loadPfxKey(cert: ICert): Promise<Result<string, EimzoError>>;
|
|
21
|
+
//# sourceMappingURL=keyLoaders.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"keyLoaders.d.ts","sourceRoot":"","sources":["../../src/sign/keyLoaders.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,UAAU,EAA2B,MAAM,WAAW,CAAC;AACxE,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AAGjC;;;;GAIG;AACH,wBAAsB,cAAc,CAClC,IAAI,EAAE,KAAK,GACV,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CAwDrC;AAED;;;;GAIG;AACH,wBAAsB,WAAW,CAAC,IAAI,EAAE,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CAqBlF;AAED;;;;GAIG;AACH,wBAAsB,UAAU,CAAC,IAAI,EAAE,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CA6DjF"}
|
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
// Функции загрузки ключей для подписания
|
|
2
|
+
import { CAPIWS } from '../vendors/e-imzo';
|
|
3
|
+
import { EimzoError, EimzoErrorCode, ok, err } from '../errors';
|
|
4
|
+
import { ERROR_MESSAGES } from '../messages';
|
|
5
|
+
/**
|
|
6
|
+
* Загрузить ключ для certkey сертификата
|
|
7
|
+
* @param cert - сертификат типа certkey
|
|
8
|
+
* @returns Result с ID загруженного ключа
|
|
9
|
+
*/
|
|
10
|
+
export async function loadCertkeyKey(cert) {
|
|
11
|
+
if (cert.type !== 'certkey') {
|
|
12
|
+
return err(new EimzoError(EimzoErrorCode.INVALID_CERTIFICATE_TYPE, ERROR_MESSAGES.INVALID_CERTIFICATE_TYPE, { expected: 'certkey', actual: cert.type }));
|
|
13
|
+
}
|
|
14
|
+
if (!cert.disk || !cert.path || !cert.name || !cert.serialNumber) {
|
|
15
|
+
return err(new EimzoError(EimzoErrorCode.INVALID_PARAMETERS, 'Не указаны обязательные параметры сертификата certkey (disk, path, name, serialNumber)', cert));
|
|
16
|
+
}
|
|
17
|
+
return new Promise((resolve) => {
|
|
18
|
+
CAPIWS.callFunction({
|
|
19
|
+
plugin: 'certkey',
|
|
20
|
+
name: 'load_key',
|
|
21
|
+
arguments: [cert.disk, cert.path, cert.name, cert.serialNumber],
|
|
22
|
+
}, (_event, response) => {
|
|
23
|
+
if (response.success) {
|
|
24
|
+
resolve(ok(response.keyId));
|
|
25
|
+
}
|
|
26
|
+
else {
|
|
27
|
+
resolve(err(new EimzoError(EimzoErrorCode.KEY_LOAD_FAILED, response.reason || ERROR_MESSAGES.KEY_LOAD_FAILED, response)));
|
|
28
|
+
}
|
|
29
|
+
}, (error) => {
|
|
30
|
+
resolve(err(new EimzoError(EimzoErrorCode.KEY_LOAD_FAILED, ERROR_MESSAGES.KEY_LOAD_FAILED, error)));
|
|
31
|
+
});
|
|
32
|
+
});
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Получить ID ключа из кэша или загрузить новый для pfx сертификата
|
|
36
|
+
* @param cert - сертификат типа pfx
|
|
37
|
+
* @returns Result с ID ключа
|
|
38
|
+
*/
|
|
39
|
+
export async function getPfxKeyId(cert) {
|
|
40
|
+
if (cert.type !== 'pfx') {
|
|
41
|
+
return err(new EimzoError(EimzoErrorCode.INVALID_CERTIFICATE_TYPE, ERROR_MESSAGES.INVALID_CERTIFICATE_TYPE, { expected: 'pfx', actual: cert.type }));
|
|
42
|
+
}
|
|
43
|
+
// Проверяем кэш sessionStorage
|
|
44
|
+
if (typeof window !== 'undefined' && cert.serialNumber) {
|
|
45
|
+
const cachedKeyId = window.sessionStorage.getItem(cert.serialNumber);
|
|
46
|
+
if (cachedKeyId) {
|
|
47
|
+
return ok(cachedKeyId);
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
// Если нет в кэше, загружаем ключ
|
|
51
|
+
return loadPfxKey(cert);
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Загрузить ключ для pfx сертификата
|
|
55
|
+
* @param cert - сертификат типа pfx
|
|
56
|
+
* @returns Result с ID загруженного ключа
|
|
57
|
+
*/
|
|
58
|
+
export async function loadPfxKey(cert) {
|
|
59
|
+
if (cert.type !== 'pfx') {
|
|
60
|
+
return err(new EimzoError(EimzoErrorCode.INVALID_CERTIFICATE_TYPE, ERROR_MESSAGES.INVALID_CERTIFICATE_TYPE, { expected: 'pfx', actual: cert.type }));
|
|
61
|
+
}
|
|
62
|
+
if (!cert.disk || cert.path === undefined || !cert.name || !cert.alias) {
|
|
63
|
+
return err(new EimzoError(EimzoErrorCode.INVALID_PARAMETERS, 'Не указаны обязательные параметры сертификата pfx (disk, path, name, alias)', cert));
|
|
64
|
+
}
|
|
65
|
+
return new Promise((resolve) => {
|
|
66
|
+
CAPIWS.callFunction({
|
|
67
|
+
plugin: 'pfx',
|
|
68
|
+
name: 'load_key',
|
|
69
|
+
arguments: [cert.disk, cert.path, cert.name, cert.alias],
|
|
70
|
+
}, (_event, response) => {
