/*----------------------------------------------------------------------*/ /* M�dulo de criptograf�a para formularios Web */ /*----------------------------------------------------------------------*/ /* Autores: Willman Yesid Garz�n */ /* Alex Vicente Chac�n Jim�nez */ /* Versi�n: 1.1 */ /* Editor: Visual Studio .NET */ /*----------------------------------------------------------------------*/ /* Certic�mara S.A. (Todos los derechos reservados) */ /* */ /* Bogot�, Colombia 29 de Noviembre del 2004 */ /*----------------------------------------------------------------------*/ /*----------------------------------------------------------------------*/ /* Declaraci�n de constantes de CAPICOM */ /*----------------------------------------------------------------------*/ var CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY = 6; var CAPICOM_CERTIFICATE_FIND_TIME_VALID = 9; var CAPICOM_CERTIFICATE_FIND_KEY_USAGE = 12; var CAPICOM_CERTIFICATE_FIND_SHA1_HASH = 0; var CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE = 0x00000080; var CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME = 0; var CAPICOM_INFO_SUBJECT_SIMPLE_NAME = 0; var CAPICOM_E_CANCELLED = -2138568446; var CERT_KEY_SPEC_PROP_ID = 6; var CAPICOM_VERIFY_SIGNATURE_ONLY = 0; var CAPICOM_CURRENT_USER_STORE = 2; var CAPICOM_STORE_OPEN_READ_ONLY = 0; var CAPICOM_INFO_SUBJECT_SIMPLE_NAME = 0; var CAPICOM_INFO_ISSUER_SIMPLE_NAME = 1; var CAPICOM_INFO_SUBJECT_EMAIL_NAME = 2; var CAPICOM_INFO_ISSUER_EMAIL_NAME = 3; var CAPICOM_CHECK_NONE = 0; var CAPICOM_CHECK_TRUSTED_ROOT = 1; var CAPICOM_CHECK_TIME_VALIDITY = 2; var CAPICOM_CHECK_SIGNATURE_VALIDITY = 4; var CAPICOM_CHECK_ONLINE_REVOCATION_STATUS = 8; var CAPICOM_CHECK_OFFLINE_REVOCATION_STATUS = 16; var CAPICOM_TRUST_IS_NOT_TIME_VALID = 1; var CAPICOM_TRUST_IS_NOT_TIME_NESTED = 2; var CAPICOM_TRUST_IS_REVOKED = 4; var CAPICOM_TRUST_IS_NOT_SIGNATURE_VALID = 8; var CAPICOM_TRUST_IS_NOT_VALID_FOR_USAGE = 16; var CAPICOM_TRUST_IS_UNTRUSTED_ROOT = 32; var CAPICOM_TRUST_REVOCATION_STATUS_UNKNOWN = 64; var CAPICOM_TRUST_IS_CYCLIC = 128; var CAPICOM_TRUST_IS_PARTIAL_CHAIN = 65536; var CAPICOM_TRUST_CTL_IS_NOT_TIME_VALID = 131072; var CAPICOM_TRUST_CTL_IS_NOT_SIGNATURE_VALID = 262144; var CAPICOM_TRUST_CTL_IS_NOT_VALID_FOR_USAGE = 524288; var CAPICOM_KEY_STORAGE_DEFAULT= 0; var CAPICOM_CURRENT_USER_KEY= 0; /*----------------------------------------------------------------------*/ /* Definici�n de excepciones */ /*----------------------------------------------------------------------*/ var capicomError = new Error ("La librer�a de criptograf�a de Windows ::CAPICOM:: no se encuentra instalada."); /*----------------------------------------------------------------------*/ /* Valida que el componente CAPICOM est� instalado en la m�quina cliente*/ /*----------------------------------------------------------------------*/ function verifyCapicomAvailability() { var testObject = new ActiveXObject("CAPICOM.Signer"); if(typeof(testObject) != "object") { throw capicomError; } } /*----------------------------------------------------------------------*/ /* Firma la informaci�n especificada en los par�metros de entrada. */ /*----------------------------------------------------------------------*/ function SignData(data2sign, detached , encodingType) { try { //verify Capicom avalability verifyCapicomAvailability(); // instantiate the CAPICOM objects var SignedData = new ActiveXObject("CAPICOM.SignedData"); var Signer = new ActiveXObject("CAPICOM.Signer"); var TimeAttribute = new ActiveXObject("CAPICOM.Attribute"); //Capturar los datos que van a ser firmados SignedData.Content = data2sign; // Set the time in which we are applying the signature var Today = new Date(); TimeAttribute.Name = CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME; TimeAttribute.Value = Today.getVarDate(); Signer.AuthenticatedAttributes.Add(TimeAttribute); //Crear la firma digital return SignedData.Sign(Signer, detached, encodingType); } catch (e) { throw e; } } /*----------------------------------------------------------------------*/ /* Firma la informaci�n