1 /* asn1tsp-2.0.9.js (c) 2014-2022 Kenji Urushima | kjur.github.io/jsrsasign/license 2 */ 3 /* 4 * asn1tsp.js - ASN.1 DER encoder classes for RFC 3161 Time Stamp Protocol 5 * 6 * Copyright (c) 2014-2022 Kenji Urushima (kenji.urushima@gmail.com) 7 * 8 * This software is licensed under the terms of the MIT License. 9 * https://kjur.github.io/jsrsasign/license 10 * 11 * The above copyright and license notice shall be 12 * included in all copies or substantial portions of the Software. 13 */ 14 15 /** 16 * @fileOverview 17 * @name asn1tsp-1.0.js 18 * @author Kenji Urushima kenji.urushima@gmail.com 19 * @version jsrsasign 10.5.22 asn1tsp 2.0.9 (2022-May-24) 20 * @since jsrsasign 4.5.1 21 * @license <a href="https://kjur.github.io/jsrsasign/license/">MIT License</a> 22 */ 23 24 /* 25 * kjur's class library name space 26 * // already documented in asn1-1.0.js 27 * @name KJUR 28 * @namespace kjur's class library name space 29 */ 30 if (typeof KJUR == "undefined" || !KJUR) KJUR = {}; 31 32 /* 33 * kjur's ASN.1 class library name space 34 * // already documented in asn1-1.0.js 35 * @name KJUR.asn1 36 * @namespace 37 */ 38 if (typeof KJUR.asn1 == "undefined" || !KJUR.asn1) KJUR.asn1 = {}; 39 40 /** 41 * kjur's ASN.1 class for RFC 3161 Time Stamp Protocol 42 * <p> 43 * This name space provides 44 * <a href="https://tools.ietf.org/html/rfc3161">RFC 3161 45 * Time-Stamp Protocol(TSP)</a> data generator. 46 * 47 * <h4>FEATURES</h4> 48 * <ul> 49 * <li>easily generate CMS SignedData</li> 50 * <li>APIs are very similar to BouncyCastle library ASN.1 classes. So easy to learn.</li> 51 * </ul> 52 * 53 * <h4>PROVIDED CLASSES</h4> 54 * <ul> 55 * </ul> 56 * NOTE: Please ignore method summary and document of this namespace. This caused by a bug of jsdoc2. 57 * </p> 58 * @name KJUR.asn1.tsp 59 * @namespace 60 */ 61 if (typeof KJUR.asn1.tsp == "undefined" || !KJUR.asn1.tsp) KJUR.asn1.tsp = {}; 62 63 /** 64 * class for TSP TimeStampToken ASN.1 object<br/> 65 * @name KJUR.asn1.tsp.TimeStampToken 66 * @class class for TSP TimeStampToken ASN.1 object 67 * @param {Array} params JSON object for constructor parameters 68 * @extends KJUR.asn1.cms.SignedData 69 * @since jsrsasign 10.0.0 asn1tsp 2.0.0 70 * @see KJUR.asn1.tsp.TimeStampResp 71 * @see KJUR.asn1.tsp.TSTInfo 72 * 73 * @description 74 * This is an ASN.1 encoder for TimeStampToken 75 * ASN.1 structure defined in 76 * <a href="https://tools.ietf.org/html/rfc3161#section-2.4.2"> 77 * RFC 3161 TSP section 2.4.2</a>. 78 * <pre> 79 * TimeStampToken ::= ContentInfo 80 * -- contentType is id-signedData ([CMS]) 81 * -- content is SignedData ([CMS]) 82 * id-ct-TSTInfo OBJECT IDENTIFIER ::= { iso(1) member-body(2) 83 * us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 4} 84 * </pre> 85 * Constructor argument "params" is similar to 86 * {@link KJUR.asn1.cms.SignedData} however "econtent" 87 * value is different as follows: 88 * <ul> 89 * <li>econtent.type - shall be "tstinfo"</li> 90 * <li>econtent.content - shall be {@link KJUR.asn1.tsp.TSTInfo} parameter</li> 91 * </ul> 92 * 93 * @example 94 * new KJUR.asn1.tsp.TimeStampToken({ 95 * version: 1, 96 * hashalgs: ["sha256"], 97 * econtent: { 98 * type: "tstinfo", 99 * content: { 100 * policy: '1.2.3.4.5', 101 * messageImprint: { hashAlg: 'sha1', hashValue: 'a1a2a3a4' }, 102 * serial: {'int': 3}, 103 * genTime: {str: '20131231235959.123Z', millis: true}, 104 * accuracy: { millis: 500 }, 105 * ordering: true, 106 * nonce: {'int': 3}, 107 * } 108 * }, 109 * sinfos: [{ 110 * version: 1, 111 * id: {type:'isssn', cert: sZ4_CERPEM}, 112 * hashalg: "sha256", 113 * sattrs: {array: [{ 114 * attr: "contentType", 115 * type: "data" 116 * },{ 117 * attr: "signingTime", 118 * str: '131231235959Z' 119 * },{ 120 * attr: "messageDigest", 121 * hex: 'ffff' 122 * }]}, 123 * sigalg: "SHA256withRSA", 124 * signkey: sZ4_PRVP8PPEM 125 * }] 126 * }) 127 */ 128 KJUR.asn1.tsp.TimeStampToken = function(params) { 129 var _KJUR = KJUR, 130 _KJUR_asn1 = _KJUR.asn1, 131 _KJUR_asn1_tsp = _KJUR_asn1.tsp; 132 133 _KJUR_asn1_tsp.TimeStampToken.superclass.constructor.call(this); 134 135 this.params = null; 136 137 this.getEncodedHexPrepare = function() { 138 //alert("getEncodedHexPrepare called..."); 139 var dTSTInfo = new _KJUR_asn1_tsp.TSTInfo(this.params.econtent.content); 140 this.params.econtent.content.hex = dTSTInfo.tohex(); 141 }; 142 143 if (params != undefined) this.setByParam(params); 144 }; 145 extendClass(KJUR.asn1.tsp.TimeStampToken, KJUR.asn1.cms.SignedData); 146 147 /** 148 * class for TSP TSTInfo ASN.1 object 149 * @name KJUR.asn1.tsp.TSTInfo 150 * @class class for TSP TSTInfo ASN.1 object 151 * @param {Array} params JSON object for TSTInfo parameters 152 * @extends KJUR.asn1.ASN1Object 153 * @since jsrsasign 4.6.0 asn1tsp 1.0.0 154 * @see KJUR.asn1.x509.X500Name 155 * @see KJUR.asn1.x509.GeneralName 156 * @description 157 * This class represents TSTInfo ASN.1 structure. 158 * <pre> 159 * TSTInfo ::= SEQUENCE { 160 * version INTEGER { v1(1) }, 161 * policy TSAPolicyId, 162 * messageImprint MessageImprint, 163 * serialNumber INTEGER, -- up to 160bit 164 * genTime GeneralizedTime, 165 * accuracy Accuracy OPTIONAL, 166 * ordering BOOLEAN DEFAULT FALSE, 167 * nonce INTEGER OPTIONAL, 168 * tsa [0] GeneralName OPTIONAL, 169 * extensions [1] IMPLICIT Extensions OPTIONAL } 170 * </pre> 171 * For "params" arguent, following properties are accepted: 172 * <ul> 173 * <li>{Array}tsa - {@link KJUR.asn1.x509.X500Name} parameter for 174 * tsa field even though tsa field is GeneralName.</li> 175 * </ul> 176 * @example 177 * o = new KJUR.asn1.tsp.TSTInfo({ 178 * policy: '1.2.3.4.5', 179 * messageImprint: {alg: 'sha256', hash: '1abc...'}, 180 * serial: {int: 3}, 181 * genTime: {millis: true}, // OPTION 182 * accuracy: {micros: 500}, // OPTION 183 * ordering: true, // OPITON 184 * nonce: {hex: '52fab1...'