|
|
71
|
+
if (response.success) {
|
|
72
|
+
const keyId = response.keyId;
|
|
73
|
+
// Сохраняем в кэш sessionStorage
|
|
74
|
+
if (typeof window !== 'undefined' && cert.serialNumber) {
|
|
75
|
+
window.sessionStorage.setItem(cert.serialNumber, keyId);
|
|
76
|
+
}
|
|
77
|
+
resolve(ok(keyId));
|
|
78
|
+
}
|
|
79
|
+
else {
|
|
80
|
+
resolve(err(new EimzoError(EimzoErrorCode.KEY_LOAD_FAILED, response.reason || ERROR_MESSAGES.KEY_LOAD_FAILED, response)));
|
|
81
|
+
}
|
|
82
|
+
}, (error) => {
|
|
83
|
+
resolve(err(new EimzoError(EimzoErrorCode.KEY_LOAD_FAILED, ERROR_MESSAGES.KEY_LOAD_FAILED, error)));
|
|
84
|
+
});
|
|
85
|
+
});
|
|
86
|
+
}
|
|
87
|
+
//# sourceMappingURL=keyLoaders.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"keyLoaders.js","sourceRoot":"","sources":["../../src/sign/keyLoaders.ts"],"names":[],"mappings":"AAAA,yCAAyC;AAEzC,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAU,UAAU,EAAE,cAAc,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AAExE,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE7C;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAW;IAEX,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE;QAC3B,OAAO,GAAG,CACR,IAAI,UAAU,CACZ,cAAc,CAAC,wBAAwB,EACvC,cAAc,CAAC,wBAAwB,EACvC,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,CAC3C,CACF,CAAC;KACH;IAED,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE;QAChE,OAAO,GAAG,CACR,IAAI,UAAU,CACZ,cAAc,CAAC,kBAAkB,EACjC,wFAAwF,EACxF,IAAI,CACL,CACF,CAAC;KACH;IAED,OAAO,IAAI,OAAO,CAA6B,CAAC,OAAO,EAAE,EAAE;QACzD,MAAM,CAAC,YAAY,CACjB;YACE,MAAM,EAAE,SAAS;YACjB,IAAI,EAAE,UAAU;YAChB,SAAS,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC;SAChE,EACD,CAAC,MAAoB,EAAE,QAAa,EAAE,EAAE;YACtC,IAAI,QAAQ,CAAC,OAAO,EAAE;gBACpB,OAAO,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;aAC7B;iBAAM;gBACL,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,eAAe,EAC9B,QAAQ,CAAC,MAAM,IAAI,cAAc,CAAC,eAAe,EACjD,QAAQ,CACT,CACF,CACF,CAAC;aACH;QACH,CAAC,EACD,CAAC,KAAU,EAAE,EAAE;YACb,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,eAAe,EAC9B,cAAc,CAAC,eAAe,EAC9B,KAAK,CACN,CACF,CACF,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,IAAW;IAC3C,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE;QACvB,OAAO,GAAG,CACR,IAAI,UAAU,CACZ,cAAc,CAAC,wBAAwB,EACvC,cAAc,CAAC,wBAAwB,EACvC,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,CACvC,CACF,CAAC;KACH;IAED,+BAA+B;IAC/B,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,IAAI,CAAC,YAAY,EAAE;QACtD,MAAM,WAAW,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACrE,IAAI,WAAW,EAAE;YACf,OAAO,EAAE,CAAC,WAAW,CAAC,CAAC;SACxB;KACF;IAED,kCAAkC;IAClC,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,IAAW;IAC1C,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE;QACvB,OAAO,GAAG,CACR,IAAI,UAAU,CACZ,cAAc,CAAC,wBAAwB,EACvC,cAAc,CAAC,wBAAwB,EACvC,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,CACvC,CACF,CAAC;KACH;IAED,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;QACtE,OAAO,GAAG,CACR,IAAI,UAAU,CACZ,cAAc,CAAC,kBAAkB,EACjC,6EAA6E,EAC7E,IAAI,CACL,CACF,CAAC;KACH;IAED,OAAO,IAAI,OAAO,CAA6B,CAAC,OAAO,EAAE,EAAE;QACzD,MAAM,CAAC,YAAY,CACjB;YACE,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,UAAU;YAChB,SAAS,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC;SACzD,EACD,CAAC,MAAoB,EAAE,QAAa,EAAE,EAAE;YACtC,IAAI,QAAQ,CAAC,OAAO,EAAE;gBACpB,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;gBAC7B,iCAAiC;gBACjC,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,IAAI,CAAC,YAAY,EAAE;oBACtD,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;iBACzD;gBACD,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;aACpB;iBAAM;gBACL,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,eAAe,EAC9B,QAAQ,CAAC,MAAM,IAAI,cAAc,CAAC,eAAe,EACjD,QAAQ,CACT,CACF,CACF,CAAC;aACH;QACH,CAAC,EACD,CAAC,KAAU,EAAE,EAAE;YACb,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,eAAe,EAC9B,cAAc,CAAC,eAAe,EAC9B,KAAK,CACN,CACF,CACF,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import { Result, EimzoError } from '../errors';
|
|
2
|
+
/**
|
|
3
|
+
* Создать PKCS7 подпись
|
|
4
|
+
* @param keyId - ID ключа для подписания
|
|
5
|
+
* @param data - данные для подписания (в base64 или обычная строка)
