+ + Class KJUR.asn1.cms.IssuerSerial +
+ + +
+
+
Extends
+ KJUR.asn1.ASN1Object.
+
+
+ class for CMS IssuerSerial ASN.1 structure for CMS
+
+
+
Defined in: asn1cms-1.0.js.
+
+
| Constructor Attributes | +Constructor Name and Description | +
|---|---|
| + |
+
+ KJUR.asn1.cms.IssuerSerial(params)
+
+ class for IssuerSerial ASN.1 structure for CMS
+This class represents IssuerSerial ASN.1 structure
+defined in
+
+
+
+
+
+
+
+ Class Detail
+
+
+
+ KJUR.asn1.cms.IssuerSerial(params)
+
+
+
+ class for IssuerSerial ASN.1 structure for CMS
+This class represents IssuerSerial ASN.1 structure
+defined in
+// specify by X500Name parameter and DERInteger
+o = new KJUR.asn1.cms.IssuerSerial(
+ {issuer: {str: '/C=US/O=T1'}, serial {int: 3}});
+// specify by PEM certificate
+o = new KJUR.asn1.cms.IssuerSerial({cert: certPEM});
+o = new KJUR.asn1.cms.IssuerSerial(certPEM); // since 1.0.3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ © 2012-2020 Kenji Urushima, All rights reserved
+
+
diff --git a/api/symbols/KJUR.asn1.cms.MessageDigest.html b/api/symbols/KJUR.asn1.cms.MessageDigest.html
index b21fa334..3a5ce55b 100644
--- a/api/symbols/KJUR.asn1.cms.MessageDigest.html
+++ b/api/symbols/KJUR.asn1.cms.MessageDigest.html
@@ -239,6 +239,8 @@ + + Documentation generated by JsDoc Toolkit 2.4.0 + ClassesClassesClassesClassesClassesClassesClasses |
| <static> | +
+ KJUR.asn1.cms.setByCertPEM(certPEM)
+
+
+ |
+
| <static> |
@@ -583,6 +594,7 @@ PROVIDED CLASSESPROVIDED CLASSES++ + + <static>
+
+
+ KJUR.asn1.cms.setByCertPEM(certPEM)
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/api/symbols/KJUR.asn1.csr.CSRUtil.html b/api/symbols/KJUR.asn1.csr.CSRUtil.html index c8176b94..1d4f37a8 100644 --- a/api/symbols/KJUR.asn1.csr.CSRUtil.html +++ b/api/symbols/KJUR.asn1.csr.CSRUtil.html @@ -239,6 +239,8 @@ ClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClassesClasses1 /* asn1cms-1.0.6.js (c) 2013-2020 Kenji Urushima | kjur.github.io/jsrsasign/license +1 /* asn1cms-1.0.7.js (c) 2013-2020 Kenji Urushima | kjur.github.io/jsrsasign/license 2 */ 3 /* 4 * asn1cms.js - ASN.1 DER encoder and verifier classes for Cryptographic Message Syntax(CMS) @@ -23,7 +23,7 @@ 16 * @fileOverview 17 * @name asn1cms-1.0.js 18 * @author Kenji Urushima kenji.urushima@gmail.com - 19 * @version jsrsasign 8.0.17 asn1cms 1.0.6 (2020-Jun-19) + 19 * @version jsrsasign 8.0.24 asn1cms 1.0.7 (2020-Aug-18) 20 * @since jsrsasign 4.2.4 21 * @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a> 22 */ @@ -66,1281 +66,1373 @@ 59 * <li>{@link KJUR.asn1.cms.ContentInfo}</li> 60 * <li>{@link KJUR.asn1.cms.EncapsulatedContentInfo}</li> 61 * <li>{@link KJUR.asn1.cms.IssuerAndSerialNumber}</li> - 62 * <li>{@link KJUR.asn1.cms.CMSUtil}</li> - 63 * <li>{@link KJUR.asn1.cms.Attribute}</li> - 64 * <li>{@link KJUR.asn1.cms.ContentType}</li> - 65 * <li>{@link KJUR.asn1.cms.MessageDigest}</li> - 66 * <li>{@link KJUR.asn1.cms.SigningTime}</li> - 67 * <li>{@link KJUR.asn1.cms.SigningCertificate}</li> - 68 * <li>{@link KJUR.asn1.cms.SigningCertificateV2}</li> - 69 * </ul> - 70 * NOTE: Please ignore method summary and document of this namespace. - 71 * This caused by a bug of jsdoc2. - 72 * </p> - 73 * @name KJUR.asn1.cms - 74 * @namespace - 75 */ - 76 if (typeof KJUR.asn1.cms == "undefined" || !KJUR.asn1.cms) KJUR.asn1.cms = {}; - 77 - 78 /** - 79 * Attribute class for base of CMS attribute - 80 * @name KJUR.asn1.cms.Attribute - 81 * @class Attribute class for base of CMS attribute - 82 * @param {Array} params associative array of parameters - 83 * @extends KJUR.asn1.ASN1Object - 84 * @since jsrsasign 4.2.4 asn1cms 1.0.0 - 85 * @description - 86 * <pre> - 87 * Attributes ::= SET OF Attribute - 88 * Attribute ::= SEQUENCE { - 89 * type OBJECT IDENTIFIER, - 90 * values AttributeSetValue } - 91 * AttributeSetValue ::= SET OF ANY - 92 * </pre> - 93 */ - 94 KJUR.asn1.cms.Attribute = function(params) { - 95 var valueList = [], // array of values - 96 _KJUR = KJUR, - 97 _KJUR_asn1 = _KJUR.asn1; - 98 - 99 _KJUR_asn1.cms.Attribute.superclass.constructor.call(this); -100 -101 this.getEncodedHex = function() { -102 var attrTypeASN1, attrValueASN1, seq; -103 attrTypeASN1 = new _KJUR_asn1.DERObjectIdentifier({"oid": this.attrTypeOid}); -104 -105 attrValueASN1 = new _KJUR_asn1.DERSet({"array": this.valueList}); -106 try { -107 attrValueASN1.getEncodedHex(); -108 } catch (ex) { -109 throw "fail valueSet.getEncodedHex in Attribute(1)/" + ex; -110 } -111 -112 seq = new _KJUR_asn1.DERSequence({"array": [attrTypeASN1, attrValueASN1]}); -113 try { -114 this.hTLV = seq.getEncodedHex(); -115 } catch (ex) { -116 throw "failed seq.getEncodedHex in Attribute(2)/" + ex; -117 } -118 -119 return this.hTLV; -120 }; -121 }; -122 YAHOO.lang.extend(KJUR.asn1.cms.Attribute, KJUR.asn1.ASN1Object); -123 -124 /** -125 * class for CMS ContentType attribute -126 * @name KJUR.asn1.cms.ContentType -127 * @class class for CMS ContentType attribute -128 * @param {Array} params associative array of parameters -129 * @extends KJUR.asn1.cms.Attribute -130 * @since jsrsasign 4.2.4 asn1cms 1.0.0 -131 * @description -132 * <pre> -133 * Attribute ::= SEQUENCE { -134 * type OBJECT IDENTIFIER, -135 * values AttributeSetValue } -136 * AttributeSetValue ::= SET OF ANY -137 * ContentType ::= OBJECT IDENTIFIER -138 * </pre> -139 * @example -140 * o = new KJUR.asn1.cms.ContentType({name: 'data'}); -141 * o = new KJUR.asn1.cms.ContentType({oid: '1.2.840.113549.1.9.16.1.4'}); -142 */ -143 KJUR.asn1.cms.ContentType = function(params) { -144 var _KJUR = KJUR, -145 _KJUR_asn1 = _KJUR.asn1; -146 -147 _KJUR_asn1.cms.ContentType.superclass.constructor.call(this); -148 -149 this.attrTypeOid = "1.2.840.113549.1.9.3"; -150 var contentTypeASN1 = null; -151 -152 if (typeof params != "undefined") { -153 var contentTypeASN1 = new _KJUR_asn1.DERObjectIdentifier(params); -154 this.valueList = [contentTypeASN1]; -155 } -156 }; -157 YAHOO.lang.extend(KJUR.asn1.cms.ContentType, KJUR.asn1.cms.Attribute); -158 -159 /** -160 * class for CMS MessageDigest attribute -161 * @name KJUR.asn1.cms.MessageDigest -162 * @class class for CMS MessageDigest attribute -163 * @param {Array} params associative array of parameters -164 * @extends KJUR.asn1.cms.Attribute -165 * @since jsrsasign 4.2.4 asn1cms 1.0.0 -166 * @description -167 * <pre> -168 * Attribute ::= SEQUENCE { -169 * type OBJECT IDENTIFIER, -170 * values AttributeSetValue } -171 * AttributeSetValue ::= SET OF ANY -172 * MessageDigest ::= OCTET STRING -173 * </pre> -174 * @example -175 * o = new KJUR.asn1.cms.MessageDigest({hex: 'a1a2a3a4...'}); -176 */ -177 KJUR.asn1.cms.MessageDigest = function(params) { -178 var _KJUR = KJUR, -179 _KJUR_asn1 = _KJUR.asn1, -180 _DEROctetString = _KJUR_asn1.DEROctetString, -181 _KJUR_asn1_cms = _KJUR_asn1.cms; -182 -183 _KJUR_asn1_cms.MessageDigest.superclass.constructor.call(this); -184 this.attrTypeOid = "1.2.840.113549.1.9.4"; -185 -186 if (params !== undefined) { -187 if (params.eciObj instanceof _KJUR_asn1_cms.EncapsulatedContentInfo && -188 typeof params.hashAlg === "string") { -189 var dataHex = params.eciObj.eContentValueHex; -190 var hashAlg = params.hashAlg; -191 var hashValueHex = _KJUR.crypto.Util.hashHex(dataHex, hashAlg); -192 var dAttrValue1 = new _DEROctetString({hex: hashValueHex}); -193 dAttrValue1.getEncodedHex(); -194 this.valueList = [dAttrValue1]; -195 } else { -196 var dAttrValue1 = new _DEROctetString(params); -197 dAttrValue1.getEncodedHex(); -198 this.valueList = [dAttrValue1]; -199 } -200 } -201 }; -202 YAHOO.lang.extend(KJUR.asn1.cms.MessageDigest, KJUR.asn1.cms.Attribute); -203 -204 /** -205 * class for CMS SigningTime attribute -206 * @name KJUR.asn1.cms.SigningTime -207 * @class class for CMS SigningTime attribute -208 * @param {Array} params associative array of parameters -209 * @extends KJUR.asn1.cms.Attribute -210 * @since jsrsasign 4.2.4 asn1cms 1.0.0 -211 * @description -212 * <pre> -213 * Attribute ::= SEQUENCE { -214 * type OBJECT IDENTIFIER, -215 * values AttributeSetValue } -216 * AttributeSetValue ::= SET OF ANY -217 * SigningTime ::= Time -218 * Time ::= CHOICE { -219 * utcTime UTCTime, -220 * generalTime GeneralizedTime } -221 * </pre> -222 * @example -223 * o = new KJUR.asn1.cms.SigningTime(); // current time UTCTime by default -224 * o = new KJUR.asn1.cms.SigningTime({type: 'gen'}); // current time GeneralizedTime -225 * o = new KJUR.asn1.cms.SigningTime({str: '20140517093800Z'}); // specified GeneralizedTime -226 * o = new KJUR.asn1.cms.SigningTime({str: '140517093800Z'}); // specified UTCTime -227 */ -228 KJUR.asn1.cms.SigningTime = function(params) { -229 var _KJUR = KJUR, -230 _KJUR_asn1 = _KJUR.asn1; -231 -232 _KJUR_asn1.cms.SigningTime.superclass.constructor.call(this); -233 this.attrTypeOid = "1.2.840.113549.1.9.5"; -234 -235 if (params !== undefined) { -236 var asn1 = new _KJUR_asn1.x509.Time(params); -237 try { -238 asn1.getEncodedHex(); -239 } catch (ex) { -240 throw "SigningTime.getEncodedHex() failed/" + ex; -241 } -242 this.valueList = [asn1]; -243 } -244 }; -245 YAHOO.lang.extend(KJUR.asn1.cms.SigningTime, KJUR.asn1.cms.Attribute); -246 -247 /** -248 * class for CMS SigningCertificate attribute -249 * @name KJUR.asn1.cms.SigningCertificate -250 * @class class for CMS SigningCertificate attribute -251 * @param {Array} params associative array of parameters -252 * @extends KJUR.asn1.cms.Attribute -253 * @since jsrsasign 4.5.1 asn1cms 1.0.1 -254 * @description -255 * <pre> -256 * Attribute ::= SEQUENCE { -257 * type OBJECT IDENTIFIER, -258 * values AttributeSetValue } -259 * AttributeSetValue ::= SET OF ANY -260 * SigningCertificate ::= SEQUENCE { -261 * certs SEQUENCE OF ESSCertID, -262 * policies SEQUENCE OF PolicyInformation OPTIONAL } -263 * ESSCertID ::= SEQUENCE { -264 * certHash Hash, -265 * issuerSerial IssuerSerial OPTIONAL } -266 * IssuerSerial ::= SEQUENCE { -267 * issuer GeneralNames, -268 * serialNumber CertificateSerialNumber } -269 * </pre> -270 * @example -271 * o = new KJUR.asn1.cms.SigningCertificate({array: [certPEM]}); -272 */ -273 KJUR.asn1.cms.SigningCertificate = function(params) { -274 var _KJUR = KJUR, -275 _KJUR_asn1 = _KJUR.asn1, -276 _DERSequence = _KJUR_asn1.DERSequence, -277 _KJUR_asn1_cms = _KJUR_asn1.cms, -278 _KJUR_crypto = _KJUR.crypto; -279 -280 _KJUR_asn1_cms.SigningCertificate.superclass.constructor.call(this); -281 this.attrTypeOid = "1.2.840.113549.1.9.16.2.12"; -282 -283 this.setCerts = function(listPEM) { -284 var list = []; -285 for (var i = 0; i < listPEM.length; i++) { -286 var hex = pemtohex(listPEM[i]); -287 var certHashHex = _KJUR.crypto.Util.hashHex(hex, 'sha1'); -288 var dCertHash = -289 new _KJUR_asn1.DEROctetString({hex: certHashHex}); -290 dCertHash.getEncodedHex(); -291 var dIssuerSerial = -292 new _KJUR_asn1_cms.IssuerAndSerialNumber({cert: listPEM[i]}); -293 dIssuerSerial.getEncodedHex(); -294 var dESSCertID = -295 new _DERSequence({array: [dCertHash, dIssuerSerial]}); -296 dESSCertID.getEncodedHex(); -297 list.push(dESSCertID); -298 } -299 -300 var dValue = new _DERSequence({array: list}); -301 dValue.getEncodedHex(); -302 this.valueList = [dValue]; -303 }; -304 -305 if (params !