especificada en los par�metros de entrada. */ /*----------------------------------------------------------------------*/ function SignDataWithP12(data2sign, detached , encodingType, p12Path, p12Password) { try { //alert (p12Path); //alert (p12Password); //verify Capicom avalability //verifyCapicomAvailability(); // instantiate the CAPICOM objects //var SignedData = new ActiveXObject("CAPICOM.SignedData"); //var Signer = new ActiveXObject("CAPICOM.Signer"); //var TimeAttribute = new ActiveXObject("CAPICOM.Attribute"); ///var oCertificate = new ActiveXObject("CAPICOM.Certificate"); //var oStore = new ActiveXObject("CAPICOM.Store"); //alert (oCertificate); //Carga del certificado digital //alert ("Hola 1"); //oStore.Open(0, "My", 1); //oStore.Load(p12Path, p12Password, CAPICOM_KEY_STORAGE_DEFAULT); //oCertificate.Load(p12Path, p12Password, CAPICOM_KEY_STORAGE_DEFAULT, CAPICOM_CURRENT_USER_KEY); //alert ("Hola 2"); //Signer.Certificate = oCertificate; //Signer.Certificate = store.Certificates.Item(1); //Capturar los datos que van a ser firmados //SignedData.Content = data2sign; // Set the time in which we are applying the signature //var Today = new Date(); //TimeAttribute.Name = CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME; //TimeAttribute.Value = Today.getVarDate(); //Signer.AuthenticatedAttributes.Add(TimeAttribute); //Crear la firma digital alert("Alex4"); var popo = new ActiveXObject("CerticamaraFirmaPKCS12.CertiSignP12"); alert("Alex5"); return popo.SignWithP12(data2sign, p12Path, p12Password, detached , encodingType); } catch (e) { alert (e.message); alert (e.number); alert (e.name); throw e; } } /*----------------------------------------------------------------------*/ /* Verifica la lista de certificados revocados */ /*----------------------------------------------------------------------*/ function ValidateCRL(data, sign, detached) { try { //verify Capicom avalability verifyCapicomAvailability(); var SingData = new ActiveXObject("CAPICOM.SignedData"); var CertificateObj = new ActiveXObject("CAPICOM.Certificate"); var resultado = 0; //Capturar los datos que van a ser firmados if (detached) { SingData.Content = data; } //Verificar la firma digital SingData.Verify (sign, detached, CAPICOM_VERIFY_SIGNATURE_ONLY); for(var i = 0; i < SingData.Certificates.Count ; i++) { CertificateObj = SingData.Certificates.Item(i+1); //Realizar la validaci�n de caducidad para el certificado seleccionado CertificateObj.IsValid().CheckFlag = CAPICOM_CHECK_ONLINE_REVOCATION_STATUS; if (!CertificateObj.IsValid().Result) { resultado ++; } } if (resultado == 0) { return true; } else { return false; } } catch (e) { throw e; } } /*----------------------------------------------------------------------*/ /* Verifica que el certificado Root del certificado se encuentre */ /* instalado en la m�quina cliente */ /*----------------------------------------------------------------------*/ function ValidateRoot(data, sign, detached) { try { //verify Capicom avalability verifyCapicomAvailability(); var SingData = new ActiveXObject("CAPICOM.SignedData"); var CertificateObj = new ActiveXObject("CAPICOM.Certificate"); var resultado = 0; //Capturar los datos que van a ser firmados if (detached) { SingData.Content = data; } //Verificar la firma digital SingData.Verify (sign, detached, CAPICOM_VERIFY_SIGNATURE_ONLY); for(var i = 0; i < SingData.Certificates.Count ; i++) { CertificateObj = SingData.Certificates.Item(i+1); //Realizar la validaci�n de caducidad para el certificado seleccionado CertificateObj.IsValid().CheckFlag = CAPICOM_CHECK_TRUSTED_ROOT; if (!CertificateObj.IsValid().Result) { resultado ++; } } if (resultado == 0) { return true; } else { return false; } } catch (e) { throw e; } } /*----------------------------------------------------------------------*/ /* Verifica que el certificado con el que se firmaron los datos sea */ /* vigente. */ /*----------------------------------------------------------------------*/ function ValidateTime(data, sign, detached) { try { //verify Capicom avalability verifyCapicomAvailability(); var SingData = new