|
|
6
|
+
* @param isBase64 - флаг, указывающий что данные уже в base64
|
|
7
|
+
* @param useTimestamp - использовать ли временную метку
|
|
8
|
+
* @returns Result с PKCS7 подписью в base64
|
|
9
|
+
*/
|
|
10
|
+
export declare function createPkcs7(keyId: string, data: string, isBase64?: boolean, useTimestamp?: boolean): Promise<Result<{
|
|
11
|
+
pkcs7: string;
|
|
12
|
+
signerSerialNumber?: string;
|
|
13
|
+
}, EimzoError>>;
|
|
14
|
+
/**
|
|
15
|
+
* Присоединить timestamp токен к PKCS7 подписи
|
|
16
|
+
* @param pkcs7 - PKCS7 подпись в base64
|
|
17
|
+
* @param signerSerialNumber - серийный номер подписанта
|
|
18
|
+
* @param timestampToken - timestamp токен в base64
|
|
19
|
+
* @returns Result с PKCS7 подписью с timestamp в base64
|
|
20
|
+
*/
|
|
21
|
+
export declare function attachTimestampToken(pkcs7: string, signerSerialNumber: string, timestampToken: string): Promise<Result<string, EimzoError>>;
|
|
22
|
+
/**
|
|
23
|
+
* Присоединить подпись к существующей PKCS7 подписи
|
|
24
|
+
* @param keyId - ID ключа для подписания
|
|
25
|
+
* @param existingPkcs7 - существующая PKCS7 подпись в base64
|
|
26
|
+
* @param useTimestamp - использовать ли временную метку
|
|
27
|
+
* @returns Result с PKCS7 подписью в base64
|
|
28
|
+
*/
|
|
29
|
+
export declare function appendPkcs7Attached(keyId: string, existingPkcs7: string, useTimestamp?: boolean): Promise<Result<{
|
|
30
|
+
pkcs7: string;
|
|
31
|
+
signerSerialNumber?: string;
|
|
32
|
+
}, EimzoError>>;
|
|
33
|
+
//# sourceMappingURL=pkcs7.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pkcs7.d.ts","sourceRoot":"","sources":["../../src/sign/pkcs7.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,UAAU,EAA2B,MAAM,WAAW,CAAC;AAIxE;;;;;;;GAOG;AACH,wBAAsB,WAAW,CAC/B,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,QAAQ,CAAC,EAAE,OAAO,EAClB,YAAY,CAAC,EAAE,OAAO,GACrB,OAAO,CAAC,MAAM,CAAC;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,kBAAkB,CAAC,EAAE,MAAM,CAAA;CAAE,EAAE,UAAU,CAAC,CAAC,CAqH7E;AAED;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE,MAAM,EACb,kBAAkB,EAAE,MAAM,EAC1B,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CAoCrC;AAED;;;;;;GAMG;AACH,wBAAsB,mBAAmB,CACvC,KAAK,EAAE,MAAM,EACb,aAAa,EAAE,MAAM,EACrB,YAAY,CAAC,EAAE,OAAO,GACrB,OAAO,CAAC,MAAM,CAAC;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,kBAAkB,CAAC,EAAE,MAAM,CAAA;CAAE,EAAE,UAAU,CAAC,CAAC,CAgH7E"}
|
|
@@ -0,0 +1,182 @@
|
|
|
1
|
+
// Функции работы с PKCS7 подписями
|
|
2
|
+
import { CAPIWS } from '../vendors/e-imzo';
|
|
3
|
+
import { EimzoError, EimzoErrorCode, ok, err } from '../errors';
|
|
4
|
+
import { getTimestamper } from '../config';
|
|
5
|
+
import { ERROR_MESSAGES } from '../messages';
|
|
6
|
+
/**
|
|
7
|
+
* Создать PKCS7 подпись
|
|
8
|
+
* @param keyId - ID ключа для подписания
|
|
9
|
+
* @param data - данные для подписания (в base64 или обычная строка)
|
|
10
|
+
* @param isBase64 - флаг, указывающий что данные уже в base64
|
|
11
|
+
* @param useTimestamp - использовать ли временную метку
|
|
12
|
+
* @returns Result с PKCS7 подписью в base64
|
|
13
|
+
*/
|
|
14
|
+
export async function createPkcs7(keyId, data, isBase64, useTimestamp) {
|
|
15
|
+
return new Promise((resolve) => {
|
|
16
|
+
// Преобразуем данные в base64, если нужно
|
|
17
|
+
const dataBase64 = !isBase64
|
|
18
|
+
? btoa(unescape(encodeURIComponent(data)))
|
|
19
|
+
: data;
|
|
20
|
+
CAPIWS.callFunction({
|
|
21
|
+
plugin: 'pkcs7',
|
|
22
|
+
name: 'create_pkcs7',
|
|
23
|
+
arguments: [dataBase64, keyId, 'no'],
|
|
24
|
+
}, (_event, response) => {
|
|
25
|
+
if (response.success) {
|
|
26
|
+
const pkcs7 = response.pkcs7_64;
|
|
27
|
+
const signerSerialNumber = response.signer_serial_number;
|
|
28
|
+
// Если нужно добавить timestamp
|
|
29
|
+
if (useTimestamp) {
|
|
30
|
+
const timestamper = getTimestamper();
|
|
31
|
+
if (timestamper) {
|
|
32
|
+
timestamper(response.signature_hex, pkcs7, (tst) => {
|
|
33
|
+
if (tst.isAttachedPkcs7) {
|
|
34
|
+
resolve(ok({
|
|
35
|
+
pkcs7: tst.timeStampTokenB64,
|
|
36
|
+
signerSerialNumber,
|
|
37
|
+
}));
|
|
38
|
+
}
|
|
39
|
+
else {
|
|
40
|
+
// Присоединяем timestamp токен
|
|
41