== undefined) { -306 if (typeof params.array == "object") { -307 this.setCerts(params.array); -308 } -309 } -310 }; -311 YAHOO.lang.extend(KJUR.asn1.cms.SigningCertificate, KJUR.asn1.cms.Attribute); -312 -313 /** -314 * class for CMS SigningCertificateV2 attribute -315 * @name KJUR.asn1.cms.SigningCertificateV2 -316 * @class class for CMS SigningCertificateV2 attribute -317 * @param {Array} params associative array of parameters -318 * @extends KJUR.asn1.cms.Attribute -319 * @since jsrsasign 4.5.1 asn1cms 1.0.1 -320 * @description -321 * <pre> -322 * oid-signingCertificateV2 = 1.2.840.113549.1.9.16.2.47 -323 * Attribute ::= SEQUENCE { -324 * type OBJECT IDENTIFIER, -325 * values AttributeSetValue } -326 * AttributeSetValue ::= SET OF ANY -327 * SigningCertificateV2 ::= SEQUENCE { -328 * certs SEQUENCE OF ESSCertIDv2, -329 * policies SEQUENCE OF PolicyInformation OPTIONAL } -330 * ESSCertIDv2 ::= SEQUENCE { -331 * hashAlgorithm AlgorithmIdentifier -332 * DEFAULT {algorithm id-sha256}, -333 * certHash Hash, -334 * issuerSerial IssuerSerial OPTIONAL } -335 * Hash ::= OCTET STRING -336 * IssuerSerial ::= SEQUENCE { -337 * issuer GeneralNames, -338 * serialNumber CertificateSerialNumber } -339 * </pre> -340 * @example -341 * // hash algorithm is sha256 by default: -342 * o = new KJUR.asn1.cms.SigningCertificateV2({array: [certPEM]}); -343 * o = new KJUR.asn1.cms.SigningCertificateV2({array: [certPEM], -344 * hashAlg: 'sha512'}); -345 */ -346 KJUR.asn1.cms.SigningCertificateV2 = function(params) { -347 var _KJUR = KJUR, -348 _KJUR_asn1 = _KJUR.asn1, -349 _DERSequence = _KJUR_asn1.DERSequence, -350 _KJUR_asn1_x509 = _KJUR_asn1.x509, -351 _KJUR_asn1_cms = _KJUR_asn1.cms, -352 _KJUR_crypto = _KJUR.crypto; -353 -354 _KJUR_asn1_cms.SigningCertificateV2.superclass.constructor.call(this); -355 this.attrTypeOid = "1.2.840.113549.1.9.16.2.47"; -356 -357 this.setCerts = function(listPEM, hashAlg) { -358 var list = []; -359 for (var i = 0; i < listPEM.length; i++) { -360 var hex = pemtohex(listPEM[i]); -361 -362 var a = []; -363 if (hashAlg !== "sha256") -364 a.push(new _KJUR_asn1_x509.AlgorithmIdentifier({name: hashAlg})); -365 -366 var certHashHex = _KJUR_crypto.Util.hashHex(hex, hashAlg); -367 var dCertHash = new _KJUR_asn1.DEROctetString({hex: certHashHex}); -368 dCertHash.getEncodedHex(); -369 a.push(dCertHash); -370 -371 var dIssuerSerial = -372 new _KJUR_asn1_cms.IssuerAndSerialNumber({cert: listPEM[i]}); -373 dIssuerSerial.getEncodedHex(); -374 a.push(dIssuerSerial); -375 -376 var dESSCertIDv2 = new _DERSequence({array: a}); -377 dESSCertIDv2.getEncodedHex(); -378 list.push(dESSCertIDv2); -379 } -380 -381 var dValue = new _DERSequence({array: list}); -382 dValue.getEncodedHex(); -383 this.valueList = [dValue]; -384 }; -385 -386 if (params !== undefined) { -387 if (typeof params.array == "object") { -388 var hashAlg = "sha256"; // sha2 default -389 if (typeof params.hashAlg == "string") -390 hashAlg = params.hashAlg; -391 this.setCerts(params.array, hashAlg); -392 } -393 } -394 }; -395 YAHOO.lang.extend(KJUR.asn1.cms.SigningCertificateV2, KJUR.asn1.cms.Attribute); -396 -397 /** -398 * class for IssuerAndSerialNumber ASN.1 structure for CMS -399 * @name KJUR.asn1.cms.IssuerAndSerialNumber -400 * @class class for CMS IssuerAndSerialNumber ASN.1 structure for CMS -401 * @param {Array} params associative array of parameters -402 * @extends KJUR.asn1.ASN1Object -403 * @since jsrsasign 4.2.4 asn1cms 1.0.0 -404 * @description -405 * <pre> -406 * IssuerAndSerialNumber ::= SEQUENCE { -407 * issuer Name, -408 * serialNumber CertificateSerialNumber } -409 * CertificateSerialNumber ::= INTEGER -410 * </pre> -411 * @example -412 * // specify by X500Name and DERInteger -413 * o = new KJUR.asn1.cms.IssuerAndSerialNumber( -414 * {issuer: {str: '/C=US/O=T1'}, serial {int: 3}}); -415 * // specify by PEM certificate -416 * o = new KJUR.asn1.cms.IssuerAndSerialNumber({cert: certPEM}); -417 * o = new KJUR.asn1.cms.IssuerAndSerialNumber(certPEM); // since 1.0.3 -418 */ -419 KJUR.asn1.cms.IssuerAndSerialNumber = function(params) { -420 var _KJUR = KJUR, -421 _KJUR_asn1 = _KJUR.asn1, -422 _DERInteger = _KJUR_asn1.DERInteger, -423 _KJUR_asn1_cms = _KJUR_asn1.cms, -424 _KJUR_asn1_x509 = _KJUR_asn1.x509, -425 _X500Name = _KJUR_asn1_x509.X500Name, -426 _X509 = X509; -427 -428 _KJUR_asn1_cms.IssuerAndSerialNumber.superclass.constructor.call(this); -429 var dIssuer = null; -430 var dSerial = null; -431 -432 /* -433 * @since asn1cms 1.0.1 -434 */ -435 this.setByCertPEM = function(certPEM) { -436 var certHex = pemtohex(certPEM); -437 var x = new _X509(); -438 x.hex = certHex; -439 var issuerTLVHex = x.getIssuerHex(); -440 this.dIssuer = new _X500Name(); -441 this.dIssuer.hTLV = issuerTLVHex; -442 var serialVHex = x.getSerialNumberHex(); -443 this.dSerial = new _DERInteger({hex: serialVHex}); -444 }; -445 -446 this.getEncodedHex = function() { -447 var seq = new _KJUR_asn1.DERSequence({"array": [this.dIssuer, -448 this.dSerial]}); -449 this.hTLV = seq.getEncodedHex(); -450 return this.hTLV; -451 }; -452 -453 if (params !== undefined) { -454 if (typeof params == "string" && -455 params.indexOf("-----BEGIN ") != -1) { -456 this.setByCertPEM(params); -457 } -458 if (params.issuer && params.serial) { -459 if (params.issuer instanceof _X500Name) { -460 this.dIssuer = params.issuer; -461 } else { -462 this.dIssuer = new _X500Name(params.issuer); -463 } -464 if (params.serial instanceof _DERInteger) { -465 this.dSerial = params.serial; -466 } else { -467 this.dSerial = new _DERInteger(params.serial); -468 } + 62 * <li>{@link KJUR.asn1.cms.IssuerSerial}</li> + 63 * <li>{@link KJUR.asn1.cms.CMSUtil}</li> + 64 * <li>{@link KJUR.asn1.cms.Attribute}</li> + 65 * <li>{@link KJUR.asn1.cms.ContentType}</li> + 66 * <li>{@link KJUR.asn1.cms.MessageDigest}</li> + 67 * <li>{@link KJUR.asn1.cms.SigningTime}</li> + 68 * <li>{@link KJUR.asn1.cms.SigningCertificate}</li> + 69 * <li>{@link KJUR.asn1.cms.SigningCertificateV2}</li> + 70 * </ul> + 71 * NOTE: Please ignore method summary and document of this namespace. + 72 * This caused by a bug of jsdoc2. + 73 * </p> + 74 * @name KJUR.asn1.cms + 75 * @namespace + 76 */ + 77 if (typeof KJUR.asn1.cms == "undefined" || !KJUR.asn1.cms) KJUR.asn1.cms = {}; + 78 + 79 /** + 80 * Attribute class for base of CMS attribute + 81 * @name KJUR.asn1.cms.Attribute + 82 * @class Attribute class for base of CMS attribute + 83 * @param {Array} params associative array of parameters + 84 * @extends KJUR.asn1.ASN1Object + 85 * @since jsrsasign 4.2.4 asn1cms 1.0.0 + 86 * @description + 87 * <pre> + 88 * Attributes ::= SET OF Attribute + 89 * Attribute ::= SEQUENCE { + 90 * type OBJECT IDENTIFIER, + 91 * values AttributeSetValue } + 92 * AttributeSetValue ::= SET OF ANY + 93 * </pre> + 94 */ + 95 KJUR.asn1.cms.Attribute = function(params) { + 96 var valueList = [], // array of values + 97 _KJUR = KJUR, + 98 _KJUR_asn1 = _KJUR.asn1; + 99 +100 _KJUR_asn1.cms.Attribute.superclass.constructor.call(this); +101 +102 this.getEncodedHex = function() { +103 var attrTypeASN1, attrValueASN1, seq; +104 attrTypeASN1 = new _KJUR_asn1.DERObjectIdentifier({"oid": this.attrTypeOid}); +105 +106 attrValueASN1 = new _KJUR_asn1.DERSet({"array": this.valueList}); +107 try { +108 attrValueASN1.getEncodedHex(); +109 } catch (ex) { +110 throw "fail valueSet.getEncodedHex in Attribute(1)/" + ex; +111 } +112 +113 seq = new _KJUR_asn1.DERSequence({"array": [attrTypeASN1, attrValueASN1]}); +114 try { +115 this.hTLV = seq.getEncodedHex(); +116 } catch (ex) { +117 throw "failed seq.getEncodedHex in Attribute(2)/" + ex; +118 } +119 +120 return this.hTLV; +121 }; +122 }; +123 YAHOO.lang.extend(KJUR.asn1.cms.Attribute, KJUR.asn1.ASN1Object); +124 +125 /** +126 * class for CMS ContentType attribute +127 * @name KJUR.asn1.cms.ContentType +128 * @class class for CMS ContentType attribute +129 * @param {Array} params associative array of parameters +130 * @extends KJUR.asn1.cms.Attribute +131 * @since jsrsasign 4.2.4 asn1cms 1.0.0 +132 * @description +133 * <pre> +134 * Attribute ::= SEQUENCE { +135 * type OBJECT IDENTIFIER, +136 * values AttributeSetValue } +137 * AttributeSetValue ::= SET OF ANY +138 * ContentType ::= OBJECT IDENTIFIER +139 * </pre> +140 * @example +141 * o = new KJUR.asn1.cms.ContentType({name: 'data'}); +142 * o = new KJUR.asn1.cms.ContentType({oid: '1.2.840.113549.1.9.16.1.4'}); +143 */ +144 KJUR.asn1.cms.ContentType = function(params) { +145 var _KJUR = KJUR, +146 _KJUR_asn1 = _KJUR.asn1; +147 +148 _KJUR_asn1.cms.ContentType.superclass.constructor.call(this); +149 +150 this.attrTypeOid = "1.2.840.113549.1.9.3"; +151 var contentTypeASN1 = null; +152 +153 if (typeof params != "undefined") { +154 var contentTypeASN1 = new _KJUR_asn1.DERObjectIdentifier(params); +155 this.valueList = [contentTypeASN1]; +156 } +157 }; +158 YAHOO.lang.extend(KJUR.asn1.cms.ContentType, KJUR.asn1.cms.Attribute); +159 +160 /** +161 * class for CMS MessageDigest attribute +162 * @name KJUR.asn1.cms.MessageDigest +163 * @class class for CMS MessageDigest attribute +164 * @param {Array} params associative array of parameters +165 * @extends KJUR.asn1.cms.Attribute +166 * @since jsrsasign 4.2.4 asn1cms 1.0.0 +167 * @description +168 * <pre> +169 * Attribute ::= SEQUENCE { +170 * type OBJECT IDENTIFIER, +171 * values AttributeSetValue } +172 * AttributeSetValue ::= SET OF ANY +173 * MessageDigest ::= OCTET STRING +174 * </pre> +175 * @example +176 * o = new KJUR.asn1.cms.MessageDigest({hex: 'a1a2a3a4...'}); +177 */ +178 KJUR.asn1.cms.MessageDigest = function(params) { +179 var _KJUR = KJUR, +180 _KJUR_asn1 = _KJUR.asn1, +181 _DEROctetString = _KJUR_asn1.DEROctetString, +182 _KJUR_asn1_cms = _KJUR_asn1.cms; +183 +184 _KJUR_asn1_cms.MessageDigest.superclass.constructor.call(this); +185 this.attrTypeOid = "1.2.840.113549.1.9.4"; +186 +187 if (params !== undefined) { +188 if (params.eciObj instanceof _KJUR_asn1_cms.EncapsulatedContentInfo && +189 typeof params.hashAlg === "string") { +190 var dataHex = params.eciObj.eContentValueHex; +191 var hashAlg = params.hashAlg; +192 var hashValueHex = _KJUR.crypto.Util.hashHex(dataHex, hashAlg); +193 var dAttrValue1 = new _DEROctetString({hex: hashValueHex}); +194 dAttrValue1.getEncodedHex(); +195 this.valueList = [dAttrValue1]; +196 } else { +197 var dAttrValue1 = new _DEROctetString(params); +198 dAttrValue1.getEncodedHex(); +199 this.valueList = [dAttrValue1]; +200 } +201 } +202 }; +203 YAHOO.lang.extend(KJUR.asn1.cms.MessageDigest, KJUR.asn1.cms.Attribute); +204 +205 /** +206 * class for CMS SigningTime attribute +207 * @name KJUR.asn1.cms.SigningTime +208 * @class class for CMS SigningTime attribute +209 * @param {Array} params associative array of parameters +210 * @extends KJUR.asn1.cms.Attribute +211 * @since jsrsasign 4.2.4 asn1cms 1.0.0 +212 * @description +213 * <pre> +214 * Attribute ::= SEQUENCE { +215 * type OBJECT IDENTIFIER, +216 * values AttributeSetValue } +217 * AttributeSetValue ::= SET OF ANY +218 * SigningTime ::= Time +219 * Time ::= CHOICE { +220 * utcTime UTCTime, +221 * generalTime GeneralizedTime } +222 * </pre> +223 * @example +224 * o = new KJUR.asn1.cms.SigningTime(); // current time UTCTime by default +225 * o = new KJUR.asn1.cms.SigningTime({type: 'gen'}); // current time GeneralizedTime +226 * o = new KJUR.asn1.cms.SigningTime({str: '20140517093800Z'}); // specified GeneralizedTime +227 * o = new KJUR.asn1.cms.SigningTime({str: '140517093800Z'}); // specified UTCTime +228 */ +229 KJUR.asn1.cms.SigningTime = function(params) { +230 var _KJUR = KJUR, +231 _KJUR_asn1 = _KJUR.asn1; +232 +233 _KJUR_asn1.cms.SigningTime.superclass.constructor.call(this); +234 this.attrTypeOid = "1.2.840.113549.1.9.5"; +235 +236 if (params !