ActiveXObject("CAPICOM.SignedData"); var CertificateObj = new ActiveXObject("CAPICOM.Certificate"); var resultado = 0; //Capturar los datos que van a ser firmados if (detached) { SingData.Content = data; } //Verificar la firma digital SingData.Verify (sign, detached, CAPICOM_VERIFY_SIGNATURE_ONLY); for(var i = 0; i < SingData.Certificates.Count ; i++) { CertificateObj = SingData.Certificates.Item(i+1); //Realizar la validaci�n de caducidad para el certificado seleccionado CertificateObj.IsValid().CheckFlag = CAPICOM_CHECK_TIME_VALIDITY; if (!CertificateObj.IsValid().Result) { resultado ++; } } if (resultado == 0) { return true; } else { return false; } } catch (e) { throw e; } } /*----------------------------------------------------------------------*/ /* Verifica la firma digital de acuerdo a los par�metros de entrada */ /*----------------------------------------------------------------------*/ function ValidateSignature(data, sign, detached) { try { //verify Capicom avalability verifyCapicomAvailability(); var SingData = new ActiveXObject("CAPICOM.SignedData"); var CertificateObj = new ActiveXObject("CAPICOM.Certificate"); var resultado = 0; //Capturar los datos que van a ser firmados if (detached) { SingData.Content = data; } //Verificar la firma digital SingData.Verify (sign, detached, CAPICOM_VERIFY_SIGNATURE_ONLY); for(var i = 0; i < SingData.Certificates.Count ; i++) { CertificateObj = SingData.Certificates.Item(i+1); //Realizar la validaci�n de caducidad para el certificado seleccionado CertificateObj.IsValid().CheckFlag = CAPICOM_CHECK_SIGNATURE_VALIDITY; if (!CertificateObj.IsValid().Result) { resultado ++; } } if (resultado == 0) { return true; } else { return false; } } catch (e) { throw e; } } /*----------------------------------------------------------------------*/ /* Verifica completamente la firma digital y los datos firmados */ /*----------------------------------------------------------------------*/ function ValidateAll(data, sign, detached) { try { //verify Capicom avalability verifyCapicomAvailability(); var SingData = new ActiveXObject("CAPICOM.SignedData"); var CertificateObj = new ActiveXObject("CAPICOM.Certificate"); var resultado = 0; //Capturar los datos que van a ser firmados if (detached) { SingData.Content = data; } //Verificar la firma digital SingData.Verify (sign, detached, CAPICOM_VERIFY_SIGNATURE_ONLY); for(var i = 0; i < SingData.Certificates.Count ; i++) { CertificateObj = SingData.Certificates.Item(i+1); if (!CertificateObj.IsValid().Result) { resultado ++; } } if (resultado == 0) { return true; } else { return false; } } catch (e) { throw e; } } /*----------------------------------------------------------------------*/ /* Muestra el certificado con el cual se firm� la informaci�n */ /*----------------------------------------------------------------------*/ function DisplayCertificate(data, sign, detached) { try { //verify Capicom avalability verifyCapicomAvailability(); var Verifier = new ActiveXObject("CAPICOM.SignedData"); var CertificateObj = new ActiveXObject("CAPICOM.Certificate"); //Capturar los datos que van a ser firmados if (detached) { Verifier.Content = data; } //Verificar la firma digital Verifier.Verify (sign, detached, CAPICOM_VERIFY_SIGNATURE_ONLY); for(var i = 0; i < Verifier.Certificates.Count ; i++) { CertificateObj = Verifier.Certificates.Item(i+1); //Despliega el certificado CertificateObj.Display(); } } catch (e) { throw e; } } /*----------------------------------------------------------------------*/ /* Obtiene los firmantes */ /*----------------------------------------------------------------------*/ function GetSigners(data, sign, detached) { try { var signers = ""; var Verifier = new ActiveXObject("CAPICOM.SignedData"); var CertificateObj = new ActiveXObject("CAPICOM.Certificate"); if (detached) { Verifier.Content = data; } Verifier.Verify (sign, detached, CAPICOM_VERIFY_SIGNATURE_ONLY); for(var i = 0; i < Verifier.Certificates.Count ; i++) { CertificateObj = Verifier.Certificates.Item(i+1); signers += CertificateObj.subjectName + "-" } return signers; } catch (e) { throw e; } }