}, // OPTION 185 * tsa: {str: '/C=US/O=TSA1'} // OPITON 186 * }); 187 */ 188 KJUR.asn1.tsp.TSTInfo = function(params) { 189 var _Error = Error, 190 _KJUR = KJUR, 191 _KJUR_asn1 = _KJUR.asn1, 192 _DERSequence = _KJUR_asn1.DERSequence, 193 _DERInteger = _KJUR_asn1.DERInteger, 194 _DERBoolean = _KJUR_asn1.DERBoolean, 195 _DERGeneralizedTime = _KJUR_asn1.DERGeneralizedTime, 196 _DERObjectIdentifier = _KJUR_asn1.DERObjectIdentifier, 197 _DERTaggedObject = _KJUR_asn1.DERTaggedObject, 198 _KJUR_asn1_tsp = _KJUR_asn1.tsp, 199 _MessageImprint = _KJUR_asn1_tsp.MessageImprint, 200 _Accuracy = _KJUR_asn1_tsp.Accuracy, 201 _X500Name = _KJUR_asn1.x509.X500Name, 202 _GeneralName = _KJUR_asn1.x509.GeneralName; 203 204 205 _KJUR_asn1_tsp.TSTInfo.superclass.constructor.call(this); 206 207 this.dVersion = new _DERInteger({'int': 1}); 208 this.dPolicy = null; 209 this.dMessageImprint = null; 210 this.dSerial = null; 211 this.dGenTime = null; 212 this.dAccuracy = null; 213 this.dOrdering = null; 214 this.dNonce = null; 215 this.dTsa = null; 216 217 this.tohex = function() { 218 var a = [this.dVersion]; 219 220 if (this.dPolicy == null) throw new Error("policy shall be specified."); 221 a.push(this.dPolicy); 222 223 if (this.dMessageImprint == null) 224 throw new Error("messageImprint shall be specified."); 225 a.push(this.dMessageImprint); 226 227 if (this.dSerial == null) 228 throw new Error("serialNumber shall be specified."); 229 a.push(this.dSerial); 230 231 if (this.dGenTime == null) 232 throw new Error("genTime shall be specified."); 233 a.push(this.dGenTime); 234 235 if (this.dAccuracy != null) a.push(this.dAccuracy); 236 if (this.dOrdering != null) a.push(this.dOrdering); 237 if (this.dNonce != null) a.push(this.dNonce); 238 if (this.dTsa != null) a.push(this.dTsa); 239 240 var seq = new _DERSequence({array: a}); 241 this.hTLV = seq.tohex(); 242 return this.hTLV; 243 }; 244 this.getEncodedHex = function() { return this.tohex(); }; 245 246 if (params !== undefined) { 247 if (typeof params.policy == "string") { 248 if (! params.policy.match(/^[0-9.]+$/)) 249 throw "policy shall be oid like 0.1.4.134"; 250 this.dPolicy = new _DERObjectIdentifier({oid: params.policy}); 251 } 252 if (params.messageImprint !== undefined) { 253 this.dMessageImprint = new _MessageImprint(params.messageImprint); 254 } 255 if (params.serial !== undefined) { 256 this.dSerial = new _DERInteger(params.serial); 257 } 258 if (params.genTime !== undefined) { 259 this.dGenTime = new _DERGeneralizedTime(params.genTime); 260 } 261 if (params.accuracy !== undefined) { 262 this.dAccuracy = new _Accuracy(params.accuracy); 263 } 264 if (params.ordering !== undefined && 265 params.ordering == true) { 266 this.dOrdering = new _DERBoolean(); 267 } 268 if (params.nonce !== undefined) { 269 this.dNonce = new _DERInteger(params.nonce); 270 } 271 if (params.tsa !== undefined) { 272 this.dTsa = new _DERTaggedObject({ 273 tag: "a0", 274 explicit: true, 275 obj: new _GeneralName({dn: params.tsa}) 276 }); 277 } 278 } 279 }; 280 extendClass(KJUR.asn1.tsp.TSTInfo, KJUR.asn1.ASN1Object); 281 282 /** 283 * class for TSP Accuracy ASN.1 object 284 * @name KJUR.asn1.tsp.Accuracy 285 * @class class for TSP Accuracy ASN.1 object 286 * @param {Array} params associative array of parameters 287 * @extends KJUR.asn1.ASN1Object 288 * @since jsrsasign 4.6.0 asn1tsp 1.0.0 289 * 290 * @description 291 * This is an ASN.1 encoder for Accuracy 292 * ASN.1 structure defined in 293 * <a href="https://tools.ietf.org/html/rfc3161#section-2.4.2"> 294 * RFC 3161 TSP section 2.4.2</a>. 295 * <pre> 296 * Accuracy ::= SEQUENCE { 297 * seconds INTEGER OPTIONAL, 298 * millis [0] INTEGER (1..999) OPTIONAL, 299 * micros [1] INTEGER (1..999) OPTIONAL } 300 * </pre> 301 * 302 * @example 303 * new KJUR.asn1.tsp.Accuracy({ 304 * seconds: 1, // OPTION 305 * millis: 500, // OPTION 306 * micros: 500 // OPTION 307 * }); 308 */ 309 KJUR.asn1.tsp.Accuracy = function(params) { 310 var _KJUR = KJUR, 311 _KJUR_asn1 = _KJUR.asn1, 312 _newObject = _KJUR_asn1.ASN1Util.newObject; 313 314 _KJUR_asn1.tsp.Accuracy.superclass.constructor.call(this); 315 316 this.params = null; 317 318 this.tohex = function() { 319 var params = this.params; 320 var a = []; 321 if (params.seconds != undefined && 322 typeof params.seconds == "number") { 323 a.push({"int": params.seconds}); 324 } 325 if (params.millis != undefined && 326 typeof params.millis == "number") { 327 a.push({tag: {tagi:"80", obj:{"int": params.millis}}}); 328 } 329 if (params.micros != undefined && 330 typeof params.micros == "number") { 331 a.push({tag: {tagi:"81", obj:{"int": params.micros}}}); 332 } 333 return _newObject({"seq": a}).tohex(); 334 }; 335 this.getEncodedHex = function() { return this.tohex(); }; 336 337 if (params != undefined) this.setByParam(params); 338 }; 339 extendClass(KJUR.asn1.tsp.Accuracy, KJUR.asn1.ASN1Object); 340 341 /** 342 * class for TSP MessageImprint ASN.1 object 343 * @name KJUR.asn1.tsp.MessageImprint 344 * @class class for TSP MessageImprint ASN.1 object 345 * @param {Array} params associative array of parameters 346 * @extends KJUR.asn1.ASN1Object 347 * @since jsrsasign 4.6.0 asn1tsp 1.0.0 348 * 349 * @description 350 * This is an ASN.1 encoder for Accuracy 351 * ASN.1 structure defined in 352 * <a href="https://tools.ietf.org/html/rfc3161#section-2.4.2"> 353 * RFC 3161 TSP section 2.4.2</a>. 354 * <pre> 355 * MessageImprint ::= SEQUENCE { 356 * hashAlgorithm AlgorithmIdentifier, 357 * hashedMessage OCTET STRING } 358 * </pre> 359 * 360 * @example 361 * // OLD 362 * new KJUR.asn1.tsp.MessageImprint({ 363 * hashAlg: 'sha256', 364 * hashValue: '1f3dea...' 365 * }); 366 * // NEW 367 * new KJUR.asn1.tsp.MessageImprint({ 368 * alg: 'sha256', 369 * hash: '1f3dea...' 370 * }); 371 */ 372 KJUR.asn1.tsp.MessageImprint = function(params) { 373 var _KJUR = KJUR, 374 _KJUR_asn1 = _KJUR.asn1, 375 _DERSequence = _KJUR_asn1.DERSequence, 376 _DEROctetString = _KJUR_asn1.DEROctetString, 377 _KJUR_asn1_x509 = _KJUR_asn1.x509, 378 _AlgorithmIdentifier = _KJUR_asn1_x509.AlgorithmIdentifier; 379 380 _KJUR_asn1.tsp.MessageImprint.superclass.constructor.call(this); 381 382 this.params = null; 383 384 this.tohex = function() { 385 var params = this.params; 386 var dAlg = new _AlgorithmIdentifier({name: params.alg}); 387 var dHash = new _DEROctetString({hex: params.hash}); 388 var seq = new _DERSequence({array: [dAlg, dHash]}); 389 return seq.tohex(); 390 }; 391 this.getEncodedHex = function() { return this.tohex(); }; 392 393 if (params !