== undefined) { +237 var asn1 = new _KJUR_asn1.x509.Time(params); +238 try { +239 asn1.getEncodedHex(); +240 } catch (ex) { +241 throw "SigningTime.getEncodedHex() failed/" + ex; +242 } +243 this.valueList = [asn1]; +244 } +245 }; +246 YAHOO.lang.extend(KJUR.asn1.cms.SigningTime, KJUR.asn1.cms.Attribute); +247 +248 /** +249 * class for CMS SigningCertificate attribute +250 * @name KJUR.asn1.cms.SigningCertificate +251 * @class class for CMS SigningCertificate attribute +252 * @param {Array} params associative array of parameters +253 * @extends KJUR.asn1.cms.Attribute +254 * @since jsrsasign 4.5.1 asn1cms 1.0.1 +255 * @description +256 * <pre> +257 * Attribute ::= SEQUENCE { +258 * type OBJECT IDENTIFIER, +259 * values AttributeSetValue } +260 * AttributeSetValue ::= SET OF ANY +261 * SigningCertificate ::= SEQUENCE { +262 * certs SEQUENCE OF ESSCertID, +263 * policies SEQUENCE OF PolicyInformation OPTIONAL } +264 * ESSCertID ::= SEQUENCE { +265 * certHash Hash, +266 * issuerSerial IssuerSerial OPTIONAL } +267 * IssuerSerial ::= SEQUENCE { +268 * issuer GeneralNames, +269 * serialNumber CertificateSerialNumber } +270 * </pre> +271 * @example +272 * o = new KJUR.asn1.cms.SigningCertificate({array: [certPEM]}); +273 */ +274 KJUR.asn1.cms.SigningCertificate = function(params) { +275 var _KJUR = KJUR, +276 _KJUR_asn1 = _KJUR.asn1, +277 _DERSequence = _KJUR_asn1.DERSequence, +278 _KJUR_asn1_cms = _KJUR_asn1.cms, +279 _KJUR_crypto = _KJUR.crypto; +280 +281 _KJUR_asn1_cms.SigningCertificate.superclass.constructor.call(this); +282 this.attrTypeOid = "1.2.840.113549.1.9.16.2.12"; +283 +284 this.setCerts = function(listPEM) { +285 var list = []; +286 for (var i = 0; i < listPEM.length; i++) { +287 var hex = pemtohex(listPEM[i]); +288 var certHashHex = _KJUR.crypto.Util.hashHex(hex, 'sha1'); +289 var dCertHash = +290 new _KJUR_asn1.DEROctetString({hex: certHashHex}); +291 dCertHash.getEncodedHex(); +292 var dIssuerSerial = +293 new _KJUR_asn1_cms.IssuerSerial({cert: listPEM[i]}); +294 dIssuerSerial.getEncodedHex(); +295 var dESSCertID = +296 new _DERSequence({array: [dCertHash, dIssuerSerial]}); +297 dESSCertID.getEncodedHex(); +298 list.push(dESSCertID); +299 } +300 +301 var dValue = new _DERSequence({array: list}); +302 dValue.getEncodedHex(); +303 this.valueList = [dValue]; +304 }; +305 +306 if (params !== undefined) { +307 if (typeof params.array == "object") { +308 this.setCerts(params.array); +309 } +310 } +311 }; +312 YAHOO.lang.extend(KJUR.asn1.cms.SigningCertificate, KJUR.asn1.cms.Attribute); +313 +314 /** +315 * class for CMS SigningCertificateV2 attribute +316 * @name KJUR.asn1.cms.SigningCertificateV2 +317 * @class class for CMS SigningCertificateV2 attribute +318 * @param {Array} params associative array of parameters +319 * @extends KJUR.asn1.cms.Attribute +320 * @since jsrsasign 4.5.1 asn1cms 1.0.1 +321 * @description +322 * <pre> +323 * oid-signingCertificateV2 = 1.2.840.113549.1.9.16.2.47 +324 * Attribute ::= SEQUENCE { +325 * type OBJECT IDENTIFIER, +326 * values AttributeSetValue } +327 * AttributeSetValue ::= SET OF ANY +328 * SigningCertificateV2 ::= SEQUENCE { +329 * certs SEQUENCE OF ESSCertIDv2, +330 * policies SEQUENCE OF PolicyInformation OPTIONAL } +331 * ESSCertIDv2 ::= SEQUENCE { +332 * hashAlgorithm AlgorithmIdentifier +333 * DEFAULT {algorithm id-sha256}, +334 * certHash Hash, +335 * issuerSerial IssuerSerial OPTIONAL } +336 * Hash ::= OCTET STRING +337 * IssuerSerial ::= SEQUENCE { +338 * issuer GeneralNames, +339 * serialNumber CertificateSerialNumber } +340 * </pre> +341 * @example +342 * // hash algorithm is sha256 by default: +343 * o = new KJUR.asn1.cms.SigningCertificateV2({array: [certPEM]}); +344 * o = new KJUR.asn1.cms.SigningCertificateV2({array: [certPEM], +345 * hashAlg: 'sha512'}); +346 */ +347 KJUR.asn1.cms.SigningCertificateV2 = function(params) { +348 var _KJUR = KJUR, +349 _KJUR_asn1 = _KJUR.asn1, +350 _DERSequence = _KJUR_asn1.DERSequence, +351 _KJUR_asn1_x509 = _KJUR_asn1.x509, +352 _KJUR_asn1_cms = _KJUR_asn1.cms, +353 _KJUR_crypto = _KJUR.crypto; +354 +355 _KJUR_asn1_cms.SigningCertificateV2.superclass.constructor.call(this); +356 this.attrTypeOid = "1.2.840.113549.1.9.16.2.47"; +357 +358 this.setCerts = function(listPEM, hashAlg) { +359 var list = []; +360 for (var i = 0; i < listPEM.length; i++) { +361 var hex = pemtohex(listPEM[i]); +362 +363 var a = []; +364 if (hashAlg !== "sha256") +365 a.push(new _KJUR_asn1_x509.AlgorithmIdentifier({name: hashAlg})); +366 +367 var certHashHex = _KJUR_crypto.Util.hashHex(hex, hashAlg); +368 var dCertHash = new _KJUR_asn1.DEROctetString({hex: certHashHex}); +369 dCertHash.getEncodedHex(); +370 a.push(dCertHash); +371 +372 var dIssuerSerial = +373 new _KJUR_asn1_cms.IssuerSerial({cert: listPEM[i]}); +374 dIssuerSerial.getEncodedHex(); +375 a.push(dIssuerSerial); +376 +377 var dESSCertIDv2 = new _DERSequence({array: a}); +378 dESSCertIDv2.getEncodedHex(); +379 list.push(dESSCertIDv2); +380 } +381 +382 var dValue = new _DERSequence({array: list}); +383 dValue.getEncodedHex(); +384 this.valueList = [dValue]; +385 }; +386 +387 if (params !== undefined) { +388 if (typeof params.array == "object") { +389 var hashAlg = "sha256"; // sha2 default +390 if (typeof params.hashAlg == "string") +391 hashAlg = params.hashAlg; +392 this.setCerts(params.array, hashAlg); +393 } +394 } +395 }; +396 YAHOO.lang.extend(KJUR.asn1.cms.SigningCertificateV2, KJUR.asn1.cms.Attribute); +397 +398 /** +399 * class for IssuerSerial ASN.1 structure for CMS +400 * @name KJUR.asn1.cms.IssuerSerial +401 * @class class for CMS IssuerSerial ASN.1 structure for CMS +402 * @param {Array} params associative array of parameters +403 * @extends KJUR.asn1.ASN1Object +404 * @since jsrsasign 8.0.24 asn1cms 1.0.8 +405 * @see KJUR.asn1.cms.IssuerAndSerialNumber +406 * @see KJUR.asn1.cms.SigningCertificate +407 * @see KJUR.asn1.cms.SigningCertificateV2 +408 * @see KJUR.asn1.x509.GeneralNames +409 * @see KJUR.asn1.x509.X500Name +410 * @description +411 * This class represents IssuerSerial ASN.1 structure +412 * defined in +413 * <a href="https://tools.ietf.org/html/rfc5035#page-6> +414 * RFC 5034 section 4</a>. +415 * <pre> +416 * IssuerSerial ::= SEQUENCE { +417 * issuer GeneralNames, +418 * serialNumber CertificateSerialNumber +419 * } +420 * CertificateSerialNumber ::= INTEGER +421 * </pre> +422 * @example +423 * // specify by X500Name parameter and DERInteger +424 * o = new KJUR.asn1.cms.IssuerSerial( +425 * {issuer: {str: '/C=US/O=T1'}, serial {int: 3}}); +426 * // specify by PEM certificate +427 * o = new KJUR.asn1.cms.IssuerSerial({cert: certPEM}); +428 * o = new KJUR.asn1.cms.IssuerSerial(certPEM); // since 1.0.3 +429 */ +430 KJUR.asn1.cms.IssuerSerial = function(params) { +431 var _KJUR = KJUR, +432 _KJUR_asn1 = _KJUR.asn1, +433 _DERInteger = _KJUR_asn1.DERInteger, +434 _KJUR_asn1_cms = _KJUR_asn1.cms, +435 _KJUR_asn1_x509 = _KJUR_asn1.x509, +436 _X500Name = _KJUR_asn1_x509.X500Name, +437 _GeneralNames = _KJUR_asn1_x509.GeneralNames, +438 _X509 = X509; +439 +440 _KJUR_asn1_cms.IssuerSerial.superclass.constructor.call(this); +441 var dIssuer = null; +442 var dSerial = null; +443 +444 /* +445 */ +446 this.setByCertPEM = function(certPEM) { +447 var certHex = pemtohex(certPEM); +448 var x = new _X509(); +449 x.hex = certHex; +450 var issuerTLVHex = x.getIssuerHex(); +451 this.dIssuer = new _X500Name(); +452 this.dIssuer.hTLV = issuerTLVHex; +453 var serialVHex = x.getSerialNumberHex(); +454 this.dSerial = new _DERInteger({hex: serialVHex}); +455 }; +456 +457 this.getEncodedHex = function() { +458 var gns = new _GeneralNames([{dn: this.dIssuer}]); +459 var seq = new _KJUR_asn1.DERSequence({"array": [gns, +460 this.dSerial]}); +461 this.hTLV = seq.getEncodedHex(); +462 return this.hTLV; +463 }; +464 +465 if (params !== undefined) { +466 if (typeof params == "string" && +467 params.indexOf("-----BEGIN ") != -1) { +468 this.setByCertPEM(params); 469 } -470 if (typeof params.cert == "string") { -471 this.setByCertPEM(params.cert); -472 } -473 } -474 }; -475 YAHOO.lang.extend(KJUR.asn1.cms.IssuerAndSerialNumber, KJUR.asn1.ASN1Object); -476 -477 /** -478 * class for Attributes ASN.1 structure for CMS -479 * @name KJUR.asn1.cms.AttributeList -480 * @class class for Attributes ASN.1 structure for CMS -481 * @param {Array} params associative array of parameters -482 * @extends KJUR.asn1.ASN1Object -483 * @since jsrsasign 4.2.4 asn1cms 1.0.0 -484 * @description -485 * <pre> -486 * Attributes ::= SET OF Attribute -487 * Attribute ::= SEQUENCE { -488 * type OBJECT IDENTIFIER, -489 * values AttributeSetValue } -490 * </pre> -491 * @example -492 * // specify by X500Name and DERInteger -493 * o = new KJUR.asn1.cms.AttributeList({sorted: false}); // ASN.1 BER unsorted SET OF -494 * o = new KJUR.asn1.cms.AttributeList(); // ASN.1 DER sorted by default -495 * o.clear(); // clear list of Attributes -496 * n = o.length(); // get number of Attribute -497 * o.add(new KJUR.asn1.cms.SigningTime()); // add SigningTime attribute -498 * hex = o.getEncodedHex(); // get hex encoded ASN.1 data -499 */ -500 KJUR.asn1.cms.AttributeList = function(params) { -501 var _KJUR = KJUR, -502 _KJUR_asn1 = _KJUR.asn1, -503 _KJUR_asn1_cms = _KJUR_asn1.cms; -504 -505 _KJUR_asn1_cms.AttributeList.superclass.constructor.call(this); -506 this.list = new Array(); -507 this.sortFlag = true; -508 -509 this.add = function(item) { -510 if (item instanceof _KJUR_asn1_cms.Attribute) { -511 this.list.push(item); -512 } -513 }; -514 -515 this.length = function() { -516 return this.list.length; -517 }; -518 -519 this.clear = function() { -520 this.list = new Array(); -521 this.hTLV = null; -522 this.hV = null; -523 }; -524 -525 this.getEncodedHex = function() { -526 if (typeof this.hTLV == "string") return this.hTLV; -527 var set = new _KJUR_asn1.DERSet({array: this.list, -528 sortflag: this.sortFlag}); -529 this.hTLV = set.getEncodedHex(); -530 return this.hTLV; -531 }; -532 -533 if (params !== undefined) { -534 if (typeof params.sortflag != "undefined" && -535 params.sortflag == false) -536 this.sortFlag = false; -537 } -538 }; -539 YAHOO.lang.extend(KJUR.asn1.cms.AttributeList, KJUR.asn1.ASN1Object); -540 -541 /** -542 * class for SignerInfo ASN.1 structure of CMS SignedData -543 * @name KJUR.asn1.cms.SignerInfo -544 * @class class for Attributes ASN.1 structure of CMS SigndData -545 * @param {Array} params associative array of parameters -546 * @extends KJUR.asn1.ASN1Object -547 * @since jsrsasign 4.2.4 asn1cms 1.0.0 -548 * @description -549 * <pre> -550 * SignerInfo ::= SEQUENCE { -551 * version CMSVersion, -552 * sid SignerIdentifier, -553 * digestAlgorithm DigestAlgorithmIdentifier, -554 * signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL, -555 * signatureAlgorithm SignatureAlgorithmIdentifier, -556 * signature SignatureValue, -557 * unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL } -558 * </pre> -559 * @example -560 * o = new KJUR.asn1.cms.SignerInfo(); -561 * o.setSignerIdentifier(certPEMstring); -562 * o.dSignedAttrs.add(new KJUR.asn1.cms.ContentType({name: 'data'})); -563 * o.dSignedAttrs.add(new KJUR.asn1.cms.MessageDigest({hex: 'a1b2...'