web-pki 2.14.4 → 2.15.0

package/lacuna-web-pki.d.ts

@@ -341,7 +341,9 @@ export declare class LacunaWebPKI {
 		/** The Array of Base64 encoded hashes to be signed. */
 		batch: string[],
 		/** The digest algorithm identifier of the hashes on `batch` parameter. It can be the algorithm name or OID (i.e. `'SHA-256'` or `'2.16.840.1.101.3.4.2.1'`). */
-		digestAlgorithm: string
+		digestAlgorithm: string,
+		/** Set to be able to call [[preauthorizeSignatures]] in order to call [[signHashBatch]] multiple times.*/
+		usePreauthorizedSignatures?: boolean
 	}): Promise<SignHashBatchResponse>;
 
 	/**************************************************************
@@ -530,6 +532,9 @@ export declare class LacunaWebPKI {
 		/** The PDF signature policy. */
 		policy: LacunaWebPKI.PadesPolicies,
 
+		/** A timestamp requester for signature policies which require timestamping */
+		timestampRequester?: TimestampRequester,
+
 		/** An optional signer certificate validation level to execute. Default is a signer certificate full validation. */
 		certificateValidationLevel?: LacunaWebPKI.CertificateValidationLevels
 	}): Promise<PdfSignResult>;
@@ -576,6 +581,9 @@ export declare class LacunaWebPKI {
 		/** The CAdES signature policy. */
 		policy: LacunaWebPKI.CadesPolicies,
 
+		/** A timestamp requester for signature policies which require timestamping */
+		timestampRequester?: TimestampRequester,
+
 		/** An optional signer certificate validation level to execute. Default is a signer certificate full validation. */
 		certificateValidationLevel?: LacunaWebPKI.CertificateValidationLevels
 	}): Promise<CadesSignResult>;
@@ -607,6 +615,9 @@ export declare class LacunaWebPKI {
 		/** The XML signature policy. */
 		policy: LacunaWebPKI.XmlPolicies,
 
+		/** A timestamp requester parameters for signature policies which require timestamping */
+		timestampRequester?: TimestampRequester,
+
 		/** An optional signer certificate validation level to execute. Default is a signer certificate full validation. */
 		certificateValidationLevel?: LacunaWebPKI.CertificateValidationLevels,
 
@@ -639,7 +650,7 @@ export declare class LacunaWebPKI {
 		idResolutionTable?: XmlIdResolutionTableModel
 
 		/** The selected XML [[FileModel.id]], as returned by [[showFileBrowser]] method. */
-		fileId: string,
+		fileId?: string,
 
 		/** The signer certificate thumbprint. Available in [[CertificateModel.thumbprint]] property returned by [[listCertificates]] method. */
 		certificateThumbprint: string,
@@ -659,6 +670,9 @@ export declare class LacunaWebPKI {
 		/** The XML signature policy. */
 		policy: LacunaWebPKI.XmlPolicies,
 
+		/** A timestamp requester for signature policies which require timestamping */
+		timestampRequester?: TimestampRequester,
+
 		/** An optional signer certificate validation level to execute. Default is a signer certificate full validation. */
 		certificateValidationLevel?: LacunaWebPKI.CertificateValidationLevels,
 
@@ -678,7 +692,10 @@ export declare class LacunaWebPKI {
 	 */
 	openPades(args: {
 		/** The signed PDF [[FileModel.id]], as returned by [[showFileBrowser]] method. */
-		signatureFileId: string,
+		signatureFileId?: string,
+
+		/** The signed PDF content (Base64 encoded bytes) to open. It can be passed optionally to `signatureFileId`. */
+		signatureContent?: string,
 
 		/** Whether or not to validate the PDF sinatures. */
 		validate: boolean,
@@ -702,7 +719,10 @@ export declare class LacunaWebPKI {
 	 */
 	openCades(args: {
 		/** The signed document (.p7s) [[FileModel.id]], as returned by [[showFileBrowser]] method. */
-		signatureFileId: string,
+		signatureFileId?: string,
+
+		/** The signed PDF content (Base64 encoded bytes) to open. It can be passed optionally to `signatureFileId`. */
+		signatureContent?: string,
 
 		/** The original file. Only applies if the passed `signatureFileId` does not have the encapsulated content. */
 		originalFileId?: string,
@@ -734,7 +754,7 @@ export declare class LacunaWebPKI {
 		/** The signed XML [[FileModel.id]], as returned by [[showFileBrowser]] method. */
 		signatureFileId?: string,
 