== undefined) this.setByParam(params); 394 }; 395 extendClass(KJUR.asn1.tsp.MessageImprint, KJUR.asn1.ASN1Object); 396 397 /** 398 * class for TSP TimeStampReq ASN.1 object<br/> 399 * @name KJUR.asn1.tsp.TimeStampReq 400 * @class class for TSP TimeStampReq ASN.1 object 401 * @param {Array} params JSON object of parameters 402 * @extends KJUR.asn1.ASN1Object 403 * @since jsrsasign 4.6.0 asn1tsp 1.0.0 404 * @see KJUR.asn1.tsp.MessageImprint 405 * 406 * @description 407 * <pre> 408 * TimeStampReq ::= SEQUENCE { 409 * version INTEGER { v1(1) }, 410 * messageImprint MessageImprint, 411 * reqPolicy TSAPolicyId OPTIONAL, 412 * nonce INTEGER OPTIONAL, 413 * certReq BOOLEAN DEFAULT FALSE, 414 * extensions [0] IMPLICIT Extensions OPTIONAL } 415 * </pre> 416 * 417 * @example 418 * new KJUR.asn1.tsp.TimeStampReq({ 419 * messageImprint: {alg: "sha256", hash: "12ab..."}, 420 * policy: "1.2.3.4.5", 421 * nonce: {hex: "1a2b..."}, 422 * certreq: true 423 * }) 424 */ 425 KJUR.asn1.tsp.TimeStampReq = function(params) { 426 var _KJUR = KJUR, 427 _KJUR_asn1 = _KJUR.asn1, 428 _DERSequence = _KJUR_asn1.DERSequence, 429 _DERInteger = _KJUR_asn1.DERInteger, 430 _DERBoolean = _KJUR_asn1.DERBoolean, 431 _ASN1Object = _KJUR_asn1.ASN1Object, 432 _DERObjectIdentifier = _KJUR_asn1.DERObjectIdentifier, 433 _KJUR_asn1_tsp = _KJUR_asn1.tsp, 434 _MessageImprint = _KJUR_asn1_tsp.MessageImprint; 435 436 _KJUR_asn1_tsp.TimeStampReq.superclass.constructor.call(this); 437 438 this.params = null; 439 440 this.tohex = function() { 441 var params = this.params; 442 443 var a = []; 444 a.push(new _DERInteger({'int': 1})); 445 if (params.messageImprint instanceof KJUR.asn1.ASN1Object) { 446 a.push(params.messageImprint); 447 } else { 448 a.push(new _MessageImprint(params.messageImprint)); 449 } 450 if (params.policy != undefined) 451 a.push(new _DERObjectIdentifier(params.policy)); 452 if (params.nonce != undefined) 453 a.push(new _DERInteger(params.nonce)); 454 if (params.certreq == true) 455 a.push(new _DERBoolean()); 456 457 var seq = new _DERSequence({array: a}); 458 return seq.tohex(); 459 }; 460 this.getEncodedHex = function() { return this.tohex(); }; 461 462 if (params != undefined) this.setByParam(params); 463 }; 464 extendClass(KJUR.asn1.tsp.TimeStampReq, KJUR.asn1.ASN1Object); 465 466 /** 467 * class for TSP TimeStampResp ASN.1 object<br/> 468 * @name KJUR.asn1.tsp.TimeStampResp 469 * @class class for TSP TimeStampResp ASN.1 object 470 * @param {Array} params associative array of parameters 471 * @extends KJUR.asn1.ASN1Object 472 * @since jsrsasign 4.6.0 asn1tsp 1.0.0 473 * @see KJUR.asn1.tsp.TimeStampToken 474 * @see KJUR.asn1.tsp.PKIStatusInfo 475 * 476 * @description 477 * This is an ASN.1 encoder for TimeStampResp 478 * ASN.1 structure defined in 479 * <a href="https://tools.ietf.org/html/rfc3161#section-2.4.2"> 480 * RFC 3161 TSP section 2.4.2</a>. 481 * 482 * <pre> 483 * TimeStampResp ::= SEQUENCE { 484 * status PKIStatusInfo, 485 * timeStampToken TimeStampToken OPTIONAL } 486 * 487 * TimeStampToken ::= ContentInfo 488 * 489 * TSTInfo ::= SEQUENCE { 490 * version INTEGER { v1(1) }, 491 * policy TSAPolicyId, 492 * messageImprint MessageImprint, 493 * serialNumber INTEGER, 494 * genTime GeneralizedTime, 495 * accuracy Accuracy OPTIONAL, 496 * ordering BOOLEAN DEFAULT FALSE, 497 * nonce INTEGER OPTIONAL, 498 * tsa [0] GeneralName OPTIONAL, 499 * extensions [1] IMPLICIT Extensions OPTIONAL } 500 * </pre> 501 * 502 * The constructor argument "params" can be used all of 503 * {@link KJUR.asn1.tsp.TimeStampToken} object further more 504 * following members can be specified: 505 * <ul> 506 * <li>statusinfo: any {@link KJUR.asn1.tsp.PKIStatusInfo} parameter. 507 * When parameters for TimeStampToken is specified and statusinfo member is omitted, 508 * status will be "granted" by default. (OPTIONAL)</li> 509 * <li>tst: {@link KJUR.asn1.tsp.TimeStampToken} object instead of TimeStampToken members (OPTIONAL)</li> 510 * </ul> 511 * 512 * @example 513 * // by TimeStampToken parameters (statusinfo will be "granted" by default) 514 * new KJUR.asn1.tsp.TimeStampResp({ 515 * version: 1, 516 * hashalgs: ["sha256"], 517 * econtent: { 518 * type: "tstinfo", 519 * content: { 520 * policy: "1.2.3.4.5", 521 * messageImprint: {alg:"sha256", hash:"12ab..."}, 522 * serial: {"int": 3}, 523 * genTime: {millis: true}, // current time with millis 524 * accuracy: { millis: 500 } 525 * } 526 * } 527 * certs: [...], 528 * sinfos: [{ 529 * version: 1, 530 * id: {type:"isssn", cert: ...}, 531 * hashalg: "sha256", 532 * sattrs: {array: [{...}]}, 533 * sigalg: "SHA256withRSA", 534 * signkey: ... 535 * }] 536 * }) 537 * // by TimeStampToken object 538 * new KJUR.asn1.tsp.TimeStampResp({ 539 * tst: new KJUR.asn1.tsp.TimeStapToken(...) 540 * }) 541 * // error case 542 * new KJUR.asn1.tsp.TimeStampResp({statusinfo: "rejection"}}) 543 * new KJUR.asn1.tsp.TimeStampResp({ 544 * statusinfo: { 545 * status: "rejection", 546 * statusstr: ["policy shall be 1.2.3.4.5"], 547 * failinfo: "unacceptedPolicy" 548 * } 549 * }) 550 * // finally, encode to hexadecimal string 551 * new KJUR.asn1.tsp.TimeStampResp(...).tohex() → "3082..." 552 */ 553 KJUR.asn1.tsp.TimeStampResp = function(params) { 554 var _KJUR = KJUR, 555 _KJUR_asn1 = _KJUR.asn1, 556 _DERSequence = _KJUR_asn1.DERSequence, 557 _ASN1Object = _KJUR_asn1.ASN1Object, 558 _KJUR_asn1_tsp = _KJUR_asn1.tsp, 559 _PKIStatusInfo = _KJUR_asn1_tsp.PKIStatusInfo; 560 561 _KJUR_asn1_tsp.TimeStampResp.superclass.constructor.call(this); 562 563 this.params = null; 564 565 this.tohex = function() { 566 var params = this.params; 567 568 var a = []; 569 570 if (params.econtent != undefined || params.tst != undefined) { 571 // statusInfo 572 if (params.statusinfo != undefined) { 573 a.push(new _PKIStatusInfo(params.statusinfo)); 574 } else { 575 a.push(new _PKIStatusInfo("granted")); 576 } 577 578 // TimeStampToken 579 if (params.econtent != undefined) { 580 a.push((new _KJUR_asn1_tsp.TimeStampToken(params)).getContentInfo()); 581 } else if (params.tst instanceof _KJUR_asn1.ASN1Object) { 582 a.push(params.tst); 583 } else { 584 throw new Error("improper member tst value"); 585 } 586 } else if (params.statusinfo != undefined) { 587 a.push(new _PKIStatusInfo(params.statusinfo)); 588 } else { 589 throw new Error("parameter for token nor statusinfo not specified"); 590 } 591 592 var seq = new _DERSequence({array: a}); 593 return seq.tohex(); 594 }; 595 this.getEncodedHex = function() { return this.tohex(); }; 596 597 if (params != undefined) this.setByParam(params); 598 }; 599 extendClass(KJUR.asn1.tsp.TimeStampResp, KJUR.asn1.ASN1Object); 600 601 // --- BEGIN OF RFC 2510 CMP ----------------------------------------------- 602 603 /** 604 * class for TSP PKIStatusInfo ASN.1 object 605 * @name KJUR.asn1.tsp.PKIStatusInfo 606 * @class class for TSP PKIStatusInfo ASN.1 object 607 * @param {Array} params associative array of parameters 608 * @extends KJUR.asn1.ASN1Object 609 * @since jsrsasign 4.6.0 asn1tsp 1.0.0 610 * @see KJUR.asn1.tsp.PKIStatus 611 * @see KJUR.asn1.tsp.PKIFreeText 612 * @see KJUR.asn1.tsp.PKIFailureInfo 613 * @see KJUR.asn1.tsp.TSPParser#getPKIStatusInfo 614 * 615 * @description 616 * This class provides ASN.1 PKIStatusInfo encoder 617 * defined in 618 * <a href="https://tools.ietf.org/html/rfc3161#section-2.4.2"> 619 * RFC 3161 section 2.4.2</a>. 