|
+
attachTimestampToken(pkcs7, signerSerialNumber, tst.timeStampTokenB64)
|
|
42
|
+
.then((result) => {
|
|
43
|
+
if (result.success) {
|
|
44
|
+
resolve(ok({
|
|
45
|
+
pkcs7: result.data,
|
|
46
|
+
signerSerialNumber,
|
|
47
|
+
}));
|
|
48
|
+
}
|
|
49
|
+
else {
|
|
50
|
+
resolve(err(result.success ? undefined : result.error));
|
|
51
|
+
}
|
|
52
|
+
})
|
|
53
|
+
.catch((error) => {
|
|
54
|
+
resolve(err(new EimzoError(EimzoErrorCode.TIMESTAMP_ATTACH_FAILED, ERROR_MESSAGES.TIMESTAMP_ATTACH_FAILED, error)));
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
}, (error) => {
|
|
58
|
+
resolve(err(new EimzoError(EimzoErrorCode.TIMESTAMP_ERROR, ERROR_MESSAGES.TIMESTAMP_ATTACH_FAILED, error)));
|
|
59
|
+
});
|
|
60
|
+
}
|
|
61
|
+
else {
|
|
62
|
+
// Timestamp не настроен, возвращаем подпись без timestamp
|
|
63
|
+
resolve(ok({
|
|
64
|
+
pkcs7,
|
|
65
|
+
signerSerialNumber,
|
|
66
|
+
}));
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
else {
|
|
70
|
+
resolve(ok({
|
|
71
|
+
pkcs7,
|
|
72
|
+
signerSerialNumber,
|
|
73
|
+
}));
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
else {
|
|
77
|
+
resolve(err(new EimzoError(EimzoErrorCode.SIGNATURE_CREATION_FAILED, response.reason || ERROR_MESSAGES.SIGNATURE_CREATION_FAILED, response)));
|
|
78
|
+
}
|
|
79
|
+
}, (error) => {
|
|
80
|
+
resolve(err(new EimzoError(EimzoErrorCode.SIGNATURE_CREATION_FAILED, ERROR_MESSAGES.SIGNATURE_CREATION_FAILED, error)));
|
|
81
|
+
});
|
|
82
|
+
});
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Присоединить timestamp токен к PKCS7 подписи
|
|
86
|
+
* @param pkcs7 - PKCS7 подпись в base64
|
|
87
|
+
* @param signerSerialNumber - серийный номер подписанта
|
|
88
|
+
* @param timestampToken - timestamp токен в base64
|
|
89
|
+
* @returns Result с PKCS7 подписью с timestamp в base64
|
|
90
|
+
*/
|
|
91
|
+
export async function attachTimestampToken(pkcs7, signerSerialNumber, timestampToken) {
|
|
92
|
+
return new Promise((resolve) => {
|
|
93
|
+
CAPIWS.callFunction({
|
|
94
|
+
plugin: 'pkcs7',
|
|
95
|
+
name: 'attach_timestamp_token_pkcs7',
|
|
96
|
+
arguments: [pkcs7, signerSerialNumber, timestampToken],
|
|
97
|
+
}, (_event, response) => {
|
|
98
|
+
if (response.success) {
|
|
99
|
+
resolve(ok(response.pkcs7_64));
|
|
100
|
+
}
|
|
101
|
+
else {
|
|
102
|
+
resolve(err(new EimzoError(EimzoErrorCode.TIMESTAMP_ATTACH_FAILED, response.reason || ERROR_MESSAGES.TIMESTAMP_ATTACH_FAILED, response)));
|
|
103
|
+
}
|
|
104
|
+
}, (error) => {
|
|
105
|
+
resolve(err(new EimzoError(EimzoErrorCode.TIMESTAMP_ATTACH_FAILED, ERROR_MESSAGES.TIMESTAMP_ATTACH_FAILED, error)));
|
|
106
|
+
});
|
|
107
|
+
});
|
|
108
|
+
}
|
|
109
|
+
/**
|
|
110
|
+
* Присоединить подпись к существующей PKCS7 подписи
|
|
111
|
+
* @param keyId - ID ключа для подписания
|
|
112
|
+
* @param existingPkcs7 - существующая PKCS7 подпись в base64
|
|
113
|
+
* @param useTimestamp - использовать ли временную метку
|
|
114
|
+
* @returns Result с PKCS7 подписью в base64
|
|
115
|
+
*/
|
|
116
|
+
export async function appendPkcs7Attached(keyId, existingPkcs7, useTimestamp) {
|
|
117
|
+
return new Promise((resolve) => {
|
|
118
|
+
CAPIWS.callFunction({
|
|
119
|
+
plugin: 'pkcs7',
|
|
120
|
+
name: 'append_pkcs7_attached',
|
|
121
|
+
arguments: [existingPkcs7, keyId],
|
|
122
|
+
}, (_event, response) => {
|
|
123
|
+
if (response.success) {
|
|
124
|
+
const pkcs7 = response.pkcs7_64;
|
|
125
|
+
const signerSerialNumber = response.signer_serial_number;
|
|
126
|
+
// Если нужно добавить timestamp
|
|
127
|
+
if (useTimestamp) {
|
|
128
|
+
const timestamper = getTimestamper();
|
|
129
|
+
if (timestamper) {
|
|
130
|
+
timestamper(response.signature_hex, pkcs7, (tst) => {
|
|
131
|
+
if (tst.isAttachedPkcs7) {
|
|
132
|
+
resolve(ok({
|
|
133
|
+
pkcs7: tst.timeStampTokenB64,
|
|
134
|
+
signerSerialNumber,
|
|
135
|
+
}));
|
|
136
|
+
}
|
|
137
|
+
else {
|
|
138
|
+
// Присоединяем timestamp токен
|
|
139
|
+
attachTimestampToken(pkcs7, signerSerialNumber, tst.timeStampTokenB64)
|
|
140
|
+
.then((result) => {
|
|
141
|
+
if (result.success) {
|
|
142
|
+
resolve(ok({
|
|
143
|
+
pkcs7: result.data,
|
|
144
|
+
