Развернуть все
Свернуть все

Создание и проверка подписи документа XML по шаблону

Пример создания и проверки подписи документа XML с использованием шаблона документа

HTML
<script language="javascript" src="cadesplugin_api.js"></script>

Приведенный пример использует синхронную версию плагина. Также см. пример работы с асинхронными обьектами.

JavaScript
    var CAPICOM_CURRENT_USER_STORE = 2;
    var CAPICOM_MY_STORE = "My";
    var CAPICOM_STORE_OPEN_MAXIMUM_ALLOWED = 2;
    var CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME = 1;
    var CADESCOM_XML_SIGNATURE_TYPE_TEMPLATE = 2;

    function GetCertificateBySubjectName(certSubjectName) {
        var oStore = cadesplugin.CreateObject("CAdESCOM.Store");
        oStore.Open(CAPICOM_CURRENT_USER_STORE, CAPICOM_MY_STORE,
            CAPICOM_STORE_OPEN_MAXIMUM_ALLOWED);

        var oCertificates = oStore.Certificates.Find(
            CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME, certSubjectName);
        if (oCertificates.Count == 0) {
            alert("Certificate not found: " + certSubjectName);
            return;
        }
        var oCertificate = oCertificates.Item(1);
        oStore.Close();
        return oCertificate;
    }

    function SignCreate(oCertificate, dataToSign) {

        // Создаем объект CAdESCOM.CPSigner
        var oSigner = cadesplugin.CreateObject("CAdESCOM.CPSigner");
        oSigner.Certificate = oCertificate;
        oSigner.CheckCertificate = true;

        // Создаем объект CAdESCOM.SignedXML
        var oSignedXML = cadesplugin.CreateObject("CAdESCOM.SignedXML");
        oSignedXML.Content = dataToSign;

        // Указываем тип подписи - в данном случае по шаблону
        oSignedXML.SignatureType = CADESCOM_XML_SIGNATURE_TYPE_TEMPLATE;

        var sSignedMessage = "";
        try {
            sSignedMessage = oSignedXML.Sign(oSigner);
        } catch (err) {
            alert("Failed to create signature. Error: " + cadesplugin.getLastError(err));
            return;
        }

        return sSignedMessage;
    }

    function Verify(sSignedMessage) {

        // Создаем объект CAdESCOM.SignedXML
        var oSignedXML = cadesplugin.CreateObject("CAdESCOM.SignedXML");

        try {
            oSignedXML.Verify(sSignedMessage);
        } catch (err) {
            alert("Failed to verify signature. Error: " + cadesplugin.getLastError(err));
            return false;
        }

        return true;
    }

    function run() {
        var oCertName = document.getElementById("CertName");
        var sCertName = oCertName.value; // Здесь следует заполнить SubjectName сертификата
        if ("" == sCertName) {
            alert("Введите имя сертификата (CN).");
            return;
        }

        // Ищем сертификат для подписи
        var oCertificate = GetCertificateBySubjectName(sCertName);

        var sContent =
            "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
            "<!-- \n" +
            " Original XML doc file for sign example. \n" +
            "-->\n" +
            "<Envelope xmlns=\"urn:envelope\">\n" +
            "  <Data>\n" +
            "   Hello, World!\n" +
            "  </Data>\n" +
            "  <Node xml:id=\"nodeID\">\n" +
            "   Hello, Node!\n" +
            "  </Node>\n" +
            "  <Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n" +
            "  <SignedInfo>\n" +
            "      <CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>\n" +
            "      <SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411\"/>\n" +
            "      <Reference URI=\"#nodeID\">\n" +
            "      <Transforms>\n" +
            "          <Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>\n" +
            "      </Transforms>\n" +
            "      <DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#gostr3411\"/>\n" +
            "      <DigestValue/>\n" +
            "      </Reference>\n" +
            "  </SignedInfo>\n" +
            "  <SignatureValue/>\n" +
            "  <KeyInfo/>\n" +
            "  </Signature>\n" +
            "</Envelope>";

        var signedMessage = SignCreate(oCertificate, sContent);

        alert(signedMessage);

        var verifyResult = Verify(signedMessage);
        if (verifyResult) {
            alert("Signature verified");
        }
    }