})); -564 * o.dSignedAttrs.add(new KJUR.asn1.cms.SigningTime()); -565 * o.sign(privteKeyParam, "SHA1withRSA"); -566 */ -567 KJUR.asn1.cms.SignerInfo = function(params) { -568 var _KJUR = KJUR, -569 _KJUR_asn1 = _KJUR.asn1, -570 _DERTaggedObject = _KJUR_asn1.DERTaggedObject, -571 _KJUR_asn1_cms = _KJUR_asn1.cms, -572 _AttributeList = _KJUR_asn1_cms.AttributeList, -573 _ContentType = _KJUR_asn1_cms.ContentType, -574 _EncapsulatedContentInfo = _KJUR_asn1_cms.EncapsulatedContentInfo, -575 _MessageDigest = _KJUR_asn1_cms.MessageDigest, -576 _SignedData = _KJUR_asn1_cms.SignedData, -577 _KJUR_asn1_x509 = _KJUR_asn1.x509, -578 _AlgorithmIdentifier = _KJUR_asn1_x509.AlgorithmIdentifier, -579 _KJUR_crypto = _KJUR.crypto, -580 _KEYUTIL = KEYUTIL; -581 -582 _KJUR_asn1_cms.SignerInfo.superclass.constructor.call(this); -583 -584 this.dCMSVersion = new _KJUR_asn1.DERInteger({'int': 1}); -585 this.dSignerIdentifier = null; -586 this.dDigestAlgorithm = null; -587 this.dSignedAttrs = new _AttributeList(); -588 this.dSigAlg = null; -589 this.dSig = null; -590 this.dUnsignedAttrs = new _AttributeList(); -591 -592 this.setSignerIdentifier = function(params) { -593 if (typeof params == "string" && -594 params.indexOf("CERTIFICATE") != -1 && -595 params.indexOf("BEGIN") != -1 && -596 params.indexOf("END") != -1) { -597 -598 var certPEM = params; -599 this.dSignerIdentifier = -600 new _KJUR_asn1_cms.IssuerAndSerialNumber({cert: params}); -601 } -602 }; -603 -604 /** -605 * set ContentType/MessageDigest/DigestAlgorithms for SignerInfo/SignedData -606 * @name setForContentAndHash -607 * @memberOf KJUR.asn1.cms.SignerInfo -608 * @param {Array} params JSON parameter to set content related field -609 * @description -610 * This method will specify following fields by a parameters: -611 * <ul> -612 * <li>add ContentType signed attribute by encapContentInfo</li> -613 * <li>add MessageDigest signed attribute by encapContentInfo and hashAlg</li> -614 * <li>add a hash algorithm used in MessageDigest to digestAlgorithms field of SignedData</li> -615 * <li>set a hash algorithm used in MessageDigest to digestAlgorithm field of SignerInfo</li> -616 * </ul> -617 * Argument 'params' is an associative array having following elements: -618 * <ul> -619 * <li>eciObj - {@link KJUR.asn1.cms.EncapsulatedContentInfo} object</li> -620 * <li>sdObj - {@link KJUR.asn1.cms.SignedData} object (Option) to set DigestAlgorithms</li> -621 * <li>hashAlg - string of hash algorithm name which is used for MessageDigest attribute</li> -622 * </ul> -623 * some of elements can be omited. -624 * @example -625 * sd = new KJUR.asn1.cms.SignedData(); -626 * signerInfo.setForContentAndHash({sdObj: sd, -627 * eciObj: sd.dEncapContentInfo, -628 * hashAlg: 'sha256'}); -629 */ -630 this.setForContentAndHash = function(params) { -631 if (params !== undefined) { -632 if (params.eciObj instanceof _EncapsulatedContentInfo) { -633 this.dSignedAttrs.add(new _ContentType({oid: '1.2.840.113549.1.7.1'})); -634 this.dSignedAttrs.add(new _MessageDigest({eciObj: params.eciObj, -635 hashAlg: params.hashAlg})); -636 } -637 if (params.sdObj !== undefined && -638 params.sdObj instanceof _SignedData) { -639 if (params.sdObj.digestAlgNameList.join(":").indexOf(params.hashAlg) == -1) { -640 params.sdObj.digestAlgNameList.push(params.hashAlg); -641 } -642 } -643 if (typeof params.hashAlg == "string") { -644 this.dDigestAlgorithm = new _AlgorithmIdentifier({name: params.hashAlg}); -645 } -646 } -647 }; -648 -649 this.sign = function(keyParam, sigAlg) { -650 // set algorithm -651 this.dSigAlg = new _AlgorithmIdentifier({name: sigAlg}); -652 -653 // set signature -654 var data = this.dSignedAttrs.getEncodedHex(); -655 var prvKey = _KEYUTIL.getKey(keyParam); -656 var sig = new _KJUR_crypto.Signature({alg: sigAlg}); -657 sig.init(prvKey); -658 sig.updateHex(data); -659 var sigValHex = sig.sign(); -660 this.dSig = new _KJUR_asn1.DEROctetString({hex: sigValHex}); -661 }; -662 -663 /* -664 * @since asn1cms 1.0.3 -665 */ -666 this.addUnsigned = function(attr) { -667 this.hTLV = null; -668 this.dUnsignedAttrs.hTLV = null; -669 this.dUnsignedAttrs.add(attr); -670 }; -671 -672 this.getEncodedHex = function() { -673 //alert("sattrs.hTLV=" + this.dSignedAttrs.hTLV); -674 if (this.dSignedAttrs instanceof _AttributeList && -675 this.dSignedAttrs.length() == 0) { -676 throw "SignedAttrs length = 0 (empty)"; -677 } -678 var sa = new _DERTaggedObject({obj: this.dSignedAttrs, -679 tag: 'a0', explicit: false}); -680 var ua = null;; -681 if (this.dUnsignedAttrs.length() > 0) { -682 ua = new _DERTaggedObject({obj: this.dUnsignedAttrs, -683 tag: 'a1', explicit: false}); -684 } -685 -686 var items = [ -687 this.dCMSVersion, -688 this.dSignerIdentifier, -689 this.dDigestAlgorithm, -690 sa, -691 this.dSigAlg, -692 this.dSig, -693 ]; -694 if (ua != null) items.push(ua); +470 if (params.issuer && params.serial) { +471 if (params.issuer instanceof _X500Name) { +472 this.dIssuer = params.issuer; +473 } else { +474 this.dIssuer = new _X500Name(params.issuer); +475 } +476 if (params.serial instanceof _DERInteger) { +477 this.dSerial = params.serial; +478 } else { +479 this.dSerial = new _DERInteger(params.serial); +480 } +481 } +482 if (typeof params.cert == "string") { +483 this.setByCertPEM(params.cert); +484 } +485 } +486 }; +487 YAHOO.lang.extend(KJUR.asn1.cms.IssuerSerial, KJUR.asn1.ASN1Object); +488 +489 /** +490 * class for IssuerAndSerialNumber ASN.1 structure for CMS +491 * @name KJUR.asn1.cms.IssuerAndSerialNumber +492 * @class class for CMS IssuerAndSerialNumber ASN.1 structure for CMS +493 * @param {Array} params associative array of parameters +494 * @extends KJUR.asn1.ASN1Object +495 * @since jsrsasign 4.2.4 asn1cms 1.0.0 +496 * @description +497 * <pre> +498 * IssuerAndSerialNumber ::= SEQUENCE { +499 * issuer Name, +500 * serialNumber CertificateSerialNumber } +501 * CertificateSerialNumber ::= INTEGER +502 * </pre> +503 * @example +504 * // specify by X500Name and DERInteger +505 * o = new KJUR.asn1.cms.IssuerAndSerialNumber( +506 * {issuer: {str: '/C=US/O=T1'}, serial {int: 3}}); +507 * // specify by PEM certificate +508 * o = new KJUR.asn1.cms.IssuerAndSerialNumber({cert: certPEM}); +509 * o = new KJUR.asn1.cms.IssuerAndSerialNumber(certPEM); // since 1.0.3 +510 */ +511 KJUR.asn1.cms.IssuerAndSerialNumber = function(params) { +512 var _KJUR = KJUR, +513 _KJUR_asn1 = _KJUR.asn1, +514 _DERInteger = _KJUR_asn1.DERInteger, +515 _KJUR_asn1_cms = _KJUR_asn1.cms, +516 _KJUR_asn1_x509 = _KJUR_asn1.x509, +517 _X500Name = _KJUR_asn1_x509.X500Name, +518 _X509 = X509; +519 +520 _KJUR_asn1_cms.IssuerAndSerialNumber.superclass.constructor.call(this); +521 var dIssuer = null; +522 var dSerial = null; +523 +524 /* +525 * @since asn1cms 1.0.1 +526 */ +527 this.setByCertPEM = function(certPEM) { +528 var certHex = pemtohex(certPEM); +529 var x = new _X509(); +530 x.hex = certHex; +531 var issuerTLVHex = x.getIssuerHex(); +532 this.dIssuer = new _X500Name(); +533 this.dIssuer.hTLV = issuerTLVHex; +534 var serialVHex = x.getSerialNumberHex(); +535 this.dSerial = new _DERInteger({hex: serialVHex}); +536 }; +537 +538 this.getEncodedHex = function() { +539 var seq = new _KJUR_asn1.DERSequence({"array": [this.dIssuer, +540 this.dSerial]}); +541 this.hTLV = seq.getEncodedHex(); +542 return this.hTLV; +543 }; +544 +545 if (params !== undefined) { +546 if (typeof params == "string" && +547 params.indexOf("-----BEGIN ") != -1) { +548 this.setByCertPEM(params); +549 } +550 if (params.issuer && params.serial) { +551 if (params.issuer instanceof _X500Name) { +552 this.dIssuer = params.issuer; +553 } else { +554 this.dIssuer = new _X500Name(params.issuer); +555 } +556 if (params.serial instanceof _DERInteger) { +557 this.dSerial = params.serial; +558 } else { +559 this.dSerial = new _DERInteger(params.serial); +560 } +561 } +562 if (typeof params.cert == "string") { +563 this.setByCertPEM(params.cert); +564 } +565 } +566 }; +567 YAHOO.lang.extend(KJUR.asn1.cms.IssuerAndSerialNumber, KJUR.asn1.ASN1Object); +568 +569 /** +570 * class for Attributes ASN.1 structure for CMS +571 * @name KJUR.asn1.cms.AttributeList +572 * @class class for Attributes ASN.1 structure for CMS +573 * @param {Array} params associative array of parameters +574 * @extends KJUR.asn1.ASN1Object +575 * @since jsrsasign 4.2.4 asn1cms 1.0.0 +576 * @description +577 * <pre> +578 * Attributes ::= SET OF Attribute +579 * Attribute ::= SEQUENCE { +580 * type OBJECT IDENTIFIER, +581 * values AttributeSetValue } +582 * </pre> +583 * @example +584 * // specify by X500Name and DERInteger +585 * o = new KJUR.asn1.cms.AttributeList({sorted: false}); // ASN.1 BER unsorted SET OF +586 * o = new KJUR.asn1.cms.AttributeList(); // ASN.1 DER sorted by default +587 * o.clear(); // clear list of Attributes +588 * n = o.length(); // get number of Attribute +589 * o.add(new KJUR.asn1.cms.SigningTime()); // add SigningTime attribute +590 * hex = o.getEncodedHex(); // get hex encoded ASN.1 data +591 */ +592 KJUR.asn1.cms.AttributeList = function(params) { +593 var _KJUR = KJUR, +594 _KJUR_asn1 = _KJUR.asn1, +595 _KJUR_asn1_cms = _KJUR_asn1.cms; +596 +597 _KJUR_asn1_cms.AttributeList.superclass.constructor.call(this); +598 this.list = new Array(); +599 this.sortFlag = true; +600 +601 this.add = function(item) { +602 if (item instanceof _KJUR_asn1_cms.Attribute) { +603 this.list.push(item); +604 } +605 }; +606 +607 this.length = function() { +608 return this.list.length; +609 }; +610 +611 this.clear = function() { +612 this.list = new Array(); +613 this.hTLV = null; +614 this.hV = null; +615 }; +616 +617 this.getEncodedHex = function() { +618 if (typeof this.hTLV == "string") return this.hTLV; +619 var set = new _KJUR_asn1.DERSet({array: this.list, +620 sortflag: this.sortFlag}); +621 this.hTLV = set.getEncodedHex(); +622 return this.hTLV; +623 }; +624 +625 if (params !== undefined) { +626 if (typeof params.sortflag != "undefined" && +627 params.sortflag == false) +628 this.sortFlag = false; +629 } +630 }; +631 YAHOO.lang.extend(KJUR.asn1.cms.AttributeList, KJUR.asn1.ASN1Object); +632 +633 /** +634 * class for SignerInfo ASN.1 structure of CMS SignedData +635 * @name KJUR.asn1.cms.SignerInfo +636 * @class class for Attributes ASN.1 structure of CMS SigndData +637 * @param {Array} params associative array of parameters +638 * @extends KJUR.asn1.ASN1Object +639 * @since jsrsasign 4.2.4 asn1cms 1.0.0 +640 * @description +641 * <pre> +642 * SignerInfo ::= SEQUENCE { +643 * version CMSVersion, +644 * sid SignerIdentifier, +645 * digestAlgorithm DigestAlgorithmIdentifier, +646 * signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL, +647 * signatureAlgorithm SignatureAlgorithmIdentifier, +648 * signature SignatureValue, +649 * unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL } +650 * </pre> +651 * @example +652 * o = new KJUR.asn1.cms.SignerInfo(); +653 * o.setSignerIdentifier(certPEMstring); +654 * o.dSignedAttrs.add(new KJUR.asn1.cms.ContentType({name: 'data'})); +655 * o.dSignedAttrs.add(new KJUR.asn1.cms.MessageDigest({hex: 'a1b2...'