-		/** A signed XML content (UTF-8 string or Base64 encoded bytes) can be passed optionally to `signatureFileId`. */
+		/** The signed XML content (UTF-8 string or Base64 encoded bytes) to open. It can be passed optionally to `signatureFileId`. */
 		signatureContent?: string,
 
 		/** Whether or not to validate the CAdES sinatures. */
@@ -1016,6 +1036,11 @@ export namespace LacunaWebPKI {
 		Unknown = 'Unknown'
 	}
 
+	export const enum CertificatePolicyQualifierTypes {
+		Cps = 'Cps',
+		UserNotice = 'UserNotice'
+	}
+
 	export const enum MobileIntegrationModes {
 		/** Redirects and continue execution inside Web PKI App. Direct integration without bouncing between Browser App and Web PKI App. */
 		AppIntegration = 'appIntegration',
@@ -1041,14 +1066,27 @@ export namespace LacunaWebPKI {
 		/** PAdES-BES policy */
 		Basic = 'basic',
 		/** ICP-Brasil AD-RB policy */
-		BrazilAdrBasica = 'brazilAdrBasica'
+		BrazilAdrBasica = 'brazilAdrBasica',
+		PadesT = 'padesT',
+		BrazilAdrTempo = 'brazilAdrTempo'
 	}
 
 	export const enum CadesPolicies {
+		Cms = 'cms',
 		/** CAdES-BES policy */
 		Bes = 'cadesBes',
+		/** CAdES-T policy */
+		CadesT = 'cadesT',
 		/** ICP-Brasil AD-RB policy */
-		BrazilAdrBasica = 'brazilAdrBasica'
+		BrazilAdrBasica = 'brazilAdrBasica',
+		/** ICP-Brasil AD-RT policy */
+		BrazilAdrTempo = 'brazilAdrTempo',
+		/** ICP-Brasil AD-RV policy */
+		BrazilAdrValidacao = 'brazilAdrValidacao',
+		/** ICP-Brasil AD-RC policy */
+		BrazilAdrCompleta = 'brazilAdrCompleta',
+		/** ICP-Brasil AD-RA policy */
+		BrazilAdrArquivamento = 'brazilAdrArquivamento',
 	}
 
 	export const enum XmlPolicies {
@@ -1057,9 +1095,11 @@ export namespace LacunaWebPKI {
 		/** XAdES-BES policy */
 		XadesBes = 'xadesBes',
 		/** Brazil national NFe policy */
+		XadesT = 'xadesT',
 		BrazilNFe = 'brazilNFe',
 		/** ICP-Brasil AD-RB policy */
 		BrazilAdrBasica = 'brazilAdrBasica',
+		BrazilAdrTempo = 'brazilAdrTempo',
 	}
 
 	export const enum XmlSignedEntityTypes {
@@ -1177,6 +1217,17 @@ export namespace LacunaWebPKI {
 		SpecialCharacters = 4
 	}
 
+	export const enum AuthenticationMethods {
+		/** No authentication */
+		None = 'none',
+		/** Basic authentication: a username and password parameters must be set */
+		Basic = 'basic',
+		/** OAuth Bearer token authentication: a bearerToken parameter must be set */
+		BearerToken = 'bearerToken',
+		/** Mutual TLS authentication: a client certificate thumbprint parameter must be set */
+		Mutual = 'mutual'
+	}
+
 