signerSerialNumber,
|
|
145
|
+
}));
|
|
146
|
+
}
|
|
147
|
+
else {
|
|
148
|
+
resolve(err(result.success ? undefined : result.error));
|
|
149
|
+
}
|
|
150
|
+
})
|
|
151
|
+
.catch((error) => {
|
|
152
|
+
resolve(err(new EimzoError(EimzoErrorCode.TIMESTAMP_ATTACH_FAILED, ERROR_MESSAGES.TIMESTAMP_ATTACH_FAILED, error)));
|
|
153
|
+
});
|
|
154
|
+
}
|
|
155
|
+
}, (error) => {
|
|
156
|
+
resolve(err(new EimzoError(EimzoErrorCode.TIMESTAMP_ERROR, ERROR_MESSAGES.TIMESTAMP_ATTACH_FAILED, error)));
|
|
157
|
+
});
|
|
158
|
+
}
|
|
159
|
+
else {
|
|
160
|
+
// Timestamp не настроен, возвращаем подпись без timestamp
|
|
161
|
+
resolve(ok({
|
|
162
|
+
pkcs7,
|
|
163
|
+
signerSerialNumber,
|
|
164
|
+
}));
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
else {
|
|
168
|
+
resolve(ok({
|
|
169
|
+
pkcs7,
|
|
170
|
+
signerSerialNumber,
|
|
171
|
+
}));
|
|
172
|
+
}
|
|
173
|
+
}
|
|
174
|
+
else {
|
|
175
|
+
resolve(err(new EimzoError(EimzoErrorCode.SIGNATURE_CREATION_FAILED, response.reason || ERROR_MESSAGES.SIGNATURE_CREATION_FAILED, response)));
|
|
176
|
+
}
|
|
177
|
+
}, (error) => {
|
|
178
|
+
resolve(err(new EimzoError(EimzoErrorCode.SIGNATURE_CREATION_FAILED, ERROR_MESSAGES.SIGNATURE_CREATION_FAILED, error)));
|
|
179
|
+
});
|
|
180
|
+
});
|
|
181
|
+
}
|
|
182
|
+
//# sourceMappingURL=pkcs7.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pkcs7.js","sourceRoot":"","sources":["../../src/sign/pkcs7.ts"],"names":[],"mappings":"AAAA,mCAAmC;AAEnC,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAU,UAAU,EAAE,cAAc,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE7C;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,KAAa,EACb,IAAY,EACZ,QAAkB,EAClB,YAAsB;IAEtB,OAAO,IAAI,OAAO,CAChB,CAAC,OAAO,EAAE,EAAE;QACV,0CAA0C;QAC1C,MAAM,UAAU,GAAG,CAAC,QAAQ;YAC1B,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;YAC1C,CAAC,CAAC,IAAI,CAAC;QAET,MAAM,CAAC,YAAY,CACjB;YACE,MAAM,EAAE,OAAO;YACf,IAAI,EAAE,cAAc;YACpB,SAAS,EAAE,CAAC,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC;SACrC,EACD,CAAC,MAAoB,EAAE,QAAa,EAAE,EAAE;YACtC,IAAI,QAAQ,CAAC,OAAO,EAAE;gBACpB,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC;gBAChC,MAAM,kBAAkB,GAAG,QAAQ,CAAC,oBAAoB,CAAC;gBAEzD,gCAAgC;gBAChC,IAAI,YAAY,EAAE;oBAChB,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;oBACrC,IAAI,WAAW,EAAE;wBACf,WAAW,CACT,QAAQ,CAAC,aAAa,EACtB,KAAK,EACL,CAAC,GAAG,EAAE,EAAE;4BACN,IAAI,GAAG,CAAC,eAAe,EAAE;gCACvB,OAAO,CACL,EAAE,CAAC;oCACD,KAAK,EAAE,GAAG,CAAC,iBAAiB;oCAC5B,kBAAkB;iCACnB,CAAC,CACH,CAAC;6BACH;iCAAM;gCACL,+BAA+B;gCAC/B,oBAAoB,CAAC,KAAK,EAAE,kBAAkB,EAAE,GAAG,CAAC,iBAAiB,CAAC;qCACnE,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;oCACf,IAAI,MAAM,CAAC,OAAO,EAAE;wCAClB,OAAO,CACL,EAAE,CAAC;4CACD,KAAK,EAAE,MAAM,CAAC,IAAI;4CAClB,kBAAkB;yCACnB,CAAC,CACH,CAAC;qCACH;yCAAM;wCACL,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,SAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;qCAChE;gCACH,CAAC,CAAC;qCACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;oCACf,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,uBAAuB,EACtC,cAAc,CAAC,uBAAuB,EACtC,KAAK,CACN,CACF,CACF,CAAC;gCACJ,CAAC,CAAC,CAAC;6BACN;wBACH,CAAC,EACD,CAAC,KAAK,EAAE,EAAE;4BACR,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,eAAe,EAC9B,cAAc,CAAC,uBAAuB,EACtC,KAAK,CACN,CACF,CACF,CAAC;wBACJ,CAAC,CACF,CAAC;qBACH;yBAAM;wBACL,0DAA0D;wBAC1D,OAAO,CACL,EAAE,CAAC;4BACD,KAAK;4BACL,kBAAkB;yBACnB,CAAC,CACH,CAAC;qBACH;iBACF;qBAAM;oBACL,OAAO,CACL,EAAE,CAAC;wBACD,KAAK;wBACL,kBAAkB;qBACnB,CAAC,CACH,CAAC;iBACH;aACF;iBAAM;gBACL,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,yBAAyB,EACxC,QAAQ,CAAC,MAAM,IAAI,cAAc,CAAC,yBAAyB,EAC3D,QAAQ,CACT,CACF,CACF,CAAC;aACH;QACH,CAAC,EACD,CAAC,KAAU,EAAE,EAAE;YACb,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,yBAAyB,EACxC,cAAc,CAAC,yBAAyB,EACxC,KAAK,CACN,CACF,CACF,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC,CACF,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,KAAa,EACb,kBAA0B,EAC1B,cAAsB;IAEtB,OAAO,IAAI,OAAO,CAA6B,CAAC,OAAO,EAAE,EAAE;QACzD,MAAM,CAAC,YAAY,CACjB;YACE,MAAM,EAAE,OAAO;YACf,IAAI,EAAE,8BAA8B;YACpC,SAAS,EAAE,CAAC,KAAK,EAAE,kBAAkB,EAAE,cAAc,CAAC;SACvD,EACD,CAAC,MAAoB,EAAE,QAAa,EAAE,EAAE;YACtC,IAAI,QAAQ,CAAC,OAAO,EAAE;gBACpB,OAAO,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;aAChC;iBAAM;gBACL,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,uBAAuB,EACtC,QAAQ,CAAC,MAAM,IAAI,cAAc,CAAC,uBAAuB,EACzD,QAAQ,CACT,CACF,CACF,CAAC;aACH;QACH,CAAC,EACD,CAAC,KAAU,EAAE,EAAE;YACb,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,uBAAuB,EACtC,cAAc,CAAC,uBAAuB,EACtC,KAAK,CACN,CACF,CACF,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,KAAa,EACb,aAAqB,EACrB,YAAsB;IAEtB,OAAO,IAAI,OAAO,CAChB,CAAC,OAAO,EAAE,EAAE;QACV,MAAM,CAAC,YAAY,CACjB;YACE,MAAM,EAAE,OAAO;YACf,IAAI,EAAE,uBAAuB;YAC7B,SAAS,EAAE,CAAC,aAAa,EAAE,KAAK,CAAC;SAClC,EACD,CAAC,MAAoB,EAAE,QAAa,EAAE,EAAE;YACtC,IAAI,QAAQ,CAAC,OAAO,EAAE;gBACpB,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC;gBAChC,MAAM,kBAAkB,GAAG,QAAQ,CAAC,oBAAoB,CAAC;gBAEzD,gCAAgC;gBAChC,IAAI,YAAY,EAAE;oBAChB,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;oBACrC,IAAI,WAAW,EAAE;wBACf,WAAW,CACT,QAAQ,CAAC,aAAa,EACtB,KAAK,EACL,CAAC,GAAG,EAAE,EAAE;4BACN,IAAI,GAAG,CAAC,eAAe,EAAE;gCACvB,OAAO,CACL,EAAE,CAAC;oCACD,KAAK,EAAE,GAAG,CAAC,iBAAiB;oCAC5B,kBAAkB;iCACnB,CAAC,CACH,CAAC;6BACH;iCAAM;gCACL,+BAA+B;gCAC/B,oBAAoB,CAAC,KAAK,EAAE,kBAAkB,EAAE,GAAG,CAAC,iBAAiB,CAAC;qCACnE,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;oCACf,IAAI,MAAM,CAAC,OAAO,EAAE;wCAClB,OAAO,CACL,EAAE,CAAC;4CACD,KAAK,EAAE,MAAM,CAAC,IAAI;4CAClB,kBAAkB;yCACnB,CAAC,CACH,CAAC;qCACH;yCAAM;wCACL,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,SAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;qCAChE;gCACH,CAAC,CAAC;qCACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;oCACf,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,uBAAuB,EACtC,cAAc,CAAC,uBAAuB,EACtC,KAAK,CACN,CACF,CACF,CAAC;gCACJ,CAAC,CAAC,CAAC;6BACN;wBACH,CAAC,EACD,CAAC,KAAK,EAAE,EAAE;4BACR,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,eAAe,EAC9B,cAAc,CAAC,uBAAuB,EACtC,KAAK,CACN,CACF,CACF,CAAC;wBACJ,CAAC,CACF,CAAC;qBACH;yBAAM;wBACL,0DAA0D;wBAC1D,OAAO,CACL,EAAE,CAAC;4BACD,KAAK;4BACL,kBAAkB;yBACnB,CAAC,CACH,CAAC;qBACH;iBACF;qBAAM;oBACL,OAAO,CACL,EAAE,CAAC;wBACD,KAAK;wBACL,kBAAkB;qBACnB,CAAC,CACH,CAAC;iBACH;aACF;iBAAM;gBACL,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,yBAAyB,EACxC,QAAQ,CAAC,MAAM,IAAI,cAAc,CAAC,yBAAyB,EAC3D,QAAQ,CACT,CACF,CACF,CAAC;aACH;QACH,CAAC,EACD,CAAC,KAAU,EAAE,EAAE;YACb,OAAO,CACL,GAAG,CACD,IAAI,UAAU,CACZ,cAAc,CAAC,yBAAyB,EACxC,cAAc,CAAC,yBAAyB,EACxC,KAAK,CACN,CACF,CACF,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC,CACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { Result, EimzoError } from '../errors';
|
|
2
|
+
import { Signer, SignOptions, SignResult } from './types';
|
|
3
|
+
/**
|
|
4
|
+
* Подписать данные
|
|
5
|
+
* @param data - данные для подписания
|
|
6
|
+
* @param signer - опциональный сертификат или USB-токен ('idcard'/'ckc')
|
|
7
|
+
* @param options - опции подписания
|
|
8
|
+
* @returns Result с подписью в формате PKCS7 base64
|
|
9
|
+
*/
|
|
10
|
+
export declare function sign(data: string, signer?: Signer, options?: SignOptions): Promise<Result<SignResult, EimzoError>>;
|
|
11
|
+
//# sourceMappingURL=sign.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../../src/sign/sign.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,MAAM,EAAE,UAAU,EAAuB,MAAM,WAAW,CAAC;AAIpE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAG1D;;;;;;GAMG;AACH,wBAAsB,IAAI,CACxB,IAAI,EAAE,MAAM,EACZ,MAAM,CAAC,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CA0CzC"}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
// Основная функция подписания
|
|
2
|
+
import { EimzoError, EimzoErrorCode, err } from '../errors';
|
|
3
|
+
import { getAllCertificates } from '../eimzo';
|
|
4
|
+
import { getDefaultKeyId } from '../config';
|
|
5
|
+
import { ERROR_MESSAGES } from '../messages';
|
|
6
|
+
import { getSignature } from './getSignature';
|
|
7
|
+
/**
|
|
8
|
+
* Подписать данные
|
|
9
|
+
* @param data - данные для подписания
|
|
10
|
+
* @param signer - опциональный сертификат или USB-токен ('idcard'/'ckc')
|
|
11
|
+
* @param options - опции подписания
|
|
12
|
+
* @returns Result с подписью в формате PKCS7 base64
|
|
13
|
+
*/
|
|
14
|
+
export async function sign(data, signer, options) {