620 * <pre> 621 * PKIStatusInfo ::= SEQUENCE { 622 * status PKIStatus, 623 * statusString PKIFreeText OPTIONAL, 624 * failInfo PKIFailureInfo OPTIONAL } 625 * </pre> 626 * 627 * @example 628 * new KJUR.asn1.tsp.PKIStatusInfo("granted") 629 * new KJUR.asn1.tsp.PKIStatusInfo({status: "granted"}) 630 * new KJUR.asn1.tsp.PKIStatusInfo({ 631 * status: 2, // rejection 632 * statusstr: ["unsupported algorithm"], // OPTION 633 * failinfo: 'badAlg' // OPTION 634 * }) 635 */ 636 KJUR.asn1.tsp.PKIStatusInfo = function(params) { 637 var _Error = Error, 638 _KJUR = KJUR, 639 _KJUR_asn1 = _KJUR.asn1, 640 _DERSequence = _KJUR_asn1.DERSequence, 641 _KJUR_asn1_tsp = _KJUR_asn1.tsp, 642 _PKIStatus = _KJUR_asn1_tsp.PKIStatus, 643 _PKIFreeText = _KJUR_asn1_tsp.PKIFreeText, 644 _PKIFailureInfo = _KJUR_asn1_tsp.PKIFailureInfo; 645 646 _KJUR_asn1_tsp.PKIStatusInfo.superclass.constructor.call(this); 647 648 this.params = null; 649 650 this.tohex = function() { 651 var params = this.params; 652 653 var a = []; 654 if (typeof params == "string") { 655 a.push(new _PKIStatus(params)); 656 } else { 657 if (params.status == undefined) 658 throw new _Error("property 'status' unspecified"); 659 660 a.push(new _PKIStatus(params.status)); 661 662 if (params.statusstr != undefined) 663 a.push(new _PKIFreeText(params.statusstr)); 664 665 if (params.failinfo != undefined) 666 a.push(new _PKIFailureInfo(params.failinfo)); 667 } 668 669 var seq = new _DERSequence({array: a}); 670 return seq.tohex(); 671 }; 672 this.getEncodedHex = function() { return this.tohex(); }; 673 674 if (params != undefined) this.setByParam(params); 675 }; 676 extendClass(KJUR.asn1.tsp.PKIStatusInfo, KJUR.asn1.ASN1Object); 677 678 /** 679 * class for TSP PKIStatus ASN.1 object 680 * @name KJUR.asn1.tsp.PKIStatus 681 * @class class for TSP PKIStatus ASN.1 object 682 * @param {Array} params associative array of parameters 683 * @extends KJUR.asn1.ASN1Object 684 * @since jsrsasign 4.6.0 asn1tsp 1.0.0 685 * @description 686 * <pre> 687 * PKIStatus ::= INTEGER { 688 * granted (0), 689 * grantedWithMods (1), 690 * rejection (2), 691 * waiting (3), 692 * revocationWarning (4), 693 * revocationNotification (5) } 694 * </pre> 695 * 696 * @example 697 * new KJUR.asn1.tsp.PKIStatus('granted') 698 * new KJUR.asn1.tsp.PKIStatus(2) 699 */ 700 KJUR.asn1.tsp.PKIStatus = function(params) { 701 var _Error = Error, 702 _KJUR = KJUR, 703 _KJUR_asn1 = _KJUR.asn1, 704 _DERInteger = _KJUR_asn1.DERInteger, 705 _KJUR_asn1_tsp = _KJUR_asn1.tsp; 706 707 _KJUR_asn1_tsp.PKIStatus.superclass.constructor.call(this); 708 709 var _nameValue = { 710 granted: 0, 711 grantedWithMods: 1, 712 rejection: 2, 713 waiting: 3, 714 revocationWarning: 4, 715 revocationNotification: 5 716 }; 717 718 this.params = null; 719 720 this.tohex = function() { 721 var params = this.params; 722 723 var dObj, value; 724 725 if (typeof params == "string") { 726 try { 727 value = _nameValue[params]; 728 } catch (ex) { 729 throw new _Error("undefined name: " + params); 730 } 731 } else if (typeof params == "number") { 732 value = params; 733 } else { 734 throw new _Error("unsupported params"); 735 } 736 737 return (new _DERInteger({"int": value})).tohex(); 738 }; 739 this.getEncodedHex = function() { return this.tohex(); }; 740 741 if (params != undefined) this.setByParam(params); 742 }; 743 extendClass(KJUR.asn1.tsp.PKIStatus, KJUR.asn1.ASN1Object); 744 745 /** 746 * class for TSP PKIFreeText ASN.1 object 747 * @name KJUR.asn1.tsp.PKIFreeText 748 * @class class for TSP PKIFreeText ASN.1 object 749 * @param {Array} params associative array of parameters 750 * @extends KJUR.asn1.ASN1Object 751 * @since jsrsasign 4.6.0 asn1tsp 1.0.0 752 * @description 753 * This class provides ASN.1 encoder for PKIFreeText 754 * defined in <a href="https://tools.ietf.org/html/rfc4210#section-5.1.1"> 755 * RFC 4210 CMP section 5.1.1</a>. 756 * <pre> 757 * PKIFreeText ::= SEQUENCE { SIZE (1..MAX) OF UTF8String } 758 * </pre> 759 * 760 * @example 761 * new KJUR.asn1.tsp.PKIFreeText([ 762 * "aaa", "bbb", "ccc" 763 * ]) 764 */ 765 KJUR.asn1.tsp.PKIFreeText = function(params) { 766 var _Error = Error, 767 _KJUR = KJUR, 768 _KJUR_asn1 = _KJUR.asn1, 769 _DERSequence = _KJUR_asn1.DERSequence, 770 _DERUTF8String = _KJUR_asn1.DERUTF8String, 771 _KJUR_asn1_tsp = _KJUR_asn1.tsp; 772 773 _KJUR_asn1_tsp.PKIFreeText.superclass.constructor.call(this); 774 775 this.params = null; 776 777 this.tohex = function() { 778 var params = this.params; 779 780 if (! params instanceof Array) 781 throw new _Error("wrong params: not array"); 782 783 var a = []; 784 for (var i = 0; i < params.length; i++) { 785 a.push(new _DERUTF8String({str: params[i]})); 786 }; 787 788 var seq = new _DERSequence({array: a}); 789 return seq.tohex(); 790 }; 791 this.getEncodedHex = function() { return this.tohex(); }; 792 793 if (params != undefined) this.setByParam(params); 794 }; 795 extendClass(KJUR.asn1.tsp.PKIFreeText, KJUR.asn1.ASN1Object); 796 797 /** 798 * class for TSP PKIFailureInfo ASN.1 object<br/> 799 * @name KJUR.asn1.tsp.PKIFailureInfo 800 * @class class for TSP PKIFailureInfo ASN.1 object 801 * @param {Array} params associative array of parameters 802 * @extends KJUR.asn1.ASN1Object 803 * @since jsrsasign 4.6.0 asn1tsp 1.0.0 804 * @see KJUR.asn1.tsp.PKIStatusInfo 805 * 806 * @description 807 * This class provides ASN.1 PKIFailureInfo encoder 808 * defined in 809 * <a href="https://tools.ietf.org/html/rfc3161#section-2.4.2"> 810 * RFC 3161 section 2.4.2</a>. 