 
 }
@@ -1230,10 +1281,14 @@ export interface ExceptionModel {
  * Each property on the [[PkiBrazilModel]] and [[PkiItalyModel]] objects may be null, but the objects themselves (`cert.pkiBrazil` or `cert.pkiItaly`) are **never** null.
  */
 export interface CertificateModel {
-	/** The Common Name (CN) part of the certificate's subject name field. */
+	/** The Common Name (CN) part of the certificate's subject DN name field. */
 	subjectName: string,
+	/** The subject Distinguished Name (DN) formatted string */
+	subjectDN: string,
 	/** The Common Name (CN) part of the certificate's issuer name field. */
 	issuerName: string,
+	/** The issuer Distinguished Name (DN) formatted string */
+	issuerDN: string,
 	/** `true` if the certificate is stored on Web PKI mobile app. `null` or `false` otherwise. */
 	isRemote?: boolean,
 	/** The subject e-mail address. */
@@ -1242,10 +1297,20 @@ export interface CertificateModel {
 	thumbprint: string,
 	/** Object with boolean properties indicating wether each possible key usage is set on the certificate. */
 	keyUsage: KeyUsagesModel,
+	/** Array with certificate policies info */
+	certificatePolicies: CertificatePolicyModel[],
 	/** Object with Brazil-specific fields. */
 	pkiBrazil: PkiBrazilModel,
+	/** Object with Argentina-specific fields. */
+	pkiArgentina: PkiArgentinaModel,
+	/** Object with Ecuador-specific fields. */
+	pkiEcuador: PkiEcuadorModel,
 	/** Object with Italy-specific fields. */
 	pkiItaly: PkiItalyModel,
+	/** Object with Paraguay-specific fields. */
+	pkiParaguay: PkiParaguayModel,
+	/** Object with Peru-specific fields. */
+	pkiPeru: PkiPeruModel,
 	/** The not before field of the certificate. */
 	validityStart: Date,
 	/** The not after field of the certificate. */
@@ -1309,6 +1374,81 @@ export interface PkiItalyModel {
 	codiceFiscale: string
 }
 
+/**************************************************************
+ * Object with PKI Argentina specific fields.
+ */
+export interface PkiArgentinaModel {
+	/** Clave Única de Identificación Laboral */
+	cuil: string,
+	/** Clave Única de Identificación Tributaria */
+	cuit: string
+}
+
+/**************************************************************
+ * Object with PKI Ecuador specific fields.
+ */
+export interface PkiEcuadorModel {
+	/** */
+	certificateType: string,
+	cedulaDeIdentidad: string,
+	pasaporte: string,
+	/** Registro Único de Proveedores */
+	rup: string,
+	/** Registro Único de Contribuyentes */
+	ruc: string,
+	nombres: string,
+	apellidos: string,
+	razonSocial: string
+}
+
+/**************************************************************
+ * Object with PKI Paraguay specific fields.
+ */
+export interface PkiParaguayModel {
+	personCertificateType: string,
+	certificateType: string,
+	/** Cédula de identidad */
+	ci: string,
+	/** Cédula de identidad para extranjero */
+	cie: string,
+	/** Registro Único de Contribuyente. Número de Cédula Tributaria correspondiente al Titular */
+	ruc: string,
+	pasaporte: string,
+	/** Nombre y apellido del responsable del certificado */
+	responsable: string
+}
+
+/**************************************************************
+ * Object with PKI Peru specific fields.
+ */
+export interface PkiPeruModel {
+	/** Documento Nacional de Identidad */
+	dni: string,
+	/** Registro Único de Contribuyentes */
+	ruc: string
+}
+
+/**************************************************************
+ * Object with certificate policy info
+ */
+export interface CertificatePolicyModel {
+	/** Certificate Policy Identifier */
+	id: string,
+	/** Certificate Policy Qualifiers */
+	qualifiers: CertificatePolicyQualifierModel[]
+}
+
+/**************************************************************
+ * Object with certificate policy qualifier
+ */
+export interface CertificatePolicyQualifierModel {
+	type: LacunaWebPKI.CertificatePolicyQualifierTypes,
+	cpsUri: string,
+	unOrganization: string,
+	unExplicitText: string,
+	unNoticeNumbers: number[],
+}
+
 // Common Functions
 
 export interface SuccessCallback<T> {
@@ -1700,4 +1840,26 @@ export interface PadesPageOptimization {
 	pageOrientation: LacunaWebPKI.PadesPageOrientations
 }
 
+export interface AuthenticationParameters {
+	method: LacunaWebPKI.AuthenticationMethods,
+	username?: string,
+	password?: string
+	bearerToken?: string,
+	certificateThumbprint?: string,
+}
+
+export interface TimestampRequester {
+	/** The Timestamp Authority (TSA) endpoint */
+	url: string,
+	/** An authentication method and parameters, if required by the TSA */
+	authentication?: AuthenticationParameters
+}
+
+export interface GeolocationInfo {
+	accuracy: number,
+	latitude: number,
+	longitude: number,
+	timestamp: Date
+}
+
 

package/lacuna-web-pki.js

@@ -21,6 +21,17 @@ LacunaWebPKI = function (license) {
 	if (license) {
 		this.license = license;
 	}
+
+	// check for JQuery blockUI presence causing mobile touch blocking
+	if (this.isSupportedMobile && window.$ && window.$.blockUI) {
+		try {
+			window.$.blockUI.defaults.bindEvents = false;
+			this._log('blockUI bindEvents disabled');
+
+		} catch (ex) {
+			this._log('Error disabling blockUI bindEvents: ', ex);
+		}
+	}
 };
 