})); +656 * o.dSignedAttrs.add(new KJUR.asn1.cms.SigningTime()); +657 * o.sign(privteKeyParam, "SHA1withRSA"); +658 */ +659 KJUR.asn1.cms.SignerInfo = function(params) { +660 var _KJUR = KJUR, +661 _KJUR_asn1 = _KJUR.asn1, +662 _DERTaggedObject = _KJUR_asn1.DERTaggedObject, +663 _KJUR_asn1_cms = _KJUR_asn1.cms, +664 _AttributeList = _KJUR_asn1_cms.AttributeList, +665 _ContentType = _KJUR_asn1_cms.ContentType, +666 _EncapsulatedContentInfo = _KJUR_asn1_cms.EncapsulatedContentInfo, +667 _MessageDigest = _KJUR_asn1_cms.MessageDigest, +668 _SignedData = _KJUR_asn1_cms.SignedData, +669 _KJUR_asn1_x509 = _KJUR_asn1.x509, +670 _AlgorithmIdentifier = _KJUR_asn1_x509.AlgorithmIdentifier, +671 _KJUR_crypto = _KJUR.crypto, +672 _KEYUTIL = KEYUTIL; +673 +674 _KJUR_asn1_cms.SignerInfo.superclass.constructor.call(this); +675 +676 this.dCMSVersion = new _KJUR_asn1.DERInteger({'int': 1}); +677 this.dSignerIdentifier = null; +678 this.dDigestAlgorithm = null; +679 this.dSignedAttrs = new _AttributeList(); +680 this.dSigAlg = null; +681 this.dSig = null; +682 this.dUnsignedAttrs = new _AttributeList(); +683 +684 this.setSignerIdentifier = function(params) { +685 if (typeof params == "string" && +686 params.indexOf("CERTIFICATE") != -1 && +687 params.indexOf("BEGIN") != -1 && +688 params.indexOf("END") != -1) { +689 +690 var certPEM = params; +691 this.dSignerIdentifier = +692 new _KJUR_asn1_cms.IssuerAndSerialNumber({cert: params}); +693 } +694 }; 695 -696 var seq = new _KJUR_asn1.DERSequence({array: items}); -697 this.hTLV = seq.getEncodedHex(); -698 return this.hTLV; -699 }; -700 }; -701 YAHOO.lang.extend(KJUR.asn1.cms.SignerInfo, KJUR.asn1.ASN1Object); -702 -703 /** -704 * class for EncapsulatedContentInfo ASN.1 structure for CMS -705 * @name KJUR.asn1.cms.EncapsulatedContentInfo -706 * @class class for EncapsulatedContentInfo ASN.1 structure for CMS -707 * @param {Array} params associative array of parameters -708 * @extends KJUR.asn1.ASN1Object -709 * @since jsrsasign 4.2.4 asn1cms 1.0.0 -710 * @description -711 * <pre> -712 * EncapsulatedContentInfo ::= SEQUENCE { -713 * eContentType ContentType, -714 * eContent [0] EXPLICIT OCTET STRING OPTIONAL } -715 * ContentType ::= OBJECT IDENTIFIER -716 * </pre> -717 * @example -718 * o = new KJUR.asn1.cms.EncapsulatedContentInfo(); -719 * o.setContentType('1.2.3.4.5'); // specify eContentType by OID -720 * o.setContentType('data'); // specify eContentType by name -721 * o.setContentValueHex('a1a2a4...'); // specify eContent data by hex string -722 * o.setContentValueStr('apple'); // specify eContent data by UTF-8 string -723 * // for detached contents (i.e. data not concluded in eContent) -724 * o.isDetached = true; // false as default -725 */ -726 KJUR.asn1.cms.EncapsulatedContentInfo = function(params) { -727 var _KJUR = KJUR, -728 _KJUR_asn1 = _KJUR.asn1, -729 _DERTaggedObject = _KJUR_asn1.DERTaggedObject, -730 _DERSequence = _KJUR_asn1.DERSequence, -731 _DERObjectIdentifier = _KJUR_asn1.DERObjectIdentifier, -732 _DEROctetString = _KJUR_asn1.DEROctetString, -733 _KJUR_asn1_cms = _KJUR_asn1.cms; -734 -735 _KJUR_asn1_cms.EncapsulatedContentInfo.superclass.constructor.call(this); -736 -737 this.dEContentType = new _DERObjectIdentifier({name: 'data'}); -738 this.dEContent = null; -739 this.isDetached = false; -740 this.eContentValueHex = null; -741 -742 this.setContentType = function(nameOrOid) { -743 if (nameOrOid.match(/^[0-2][.][0-9.]+$/)) { -744 this.dEContentType = new _DERObjectIdentifier({oid: nameOrOid}); -745 } else { -746 this.dEContentType = new _DERObjectIdentifier({name: nameOrOid}); -747 } -748 }; -749 -750 this.setContentValue = function(params) { -751 if (params !== undefined) { -752 if (typeof params.hex == "string") { -753 this.eContentValueHex = params.hex; -754 } else if (typeof params.str == "string") { -755 this.eContentValueHex = utf8tohex(params.str); -756 } -757 } -758 }; -759 -760 this.setContentValueHex = function(valueHex) { -761 this.eContentValueHex = valueHex; +696 /** +697 * set ContentType/MessageDigest/DigestAlgorithms for SignerInfo/SignedData +698 * @name setForContentAndHash +699 * @memberOf KJUR.asn1.cms.SignerInfo +700 * @param {Array} params JSON parameter to set content related field +701 * @description +702 * This method will specify following fields by a parameters: +703 * <ul> +704 * <li>add ContentType signed attribute by encapContentInfo</li> +705 * <li>add MessageDigest signed attribute by encapContentInfo and hashAlg</li> +706 * <li>add a hash algorithm used in MessageDigest to digestAlgorithms field of SignedData</li> +707 * <li>set a hash algorithm used in MessageDigest to digestAlgorithm field of SignerInfo</li> +708 * </ul> +709 * Argument 'params' is an associative array having following elements: +710 * <ul> +711 * <li>eciObj - {@link KJUR.asn1.cms.EncapsulatedContentInfo} object</li> +712 * <li>sdObj - {@link KJUR.asn1.cms.SignedData} object (Option) to set DigestAlgorithms</li> +713 * <li>hashAlg - string of hash algorithm name which is used for MessageDigest attribute</li> +714 * </ul> +715 * some of elements can be omited. +716 * @example +717 * sd = new KJUR.asn1.cms.SignedData(); +718 * signerInfo.setForContentAndHash({sdObj: sd, +719 * eciObj: sd.dEncapContentInfo, +720 * hashAlg: 'sha256'}); +721 */ +722 this.setForContentAndHash = function(params) { +723 if (params !== undefined) { +724 if (params.eciObj instanceof _EncapsulatedContentInfo) { +725 this.dSignedAttrs.add(new _ContentType({oid: '1.2.840.113549.1.7.1'})); +726 this.dSignedAttrs.add(new _MessageDigest({eciObj: params.eciObj, +727 hashAlg: params.hashAlg})); +728 } +729 if (params.sdObj !== undefined && +730 params.sdObj instanceof _SignedData) { +731 if (params.sdObj.digestAlgNameList.join(":").indexOf(params.hashAlg) == -1) { +732 params.sdObj.digestAlgNameList.push(params.hashAlg); +733 } +734 } +735 if (typeof params.hashAlg == "string") { +736 this.dDigestAlgorithm = new _AlgorithmIdentifier({name: params.hashAlg}); +737 } +738 } +739 }; +740 +741 this.sign = function(keyParam, sigAlg) { +742 // set algorithm +743 this.dSigAlg = new _AlgorithmIdentifier({name: sigAlg}); +744 +745 // set signature +746 var data = this.dSignedAttrs.getEncodedHex(); +747 var prvKey = _KEYUTIL.getKey(keyParam); +748 var sig = new _KJUR_crypto.Signature({alg: sigAlg}); +749 sig.init(prvKey); +750 sig.updateHex(data); +751 var sigValHex = sig.sign(); +752 this.dSig = new _KJUR_asn1.DEROctetString({hex: sigValHex}); +753 }; +754 +755 /* +756 * @since asn1cms 1.0.3 +757 */ +758 this.addUnsigned = function(attr) { +759 this.hTLV = null; +760 this.dUnsignedAttrs.hTLV = null; +761 this.dUnsignedAttrs.add(attr); 762 }; 763 -764 this.setContentValueStr = function(valueStr) { -765 this.eContentValueHex = utf8tohex(valueStr); -766 }; -767 -768 this.getEncodedHex = function() { -769 if (typeof this.eContentValueHex != "string") { -770 throw "eContentValue not yet set"; -771 } -772 -773 var dValue = new _DEROctetString({hex: this.eContentValueHex}); -774 this.dEContent = new _DERTaggedObject({obj: dValue, -775 tag: 'a0', -776 explicit: true}); +764 this.getEncodedHex = function() { +765 //alert("sattrs.hTLV=" + this.dSignedAttrs.hTLV); +766 if (this.dSignedAttrs instanceof _AttributeList && +767 this.dSignedAttrs.length() == 0) { +768 throw "SignedAttrs length = 0 (empty)"; +769 } +770 var sa = new _DERTaggedObject({obj: this.dSignedAttrs, +771 tag: 'a0', explicit: false}); +772 var ua = null;; +773 if (this.dUnsignedAttrs.length() > 0) { +774 ua = new _DERTaggedObject({obj: this.dUnsignedAttrs, +775 tag: 'a1', explicit: false}); +776 } 777 -778 var a = [this.dEContentType]; -779 if (! this.isDetached) a.push(this.dEContent); -780 var seq = new _DERSequence({array: a}); -781 this.hTLV = seq.getEncodedHex(); -782 return this.hTLV; -783 }; -784 }; -785 YAHOO.lang.extend(KJUR.asn1.cms.EncapsulatedContentInfo, KJUR.asn1.ASN1Object); -786 -787 // - type -788 // - obj -789 /** -790 * class for ContentInfo ASN.1 structure for CMS -791 * @name KJUR.asn1.cms.ContentInfo -792 * @class class for ContentInfo ASN.1 structure for CMS -793 * @param {Array} params associative array of parameters -794 * @extends KJUR.asn1.ASN1Object -795 * @since jsrsasign 4.2.4 asn1cms 1.0.0 -796 * @description -797 * <pre> -798 * ContentInfo ::= SEQUENCE { -799 * contentType ContentType, -800 * content [0] EXPLICIT ANY DEFINED BY contentType } -801 * ContentType ::= OBJECT IDENTIFIER -802 * </pre> -803 * @example -804 * a = [new KJUR.asn1.DERInteger({int: 1}), -805 * new KJUR.asn1.DERInteger({int: 2})]; -806 * seq = new KJUR.asn1.DERSequence({array: a}); -807 * o = new KJUR.asn1.cms.ContentInfo({type: 'data', obj: seq}); -808 */ -809 KJUR.asn1.cms.ContentInfo = function(params) { -810 var _KJUR = KJUR, -811 _KJUR_asn1 = _KJUR.asn1, -812 _DERTaggedObject = _KJUR_asn1.DERTaggedObject, -813 _DERSequence = _KJUR_asn1.DERSequence, -814 _KJUR_asn1_x509 = _KJUR_asn1.x509; -815 -816 KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this); -817 -818 this.dContentType = null; -819 this.dContent = null; -820 -821 this.setContentType = function(params) { -822 if (typeof params == "string") { -823 this.dContentType = _KJUR_asn1_x509.OID.name2obj(params); -824 } -825 }; +778 var items = [ +779 this.dCMSVersion, +780 this.dSignerIdentifier, +781 this.dDigestAlgorithm, +782 sa, +783 this.dSigAlg, +784 this.dSig, +785 ]; +786 if (ua != null) items.push(ua); +787 +788 var seq = new _KJUR_asn1.DERSequence({array: items}); +789 this.hTLV = seq.getEncodedHex(); +790 return this.hTLV; +791 }; +792 }; +793 YAHOO.lang.extend(KJUR.asn1.cms.SignerInfo, KJUR.asn1.ASN1Object); +794 +795 /** +796 * class for EncapsulatedContentInfo ASN.1 structure for CMS +797 * @name KJUR.asn1.cms.EncapsulatedContentInfo +798 * @class class for EncapsulatedContentInfo ASN.1 structure for CMS +799 * @param {Array} params associative array of parameters +800 * @extends KJUR.asn1.ASN1Object +801 * @since jsrsasign 4.2.4 asn1cms 1.0.0 +802 * @description +803 * <pre> +804 * EncapsulatedContentInfo ::= SEQUENCE { +805 * eContentType ContentType, +806 * eContent [0] EXPLICIT OCTET STRING OPTIONAL } +807 * ContentType ::= OBJECT IDENTIFIER +808 * </pre> +809 * @example +810 * o = new KJUR.asn1.cms.EncapsulatedContentInfo(); +811 * o.setContentType('1.2.3.4.5'); // specify eContentType by OID +812 * o.setContentType('data'); // specify eContentType by name +813 * o.setContentValueHex('a1a2a4...'); // specify eContent data by hex string +814 * o.setContentValueStr('apple'); // specify eContent data by UTF-8 string +815 * // for detached contents (i.e. data not concluded in eContent) +816 * o.isDetached = true; // false as default +817 */ +818 KJUR.asn1.cms.EncapsulatedContentInfo = function(params) { +819 var _KJUR = KJUR, +820 _KJUR_asn1 = _KJUR.asn1, +821 _DERTaggedObject = _KJUR_asn1.DERTaggedObject, +822 _DERSequence = _KJUR_asn1.DERSequence, +823 _DERObjectIdentifier = _KJUR_asn1.DERObjectIdentifier, +824 _DEROctetString = _KJUR_asn1.DEROctetString, +825 _KJUR_asn1_cms = _KJUR_asn1.cms; 826 -827 this.getEncodedHex = function() { -828 var dContent0 = new _DERTaggedObject({obj: this.dContent, -829 tag: 'a0', -830 explicit: true}); -831 var seq = new _DERSequence({array: [this.dContentType, dContent0]}); -832 this.hTLV = seq.getEncodedHex(); -833 return this.hTLV; -834 }; -835 -836 if (params !