811 * <pre> 812 * PKIFailureInfo ::= BIT STRING { 813 * badAlg (0), 814 * badRequest (2), 815 * badDataFormat (5), 816 * timeNotAvailable (14), 817 * unacceptedPolicy (15), 818 * unacceptedExtension (16), 819 * addInfoNotAvailable (17), 820 * systemFailure (25) } 821 * </pre> 822 * NOTE: Constructor of an array of failureInfo names string 823 * has been supported since jsrsasign 10.5.21. 824 * Ordering of names will be ignored so that 825 * ['unacceptedPolicy', 'badAlg'] is also fine. 826 * 827 * @example 828 * new KJUR.asn1.tsp.PKIFailureInfo('badAlg') 829 * new KJUR.asn1.tsp.PKIFailureInfo(5) 830 * new KJUR.asn1.tsp.PKIFailureInfo(['badAlg', 'unacceptedPolicy']) 831 */ 832 KJUR.asn1.tsp.PKIFailureInfo = function(params) { 833 var _Error = Error, 834 _KJUR = KJUR, 835 _KJUR_asn1 = _KJUR.asn1, 836 _DERBitString = _KJUR_asn1.DERBitString, 837 _KJUR_asn1_tsp = _KJUR_asn1.tsp, 838 _PKIFailureInfo = _KJUR_asn1_tsp.PKIFailureInfo; 839 840 var _nameValue = { 841 badAlg: 0, 842 badRequest: 2, 843 badDataFormat: 5, 844 timeNotAvailable: 14, 845 unacceptedPolicy: 15, 846 unacceptedExtension: 16, 847 addInfoNotAvailable: 17, 848 systemFailure: 25 849 }; 850 851 _PKIFailureInfo.superclass.constructor.call(this); 852 853 this.params = null; 854 855 this.getBinValue = function() { 856 var params = this.params; 857 858 var d = 0; 859 860 if (typeof params == "number" && 861 0 <= params && params <= 25) { 862 d |= 1 << params; 863 var s = d.toString(2); 864 var r = ""; 865 for (var i = s.length - 1; i >= 0; i--) r += s[i]; 866 return r; 867 } else if (typeof params == "string" && 868 _nameValue[params] != undefined) { 869 return namearraytobinstr([params], _nameValue); 870 } else if (typeof params == "object" && 871 params.length != undefined) { 872 return namearraytobinstr(params, _nameValue); 873 } else { 874 throw new _Error("wrong params"); 875 } 876 877 return 878 }; 879 880 this.tohex = function() { 881 var params = this.params; 882 883 var binValue = this.getBinValue(); 884 return (new _DERBitString({"bin": binValue})).tohex(); 885 }; 886 this.getEncodedHex = function() { return this.tohex(); }; 887 888 if (params != undefined) this.setByParam(params); 889 }; 890 extendClass(KJUR.asn1.tsp.PKIFailureInfo, KJUR.asn1.ASN1Object); 891 892 // --- END OF RFC 2510 CMP ------------------------------------------- 893 894 /** 895 * abstract class for TimeStampToken generator (DEPRECATED)<br/> 896 * @name KJUR.asn1.tsp.AbstractTSAAdapter 897 * @class abstract class for TimeStampToken generator 898 * @param {Array} params associative array of parameters 899 * @since jsrsasign 4.7.0 asn1tsp 1.0.1 900 * @deprecated since jsrsasign 10.0.0 asn1tsp 2.0.0 901 * 902 * @description 903 * This is abstract class for TimeStampToken generator. 904 */ 905 KJUR.asn1.tsp.AbstractTSAAdapter = function(params) { 906 this.getTSTHex = function(msgHex, hashAlg) { 907 throw "not implemented yet"; 908 }; 909 }; 910 911 /** 912 * class for simple TimeStampToken generator (DEPRECATED)<br/> 913 * @name KJUR.asn1.tsp.SimpleTSAAdapter 914 * @class class for simple TimeStampToken generator 915 * @extends KJUR.asn1.tsp.AbstractTSAAdapter 916 * @param {Array} params associative array of parameters 917 * @since jsrsasign 4.7.0 asn1tsp 1.0.1 918 * @deprecated since jsrsasign 10.0.0 asn1tsp 2.0.0 919 * 920 * @description 921 * This is a simple TimeStampToken generator class. 922 */ 923 KJUR.asn1.tsp.SimpleTSAAdapter = function(params) { 924 var _KJUR = KJUR, 925 _KJUR_asn1 = _KJUR.asn1, 926 _KJUR_asn1_tsp = _KJUR_asn1.tsp, 927 _hashHex = _KJUR.crypto.Util.hashHex; 928 929 _KJUR_asn1_tsp.SimpleTSAAdapter.superclass.constructor.call(this); 930 this.params = null; 931 this.serial = 0; 932 933 this.getTSTHex = function(msgHex, hashAlg) { 934 // messageImprint 935 var hashHex = _hashHex(msgHex, hashAlg); 936 this.params.econtent.content.messageImprint = 937 {alg: hashAlg, hash: hashHex}; 938 939 // serial 940 this.params.econtent.content.serial = 941 {'int': this.serial++}; 942 943 // nonce 944 var nonceValue = Math.floor(Math.random() * 1000000000); 945 this.params.econtent.content.nonce = 946 {'int': nonceValue}; 947 948 var obj = 949 new _KJUR_asn1_tsp.TimeStampToken(this.params); 950 return obj.getContentInfoEncodedHex(); 951 }; 952 953 if (params !== undefined) this.params = params; 954 }; 955 extendClass(KJUR.asn1.tsp.SimpleTSAAdapter, 956 KJUR.asn1.tsp.AbstractTSAAdapter); 957 958 /** 959 * class for fixed TimeStampToken generator (DEPRECATED)<br/> 960 * @name KJUR.asn1.tsp.FixedTSAAdapter 961 * @class class for fixed TimeStampToken generator 962 * @extends KJUR.asn1.tsp.AbstractTSAAdapter 963 * @param {Array} params associative array of parameters 964 * @since jsrsasign 4.7.0 asn1tsp 1.0.1 965 * @deprecated since jsrsasign 10.0.0 asn1tsp 2.0.0 966 * 967 * @description 968 * This class generates fixed TimeStampToken except messageImprint 969 * for testing purpose. 970 * General TSA generates TimeStampToken which varies following 971 * fields: 972 * <ul> 973 * <li>genTime</li> 974 * <li>serialNumber</li> 975 * <li>nonce</li> 976 * </ul> 977 * Those values are provided by initial parameters. 978 */ 979 KJUR.asn1.tsp.FixedTSAAdapter = function(params) { 980 var _KJUR = KJUR, 981 _KJUR_asn1 = _KJUR.asn1, 982 _KJUR_asn1_tsp = _KJUR_asn1.tsp, 983 _hashHex = _KJUR.crypto.Util.hashHex; 984 985 _KJUR_asn1_tsp.FixedTSAAdapter.superclass.constructor.call(this); 986 this.params = null; 987 988 this.getTSTHex = function(msgHex, hashAlg) { 989 // fixed serialNumber 990 // fixed nonce 991 var hashHex = _hashHex(msgHex, hashAlg); 992 this.params.econtent.content.messageImprint = 993 {alg: hashAlg, hash: hashHex}; 994 var obj = new _KJUR_asn1_tsp.TimeStampToken(this.params); 995 return obj.getContentInfoEncodedHex(); 996 }; 997 998 if (params !