 // Inject class prototype
@@ -115,20 +126,21 @@ LacunaWebPKI = function (license) {
 
 	$._installUrl = 'https://get.webpkiplugin.com/';
 	$._chromeExtensionId = 'dcngeagmmhegagicpcmpinaoklddcgon';
-	$._firefoxExtensionId = 'webpki@lacunasoftware.com';
-	$._edgeExtensionId = 'd2798a85-9698-425a-add7-3db79a39ca8a';
+	$._firefoxExtensionId = 'webpki-beta@lacunasoftware.com';
+	$._edgeExtensionId = 'nedeegdmhlnmboboahchfpkmdnnemapd';
+	$._edgeLegacyProductId = 'd2798a85-9698-425a-add7-3db79a39ca8a';
 	$._chromeExtensionFirstVersionWithSelfUpdate = '2.0.20';
-	$._jslibVersion = '2.14.4';
+	$._jslibVersion = '2.15.0';
 	$._mobileSupported = 'true' === 'true';
 	$._buildChannel = 'stable';
 
 	// latest components version ----------------------
 	$._extensionRequiredVersion = '2.15.0';
-	$._chromeNativeWinRequiredVersion = '2.10.1';
+	$._chromeNativeWinRequiredVersion = '2.10.3';
 	$._chromeNativeLinuxRequiredVersion = '2.10.0';
 	$._chromeNativeMacRequiredVersion = '2.10.0';
-	$._ieAddonRequiredVersion = '2.7.2';
-	$._mobileRequiredVersion = '2.7.0';
+	$._ieAddonRequiredVersion = '2.7.3';
+	$._mobileRequiredVersion = '3.0.0';
     // ------------------------------------------------
 
     $._chromeInstallationStates = {
@@ -469,7 +481,7 @@ LacunaWebPKI = function (license) {
 		if (!p11Modules || !p11Modules.length) {
 			return null;
 		}
-		osModules = [];
+		var osModules = [];
 		for (var i = 0; i < p11Modules.length; i++) {
 			if ($._nativeInfo.os === 'Windows') {
 				osModules.push(p11Modules[i].win);
@@ -658,7 +670,7 @@ LacunaWebPKI = function (license) {
 			this.brand = args.brand;
 		}
 		if (args.restPkiUrl) {
-		    this.restPkiUrl = args.restPkiUrl;
+			this.restPkiUrl = args.restPkiUrl[args.restPkiUrl.length - 1] === '/' ? args.restPkiUrl : args.restPkiUrl + '/';
 		}
 
 		this.useDomainNativePool = args.useDomainNativePool === true;
@@ -987,6 +999,7 @@ LacunaWebPKI = function (license) {
 		var request = {
 			certificateThumbprint: args.certificateThumbprint,
 			digestAlgorithm: args.digestAlgorithm,
+			usePreauthorizedSignatures: args.usePreauthorizedSignatures,
 			batch: args.batch
 		};
 		$._requestHandler.sendCommand(context, 'signHashBatch', request);
@@ -1127,6 +1140,7 @@ LacunaWebPKI = function (license) {
             trustArbitrators: args.trustArbitrators,
 			clearPolicyTrustArbitrators: args.clearPolicyTrustArbitrators,
 			certificateValidationLevel: args.certificateValidationLevel,
+			timestampRequester: args.timestampRequester,
 			policy: args.policy
 		};
 	};
@@ -1311,9 +1325,19 @@ LacunaWebPKI = function (license) {
 	    return context.promise;
 	};
 
+	$.getGeolocation = function (args) {
+		var context = this._createContext(args);
+		var request = {
+			certificateThumbprint: args.certificateThumbprint
+		};
+		$._requestHandler.sendCommand(context, 'getGeolocation', request);
+		return context.promise;
+	};
+
 