== undefined) { -837 if (params.type) -838 this.setContentType(params.type); -839 if (params.obj && -840 params.obj instanceof _KJUR_asn1.ASN1Object) -841 this.dContent = params.obj; -842 } -843 }; -844 YAHOO.lang.extend(KJUR.asn1.cms.ContentInfo, KJUR.asn1.ASN1Object); -845 -846 /** -847 * class for SignerInfo ASN.1 structure of CMS SignedData -848 * @name KJUR.asn1.cms.SignedData -849 * @class class for Attributes ASN.1 structure of CMS SigndData -850 * @param {Array} params associative array of parameters -851 * @extends KJUR.asn1.ASN1Object -852 * @since jsrsasign 4.2.4 asn1cms 1.0.0 -853 * -854 * @description -855 * <pre> -856 * SignedData ::= SEQUENCE { -857 * version CMSVersion, -858 * digestAlgorithms DigestAlgorithmIdentifiers, -859 * encapContentInfo EncapsulatedContentInfo, -860 * certificates [0] IMPLICIT CertificateSet OPTIONAL, -861 * crls [1] IMPLICIT RevocationInfoChoices OPTIONAL, -862 * signerInfos SignerInfos } -863 * SignerInfos ::= SET OF SignerInfo -864 * CertificateSet ::= SET OF CertificateChoices -865 * DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier -866 * CertificateSet ::= SET OF CertificateChoices -867 * RevocationInfoChoices ::= SET OF RevocationInfoChoice -868 * </pre> -869 * -870 * @example -871 * sd = new KJUR.asn1.cms.SignedData(); -872 * sd.dEncapContentInfo.setContentValueStr("test string"); -873 * sd.signerInfoList[0].setForContentAndHash({sdObj: sd, -874 * eciObj: sd.dEncapContentInfo, -875 * hashAlg: 'sha256'}); -876 * sd.signerInfoList[0].dSignedAttrs.add(new KJUR.asn1.cms.SigningTime()); -877 * sd.signerInfoList[0].setSignerIdentifier(certPEM); -878 * sd.signerInfoList[0].sign(prvP8PEM, "SHA256withRSA"); -879 * hex = sd.getContentInfoEncodedHex(); -880 */ -881 KJUR.asn1.cms.SignedData = function(params) { -882 var _KJUR = KJUR, -883 _KJUR_asn1 = _KJUR.asn1, -884 _ASN1Object = _KJUR_asn1.ASN1Object, -885 _DERInteger = _KJUR_asn1.DERInteger, -886 _DERSet = _KJUR_asn1.DERSet, -887 _DERSequence = _KJUR_asn1.DERSequence, -888 _DERTaggedObject = _KJUR_asn1.DERTaggedObject, -889 _KJUR_asn1_cms = _KJUR_asn1.cms, -890 _EncapsulatedContentInfo = _KJUR_asn1_cms.EncapsulatedContentInfo, -891 _SignerInfo = _KJUR_asn1_cms.SignerInfo, -892 _ContentInfo = _KJUR_asn1_cms.ContentInfo, -893 _KJUR_asn1_x509 = _KJUR_asn1.x509, -894 _AlgorithmIdentifier = _KJUR_asn1_x509.AlgorithmIdentifier; -895 -896 KJUR.asn1.cms.SignedData.superclass.constructor.call(this); -897 -898 this.dCMSVersion = new _DERInteger({'int': 1}); -899 this.dDigestAlgs = null; -900 this.digestAlgNameList = []; -901 this.dEncapContentInfo = new _EncapsulatedContentInfo(); -902 this.dCerts = null; -903 this.certificateList = []; -904 this.crlList = []; -905 this.signerInfoList = [new _SignerInfo()]; -906 -907 this.addCertificatesByPEM = function(certPEM) { -908 var hex = pemtohex(certPEM); -909 var o = new _ASN1Object(); -910 o.hTLV = hex; -911 this.certificateList.push(o); -912 }; -913 -914 this.getEncodedHex = function() { -915 if (typeof this.hTLV == "string") return this.hTLV; -916 -917 if (this.dDigestAlgs == null) { -918 var digestAlgList = []; -919 for (var i = 0; i < this.digestAlgNameList.length; i++) { -920 var name = this.digestAlgNameList[i]; -921 var o = new _AlgorithmIdentifier({name: name}); -922 digestAlgList.push(o); -923 } -924 this.dDigestAlgs = new _DERSet({array: digestAlgList}); -925 } -926 -927 var a = [this.dCMSVersion, -928 this.dDigestAlgs, -929 this.dEncapContentInfo]; -930 -931 if (this.dCerts == null) { -932 if (this.certificateList.length > 0) { -933 var o1 = new _DERSet({array: this.certificateList}); -934 this.dCerts -935 = new _DERTaggedObject({obj: o1, -936 tag: 'a0', -937 explicit: false}); -938 } -939 } -940 if (this.dCerts != null) a.push(this.dCerts); -941 -942 var dSignerInfos = new _DERSet({array: this.signerInfoList}); -943 a.push(dSignerInfos); -944 -945 var seq = new _DERSequence({array: a}); -946 this.hTLV = seq.getEncodedHex(); -947 return this.hTLV; -948 }; -949 -950 this.getContentInfo = function() { -951 this.getEncodedHex(); -952 var ci = new _ContentInfo({type: 'signed-data', obj: this}); -953 return ci; -954 }; -955 -956 this.getContentInfoEncodedHex = function() { -957 var ci = this.getContentInfo(); -958 var ciHex = ci.getEncodedHex(); -959 return ciHex; -960 }; -961 -962 this.getPEM = function() { -963 return hextopem(this.getContentInfoEncodedHex(), "CMS"); -964 }; -965 }; -966 YAHOO.lang.extend(KJUR.asn1.cms.SignedData, KJUR.asn1.ASN1Object); -967 -968 /** -969 * CMS utiliteis class -970 * @name KJUR.asn1.cms.CMSUtil -971 * @class CMS utilities class +827 _KJUR_asn1_cms.EncapsulatedContentInfo.superclass.constructor.call(this); +828 +829 this.dEContentType = new _DERObjectIdentifier({name: 'data'}); +830 this.dEContent = null; +831 this.isDetached = false; +832 this.eContentValueHex = null; +833 +834 this.setContentType = function(nameOrOid) { +835 if (nameOrOid.match(/^[0-2][.][0-9.]+$/)) { +836 this.dEContentType = new _DERObjectIdentifier({oid: nameOrOid}); +837 } else { +838 this.dEContentType = new _DERObjectIdentifier({name: nameOrOid}); +839 } +840 }; +841 +842 this.setContentValue = function(params) { +843 if (params !== undefined) { +844 if (typeof params.hex == "string") { +845 this.eContentValueHex = params.hex; +846 } else if (typeof params.str == "string") { +847 this.eContentValueHex = utf8tohex(params.str); +848 } +849 } +850 }; +851 +852 this.setContentValueHex = function(valueHex) { +853 this.eContentValueHex = valueHex; +854 }; +855 +856 this.setContentValueStr = function(valueStr) { +857 this.eContentValueHex = utf8tohex(valueStr); +858 }; +859 +860 this.getEncodedHex = function() { +861 if (typeof this.eContentValueHex != "string") { +862 throw "eContentValue not yet set"; +863 } +864 +865 var dValue = new _DEROctetString({hex: this.eContentValueHex}); +866 this.dEContent = new _DERTaggedObject({obj: dValue, +867 tag: 'a0', +868 explicit: true}); +869 +870 var a = [this.dEContentType]; +871 if (! this.isDetached) a.push(this.dEContent); +872 var seq = new _DERSequence({array: a}); +873 this.hTLV = seq.getEncodedHex(); +874 return this.hTLV; +875 }; +876 }; +877 YAHOO.lang.extend(KJUR.asn1.cms.EncapsulatedContentInfo, KJUR.asn1.ASN1Object); +878 +879 // - type +880 // - obj +881 /** +882 * class for ContentInfo ASN.1 structure for CMS +883 * @name KJUR.asn1.cms.ContentInfo +884 * @class class for ContentInfo ASN.1 structure for CMS +885 * @param {Array} params associative array of parameters +886 * @extends KJUR.asn1.ASN1Object +887 * @since jsrsasign 4.2.4 asn1cms 1.0.0 +888 * @description +889 * <pre> +890 * ContentInfo ::= SEQUENCE { +891 * contentType ContentType, +892 * content [0] EXPLICIT ANY DEFINED BY contentType } +893 * ContentType ::= OBJECT IDENTIFIER +894 * </pre> +895 * @example +896 * a = [new KJUR.asn1.DERInteger({int: 1}), +897 * new KJUR.asn1.DERInteger({int: 2})]; +898 * seq = new KJUR.asn1.DERSequence({array: a}); +899 * o = new KJUR.asn1.cms.ContentInfo({type: 'data', obj: seq}); +900 */ +901 KJUR.asn1.cms.ContentInfo = function(params) { +902 var _KJUR = KJUR, +903 _KJUR_asn1 = _KJUR.asn1, +904 _DERTaggedObject = _KJUR_asn1.DERTaggedObject, +905 _DERSequence = _KJUR_asn1.DERSequence, +906 _KJUR_asn1_x509 = _KJUR_asn1.x509; +907 +908 KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this); +909 +910 this.dContentType = null; +911 this.dContent = null; +912 +913 this.setContentType = function(params) { +914 if (typeof params == "string") { +915 this.dContentType = _KJUR_asn1_x509.OID.name2obj(params); +916 } +917 }; +918 +919 this.getEncodedHex = function() { +920 var dContent0 = new _DERTaggedObject({obj: this.dContent, +921 tag: 'a0', +922 explicit: true}); +923 var seq = new _DERSequence({array: [this.dContentType, dContent0]}); +924 this.hTLV = seq.getEncodedHex(); +925 return this.hTLV; +926 }; +927 +928 if (params !== undefined) { +929 if (params.type) +930 this.setContentType(params.type); +931 if (params.obj && +932 params.obj instanceof _KJUR_asn1.ASN1Object) +933 this.dContent = params.obj; +934 } +935 }; +936 YAHOO.lang.extend(KJUR.asn1.cms.ContentInfo, KJUR.asn1.ASN1Object); +937 +938 /** +939 * class for SignerInfo ASN.1 structure of CMS SignedData +940 * @name KJUR.asn1.cms.SignedData +941 * @class class for Attributes ASN.1 structure of CMS SigndData +942 * @param {Array} params associative array of parameters +943 * @extends KJUR.asn1.ASN1Object +944 * @since jsrsasign 4.2.4 asn1cms 1.0.0 +945 * +946 * @description +947 * <pre> +948 * SignedData ::= SEQUENCE { +949 * version CMSVersion, +950 * digestAlgorithms DigestAlgorithmIdentifiers, +951 * encapContentInfo EncapsulatedContentInfo, +952 * certificates [0] IMPLICIT CertificateSet OPTIONAL, +953 * crls [1] IMPLICIT RevocationInfoChoices OPTIONAL, +954 * signerInfos SignerInfos } +955 * SignerInfos ::= SET OF SignerInfo +956 * CertificateSet ::= SET OF CertificateChoices +957 * DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier +958 * CertificateSet ::= SET OF CertificateChoices +959 * RevocationInfoChoices ::= SET OF RevocationInfoChoice +960 * </pre> +961 * +962 * @example +963 * sd = new KJUR.asn1.cms.SignedData(); +964 * sd.dEncapContentInfo.setContentValueStr("test string"); +965 * sd.signerInfoList[0].setForContentAndHash({sdObj: sd, +966 * eciObj: sd.dEncapContentInfo, +967 * hashAlg: 'sha256'}); +968 * sd.signerInfoList[0].dSignedAttrs.add(new KJUR.asn1.cms.SigningTime()); +969 * sd.signerInfoList[0].setSignerIdentifier(certPEM); +970 * sd.signerInfoList[0].sign(prvP8PEM, "SHA256withRSA"); +971 * hex = sd.getContentInfoEncodedHex(); 972 */ -973 KJUR.asn1.cms.CMSUtil = new function() { -974 }; -975 -976 /** -977 * generate SignedData object specified by JSON parameters -978 * @name newSignedData -979 * @memberOf KJUR.asn1.cms.CMSUtil -980 * @function -981 * @param {Array} param JSON parameter to generate CMS SignedData -982 * @return {KJUR.asn1.cms.SignedData} object just generated -983 * @description -984 * This method provides more easy way to genereate -985 * CMS SignedData ASN.1 structure by JSON data. -986 * <br> -987 * Here is major parameters: -988 * <ul> -989 * <li>content - to specify data to be signed in eContent field.