== undefined) this.params = params; 999 }; 1000 extendClass(KJUR.asn1.tsp.FixedTSAAdapter, 1001 KJUR.asn1.tsp.AbstractTSAAdapter); 1002 1003 // --- TSP utilities ------------------------------------------------- 1004 1005 /** 1006 * TSP utiliteis class 1007 * @name KJUR.asn1.tsp.TSPUtil 1008 * @class TSP utilities class 1009 */ 1010 KJUR.asn1.tsp.TSPUtil = new function() { 1011 }; 1012 /** 1013 * generate TimeStampToken ASN.1 object specified by JSON parameters (DEPRECATED)<br/> 1014 * @name newTimeStampToken 1015 * @memberOf KJUR.asn1.tsp.TSPUtil 1016 * @function 1017 * @param {Array} param JSON parameter to generate TimeStampToken 1018 * @return {KJUR.asn1.cms.SignedData} object just generated 1019 * @deprecated since jsrsasign 10.0.0 asn1tsp 2.0.0. Please use TimeStampToken class 1020 * @see KJUR.asn1.tsp.TimeStampToken 1021 * 1022 * @description 1023 * @example 1024 */ 1025 KJUR.asn1.tsp.TSPUtil.newTimeStampToken = function(params) { 1026 return new KJUR.asn1.tsp.TimeStampToken(params); 1027 }; 1028 1029 /** 1030 * parse hexadecimal string of TimeStampReq 1031 * @name parseTimeStampReq 1032 * @memberOf KJUR.asn1.tsp.TSPUtil 1033 * @function 1034 * @param {String} hexadecimal string of TimeStampReq 1035 * @return {Array} JSON object of parsed parameters 1036 * @see KJUR.asn1.tsp.TSPParser#getTimeStampReq 1037 * @deprecated since jsrsasign 10.5.18 asn1tsp 2.0.6. Please use TSPParser.getTimeStampReq instead. 1038 * 1039 * @description 1040 * This method parses a hexadecimal string of TimeStampReq 1041 * and returns parsed their fields: 1042 * 1043 * @example 1044 * var json = KJUR.asn1.tsp.TSPUtil.parseTimeStampReq("302602..."); 1045 * // resulted DUMP of above 'json': 1046 * { 1047 * messageImprint: { 1048 * alg: 'sha256', // MessageImprint hashAlg 1049 * hash: 'a1a2a3a4...'}, // MessageImprint hashValue 1050 * policy: '1.2.3.4.5', // tsaPolicy (OPTION) 1051 * nonce: '9abcf318...', // nonce (OPTION) 1052 * certreq: true} // certReq (OPTION) 1053 */ 1054 KJUR.asn1.tsp.TSPUtil.parseTimeStampReq = function(reqHex) { 1055 var parser = new KJUR.asn1.tsp.TSPParser(); 1056 return parser.getTimeStampReq(reqHex); 1057 }; 1058 1059 /** 1060 * parse hexadecimal string of MessageImprint 1061 * @name parseMessageImprint 1062 * @memberOf KJUR.asn1.tsp.TSPUtil 1063 * @function 1064 * @param {String} hexadecimal string of MessageImprint 1065 * @return {Array} JSON object of parsed parameters 1066 * @see KJUR.asn1.tsp.TSPParser#getMessageImprint 1067 * @deprecated since jsrsasign 10.5.18 asn1tsp 2.0.6. Please use TSPParser.getMessageImprint instead. 1068 * 1069 * @description 1070 * This method parses a hexadecimal string of MessageImprint 1071 * and returns parsed their fields: 1072 * 1073 * @example 1074 * KJUR.asn1.tsp.TSPUtil.parseMessageImprint("302602...") → 1075 * { alg: 'sha256', hash: 'a1a2a3a4...'} 1076 */ 1077 KJUR.asn1.tsp.TSPUtil.parseMessageImprint = function(miHex) { 1078 var parser = new KJUR.asn1.tsp.TSPParser(); 1079 return parser.getMessageImprint(miHex); 1080 /* 1081 var _ASN1HEX = ASN1HEX; 1082 var _getChildIdx = _ASN1HEX.getChildIdx; 1083 var _getV = _ASN1HEX.getV; 1084 var _getIdxbyList = _ASN1HEX.getIdxbyList; 1085 var json = {}; 1086 1087 if (miHex.substr(0, 2) != "30") 1088 throw "head of messageImprint hex shall be '30'"; 1089 1090 var idxList = _getChildIdx(miHex, 0); 1091 var hashAlgOidIdx = _getIdxbyList(miHex, 0, [0, 0]); 1092 var hashAlgHex = _getV(miHex, hashAlgOidIdx); 1093 var hashAlgOid = _ASN1HEX.hextooidstr(hashAlgHex); 1094 var hashAlgName = KJUR.asn1.x509.OID.oid2name(hashAlgOid); 1095 if (hashAlgName == '') 1096 throw "hashAlg name undefined: " + hashAlgOid; 1097 var hashAlg = hashAlgName; 1098 var hashValueIdx = _getIdxbyList(miHex, 0, [1]); 1099 1100 json.alg = hashAlg; 1101 json.hash = _getV(miHex, hashValueIdx); 1102 1103 return json; 1104 */ 1105 }; 1106 1107 /** 1108 * class for parsing RFC 3161 TimeStamp protocol data<br/> 1109 * @name KJUR.asn1.tsp.TSPParser 1110 * @class RFC 3161 TimeStamp protocol parser class 1111 * @since jsrsasign 10.1.0 asn1tsp 2.0.1 1112 * 1113 * @description 1114 * This is an ASN.1 parser for 1115 * <a href="https://tools.ietf.org/html/rfc3161">RFC 3161</a>. 1116 */ 1117 KJUR.asn1.tsp.TSPParser = function() { 1118 var _Error = Error, 1119 _X509 = X509, 1120 _x509obj = new _X509(), 1121 _ASN1HEX = ASN1HEX, 1122 _getV = _ASN1HEX.getV, 1123 _getTLV = _ASN1HEX.getTLV, 1124 _getIdxbyList = _ASN1HEX.getIdxbyList, 1125 _getTLVbyListEx = _ASN1HEX.getTLVbyListEx, 1126 _getChildIdx = _ASN1HEX.getChildIdx; 1127 var _aSTATUSSTR = [ 1128 "granted", "grantedWithMods", "rejection", "waiting", 1129 "revocationWarning", "revocationNotification" ]; 1130 var _pFAILUREINFO = { 1131 0: "badAlg", 2: "badRequest", 5: "badDataFormat", 1132 14: "timeNotAvailable", 15: "unacceptedPolicy", 1133 16: "unacceptedExtension", 17: "addInfoNotAvailable", 1134 25: "systemFailure" 1135 }; 1136 1137 /** 1138 * parse ASN.1 TimeStampResp<br/> 1139 * @name getResponse 1140 * @memberOf KJUR.asn1.tsp.TSPParser# 1141 * @function 1142 * @param {String} h hexadecimal string of ASN.1 TimeStampResp 1143 * @return {Array} JSON object of TimeStampResp parameter 1144 * @see KJUR.asn1.tsp.TimeStampResp 1145 * @see KJUR.asn1.tsp.TimeStampToken 1146 * @see KJUR.asn1.cms.CMSParser#getCMSSignedData 1147 * 1148 * @description 1149 * This method parses ASN.1 TimeStampRsp defined in RFC 3161. 1150 * <pre> 1151 * TimeStampResp ::= SEQUENCE { 1152 * status PKIStatusInfo, 1153 * timeStampToken TimeStampToken OPTIONAL } 1154 * </pre> 1155 * When "h" is a TSP error response, 1156 * returned parameter contains "statusinfo" only. 1157 * 1158 * @example 1159 * parser = new KJUR.asn1.tsp.TSPParser(); 1160 * parser.getResponse("30...") → 1161 * { 1162 * statusinfo: 'granted', 1163 * ... // almost the same as CMS SignedData parameters 1164 * econtent: { 1165 * type: "tstinfo", 1166 * content: { // TSTInfo parameter 1167 * policy: '1.2.3.4.5', 1168 * messageImprint: {alg: 'sha256', hash: 'a1a2a3a4...'}, 1169 * serial: {'int': 3}, 1170 * genTime: {str: '20131231235959.123Z'}, 1171 * accuracy: {millis: 500}, 1172 * ordering: true, 1173 * nonce: {int: 3} 1174 * } 1175 * }, 1176 * ... 1177 * } 1178 */ 1179 this.getResponse = function(h) { 1180 var aIdx = _getChildIdx(h, 0); 1181 1182 if (aIdx.length == 1) { 1183 return this.getPKIStatusInfo(_getTLV(h, aIdx[0])); 1184 } else if (aIdx.length > 1) { 1185 var pPKIStatusInfo = this.getPKIStatusInfo(_getTLV(h, aIdx[0])); 1186 var hTST = _getTLV(h, aIdx[1]); 1187 var pResult = this.getToken(hTST); 1188 pResult.statusinfo = pPKIStatusInfo; 1189 return pResult; 1190 } 1191 }; 1192 1193 /** 1194 * parse ASN.1 TimeStampToken<br/> 1195 * @name getToken 1196 * @memberOf KJUR.asn1.tsp.TSPParser# 1197 * @function 1198 * @param {String} h hexadecimal string of ASN.1 TimeStampToken 1199 * @return {Array} JSON object of TimeStampToken parameter 1200 * @see KJUR.asn1.tsp.TimeStampToken 1201 * @see KJUR.asn1.cms.CMSParser#getCMSSignedData 1202 * @see KJUR.asn1.tsp.TSPParser#setTSTInfo 1203 * 1204 * @description 1205 * This method parses ASN.1 TimeStampRsp defined in RFC 3161. 