| 1 | function signText(text) { |
|---|
| 2 | if (window.event) { |
|---|
| 3 | window.event.cancelBubble = true; |
|---|
| 4 | } |
|---|
| 5 | return sign(text); |
|---|
| 6 | } |
|---|
| 7 | |
|---|
| 8 | function sign(src) { |
|---|
| 9 | if (window.crypto && window.crypto.signText) { |
|---|
| 10 | return sign_NS(src); |
|---|
| 11 | } |
|---|
| 12 | if (isIE()) { |
|---|
| 13 | return sign_IE(src); |
|---|
| 14 | } |
|---|
| 15 | |
|---|
| 16 | alert("Sorry, your browser is not supported"); |
|---|
| 17 | return ""; |
|---|
| 18 | } |
|---|
| 19 | |
|---|
| 20 | function sign_NS(src) { |
|---|
| 21 | return crypto.signText(src, "ask"); |
|---|
| 22 | } |
|---|
| 23 | |
|---|
| 24 | // CAPICOM constants |
|---|
| 25 | var CAPICOM_STORE_OPEN_READ_ONLY = 0; |
|---|
| 26 | var CAPICOM_CURRENT_USER_STORE = 2; |
|---|
| 27 | var CAPICOM_CERTIFICATE_FIND_SHA1_HASH = 0; |
|---|
| 28 | var CAPICOM_CERTIFICATE_FIND_EXTENDED_PROPERTY = 6; |
|---|
| 29 | var CAPICOM_CERTIFICATE_FIND_TIME_VALID = 9; |
|---|
| 30 | var CAPICOM_CERTIFICATE_FIND_KEY_USAGE = 12; |
|---|
| 31 | var CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE = 0x00000080; |
|---|
| 32 | var CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME = 0; |
|---|
| 33 | var CAPICOM_INFO_SUBJECT_SIMPLE_NAME = 0; |
|---|
| 34 | var CAPICOM_ENCODE_BASE64 = 0; |
|---|
| 35 | var CAPICOM_E_CANCELLED = -2138568446; |
|---|
| 36 | var CERT_KEY_SPEC_PROP_ID = 6; |
|---|
| 37 | |
|---|
| 38 | function isIE() { |
|---|
| 39 | if ("ActiveXObject" in window){ |
|---|
| 40 | return true; |
|---|
| 41 | } |
|---|
| 42 | return false; |
|---|
| 43 | } |
|---|
| 44 | |
|---|
| 45 | function findCertificateByHash() { |
|---|
| 46 | try { |
|---|
| 47 | // instantiate the CAPICOM objects |
|---|
| 48 | var store = new ActiveXObject("CAPICOM.Store"); |
|---|
| 49 | // open the current users personal certificate store |
|---|
| 50 | store.Open(CAPICOM_CURRENT_USER_STORE, "My", CAPICOM_STORE_OPEN_READ_ONLY); |
|---|
| 51 | |
|---|
| 52 | var certificates = store.Certificates.Select(); |
|---|
| 53 | |
|---|
| 54 | var signer = new ActiveXObject("CAPICOM.Signer"); |
|---|
| 55 | signer.Certificate = certificates.Item(1); |
|---|
| 56 | return signer; |
|---|
| 57 | } catch (e) { |
|---|
| 58 | if (e.number != CAPICOM_E_CANCELLED) { |
|---|
| 59 | return new ActiveXObject("CAPICOM.Signer"); |
|---|
| 60 | } |
|---|
| 61 | } |
|---|
| 62 | } |
|---|
| 63 | |
|---|
| 64 | function sign_IE(src) { |
|---|
| 65 | try { |
|---|
| 66 | // instantiate the CAPICOM objects |
|---|
| 67 | var signedData = new ActiveXObject("CAPICOM.SignedData"); |
|---|
| 68 | var timeAttribute = new ActiveXObject("CAPICOM.Attribute"); |
|---|
| 69 | |
|---|
| 70 | // Set the data that we want to sign |
|---|
| 71 | signedData.Content = src; |
|---|
| 72 | var signer = findCertificateByHash(); |
|---|
| 73 | |
|---|
| 74 | // Set the time in which we are applying the signature |
|---|
| 75 | var today = new Date(); |
|---|
| 76 | timeAttribute.Name = CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME; |
|---|
| 77 | timeAttribute.Value = today.getVarDate(); |
|---|
| 78 | signer.AuthenticatedAttributes.Add(timeAttribute); |
|---|
| 79 | |
|---|
| 80 | // Do the Sign operation |
|---|
| 81 | var signed = signedData.Sign(signer, true, CAPICOM_ENCODE_BASE64); |
|---|
| 82 | // Important: IE uses UTF-16LE to encode the signed data |
|---|
| 83 | return signed; |
|---|
| 84 | } catch (e) { |
|---|
| 85 | if (e.number != CAPICOM_E_CANCELLED) { |
|---|
| 86 | alert("An error occurred when attempting to sign the content, the error was: " + e.description); |
|---|
| 87 | } |
|---|
| 88 | } |
|---|
| 89 | return ""; |
|---|
| 90 | } |
|---|