</li> -990 * <li>certs - a list of certificate PEM strings to specify -991 * certificate field</li> -992 * <li>detached - 'true' or 'false' to specify detached signature or not. -993 * The default is 'false'</li> -994 * <li>signerInfos - array of signerInfo parameters. -995 * SignerInfo parameters listed here: -996 * <ul> -997 * <li>hashAlg - string of messageDigest hash algorithm name</li> -998 * <li>sAttr - list of signedAttribute parameters</li> -999 * <li>signerCert - string of signer certificate PEM</li> -1000 * <li>sigAlg - string of signature algorithm name</li> -1001 * <li>signerPrvKey - string of PEM signer private key</li> -1002 * </ul> -1003 * </li> -1004 * </ul> -1005 * -1006 * @example -1007 * var sd = KJUR.asn1.cms.CMSUtil.newSignedData({ -1008 * content: {str: "jsrsasign"}, -1009 * certs: [certPEM], -1010 * detached: false, -1011 * signerInfos: [{ -1012 * hashAlg: 'sha256', -1013 * sAttr: { -1014 * SigningTime: {} -1015 * SigningCertificateV2: {array: [certPEM]}, -1016 * }, -1017 * signerCert: certPEM, -1018 * sigAlg: 'SHA256withRSA', -1019 * signerPrvKey: prvPEM -1020 * }] -1021 * }); -1022 */ -1023 KJUR.asn1.cms.CMSUtil.newSignedData = function(param) { -1024 var _KJUR = KJUR, -1025 _KJUR_asn1 = _KJUR.asn1, -1026 _KJUR_asn1_cms = _KJUR_asn1.cms, -1027 _SignerInfo = _KJUR_asn1_cms.SignerInfo, -1028 _SignedData = _KJUR_asn1_cms.SignedData, -1029 _SigningTime = _KJUR_asn1_cms.SigningTime, -1030 _SigningCertificate = _KJUR_asn1_cms.SigningCertificate, -1031 _SigningCertificateV2 = _KJUR_asn1_cms.SigningCertificateV2, -1032 _KJUR_asn1_cades = _KJUR_asn1.cades, -1033 _SignaturePolicyIdentifier = _KJUR_asn1_cades.SignaturePolicyIdentifier; -1034 -1035 var sd = new _SignedData(); +973 KJUR.asn1.cms.SignedData = function(params) { +974 var _KJUR = KJUR, +975 _KJUR_asn1 = _KJUR.asn1, +976 _ASN1Object = _KJUR_asn1.ASN1Object, +977 _DERInteger = _KJUR_asn1.DERInteger, +978 _DERSet = _KJUR_asn1.DERSet, +979 _DERSequence = _KJUR_asn1.DERSequence, +980 _DERTaggedObject = _KJUR_asn1.DERTaggedObject, +981 _KJUR_asn1_cms = _KJUR_asn1.cms, +982 _EncapsulatedContentInfo = _KJUR_asn1_cms.EncapsulatedContentInfo, +983 _SignerInfo = _KJUR_asn1_cms.SignerInfo, +984 _ContentInfo = _KJUR_asn1_cms.ContentInfo, +985 _KJUR_asn1_x509 = _KJUR_asn1.x509, +986 _AlgorithmIdentifier = _KJUR_asn1_x509.AlgorithmIdentifier; +987 +988 KJUR.asn1.cms.SignedData.superclass.constructor.call(this); +989 +990 this.dCMSVersion = new _DERInteger({'int': 1}); +991 this.dDigestAlgs = null; +992 this.digestAlgNameList = []; +993 this.dEncapContentInfo = new _EncapsulatedContentInfo(); +994 this.dCerts = null; +995 this.certificateList = []; +996 this.crlList = []; +997 this.signerInfoList = [new _SignerInfo()]; +998 +999 this.addCertificatesByPEM = function(certPEM) { +1000 var hex = pemtohex(certPEM); +1001 var o = new _ASN1Object(); +1002 o.hTLV = hex; +1003 this.certificateList.push(o); +1004 }; +1005 +1006 this.getEncodedHex = function() { +1007 if (typeof this.hTLV == "string") return this.hTLV; +1008 +1009 if (this.dDigestAlgs == null) { +1010 var digestAlgList = []; +1011 for (var i = 0; i < this.digestAlgNameList.length; i++) { +1012 var name = this.digestAlgNameList[i]; +1013 var o = new _AlgorithmIdentifier({name: name}); +1014 digestAlgList.push(o); +1015 } +1016 this.dDigestAlgs = new _DERSet({array: digestAlgList}); +1017 } +1018 +1019 var a = [this.dCMSVersion, +1020 this.dDigestAlgs, +1021 this.dEncapContentInfo]; +1022 +1023 if (this.dCerts == null) { +1024 if (this.certificateList.length > 0) { +1025 var o1 = new _DERSet({array: this.certificateList}); +1026 this.dCerts +1027 = new _DERTaggedObject({obj: o1, +1028 tag: 'a0', +1029 explicit: false}); +1030 } +1031 } +1032 if (this.dCerts != null) a.push(this.dCerts); +1033 +1034 var dSignerInfos = new _DERSet({array: this.signerInfoList}); +1035 a.push(dSignerInfos); 1036 -1037 sd.dEncapContentInfo.setContentValue(param.content); -1038 -1039 if (typeof param.detached == "boolean") { -1040 sd.dEncapContentInfo.isDetached = param.detached -1041 } -1042 -1043 if (typeof param.certs == "object") { -1044 for (var i = 0; i < param.certs.length; i++) { -1045 sd.addCertificatesByPEM(param.certs[i]); -1046 } -1047 } -1048 -1049 sd.signerInfoList = []; -1050 for (var i = 0; i < param.signerInfos.length; i++) { -1051 var siParam = param.signerInfos[i]; -1052 var si = new _SignerInfo(); -1053 si.setSignerIdentifier(siParam.signerCert); -1054 -1055 si.setForContentAndHash({sdObj: sd, -1056 eciObj: sd.dEncapContentInfo, -1057 hashAlg: siParam.hashAlg}); -1058 -1059 for (attrName in siParam.sAttr) { -1060 var attrParam = siParam.sAttr[attrName]; -1061 if (attrName == "SigningTime") { -1062 var attr = new _SigningTime(attrParam); -1063 si.dSignedAttrs.add(attr); -1064 } -1065 if (attrName == "SigningCertificate") { -1066 var attr = new _SigningCertificate(attrParam); -1067 si.dSignedAttrs.add(attr); -1068 } -1069 if (attrName == "SigningCertificateV2") { -1070 var attr = new _SigningCertificateV2(attrParam); -1071 si.dSignedAttrs.add(attr); -1072 } -1073 if (attrName == "SignaturePolicyIdentifier") { -1074 var attr = new _SignaturePolicyIdentifier(attrParam); -1075 si.dSignedAttrs.add(attr); -1076 } -1077 } -1078 -1079 si.sign(siParam.signerPrvKey, siParam.sigAlg); -1080 sd.signerInfoList.push(si); -1081 } -1082 -1083 return sd; -1084 }; -1085 -1086 /** -1087 * verify SignedData specified by JSON parameters -1088 * -1089 * @name verifySignedData -1090 * @memberOf KJUR.asn1.cms.CMSUtil -1091 * @function -1092 * @param {Array} param JSON parameter to verify CMS SignedData -1093 * @return {Object} JSON data as the result of validation -1094 * @since jsrsasign 8.0.4 asn1cms 1.0.5 -1095 * @description -1096 * This method provides validation for CMS SignedData. -1097 * Following parameters can be applied: -1098 * <ul> -1099 * <li>cms - hexadecimal data of DER CMS SignedData (aka. PKCS#7 or p7s)</li> -1100 * to verify (OPTION)</li> -1101 * </ul> -1102 * @example -1103 * KJUR.asn1.cms.CMSUtil.verifySignedData({ cms: "3082058a..." }) -1104 * → -1105 * { -1106 * isValid: true, -1107 * parse: ... // parsed data -1108 * signerInfos: [ -1109 * { -1110 * } -1111 * ] -1112 * } -1113 */ -1114 KJUR.asn1.cms.CMSUtil.verifySignedData = function(param) { -1115 var _KJUR = KJUR, -1116 _KJUR_asn1 = _KJUR.asn1, -1117 _KJUR_asn1_cms = _KJUR_asn1.cms, -1118 _SignerInfo = _KJUR_asn1_cms.SignerInfo, -1119 _SignedData = _KJUR_asn1_cms.SignedData, -1120 _SigningTime = _KJUR_asn1_cms.SigningTime, -1121 _SigningCertificate = _KJUR_asn1_cms.SigningCertificate, -1122 _SigningCertificateV2 = _KJUR_asn1_cms.SigningCertificateV2, -1123 _KJUR_asn1_cades = _KJUR_asn1.cades, -1124 _SignaturePolicyIdentifier = _KJUR_asn1_cades.SignaturePolicyIdentifier, -1125 _isHex = _KJUR.lang.String.isHex, -1126 _ASN1HEX = ASN1HEX, -1127 _getVbyList = _ASN1HEX.getVbyList, -1128 _getTLVbyList = _ASN1HEX.getTLVbyList, -1129 _getIdxbyList = _ASN1HEX.getIdxbyList, -1130 _getChildIdx = _ASN1HEX.getChildIdx, -1131 _getTLV = _ASN1HEX.getTLV, -1132 _oidname = _ASN1HEX.oidname, -1133 _hashHex = _KJUR.crypto.Util.hashHex; +1037 var seq = new _DERSequence({array: a}); +1038 this.hTLV = seq.getEncodedHex(); +1039 return this.hTLV; +1040 }; +1041 +1042 this.getContentInfo = function() { +1043 this.getEncodedHex(); +1044 var ci = new _ContentInfo({type: 'signed-data', obj: this}); +1045 return ci; +1046 }; +1047 +1048 this.getContentInfoEncodedHex = function() { +1049 var ci = this.getContentInfo(); +1050 var ciHex = ci.getEncodedHex(); +1051 return ciHex; +1052 }; +1053 +1054 this.getPEM = function() { +1055 return hextopem(this.getContentInfoEncodedHex(), "CMS"); +1056 }; +1057 }; +1058 YAHOO.lang.extend(KJUR.asn1.cms.SignedData, KJUR.asn1.ASN1Object); +1059 +1060 /** +1061 * CMS utiliteis class +1062 * @name KJUR.asn1.cms.CMSUtil +1063 * @class CMS utilities class +1064 */ +1065 KJUR.asn1.cms.CMSUtil = new function() { +1066 }; +1067 +1068 /** +1069 * generate SignedData object specified by JSON parameters +1070 * @name newSignedData +1071 * @memberOf KJUR.asn1.cms.CMSUtil +1072 * @function +1073 * @param {Array} param JSON parameter to generate CMS SignedData +1074 * @return {KJUR.asn1.cms.SignedData} object just generated +1075 * @description +1076 * This method provides more easy way to genereate +1077 * CMS SignedData ASN.1 structure by JSON data. +1078 * <br> +1079 * Here is major parameters: +1080 * <ul> +1081 * <li>content - to specify data to be signed in eContent field.</li> +1082 * <li>certs - a list of certificate PEM strings to specify +1083 * certificate field</li> +1084 * <li>detached - 'true' or 'false' to specify detached signature or not. +1085 * The default is 'false'</li> +1086 * <li>signerInfos - array of signerInfo parameters. +1087 * SignerInfo parameters listed here: +1088 * <ul> +1089 * <li>hashAlg - string of messageDigest hash algorithm name</li> +1090 * <li>sAttr - list of signedAttribute parameters</li> +1091 * <li>signerCert - string of signer certificate PEM</li> +1092 * <li>sigAlg - string of signature algorithm name</li> +1093 * <li>signerPrvKey - string of PEM signer private key</li> +1094 * </ul> +1095 * </li> +1096 * </ul> +1097 * +1098 * @example +1099 * var sd = KJUR.asn1.cms.CMSUtil.newSignedData({ +1100 * content: {str: "jsrsasign"}, +1101 * certs: [certPEM], +1102 * detached: false, +1103 * signerInfos: [{ +1104 * hashAlg: 'sha256', +1105 * sAttr: { +1106 * SigningTime: {} +1107 * SigningCertificateV2: {array: [certPEM]}, +1108 * }, +1109 * signerCert: certPEM, +1110 * sigAlg: 'SHA256withRSA', +1111 * signerPrvKey: prvPEM +1112 * }] +1113 * }); +1114 */ +1115 KJUR.asn1.cms.CMSUtil.newSignedData = function(param) { +1116 var _KJUR = KJUR, +1117 _KJUR_asn1 = _KJUR.asn1, +1118 _KJUR_asn1_cms = _KJUR_asn1.cms, +1119 _SignerInfo = _KJUR_asn1_cms.SignerInfo, +1120 _SignedData = _KJUR_asn1_cms.SignedData, +1121 _SigningTime = _KJUR_asn1_cms.SigningTime, +1122 _SigningCertificate = _KJUR_asn1_cms.SigningCertificate, +1123 _SigningCertificateV2 = _KJUR_asn1_cms.SigningCertificateV2, +1124 _KJUR_asn1_cades = _KJUR_asn1.cades, +1125 _SignaturePolicyIdentifier = _KJUR_asn1_cades.SignaturePolicyIdentifier; +1126 +1127 var sd = new _SignedData(); +1128 +1129 sd.dEncapContentInfo.setContentValue(param.content); +1130 +1131 if (typeof param.detached == "boolean") { +1132 sd.dEncapContentInfo.isDetached = param.detached +1133 } 1134 -1135 if (param.cms === undefined && -1136 ! _isHex(param.cms)) { -1137 } -1138 -1139 var hCMS = param.cms; -1140 -1141 var _findSignerInfos = function(hCMS, result) { -1142 var idx; -1143 for (var i = 3; i < 6; i++) { -1144 idx = _getIdxbyList(hCMS, 0, [1, 0, i]); -1145 if (idx !