 	// -------------------- Browser detection --------------------
-	// http://stackoverflow.com/questions/2400935/browser-detection-in-javascript
+	// Based on http://stackoverflow.com/questions/2400935/browser-detection-in-javascript
+	// with new Edge  UA 'Edg' changes
 	$.detectedBrowser = (function () {
 		var ua = navigator.userAgent, tem,
 		M = ua.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i) || [];
@@ -1322,7 +1346,7 @@ LacunaWebPKI = function (license) {
 			return 'IE ' + (tem[1] || '');
 		}
 		if (M[1] === 'Chrome') {
-			tem = ua.match(/\b(OPR|Edge)\/(\d+)/);
+			tem = ua.match(/\b(OPR|Edge|Edg)\/(\d+)/);
 			if (tem !== null) return tem.slice(1).join(' ').replace('OPR', 'Opera');
 		}
 		M = M[2] ? [M[1], M[2]] : [navigator.appName, navigator.appVersion, '-?'];
@@ -1331,24 +1355,24 @@ LacunaWebPKI = function (license) {
 	})();
 
 	$._supportedMobileDetected = false;
-	var mobileOs = (function () {
-		var nAgt = navigator.userAgent;
-		var os = '';
-		var clientStrings = [
-			 { s: 'Android', r: /Android/ },
-			 { s: 'iOS', r: /(iPhone|iPad|iPod)/ }
-		];
-		for (var i = 0; i < clientStrings.length; i++) {
-			var cs = clientStrings[i];
-			if (cs.r.test(nAgt)) {
-				os = cs.s;
-				$._supportedMobileDetected = true && $._mobileSupported;
-				break;
-			}
+	var hasMultiTouchPoints = window.navigator.maxTouchPoints > 3;
+	var mobileOs = '';
+	var clientStrings = [
+		{ getName: function () { return 'Android'; }, r: /Android/ },
+		{ getName: function () { return 'iOS'; },     r: /(iPhone|iPad|iPod)/ },
+
+		// iPad iOS running on Desktop mode
+		{ getName: function () { return hasMultiTouchPoints ? 'iOS' : ''; }, r: /(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/ }
+	];
+	for (var i = 0; i < clientStrings.length; i++) {
+		var cs = clientStrings[i];
+		if (cs.r.test(window.navigator.userAgent)) {
+			mobileOs = cs.getName();
+			break;
 		}
-		return os;
-	})();
+	}
 
+	$._supportedMobileDetected = $._mobileSupported && mobileOs !== '';
 	$.isSupportedMobile = $._supportedMobileDetected;
 
 
@@ -1399,7 +1423,7 @@ LacunaWebPKI = function (license) {
 		isIE = ($.detectedBrowser.indexOf('IE') >= 0);
 		isChrome = ($.detectedBrowser.indexOf('Chrome') >= 0);
 		isFirefox = ($.detectedBrowser.indexOf('Firefox') >= 0);
-		isEdge = ($.detectedBrowser.indexOf('Edge') >= 0);
+		isEdge = ($.detectedBrowser.indexOf('Edg') >= 0);
 		isSafari = ($.detectedBrowser.indexOf('Safari') >= 0);
 		// mobile os
 		isAndroid = ($._supportedMobileDetected && mobileOs === 'Android');
@@ -1447,13 +1471,9 @@ LacunaWebPKI = function (license) {
 						command: command,
 						request: request
 					};
-					if (isChrome) {
-						var eventC = new CustomEvent('build', { 'detail': message });
-						eventC.initEvent(requestEventName);
+					if (isChrome || isEdge) {
+						var eventC = new CustomEvent(requestEventName, { 'detail': message });
 						document.dispatchEvent(eventC);
-					} else if (isEdge) {
-						var eventE = new CustomEvent(requestEventName, { 'detail': message });
-						document.dispatchEvent(eventE);
 					} else {
 					    window.postMessage({
 					        port: requestEventName,
@@ -1469,7 +1489,7 @@ LacunaWebPKI = function (license) {
 
 				var pollExtension = function (context, tryCount) {
 					$._log('polling extension');
-					var meta = document.getElementById($._chromeExtensionId) || document.getElementById($._firefoxExtensionId.replace(/[^A-Za-z0-9_]/g, '_')) || document.getElementById($._edgeExtensionId);
+					var meta = document.getElementById($._chromeExtensionId) || document.getElementById($._firefoxExtensionId.replace(/[^A-Za-z0-9_]/g, '_')) || document.getElementById($._edgeExtensionId) || document.getElementById($._edgeLegacyProductId);
 					if (meta === null) {
 						if (tryCount > 1) {
 							setTimeout(function () {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "web-pki",
-  "version": "2.14.4",
+  "version": "2.15.0",
   "description": "The Lacuna Web PKI component enables web applications to interact with digital certificates through javascript, without the need of Java.",
   "main": "lacuna-web-pki.js",
   "types": "lacuna-web-pki.d.ts",