1206 * This method will parse "h" as CMS SigneData by 1207 * {@link KJUR.asn1.cms.CMSParser#getCMSSignedData}, then 1208 * parse and modify "econtent.content" parameter by 1209 * {@link KJUR.asn1.tsp.TSPParser#setTSTInfo} method. 1210 * 1211 * @example 1212 * parser = new KJUR.asn1.tsp.TSPParser(); 1213 * parser.getToken("30...") → 1214 * { 1215 * ... // almost the same as CMS SignedData parameters 1216 * econtent: { 1217 * type: "tstinfo", 1218 * content: { // TSTInfo parameter 1219 * policy: '1.2.3.4.5', 1220 * messageImprint: {alg: 'sha256', hash: 'a1a2a3a4...'}, 1221 * serial: {'int': 3}, 1222 * genTime: {str: '20131231235959.123Z'}, 1223 * accuracy: {millis: 500}, 1224 * ordering: true, 1225 * nonce: {int: 3} 1226 * } 1227 * }, 1228 * ... 1229 * } 1230 */ 1231 this.getToken = function(h) { 1232 var _CMSParser = new KJUR.asn1.cms.CMSParser; 1233 var p = _CMSParser.getCMSSignedData(h); 1234 this.setTSTInfo(p); 1235 return p; 1236 }; 1237 1238 /** 1239 * set ASN.1 TSTInfo parameter to CMS SignedData parameter<br/> 1240 * @name setTSTInfo 1241 * @memberOf KJUR.asn1.tsp.TSPParser# 1242 * @function 1243 * @param {Array} pCMSSignedData JSON object of CMS SignedData parameter 1244 * @see KJUR.asn1.tsp.TimeStampToken 1245 * @see KJUR.asn1.cms.CMSParser#getCMSSignedData 1246 * 1247 * @description 1248 * This method modifies "econtent.content" of CMS SignedData parameter 1249 * to parsed TSTInfo. 1250 * <pre> 1251 * 1252 * @example 1253 * parser = new KJUR.asn1.tsp.TSPParser(); 1254 * pCMSSignedData = { 1255 * ... // almost the same as CMS SignedData parameters 1256 * econtent: { 1257 * type: "tstinfo", 1258 * content: { hex: "30..." } 1259 * }, 1260 * ... 1261 * }; 1262 * parser.setTSTInfo(pCMSSignedData); 1263 * pCMSSignedData → { 1264 * ... // almost the same as CMS SignedData parameters 1265 * econtent: { 1266 * type: "tstinfo", 1267 * content: { // TSTInfo parameter 1268 * policy: '1.2.3.4.5', 1269 * messageImprint: {alg: 'sha256', hash: 'a1a2a3a4...'}, 1270 * serial: {int: 3}, 1271 * genTime: {str: '20131231235959.123Z'}, 1272 * accuracy: {millis: 500}, 1273 * ordering: true, 1274 * nonce: {int: 3} 1275 * } 1276 * }, 1277 * ... 1278 * }; 1279 */ 1280 this.setTSTInfo = function(pCMSSignedData) { 1281 var pEContent = pCMSSignedData.econtent; 1282 if (pEContent.type == "tstinfo") { 1283 var hContent = pEContent.content.hex; 1284 var pTSTInfo = this.getTSTInfo(hContent); 1285 //pTSTInfo.hex_ = hContent; 1286 pEContent.content = pTSTInfo; 1287 } 1288 }; 1289 1290 /** 1291 * parse ASN.1 TSTInfo<br/> 1292 * @name getTSTInfo 1293 * @memberOf KJUR.asn1.tsp.TSPParser# 1294 * @function 1295 * @param {String} h hexadecimal string of ASN.1 TSTInfo 1296 * @return {Array} JSON object of TSTInfo parameter 1297 * @see KJUR.asn1.tsp.TSTInfo 1298 * 1299 * @description 1300 * This method parses ASN.1 TSTInfo defined in RFC 3161. 1301 * <pre> 1302 * TSTInfo ::= SEQUENCE { 1303 * version INTEGER { v1(1) }, 1304 * policy TSAPolicyId, 1305 * messageImprint MessageImprint, 1306 * serialNumber INTEGER, 1307 * genTime GeneralizedTime, 1308 * accuracy Accuracy OPTIONAL, 1309 * ordering BOOLEAN DEFAULT FALSE, 1310 * nonce INTEGER OPTIONAL, 1311 * tsa [0] GeneralName OPTIONAL, 1312 * extensions [1] IMPLICIT Extensions OPTIONAL } 1313 * </pre> 1314 * 1315 * @example 1316 * parser = new KJUR.asn1.tsp.TSPParser(); 1317 * parser.getTSTInfo("30...") → 1318 * { 1319 * policy: '1.2.3.4.5', 1320 * messageImprint: {alg: 'sha256', hash: 'a1a2a3a4...'}, 1321 * serial: {'int': 3}, 1322 * genTime: {str: '20131231235959.123Z'}, 1323 * accuracy: {millis: 500}, 1324 * ordering: true, 1325 * nonce: {int: 3} 1326 * } 1327 */ 1328 this.getTSTInfo = function(h) { 1329 var pResult = {}; 1330 var aIdx = _getChildIdx(h, 0); 1331 1332 var hPolicy = _getV(h, aIdx[1]); 1333 pResult.policy = hextooid(hPolicy); 1334 1335 var hMessageImprint = _getTLV(h, aIdx[2]); 1336 pResult.messageImprint = this.getMessageImprint(hMessageImprint); 1337 1338 var hSerial = _getV(h, aIdx[3]); 1339 pResult.serial = {hex: hSerial}; 1340 1341 var hGenTime = _getV(h, aIdx[4]); 1342 pResult.genTime = {str: hextoutf8(hGenTime)}; 1343 1344 var offset = 0; 1345 1346 if (aIdx.length > 5 && h.substr(aIdx[5], 2) == "30") { 1347 var hAccuracy = _getTLV(h, aIdx[5]); 1348 pResult.accuracy = this.getAccuracy(hAccuracy); 1349 offset++; 1350 } 1351 1352 if (aIdx.length > 5 + offset && 1353 h.substr(aIdx[5 + offset], 2) == "01") { 1354 var hOrdering = _getV(h, aIdx[5 + offset]); 1355 if (hOrdering == "ff") pResult.ordering = true; 1356 offset++; 1357 } 1358 1359 if (aIdx.length > 5 + offset && 1360 h.substr(aIdx[5 + offset], 2) == "02") { 1361 var hNonce = _getV(h, aIdx[5 + offset]); 1362 pResult.nonce = {hex: hNonce}; 1363 offset++; 1364 } 1365 1366 if (aIdx.length > 5 + offset && 1367 h.substr(aIdx[5 + offset], 2) == "a0") { 1368 var hGeneralNames = _getTLV(h, aIdx[5 + offset]); 1369 hGeneralNames = "30" + hGeneralNames.substr(2); 1370 pGeneralNames = _x509obj.getGeneralNames(hGeneralNames); 1371 var pName = pGeneralNames[0].dn; 1372 pResult.tsa = pName; 1373 offset++; 1374 } 1375 1376 if (aIdx.length > 5 + offset && 1377 h.substr(aIdx[5 + offset], 2) == "a1") { 1378 var hExt = _getTLV(h, aIdx[5 + offset]); 1379 hExt = "30" + hExt.substr(2); 1380 var aExt = _x509obj.getExtParamArray(hExt); 1381 pResult.ext = aExt; 1382 offset++; 1383 } 1384 1385 return pResult; 1386 }; 1387 1388 /** 1389 * parse ASN.1 Accuracy<br/> 1390 * @name getAccuracy 1391 * @memberOf KJUR.asn1.tsp.TSPParser# 1392 * @function 1393 * @param {String} h hexadecimal string of ASN.1 Accuracy 1394 * @return {Array} JSON object of Accuracy parameter 1395 * @see KJUR.asn1.tsp.Accuracy 1396 * 1397 * @description 1398 * This method parses ASN.1 Accuracy defined in RFC 3161. 