== undefined) { -1146 var tag = hCMS.substr(idx, 2); -1147 if (tag === "a0") result.certsIdx = idx; -1148 if (tag === "a1") result.revinfosIdx = idx; -1149 if (tag === "31") result.signerinfosIdx = idx; -1150 } -1151 } -1152 }; -1153 -1154 var _parseSignerInfos = function(hCMS, result) { -1155 var idxSignerInfos = result.signerinfosIdx; -1156 if (idxSignerInfos === undefined) return; -1157 var idxList = _getChildIdx(hCMS, idxSignerInfos); -1158 result.signerInfoIdxList = idxList; -1159 for (var i = 0; i < idxList.length; i++) { -1160 var idxSI = idxList[i]; -1161 var info = { idx: idxSI }; -1162 _parseSignerInfo(hCMS, info); -1163 result.signerInfos.push(info); -1164 }; -1165 }; -1166 -1167 var _parseSignerInfo = function(hCMS, info) { -1168 var idx = info.idx; -1169 -1170 // 1. signer identifier -1171 info.signerid_issuer1 = _getTLVbyList(hCMS, idx, [1, 0], "30"); -1172 info.signerid_serial1 = _getVbyList(hCMS, idx, [1, 1], "02"); -1173 -1174 // 2. hash alg -1175 info.hashalg = _oidname(_getVbyList(hCMS, idx, [2, 0], "06")); -1176 -1177 // 3. [0] singedAtttrs -1178 var idxSignedAttrs = _getIdxbyList(hCMS, idx, [3], "a0"); -1179 info.idxSignedAttrs = idxSignedAttrs; -1180 _parseSignedAttrs(hCMS, info, idxSignedAttrs); -1181 -1182 var aIdx = _getChildIdx(hCMS, idx); -1183 var n = aIdx.length; -1184 if (n < 6) throw "malformed SignerInfo"; -1185 -1186 info.sigalg = _oidname(_getVbyList(hCMS, idx, [n - 2, 0], "06")); -1187 info.sigval = _getVbyList(hCMS, idx, [n - 1], "04"); -1188 //info.sigval = _getVbyList(hCMS, 0, [1, 0, 4, 0, 5], "04"); -1189 //info.sigval = hCMS; -1190 }; -1191 -1192 var _parseSignedAttrs = function(hCMS, info, idx) { -1193 var aIdx = _getChildIdx(hCMS, idx); -1194 info.signedAttrIdxList = aIdx; -1195 for (var i = 0; i < aIdx.length; i++) { -1196 var idxAttr = aIdx[i]; -1197 var hAttrType = _getVbyList(hCMS, idxAttr, [0], "06"); -1198 var v; -1199 -1200 if (hAttrType === "2a864886f70d010905") { // siging time -1201 v = hextoutf8(_getVbyList(hCMS, idxAttr, [1, 0])); -1202 info.saSigningTime = v; -1203 } else if (hAttrType === "2a864886f70d010904") { // message digest -1204 v = _getVbyList(hCMS, idxAttr, [1, 0], "04"); -1205 info.saMessageDigest = v; -1206 } -1207 } -1208 }; -1209 -1210 var _parseSignedData = function(hCMS, result) { -1211 // check if signedData (1.2.840.113549.1.7.2) type -1212 if (_getVbyList(hCMS, 0, [0], "06") !== "2a864886f70d010702") { -1213 return result; -1214 } -1215 result.cmsType = "signedData"; -1216 -1217 // find eContent data -1218 result.econtent = _getVbyList(hCMS, 0, [1, 0, 2, 1, 0]); -1219 -1220 // find certificates,revInfos,signerInfos index -1221 _findSignerInfos(hCMS, result); -1222 -1223 result.signerInfos = []; -1224 _parseSignerInfos(hCMS, result); -1225 }; +1135 if (typeof param.certs == "object") { +1136 for (var i = 0; i < param.certs.length; i++) { +1137 sd.addCertificatesByPEM(param.certs[i]); +1138 } +1139 } +1140 +1141 sd.signerInfoList = []; +1142 for (var i = 0; i < param.signerInfos.length; i++) { +1143 var siParam = param.signerInfos[i]; +1144 var si = new _SignerInfo(); +1145 si.setSignerIdentifier(siParam.signerCert); +1146 +1147 si.setForContentAndHash({sdObj: sd, +1148 eciObj: sd.dEncapContentInfo, +1149 hashAlg: siParam.hashAlg}); +1150 +1151 for (attrName in siParam.sAttr) { +1152 var attrParam = siParam.sAttr[attrName]; +1153 if (attrName == "SigningTime") { +1154 var attr = new _SigningTime(attrParam); +1155 si.dSignedAttrs.add(attr); +1156 } +1157 if (attrName == "SigningCertificate") { +1158 var attr = new _SigningCertificate(attrParam); +1159 si.dSignedAttrs.add(attr); +1160 } +1161 if (attrName == "SigningCertificateV2") { +1162 var attr = new _SigningCertificateV2(attrParam); +1163 si.dSignedAttrs.add(attr); +1164 } +1165 if (attrName == "SignaturePolicyIdentifier") { +1166 var attr = new _SignaturePolicyIdentifier(attrParam); +1167 si.dSignedAttrs.add(attr); +1168 } +1169 } +1170 +1171 si.sign(siParam.signerPrvKey, siParam.sigAlg); +1172 sd.signerInfoList.push(si); +1173 } +1174 +1175 return sd; +1176 }; +1177 +1178 /** +1179 * verify SignedData specified by JSON parameters +1180 * +1181 * @name verifySignedData +1182 * @memberOf KJUR.asn1.cms.CMSUtil +1183 * @function +1184 * @param {Array} param JSON parameter to verify CMS SignedData +1185 * @return {Object} JSON data as the result of validation +1186 * @since jsrsasign 8.0.4 asn1cms 1.0.5 +1187 * @description +1188 * This method provides validation for CMS SignedData. +1189 * Following parameters can be applied: +1190 * <ul> +1191 * <li>cms - hexadecimal data of DER CMS SignedData (aka. PKCS#7 or p7s)</li> +1192 * to verify (OPTION)</li> +1193 * </ul> +1194 * @example +1195 * KJUR.asn1.cms.CMSUtil.verifySignedData({ cms: "3082058a..." }) +1196 * → +1197 * { +1198 * isValid: true, +1199 * parse: ... // parsed data +1200 * signerInfos: [ +1201 * { +1202 * } +1203 * ] +1204 * } +1205 */ +1206 KJUR.asn1.cms.CMSUtil.verifySignedData = function(param) { +1207 var _KJUR = KJUR, +1208 _KJUR_asn1 = _KJUR.asn1, +1209 _KJUR_asn1_cms = _KJUR_asn1.cms, +1210 _SignerInfo = _KJUR_asn1_cms.SignerInfo, +1211 _SignedData = _KJUR_asn1_cms.SignedData, +1212 _SigningTime = _KJUR_asn1_cms.SigningTime, +1213 _SigningCertificate = _KJUR_asn1_cms.SigningCertificate, +1214 _SigningCertificateV2 = _KJUR_asn1_cms.SigningCertificateV2, +1215 _KJUR_asn1_cades = _KJUR_asn1.cades, +1216 _SignaturePolicyIdentifier = _KJUR_asn1_cades.SignaturePolicyIdentifier, +1217 _isHex = _KJUR.lang.String.isHex, +1218 _ASN1HEX = ASN1HEX, +1219 _getVbyList = _ASN1HEX.getVbyList, +1220 _getTLVbyList = _ASN1HEX.getTLVbyList, +1221 _getIdxbyList = _ASN1HEX.getIdxbyList, +1222 _getChildIdx = _ASN1HEX.getChildIdx, +1223 _getTLV = _ASN1HEX.getTLV, +1224 _oidname = _ASN1HEX.oidname, +1225 _hashHex = _KJUR.crypto.Util.hashHex; 1226 -1227 var _verify = function(hCMS, result) { -1228 var aSI = result.parse.signerInfos; -1229 var n = aSI.length; -1230 var isValid = true; -1231 for (var i = 0; i < n; i++) { -1232 var si = aSI[i]; -1233 _verifySignerInfo(hCMS, result, si, i); -1234 if (! si.isValid) -1235 isValid = false; -1236 } -1237 result.isValid = isValid; -1238 }; -1239 -1240 /* -1241 * _findCert -1242 * -1243 * @param hCMS {String} hexadecimal string of CMS signed data -1244 * @param result {Object} JSON object of validation result -1245 * @param si {Object} JSON object of signerInfo in the result above -1246 * @param idx {Number} index of signerInfo??? -1247 */ -1248 var _findCert = function(hCMS, result, si, idx) { -1249 var certsIdx = result.parse.certsIdx; -1250 var aCert; -1251 -1252 if (result.certs === undefined) { -1253 aCert = []; -1254 result.certkeys = []; -1255 var aIdx = _getChildIdx(hCMS, certsIdx); -1256 for (var i = 0; i < aIdx.length; i++) { -1257 var hCert = _getTLV(hCMS, aIdx[i]); -1258 var x = new X509(); -1259 x.readCertHex(hCert); -1260 aCert[i] = x; -1261 result.certkeys[i] = x.getPublicKey(); -1262 } -1263 result.certs = aCert; -1264 } else { -1265 aCert = result.certs; -1266 } -1267 -1268 result.cccc = aCert.length; -1269 result.cccci = aIdx.length; -1270 -1271 for (var i = 0; i < aCert.length; i++) { -1272 var issuer2 = x.getIssuerHex(); -1273 var serial2 = x.getSerialNumberHex(); -1274 if (si.signerid_issuer1 === issuer2 && -1275 si.signerid_serial1 === serial2) { -1276 si.certkey_idx = i; -1277 } -1278 } -1279 }; -1280 -1281 var _verifySignerInfo = function(hCMS, result, si, idx) { -1282 si.verifyDetail = {}; +1227 if (param.cms === undefined && +1228 ! _isHex(param.cms)) { +1229 } +1230 +1231 var hCMS = param.cms; +1232 +1233 var _findSignerInfos = function(hCMS, result) { +1234 var idx; +1235 for (var i = 3; i < 6; i++) { +1236 idx = _getIdxbyList(hCMS, 0, [1, 0, i]); +1237 if (idx !== undefined) { +1238 var tag = hCMS.substr(idx, 2); +1239 if (tag === "a0") result.certsIdx = idx; +1240 if (tag === "a1") result.revinfosIdx = idx; +1241 if (tag === "31") result.signerinfosIdx = idx; +1242 } +1243 } +1244 }; +1245 +1246 var _parseSignerInfos = function(hCMS, result) { +1247 var idxSignerInfos = result.signerinfosIdx; +1248 if (idxSignerInfos === undefined) return; +1249 var idxList = _getChildIdx(hCMS, idxSignerInfos); +1250 result.signerInfoIdxList = idxList; +1251 for (var i = 0; i < idxList.length; i++) { +1252 var idxSI = idxList[i]; +1253 var info = { idx: idxSI }; +1254 _parseSignerInfo(hCMS, info); +1255 result.signerInfos.push(info); +1256 }; +1257 }; +1258 +1259 var _parseSignerInfo = function(hCMS, info) { +1260 var idx = info.idx; +1261 +1262 // 1. signer identifier +1263 info.signerid_issuer1 = _getTLVbyList(hCMS, idx, [1, 0], "30"); +1264 info.signerid_serial1 = _getVbyList(hCMS, idx, [1, 1], "02"); +1265 +1266 // 2. hash alg +1267 info.hashalg = _oidname(_getVbyList(hCMS, idx, [2, 0], "06")); +1268 +1269 // 3. [0] singedAtttrs +1270 var idxSignedAttrs = _getIdxbyList(hCMS, idx, [3], "a0"); +1271 info.idxSignedAttrs = idxSignedAttrs; +1272 _parseSignedAttrs(hCMS, info, idxSignedAttrs); +1273 +1274 var aIdx = _getChildIdx(hCMS, idx); +1275 var n = aIdx.length; +1276 if (n < 6) throw "malformed SignerInfo"; +1277 +1278 info.sigalg = _oidname(_getVbyList(hCMS, idx, [n - 2, 0], "06")); +1279 info.sigval = _getVbyList(hCMS, idx, [n - 1], "04"); +1280 //info.sigval = _getVbyList(hCMS, 0, [1, 0, 4, 0, 5], "04"); +1281 //info.sigval = hCMS; +1282 }; 1283 -1284 var _detail = si.verifyDetail; -1285 -1286 var econtent = result.parse.econtent; -1287 -1288 // verify MessageDigest signed attribute -1289 var hashalg = si.hashalg; -1290 var saMessageDigest = si.saMessageDigest; -1291 -1292 // verify messageDigest -1293 _detail.validMessageDigest = false; -1294 //_detail._econtent = econtent; -1295 //_detail._hashalg = hashalg; -1296 //_detail._saMD = saMessageDigest; -1297 if (_hashHex(econtent, hashalg) === saMessageDigest) -1298 _detail.validMessageDigest = true; -1299 -1300 // find signing certificate -1301 _findCert(hCMS, result, si, idx); -1302 //if (si.signerid_cert === undefined) -1303 // throw Error("can't find signer certificate"); -1304 -1305 // verify signature value -1306 _detail.validSignatureValue = false; -1307 var sigalg = si.sigalg; -1308 var hSignedAttr = "31" + _getTLV(hCMS, si.idxSignedAttrs).substr(2); -1309 si.signedattrshex = hSignedAttr; -1310 var pubkey = result.certs[si.certkey_idx].getPublicKey(); -1311 var sig = new KJUR.crypto.Signature({alg: sigalg}); -1312 sig.init(pubkey); -1313 sig.updateHex(hSignedAttr); -1314 var isValid = sig.verify(si.sigval); -1315 _detail.validSignatureValue_isValid = isValid; -1316 if (isValid === true) -1317 _detail.validSignatureValue = true; +1284 var _parseSignedAttrs = function(hCMS, info, idx) { +1285 var aIdx = _getChildIdx(hCMS, idx); +1286 info.signedAttrIdxList = aIdx; +1287 for (var i = 0; i < aIdx.length; i++) { +1288 var idxAttr = aIdx[i]; +1289 var hAttrType = _getVbyList(hCMS, idxAttr, [0], "06"); +1290 var v; +1291 +1292 if (hAttrType === "2a864886f70d010905") { // siging time +1293 v = hextoutf8(_getVbyList(hCMS, idxAttr, [1, 0])); +1294 info.saSigningTime = v; +1295 } else if (hAttrType === "2a864886f70d010904") { // message digest +1296 v = _getVbyList(hCMS, idxAttr, [1, 0], "04"); +1297 info.saMessageDigest = v; +1298 } +1299 } +1300 }; +1301 +1302 var _parseSignedData = function(hCMS, result) { +1303 // check if signedData (1.2.840.113549.1.7.2) type +1304 if (_getVbyList(hCMS, 0, [0], "06") !== "2a864886f70d010702") { +1305 return result; +1306 } +1307 result.cmsType = "signedData"; +1308 +1309 // find eContent data +1310 result.econtent = _getVbyList(hCMS, 0, [1, 0, 2, 1, 0]); +1311 +1312 // find certificates,revInfos,signerInfos index +1313 _findSignerInfos(hCMS, result); +1314 +1315 result.signerInfos = []; +1316 _parseSignerInfos(hCMS, result); +1317 }; 1318 -1319 // verify SignerInfo totally -1320 si.isValid =false; -1321 if (_detail.validMessageDigest && -1322 _detail.validSignatureValue) { -1323 si.isValid = true; -1324 } -1325 }; -1326 -1327 var _findSignerCert = function() { -1328 }; -1329 -1330 var result = { isValid: false, parse: {} }; -1331 _parseSignedData(hCMS, result.parse); -1332 -1333 _verify(hCMS, result); -1334 -1335 return result; -1336 }; -1337 -1338 -1339 |