|
|
15
|
+
// Если сертификат/ключ не передан, пытаемся использовать сохраненный идентификатор
|
|
16
|
+
if (!signer) {
|
|
17
|
+
const defaultKeyId = getDefaultKeyId();
|
|
18
|
+
if (!defaultKeyId) {
|
|
19
|
+
return err(new EimzoError(EimzoErrorCode.INVALID_PARAMETERS, ERROR_MESSAGES.NO_KEY_IDENTIFIER));
|
|
20
|
+
}
|
|
21
|
+
// Проверяем тип идентификатора
|
|
22
|
+
if (defaultKeyId === 'idcard' || defaultKeyId === 'ckc') {
|
|
23
|
+
// Для USB-токенов используем идентификатор напрямую
|
|
24
|
+
signer = defaultKeyId;
|
|
25
|
+
}
|
|
26
|
+
else {
|
|
27
|
+
// Для сертификатов получаем по ИНН
|
|
28
|
+
const certsResult = await getAllCertificates(defaultKeyId);
|
|
29
|
+
if (!certsResult.success) {
|
|
30
|
+
return err(certsResult.error);
|
|
31
|
+
}
|
|
32
|
+
if (certsResult.data.length === 0) {
|
|
33
|
+
return err(new EimzoError(EimzoErrorCode.CERTIFICATE_NOT_FOUND, ERROR_MESSAGES.CERTIFICATE_NOT_SELECTED, { keyId: defaultKeyId }));
|
|
34
|
+
}
|
|
35
|
+
// Берем первый не просроченный сертификат
|
|
36
|
+
signer = certsResult.data[0];
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
// Создаем подпись
|
|
40
|
+
return getSignature(signer, data, options);
|
|
41
|
+
}
|
|
42
|
+
//# sourceMappingURL=sign.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sign.js","sourceRoot":"","sources":["../../src/sign/sign.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAE9B,OAAO,EAAU,UAAU,EAAE,cAAc,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AACpE,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAC5C,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE7C,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,IAAI,CACxB,IAAY,EACZ,MAAe,EACf,OAAqB;IAErB,mFAAmF;IACnF,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;QAEvC,IAAI,CAAC,YAAY,EAAE;YACjB,OAAO,GAAG,CACR,IAAI,UAAU,CACZ,cAAc,CAAC,kBAAkB,EACjC,cAAc,CAAC,iBAAiB,CACjC,CACF,CAAC;SACH;QAED,+BAA+B;QAC/B,IAAI,YAAY,KAAK,QAAQ,IAAI,YAAY,KAAK,KAAK,EAAE;YACvD,oDAAoD;YACpD,MAAM,GAAG,YAAY,CAAC;SACvB;aAAM;YACL,mCAAmC;YACnC,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,YAAY,CAAC,CAAC;YAC3D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE;gBACxB,OAAO,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;aAC/B;YAED,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;gBACjC,OAAO,GAAG,CACR,IAAI,UAAU,CACZ,cAAc,CAAC,qBAAqB,EACpC,cAAc,CAAC,wBAAwB,EACvC,EAAE,KAAK,EAAE,YAAY,EAAE,CACxB,CACF,CAAC;aACH;YAED,0CAA0C;YAC1C,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;SAC9B;KACF;IAED,kBAAkB;IAClB,OAAO,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;AAC7C,CAAC"}
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
import { ICert } from '../types';
|
|
2
|
+
import { Result, EimzoError } from '../errors';
|
|
3
|
+
/**
|
|
4
|
+
* Опции для функции подписания
|
|
5
|
+
*/
|
|
6
|
+
export interface SignOptions {
|
|
7
|
+
isBase64?: boolean;
|
|
8
|
+
useTimestamp?: boolean;
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Результат подписания
|
|
12
|
+
*/
|
|
13
|
+
export interface SignResult {
|
|
14
|
+
signature: string;
|
|
15
|
+
signerSerialNumber?: string;
|
|
16
|
+
}
|
|
17
|
+
/**
|
|
18
|
+
* Тип для идентификатора ключа (ИНН или USB-токен)
|
|
19
|
+
*/
|
|
20
|
+
export type KeyIdentifier = string | 'idcard' | 'ckc';
|
|
21
|
+
/**
|
|
22
|
+
* Тип для сертификата или USB-токена
|
|
23
|
+
*/
|
|
24
|
+
export type Signer = ICert | 'idcard' | 'ckc';
|
|
25
|
+
/**
|
|
26
|
+
* Тип функции для объединения подписей (для idcard/ckc с originalString)
|
|
27
|
+
*/
|
|
28
|
+
export type JoinSignaturesFunction = (existingPkcs7: string, newSignature: string) => Promise<Result<{
|
|
29
|
+
pkcs7B64: string;
|
|
30
|
+
}, EimzoError>>;
|
|
31
|
+
/**
|
|
32
|
+
* Опции для функции attach
|
|
33
|
+
*/
|
|
34
|
+
export interface AttachOptions extends SignOptions {
|
|
35
|
+
/**
|
|
36
|
+
* Оригинальная строка для подписания (используется для idcard/ckc)
|
|
37
|
+
*/
|
|
38
|
+
originalString?: string;
|
|
39
|
+
/**
|
|
40
|
+
* Игнорировать поиск сертификата и использовать переданный
|
|
41
|
+
*/
|
|
42
|
+
ignoreSearch?: boolean;
|
|
43
|
+
/**
|
|
44
|
+
* Функция для объединения подписей (для idcard/ckc с originalString)