1399 * <pre> 1400 * Accuracy ::= SEQUENCE { 1401 * seconds INTEGER OPTIONAL, 1402 * millis [0] INTEGER (1..999) OPTIONAL, 1403 * micros [1] INTEGER (1..999) OPTIONAL } 1404 * </pre> 1405 * 1406 * @example 1407 * parser = new KJUR.asn1.tsp.TSPParser(); 1408 * parser.getAccuracy("30...") → {millis: 500} 1409 */ 1410 this.getAccuracy = function(h) { 1411 var pResult = {}; 1412 1413 var aIdx = _getChildIdx(h, 0); 1414 1415 for (var i = 0; i < aIdx.length; i++) { 1416 var tag = h.substr(aIdx[i], 2); 1417 var hV = _getV(h, aIdx[i]); 1418 var iV = parseInt(hV, 16); 1419 1420 if (tag == "02") { 1421 pResult.seconds = iV; 1422 } else if (tag == "80") { 1423 pResult.millis = iV; 1424 } else if (tag == "81") { 1425 pResult.micros = iV; 1426 } 1427 } 1428 1429 return pResult; 1430 }; 1431 1432 /** 1433 * parse ASN.1 MessageImprint<br/> 1434 * @name getMessageImprint 1435 * @memberOf KJUR.asn1.tsp.TSPParser# 1436 * @function 1437 * @param {String} h hexadecimal string of ASN.1 MessageImprint 1438 * @return {Array} JSON object of MessageImprint parameter 1439 * @see KJUR.asn1.tsp.MessageImprint 1440 * 1441 * @description 1442 * This method parses ASN.1 MessageImprint defined in RFC 3161. 1443 * 1444 * @example 1445 * parser = new KJUR.asn1.tsp.TSPParser(); 1446 * parser.getMessageImprint("30...") → 1447 * { alg: "sha256", hash: "12ab..." } 1448 */ 1449 this.getMessageImprint = function(h) { 1450 if (h.substr(0, 2) != "30") 1451 throw new Error("head of messageImprint hex shall be x30"); 1452 1453 var json = {}; 1454 var idxList = _getChildIdx(h, 0); 1455 var hashAlgOidIdx = _getIdxbyList(h, 0, [0, 0]); 1456 var hashAlgHex = _getV(h, hashAlgOidIdx); 1457 var hashAlgOid = _ASN1HEX.hextooidstr(hashAlgHex); 1458 var hashAlgName = KJUR.asn1.x509.OID.oid2name(hashAlgOid); 1459 if (hashAlgName == '') 1460 throw new Error("hashAlg name undefined: " + hashAlgOid); 1461 var hashAlg = hashAlgName; 1462 var hashValueIdx = _getIdxbyList(h, 0, [1]); 1463 1464 json.alg = hashAlg; 1465 json.hash = _getV(h, hashValueIdx); 1466 1467 return json; 1468 }; 1469 1470 /** 1471 * parse ASN.1 PKIStatusInfo<br/> 1472 * @name getPKIStatusInfo 1473 * @memberOf KJUR.asn1.tsp.TSPParser# 1474 * @function 1475 * @param {String} h hexadecimal string of ASN.1 PKIStatusInfo 1476 * @return {Array} JSON object of PKIStatusInfo parameter 1477 * @see KJUR.asn1.tsp.PKIStatusInfo 1478 * 1479 * @description 1480 * This method parses ASN.1 PKIStatusInfo defined in RFC 3161. 1481 * 1482 * @example 1483 * parser = new KJUR.asn1.tsp.TSPParser(); 1484 * parser.getPKIStatusInfo("30...") → 1485 * { status: "rejection", 1486 * statusstr: ["unsupported algorithm"], 1487 * failinfo: "badAlg" } 1488 */ 1489 this.getPKIStatusInfo = function(h) { 1490 var pResult = {}; 1491 var aIdx = _getChildIdx(h, 0); 1492 var offset = 0; 1493 1494 try { 1495 var hStatus = _getV(h, aIdx[0]); 1496 var iStatus = parseInt(hStatus, 16); 1497 pResult.status = _aSTATUSSTR[iStatus]; 1498 } catch(ex) {}; 1499 1500 if (aIdx.length > 1 && h.substr(aIdx[1], 2) == "30") { 1501 var hPKIFreeText = _getTLV(h, aIdx[1]); 1502 pResult.statusstr = 1503 this.getPKIFreeText(hPKIFreeText); 1504 offset++; 1505 } 1506 1507 if (aIdx.length > offset && 1508 h.substr(aIdx[1 + offset], 2) == "03") { 1509 var hPKIFailureInfo = _getTLV(h, aIdx[1 + offset]); 1510 pResult.failinfo = 1511 this.getPKIFailureInfo(hPKIFailureInfo); 1512 } 1513 1514 return pResult; 1515 }; 1516 1517 /** 1518 * parse ASN.1 PKIFreeText<br/> 1519 * @name getPKIFreeText 1520 * @memberOf KJUR.asn1.tsp.TSPParser# 1521 * @function 1522 * @param {String} h hexadecimal string of ASN.1 PKIFreeText 1523 * @return {Array} array of string 1524 * @since jsrsasign 10.1.3 asn1tsp 2.0.3 1525 * @see KJUR.asn1.tsp.PKIFreeText 1526 * 1527 * @description 1528 * This method parses ASN.1 PKIFreeText defined in RFC 3161. 1529 * 1530 * @example 1531 * parser = new KJUR.asn1.tsp.TSPParser(); 1532 * parser.getPKIFreeText("300a0c036161610c03616161") → 1533 * ["aaa", "aaa"] 1534 */ 1535 this.getPKIFreeText = function(h) { 1536 var aResult = []; 1537 var aIdx = _getChildIdx(h, 0); 1538 for (var i = 0; i < aIdx.length; i++) { 1539 aResult.push(_ASN1HEX.getString(h, aIdx[i])); 1540 } 1541 return aResult; 1542 }; 1543 1544 /** 1545 * parse ASN.1 PKIFailureInfo<br/> 1546 * @name getPKIFailureInfo 1547 * @memberOf KJUR.asn1.tsp.TSPParser# 1548 * @function 1549 * @param {String} h hexadecimal string of ASN.1 PKIFailureInfo 1550 * @return {Object} failureInfo string or number 1551 * @since jsrsasign 10.1.3 asn1tsp 2.0.3 1552 * @see KJUR.asn1.tsp.PKIFailureInfo 1553 * 1554 * @description 1555 * This method parses ASN.1 PKIFailureInfo defined in RFC 3161. 1556 * 1557 * @example 1558 * parser = new KJUR.asn1.tsp.TSPParser(); 1559 * parser.getPKIFailureInfo("03020700") → "badAlg" 1560 * parser.getPKIFailureInfo("03020780") → 1 1561 * parser.getPKIFailureInfo("030203c8") → "systemFailure" 1562 */ 1563 this.getPKIFailureInfo = function(h) { 1564 var n = _ASN1HEX.getInt(h, 0); 1565 if (_pFAILUREINFO[n] != undefined) { 1566 return _pFAILUREINFO[n]; 1567 } else { 1568 return n; 1569 } 1570 }; 1571 1572 /** 1573 * parse hexadecimal string of TimeStampReq<br/> 1574 * @name getTimeStampReq 1575 * @memberOf KJUR.asn1.tsp.TSPParser# 1576 * @function 1577 * @param {String} h hexadecimal string of TimeStampReq 1578 * @return {Array} JSON object of parsed parameters 1579 * @since jsrsasign 10.5.18 asn1tsp 2.0.6 1580 * @see KJUR.asn1.tsp.TimeStampReq 1581 * @see KJUR.asn1.tsp.TSPUtil.parseTimeStampReq 1582 * 1583 * @description 1584 * This method parses a hexadecimal string of TimeStampReq 1585 * and returns parsed their fields: 1586 * 1587 * @example 1588 * var parser = new KJUR.asn1.tsp.TSPParser(); 1589 * parser.getTimeStampReq("302602...") → 1590 * { messageImprint: { 1591 * alg: 'sha256', // MessageImprint hashAlg 1592 * hash: 'a1a2a3a4...'}, // MessageImprint hashValue 1593 * policy: '1.2.3.4.5', // tsaPolicy (OPTION) 1594 * nonce: '9abcf318...', // nonce (OPTION) 1595 * certreq: true } // certReq (OPTION) 1596 */ 1597 this.getTimeStampReq = function(h) { 1598 var json = {}; 1599 json.certreq = false; 1600 1601 var idxList = _getChildIdx(h, 0); 1602 1603 if (idxList.length < 2) 1604 throw new Error("TimeStampReq must have at least 2 items"); 1605 1606 var miHex = _getTLV(h, idxList[1]); 1607 json.messageImprint = KJUR.asn1.tsp.TSPUtil.parseMessageImprint(miHex); 1608 1609 for (var i = 2; i < idxList.length; i++) { 1610 var idx = idxList[i]; 1611 var tag = h.substr(idx, 2); 1612 if (tag == "06") { // case OID 1613 var policyHex = _getV(h, idx); 1614 json.policy = _ASN1HEX.hextooidstr(policyHex); 1615 } 1616 if (tag == "02") { // case INTEGER 1617 json.nonce = _getV(h, idx); 1618 } 1619 if (tag == "01") { // case BOOLEAN 1620 json.certreq = true; 1621 } 1622 } 1623 1624 return json; 1625 }; 1626 }; 1627