|
|
45
|
+
*/
|
|
46
|
+
joinSignatures?: JoinSignaturesFunction;
|
|
47
|
+
}
|
|
48
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/sign/types.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAE/C;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEtD;;GAEG;AACH,MAAM,MAAM,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE9C;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAAG,CACnC,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,MAAM,KACjB,OAAO,CAAC,MAAM,CAAC;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,EAAE,UAAU,CAAC,CAAC,CAAC;AAEvD;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,WAAW;IAChD;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;OAEG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB;;OAEG;IACH,cAAc,CAAC,EAAE,sBAAsB,CAAC;CACzC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/sign/types.ts"],"names":[],"mappings":"AAAA,8BAA8B"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Интерфейс сертификата
|
|
3
|
+
*/
|
|
4
|
+
export interface ICert {
|
|
5
|
+
inn: string;
|
|
6
|
+
serialNumber: string;
|
|
7
|
+
parsedAlias?: {
|
|
8
|
+
cn: string;
|
|
9
|
+
o: string;
|
|
10
|
+
validto: string;
|
|
11
|
+
['1.2.860.3.16.1.2']?: string;
|
|
12
|
+
};
|
|
13
|
+
overdue?: boolean;
|
|
14
|
+
type?: 'certkey' | 'pfx' | 'idcard' | 'ckc';
|
|
15
|
+
disk?: string;
|
|
16
|
+
path?: string;
|
|
17
|
+
name?: string;
|
|
18
|
+
alias?: string;
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Конфигурация для инициализации EIMZO
|
|
22
|
+
*/
|
|
23
|
+
export interface EimzoConfig {
|
|
24
|
+
domainAndKey?: string[];
|
|
25
|
+
timestamper?: TimestamperFunction;
|
|
26
|
+
}
|
|
27
|
+
/**
|
|
28
|
+
* Тип функции для получения временной метки (timestamper)
|
|
29
|
+
*/
|
|
30
|
+
export interface TimestampResponse {
|
|
31
|
+
success: boolean;
|
|
32
|
+
isAttachedPkcs7: boolean;
|
|
33
|
+
timeStampTokenB64: string;
|
|
34
|
+
reason?: string;
|
|
35
|
+
}
|
|
36
|
+
export type TimestamperFunction = (signatureHex: string, pkcs7: string, callback: (args: TimestampResponse) => void, onReject: (args: any) => void) => void;
|
|
37
|
+
/**
|
|
38
|
+
* Результат получения списка сертификатов
|
|
39
|
+
*/
|
|
40
|
+
export interface IGetCertsRes {
|
|
41
|
+
certificates: ICert[];
|
|
42
|
+
}
|
|
43
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,WAAW,KAAK;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE;QACZ,EAAE,EAAE,MAAM,CAAC;QACX,CAAC,EAAE,MAAM,CAAC;QACV,OAAO,EAAE,MAAM,CAAC;QAChB,CAAC,kBAAkB,CAAC,CAAC,EAAE,MAAM,CAAC;KAC/B,CAAC;IACF,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,IAAI,CAAC,EAAE,SAAS,GAAG,KAAK,GAAG,QAAQ,GAAG,KAAK,CAAC;IAC5C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,WAAW,CAAC,EAAE,mBAAmB,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,eAAe,EAAE,OAAO,CAAC;IACzB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,mBAAmB,GAAG,CAChC,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,CAAC,IAAI,EAAE,iBAAiB,KAAK,IAAI,EAC3C,QAAQ,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,IAAI,KAC1B,IAAI,CAAC;AAEV;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,YAAY,EAAE,KAAK,EAAE,CAAC;CACvB"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,yCAAyC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { ICert } from '../types';
|
|
2
|
+
/**
|
|
3
|
+
* Парсинг данных сертификатов
|
|
4
|
+
* @param data - массив сырых данных сертификатов
|
|
5
|
+
* @param type - тип сертификата ('pfx' или 'certkey')
|
|
6
|
+
* @returns массив распарсенных сертификатов
|
|
7
|
+
*/
|
|
8
|
+
export declare function parseData(data: any[], type: 'pfx' | 'certkey'): ICert[];
|
|
9
|
+
/**
|
|
10
|
+
* Парсинг даты из формата DD.MM.YYYY
|
|
11
|
+
*/
|
|
12
|
+
export declare function parseValidDate(date: string): Date;
|
|
13
|
+
//# sourceMappingURL=parseData.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parseData.d.ts","sourceRoot":"","sources":["../../src/utils/parseData.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AA8BjC;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,KAAK,GAAG,SAAS,GAAG,KAAK,EAAE,CA6DvE;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CASjD"}
|